Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Je ne sais pas comment on désactive l'antivirus Symantec.Et pour ta connexion Internet, c'est rare de la perdre.Tu peux quand même faire ComboFix. Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Bonjour, j'ai voici le rapport:ComboFix 09-02-21.01 - Patrick 2009-02-23 14:23:31.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.654 [GMT -6:00]Running from: c:\documents and settings\Patrick\Desktop\ComboFix.exeAV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated).((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\recycler\S-1-2-64-100019113-100005671-100019224-6446.comc:\recycler\S-7-8-38-100028030-100023459-100016285-3731.comc:\windows\system32\drivers\gaopdxnpeoobww.sysc:\windows\system32\drivers\gaopdxpxtnkvon.sysc:\windows\system32\gaopdxcounterc:\windows\system32\gaopdxksetacax.dlld:\recycler\S-1-2-64-100019113-100005671-100019224-6446.comd:\recycler\S-7-8-38-100028030-100023459-100016285-3731.com.((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Service_gaopdxserv.sys((((((((((((((((((((((((( Files Created from 2009-01-23 to 2009-02-23 ))))))))))))))))))))))))))))))).2009-02-23 09:17 . 2009-02-23 09:17 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware2009-02-23 09:17 . 2009-02-23 09:17 <DIR> d-------- c:\documents and settings\Patrick\Application Data\Malwarebytes2009-02-23 09:17 . 2009-02-23 09:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes2009-02-23 09:17 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys2009-02-23 09:17 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys2009-02-22 19:10 . 2009-02-22 19:10 <DIR> d-------- C:\rsit2009-02-22 19:10 . 2009-02-22 19:10 <DIR> d-------- c:\program files\trend micro2009-02-15 19:24 . 2009-02-15 19:24 <DIR> d-------- c:\windows\Drivers2009-02-15 13:19 . 2008-05-09 04:53 512,000 --------- c:\windows\system32\dllcache\jscript.dll2009-02-15 13:19 . 2008-05-09 04:53 430,080 --------- c:\windows\system32\dllcache\vbscript.dll2009-02-15 13:19 . 2008-05-09 04:53 180,224 --------- c:\windows\system32\dllcache\scrobj.dll2009-02-15 13:19 . 2008-05-09 04:53 172,032 --------- c:\windows\system32\dllcache\scrrun.dll2009-02-15 13:19 . 2008-05-08 05:24 155,648 --------- c:\windows\system32\dllcache\wscript.exe2009-02-15 13:19 . 2008-05-09 02:45 135,168 --------- c:\windows\system32\dllcache\cscript.exe2009-02-15 13:19 . 2008-05-09 04:53 90,112 --------- c:\windows\system32\dllcache\wshext.dll2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\system32\xircom2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\system32\npp2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\srchasst2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\program files\microsoft frontpage2009-02-13 14:35 . 2009-02-13 14:35 <DIR> d-------- c:\windows\system32\scripting2009-02-13 14:35 . 2009-02-13 14:35 <DIR> d-------- c:\windows\system32\bits2009-02-13 14:32 . 2009-02-13 14:32 <DIR> d-------- c:\windows\ServicePackFiles2009-02-13 14:26 . 2009-02-13 14:26 <DIR> d-------- c:\windows\EHome2009-02-09 01:13 . 2009-02-09 01:13 <DIR> d-------- c:\program files\MSXML 6.02009-02-09 01:13 . 2009-02-09 01:13 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.22009-02-09 01:11 . 2009-02-09 01:11 <DIR> d-------- c:\program files\MSXML 4.02009-02-09 01:11 . 2009-02-15 13:47 584 --a------ c:\windows\imsins.BAK2009-02-09 00:56 . 2008-04-13 18:11 1,888,992 --------- c:\windows\system32\ati3duag.dll2009-02-09 00:47 . 2007-04-17 03:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat2009-02-09 00:46 . 2008-12-20 17:15 6,066,688 --------- c:\windows\system32\dllcache\ieframe.dll2009-02-09 00:46 . 2008-09-15 06:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys2009-02-09 00:46 . 2007-03-07 23:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui2009-02-09 00:39 . 2008-04-11 13:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll2009-02-09 00:39 . 2008-10-24 05:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys2009-02-09 00:39 . 2008-10-15 10:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll2009-02-09 00:39 . 2008-12-11 04:57 333,952 --------- c:\windows\system32\dllcache\srv.sys2009-02-09 00:39 . 2008-05-01 08:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll2009-02-09 00:39 . 2008-10-03 04:02 247,326 --------- c:\windows\system32\dllcache\strmdll.dll2009-02-09 00:39 . 2008-05-08 08:02 203,136 --------- c:\windows\system32\dllcache\rmcast.sys2009-02-09 00:38 . 2008-09-04 11:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll2009-02-09 00:35 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll2009-02-09 00:35 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui2009-02-09 00:30 . 2008-10-16 14:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui2009-02-09 00:30 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui2009-02-09 00:30 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui2009-02-09 00:30 . 2008-10-16 14:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui2009-02-08 14:50 . 2009-02-18 20:18 <DIR> d-------- c:\documents and settings\Guest\Tracing2009-02-08 12:53 . 2009-02-08 12:53 <DIR> d-------- c:\program files\Spybot - Search & Destroy2009-02-08 12:53 . 2009-02-09 14:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2009-02-07 21:09 . 2009-02-15 16:15 <DIR> d-------- c:\documents and settings\Guest2009-02-07 14:02 . 2009-02-07 14:02 <DIR> d-------- c:\program files\CCleaner2009-02-06 23:28 . 2009-02-06 23:28 <DIR> d-------- c:\program files\WinDirStat2009-02-06 23:22 . 2009-02-22 13:05 <DIR> d-------- c:\documents and settings\Patrick\Tracing2009-02-06 21:59 . 2009-02-06 21:59 <DIR> d-------- c:\program files\Windows Live SkyDrive2009-02-06 21:59 . 2009-02-06 22:05 <DIR> d-------- c:\program files\Windows Live2009-02-06 21:59 . 2009-02-06 21:59 <DIR> d-------- c:\program files\Microsoft2009-02-06 21:56 . 2009-02-06 21:56 <DIR> d-------- c:\program files\Common Files\Windows Live2009-02-06 17:10 . 2001-08-17 12:20 96,256 --a------ c:\windows\system32\drivers\ac97intc.sys2009-02-06 17:07 . 2009-02-06 17:07 <DIR> d-------- c:\documents and settings\Patrick\Application Data\CyberLink2009-02-06 17:07 . 2009-02-14 19:46 116 --a------ c:\windows\NeroDigital.ini2009-02-06 16:57 . 2008-04-13 12:45 10,624 --a------ c:\windows\system32\drivers\gameenum.sys2009-02-06 16:48 . 2009-02-12 20:08 <DIR> d-------- c:\documents and settings\Patrick2009-02-06 16:05 . 2009-02-06 16:05 <DIR> d-------- c:\windows\system32\LogFiles2009-02-06 15:52 . 2008-04-13 13:19 146,048 --a------ c:\windows\system32\drivers\portcls.sys2009-02-06 15:52 . 2008-04-13 18:12 129,536 --a------ c:\windows\system32\ksproxy.ax2009-02-06 15:52 . 2008-04-13 18:12 91,136 --a------ c:\windows\system32\kswdmcap.ax2009-02-06 15:52 . 2008-04-13 18:12 61,952 --a------ c:\windows\system32\kstvtune.ax2009-02-06 15:52 . 2008-04-13 12:45 60,160 --a------ c:\windows\system32\drivers\drmk.sys2009-02-06 15:52 . 2008-04-13 12:45 60,032 --a------ c:\windows\system32\drivers\usbaudio.sys2009-02-06 15:52 . 2008-04-13 18:12 53,760 --a------ c:\windows\system32\vfwwdm32.dll2009-02-06 15:52 . 2008-04-13 18:12 43,008 --a------ c:\windows\system32\ksxbar.ax2009-02-06 15:52 . 2008-04-13 18:12 28,672 --a------ c:\windows\system32\vidcap.ax2009-02-06 15:52 . 2008-04-13 12:39 5,376 --a------ c:\windows\system32\drivers\mspclock.sys2009-02-06 15:52 . 2008-04-13 18:11 4,096 --a------ c:\windows\system32\ksuser.dll2009-02-06 07:39 . 1999-06-23 17:13 86,016 --a------ c:\windows\unvise32.exe2009-02-06 07:39 . 2009-02-05 13:31 0 --a------ c:\temp\AUTOEXEC.BAT2009-02-06 07:37 . 2009-02-06 07:39 <DIR> d-------- C:\temp2009-02-06 02:02 . 2009-02-23 09:01 7 --a------ c:\windows\system32\ANIWZCSUSERNAME2009-02-06 01:56 . 2009-02-06 01:56 <DIR> d-------- c:\windows\cache2009-02-06 01:33 . 2009-02-06 01:56 <DIR> d-------- c:\program files\Yahoo!2009-02-06 01:33 . 2009-02-06 01:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!2009-02-06 01:29 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Logitech2009-02-06 01:29 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Common Files\Logitech2009-02-06 01:11 . 2009-02-06 01:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\CyberLink2009-02-06 00:52 . 2009-02-06 00:52 67 --a------ c:\windows\IDMan.INI2009-02-06 00:41 . 2005-10-19 18:19 1,327,189 --a------ c:\windows\system32\odSupp_M.dll2009-02-06 00:41 . 2007-09-05 18:13 679,936 --a------ c:\windows\system32\ANIWZCS2.dll2009-02-06 00:41 . 2007-08-14 13:26 262,144 --a------ c:\windows\system32\wnicapi.dll2009-02-06 00:41 . 2007-08-20 17:41 233,472 --a------ c:\windows\system32\WlanApp.dll2009-02-06 00:41 . 2007-05-12 13:33 217,088 --a------ c:\windows\system32\aIPH.dll2009-02-06 00:41 . 2005-10-27 08:55 49,152 --a------ c:\windows\system32\JJAKEn.dll2009-02-06 00:41 . 2005-10-19 18:19 49,152 --a------ c:\windows\system32\AQCKGen.dll2009-02-06 00:41 . 2006-09-26 13:49 45,115 --a------ c:\windows\system32\ANICtl.dll2009-02-06 00:41 . 2006-11-10 04:11 134 --a------ c:\windows\system32\DWLAB.DAT2009-02-06 00:41 . 2009-02-23 14:23 7 --a------ c:\windows\system32\ANIWZCSUSERNAME{9A6DF6C0-5872-42D2-B81E-47D6F380B50C}2009-02-06 00:40 . 2009-02-06 00:40 <DIR> d-------- c:\program files\D-Link2009-02-06 00:40 . 2009-02-06 00:41 <DIR> d-------- c:\program files\ANI2009-02-05 14:43 . 2009-02-05 14:43 0 --a------ c:\windows\nsreg.dat2009-02-05 14:34 . 2009-02-23 14:23 <DIR> d-------- c:\program files\Symantec AntiVirus2009-02-05 14:34 . 2009-02-05 14:34 <DIR> d-------- c:\program files\Symantec2009-02-05 14:34 . 2009-02-05 14:35 <DIR> d-------- c:\program files\Common Files\Symantec Shared2009-02-05 14:34 . 2009-02-05 14:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec2009-02-05 14:34 . 2006-05-05 16:19 107,696 --a------ c:\windows\system32\drivers\SYMEVENT.SYS2009-02-05 14:34 . 2006-05-05 16:19 87,808 --a------ c:\windows\system32\S32EVNT1.DLL2009-02-05 14:33 . 2009-02-05 14:33 5,760,054 --a------ c:\windows\Yellow and Blue.bmp2009-02-05 14:29 . 2007-01-13 09:45 172,032 --a------ c:\windows\system32\igfxres.dll2009-02-05 14:23 . 2009-02-05 14:23 <DIR> d-------- c:\windows\system32\Lang2009-02-05 14:14 . 2009-02-05 14:14 <DIR> d-------- c:\windows\system32\Adobe2009-02-05 14:14 . 2009-02-05 14:14 <DIR> d-------- c:\windows\Profiles2009-02-05 14:14 . 2009-02-05 14:32 <DIR> d-------- c:\program files\Common Files\Adobe2009-02-05 14:14 . 1998-10-29 15:45 306,688 --a------ c:\windows\IsUninst.exe2009-02-05 14:13 . 2009-02-05 14:13 <DIR> d-------- c:\program files\Common Files\Ahead2009-02-05 14:13 . 2009-02-05 14:13 <DIR> d-------- c:\program files\Ahead2009-02-05 14:13 . 2004-07-26 16:16 1,568,768 --------- c:\windows\system32\ImagX7.dll2009-02-05 14:13 . 2004-07-26 16:16 476,320 --------- c:\windows\system32\ImagXpr7.dll2009-02-05 14:13 . 2004-07-26 16:16 471,040 --------- c:\windows\system32\ImagXRA7.dll2009-02-05 14:13 . 2004-07-09 08:43 364,544 --------- c:\windows\system32\TwnLib4.dll2009-02-05 14:13 . 2004-07-26 16:16 262,144 --------- c:\windows\system32\ImagXR7.dll2009-02-05 14:13 . 2001-07-09 10:50 155,648 --a------ c:\windows\system32\NeroCheck.exe2009-02-05 14:13 . 2000-06-26 10:45 106,496 --a------ c:\windows\system32\TwnLib20.dll2009-02-05 14:12 . 2009-02-06 17:27 <DIR> d--h----- c:\program files\InstallShield Installation Information2009-02-05 14:12 . 2009-02-05 14:12 <DIR> d-------- c:\program files\CyberLink DVD Solution2009-02-05 14:12 . 2009-02-05 14:12 <DIR> d-------- c:\program files\CyberLink2009-02-05 14:12 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Common Files\InstallShield2009-02-05 14:12 . 2004-10-01 15:00 40,960 --a------ c:\program files\Uninstall_CDS.exe.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-05 19:28 --------- d-----w c:\program files\NotePad++2009-02-05 19:27 --------- d-----w c:\program files\Windows Media Connect 22009-02-05 19:27 --------- d-----w c:\program files\Foxit2009-01-17 03:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll2008-12-19 09:10 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll2008-12-03 04:37 49,480 ----a-w c:\windows\system32\sirenacm.dll.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-03-24 53408]"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-06-15 124656]"D-Link RangeBooster G WDA-2320"="c:\program files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe" [2007-08-29 1662976]"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"ForceClassicControlPanel"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"ForceClassicControlPanel"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnkbackup=c:\windows\pss\Microsoft Office.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]--a------ 2008-04-13 18:12 15360 c:\windows\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]--a------ 2007-01-13 09:47 163840 c:\windows\system32\hkcmd.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]--a------ 2007-01-13 09:47 131072 c:\windows\system32\igfxtray.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]--a------ 2005-06-08 14:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]--a------ 2005-06-08 15:24 458752 c:\program files\Logitech\Video\ISStart.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]--a------ 2005-06-08 15:14 217088 c:\program files\Logitech\Video\LogiTray.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]--a------ 2007-01-13 09:46 135168 c:\windows\system32\igfxpers.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]--a------ 2004-11-02 20:24 32768 c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaDrive]--a------ 2006-10-05 20:56 280779 c:\windows\VistaDrive\VistaDrive.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"enablefirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2009-02-06 547744]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [2009-02-06 99376]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2009-02-06 57376]S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exe [2009-02-06 352338]S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-06-15 115952]S3 XDva224;XDva224;\??\c:\windows\system32\XDva224.sys --> c:\windows\system32\XDva224.sys [?].- - - - ORPHANS REMOVED - - - -HKCU-Run-PowerBar - (no file).------- Supplementary Scan -------.IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\Patrick\Application Data\Mozilla\Firefox\Profiles\4olqbz24.default\FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-23 14:25:21Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ????????????l?@?l?@?D??????w???????????????wl?@?l?@????? ???????????o??w???w???????w[??wx???????k??w???????? ??????????????|x???0???????????)?st)??w?????????????????1??m???P???????l?@?l?@??????J?w????t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_??s8?@?8?@ scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.Completion time: 2009-02-23 14:26:33ComboFix-quarantined-files.txt 2009-02-23 20:26:30Pre-Run: 31,985,446,912 bytes freePost-Run: 32,292,413,440 bytes freeWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect254 --- E O F --- 2009-02-16 05:49:40Yay, maintenant je peux acceder sur le site de Microsoft update. Je peux acceder a mon Anti-Spyware.Il ne reste que mon anti-virus, que j'avais reussir de le desactiver, me cache :SMerci beaucoup, vous etes un genie et un heros Je peux mettre a jour le Malwarebytes Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Le rootkit gaopdxserv a été dégommé.Que contient ce dossier : c:\windows\Drivers ?Fais analyser le fichier suivant : c:\windows\system32\XDva224.sysSur VirusTotal et poste le lien de l'analyse. Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 CombosFix m'a fait noter.Il contenait le gaopdxnpeoobww.sysEDIT: Je ne trouve plus le XDva224.sys, est-ce que c'est grave?EDIT 2: Jai recu cette message: 0 bytes size received / Se ha recibido un archivo vacio Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Ok, fais analyser ce fichier : C:\WINDOWS\system32\msln.exe Ce que je te demande, ce n'est pas pour t'embêter, c'est juste pour éviter que quelque chose traîne et te réinfecte. Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 J'ai aussi cette message: 0 bytes size received / Se ha recibido un archivo vacioCa peut etre reinfecte?Autre Detail: Est-ce que je peux supprimer iamfamous.dll dans la Quarantaine? Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 J'ai aussi cette message: 0 bytes size received / Se ha recibido un archivo vacioCa peut etre reinfecte?---> Je vais te faire supprimer XDva224.sys de toute façon.Autre Detail: Est-ce que je peux supprimer iamfamous.dll dans la Quarantaine?---> Tu peux supprimer ce qu'il y a dans la quarantaine de MBAM.Tu as fait l'analyse du nouveau fichier ? Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Oui, ca donne la meme message: 0 bytes size received / Se ha recibido un archivo vacio Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 /!\ Seul Pat(rick) peut suivre cette procédure /!\Désactive toute protection résidente (Antivirus...) !---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous (sans le mot Citation) :KillAll::Driver::XDva224File::c:\windows\system32\XDva224.sys C:\WINDOWS\system32\msln.exe DirLook::c:\windows\Drivers ---> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes- Colle (CTRL+V) le texte dans le Bloc-notes. - Enregistre ce fichier dans : Bureau- Nom du fichier : CFScript- Type du fichier : tous les fichiers !!- Clique sur Enregistrer.- Quitte le Bloc-notes.---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :Cela va relancer Combofix : au message qui apparaît, accepte.Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !Ne touche à rien tant que le scan n'est pas terminé.Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Voici le rapport:ComboFix 09-02-21.01 - Patrick 2009-02-23 15:32:29.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.537 [GMT -6:00]Running from: c:\documents and settings\Patrick\Desktop\ComboFix.exeCommand switches used :: c:\documents and settings\Patrick\Desktop\CFScript.txtAV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) * Created a new restore pointFILE ::c:\windows\system32\msln.exec:\windows\system32\XDva224.sys.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_XDVA224-------\Service_XDva224((((((((((((((((((((((((( Files Created from 2009-01-23 to 2009-02-23 ))))))))))))))))))))))))))))))).2009-02-23 09:17 . 2009-02-23 14:36 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware2009-02-23 09:17 . 2009-02-23 09:17 <DIR> d-------- c:\documents and settings\Patrick\Application Data\Malwarebytes2009-02-23 09:17 . 2009-02-23 09:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes2009-02-23 09:17 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys2009-02-23 09:17 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys2009-02-22 19:10 . 2009-02-22 19:10 <DIR> d-------- C:\rsit2009-02-22 19:10 . 2009-02-22 19:10 <DIR> d-------- c:\program files\trend micro2009-02-15 19:24 . 2009-02-15 19:24 <DIR> d-------- c:\windows\Drivers2009-02-15 13:19 . 2008-05-09 04:53 512,000 --------- c:\windows\system32\dllcache\jscript.dll2009-02-15 13:19 . 2008-05-09 04:53 430,080 --------- c:\windows\system32\dllcache\vbscript.dll2009-02-15 13:19 . 2008-05-09 04:53 180,224 --------- c:\windows\system32\dllcache\scrobj.dll2009-02-15 13:19 . 2008-05-09 04:53 172,032 --------- c:\windows\system32\dllcache\scrrun.dll2009-02-15 13:19 . 2008-05-08 05:24 155,648 --------- c:\windows\system32\dllcache\wscript.exe2009-02-15 13:19 . 2008-05-09 02:45 135,168 --------- c:\windows\system32\dllcache\cscript.exe2009-02-15 13:19 . 2008-05-09 04:53 90,112 --------- c:\windows\system32\dllcache\wshext.dll2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\system32\xircom2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\system32\npp2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\windows\srchasst2009-02-13 14:43 . 2009-02-13 14:43 <DIR> d-------- c:\program files\microsoft frontpage2009-02-13 14:35 . 2009-02-13 14:35 <DIR> d-------- c:\windows\system32\scripting2009-02-13 14:35 . 2009-02-13 14:35 <DIR> d-------- c:\windows\system32\bits2009-02-13 14:32 . 2009-02-13 14:32 <DIR> d-------- c:\windows\ServicePackFiles2009-02-13 14:26 . 2009-02-13 14:26 <DIR> d-------- c:\windows\EHome2009-02-09 01:13 . 2009-02-09 01:13 <DIR> d-------- c:\program files\MSXML 6.02009-02-09 01:13 . 2009-02-09 01:13 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.22009-02-09 01:11 . 2009-02-09 01:11 <DIR> d-------- c:\program files\MSXML 4.02009-02-09 01:11 . 2009-02-15 13:47 584 --a------ c:\windows\imsins.BAK2009-02-09 00:56 . 2008-04-13 18:11 1,888,992 --------- c:\windows\system32\ati3duag.dll2009-02-09 00:47 . 2007-04-17 03:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat2009-02-09 00:46 . 2008-12-20 17:15 6,066,688 --------- c:\windows\system32\dllcache\ieframe.dll2009-02-09 00:46 . 2008-09-15 06:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys2009-02-09 00:46 . 2007-03-07 23:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui2009-02-09 00:39 . 2008-04-11 13:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll2009-02-09 00:39 . 2008-10-24 05:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys2009-02-09 00:39 . 2008-10-15 10:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll2009-02-09 00:39 . 2008-12-11 04:57 333,952 --------- c:\windows\system32\dllcache\srv.sys2009-02-09 00:39 . 2008-05-01 08:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll2009-02-09 00:39 . 2008-10-03 04:02 247,326 --------- c:\windows\system32\dllcache\strmdll.dll2009-02-09 00:39 . 2008-05-08 08:02 203,136 --------- c:\windows\system32\dllcache\rmcast.sys2009-02-09 00:38 . 2008-09-04 11:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll2009-02-09 00:35 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll2009-02-09 00:35 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui2009-02-09 00:30 . 2008-10-16 14:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui2009-02-09 00:30 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui2009-02-09 00:30 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui2009-02-09 00:30 . 2008-10-16 14:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui2009-02-08 14:50 . 2009-02-18 20:18 <DIR> d-------- c:\documents and settings\Guest\Tracing2009-02-08 12:53 . 2009-02-08 12:53 <DIR> d-------- c:\program files\Spybot - Search & Destroy2009-02-08 12:53 . 2009-02-09 14:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy2009-02-07 21:09 . 2009-02-15 16:15 <DIR> d-------- c:\documents and settings\Guest2009-02-07 14:02 . 2009-02-07 14:02 <DIR> d-------- c:\program files\CCleaner2009-02-06 23:28 . 2009-02-06 23:28 <DIR> d-------- c:\program files\WinDirStat2009-02-06 23:22 . 2009-02-22 13:05 <DIR> d-------- c:\documents and settings\Patrick\Tracing2009-02-06 21:59 . 2009-02-06 21:59 <DIR> d-------- c:\program files\Windows Live SkyDrive2009-02-06 21:59 . 2009-02-06 22:05 <DIR> d-------- c:\program files\Windows Live2009-02-06 21:59 . 2009-02-06 21:59 <DIR> d-------- c:\program files\Microsoft2009-02-06 21:56 . 2009-02-06 21:56 <DIR> d-------- c:\program files\Common Files\Windows Live2009-02-06 17:10 . 2001-08-17 12:20 96,256 --a------ c:\windows\system32\drivers\ac97intc.sys2009-02-06 17:07 . 2009-02-06 17:07 <DIR> d-------- c:\documents and settings\Patrick\Application Data\CyberLink2009-02-06 17:07 . 2009-02-14 19:46 116 --a------ c:\windows\NeroDigital.ini2009-02-06 16:57 . 2008-04-13 12:45 10,624 --a------ c:\windows\system32\drivers\gameenum.sys2009-02-06 16:48 . 2009-02-12 20:08 <DIR> d-------- c:\documents and settings\Patrick2009-02-06 16:05 . 2009-02-06 16:05 <DIR> d-------- c:\windows\system32\LogFiles2009-02-06 15:52 . 2008-04-13 13:19 146,048 --a------ c:\windows\system32\drivers\portcls.sys2009-02-06 15:52 . 2008-04-13 18:12 129,536 --a------ c:\windows\system32\ksproxy.ax2009-02-06 15:52 . 2008-04-13 18:12 91,136 --a------ c:\windows\system32\kswdmcap.ax2009-02-06 15:52 . 2008-04-13 18:12 61,952 --a------ c:\windows\system32\kstvtune.ax2009-02-06 15:52 . 2008-04-13 12:45 60,160 --a------ c:\windows\system32\drivers\drmk.sys2009-02-06 15:52 . 2008-04-13 12:45 60,032 --a------ c:\windows\system32\drivers\usbaudio.sys2009-02-06 15:52 . 2008-04-13 18:12 53,760 --a------ c:\windows\system32\vfwwdm32.dll2009-02-06 15:52 . 2008-04-13 18:12 43,008 --a------ c:\windows\system32\ksxbar.ax2009-02-06 15:52 . 2008-04-13 18:12 28,672 --a------ c:\windows\system32\vidcap.ax2009-02-06 15:52 . 2008-04-13 12:39 5,376 --a------ c:\windows\system32\drivers\mspclock.sys2009-02-06 15:52 . 2008-04-13 18:11 4,096 --a------ c:\windows\system32\ksuser.dll2009-02-06 07:39 . 1999-06-23 17:13 86,016 --a------ c:\windows\unvise32.exe2009-02-06 07:39 . 2009-02-05 13:31 0 --a------ c:\temp\AUTOEXEC.BAT2009-02-06 07:37 . 2009-02-06 07:39 <DIR> d-------- C:\temp2009-02-06 02:02 . 2009-02-23 15:35 7 --a------ c:\windows\system32\ANIWZCSUSERNAME2009-02-06 01:56 . 2009-02-06 01:56 <DIR> d-------- c:\windows\cache2009-02-06 01:33 . 2009-02-06 01:56 <DIR> d-------- c:\program files\Yahoo!2009-02-06 01:33 . 2009-02-06 01:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!2009-02-06 01:29 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Logitech2009-02-06 01:29 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Common Files\Logitech2009-02-06 01:11 . 2009-02-06 01:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\CyberLink2009-02-06 00:52 . 2009-02-06 00:52 67 --a------ c:\windows\IDMan.INI2009-02-06 00:41 . 2005-10-19 18:19 1,327,189 --a------ c:\windows\system32\odSupp_M.dll2009-02-06 00:41 . 2007-09-05 18:13 679,936 --a------ c:\windows\system32\ANIWZCS2.dll2009-02-06 00:41 . 2007-08-14 13:26 262,144 --a------ c:\windows\system32\wnicapi.dll2009-02-06 00:41 . 2007-08-20 17:41 233,472 --a------ c:\windows\system32\WlanApp.dll2009-02-06 00:41 . 2007-05-12 13:33 217,088 --a------ c:\windows\system32\aIPH.dll2009-02-06 00:41 . 2005-10-27 08:55 49,152 --a------ c:\windows\system32\JJAKEn.dll2009-02-06 00:41 . 2005-10-19 18:19 49,152 --a------ c:\windows\system32\AQCKGen.dll2009-02-06 00:41 . 2006-09-26 13:49 45,115 --a------ c:\windows\system32\ANICtl.dll2009-02-06 00:41 . 2006-11-10 04:11 134 --a------ c:\windows\system32\DWLAB.DAT2009-02-06 00:41 . 2009-02-23 15:35 8 --a------ c:\windows\system32\ANIWZCSUSERNAME{9A6DF6C0-5872-42D2-B81E-47D6F380B50C}2009-02-06 00:40 . 2009-02-06 00:40 <DIR> d-------- c:\program files\D-Link2009-02-06 00:40 . 2009-02-06 00:41 <DIR> d-------- c:\program files\ANI2009-02-05 14:43 . 2009-02-05 14:43 0 --a------ c:\windows\nsreg.dat2009-02-05 14:34 . 2009-02-23 15:35 <DIR> d-------- c:\program files\Symantec AntiVirus2009-02-05 14:34 . 2009-02-05 14:34 <DIR> d-------- c:\program files\Symantec2009-02-05 14:34 . 2009-02-05 14:35 <DIR> d-------- c:\program files\Common Files\Symantec Shared2009-02-05 14:34 . 2009-02-05 14:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec2009-02-05 14:34 . 2006-05-05 16:19 107,696 --a------ c:\windows\system32\drivers\SYMEVENT.SYS2009-02-05 14:34 . 2006-05-05 16:19 87,808 --a------ c:\windows\system32\S32EVNT1.DLL2009-02-05 14:33 . 2009-02-05 14:33 5,760,054 --a------ c:\windows\Yellow and Blue.bmp2009-02-05 14:29 . 2007-01-13 09:45 172,032 --a------ c:\windows\system32\igfxres.dll2009-02-05 14:23 . 2009-02-05 14:23 <DIR> d-------- c:\windows\system32\Lang2009-02-05 14:14 . 2009-02-05 14:14 <DIR> d-------- c:\windows\system32\Adobe2009-02-05 14:14 . 2009-02-05 14:14 <DIR> d-------- c:\windows\Profiles2009-02-05 14:14 . 2009-02-05 14:32 <DIR> d-------- c:\program files\Common Files\Adobe2009-02-05 14:14 . 1998-10-29 15:45 306,688 --a------ c:\windows\IsUninst.exe2009-02-05 14:13 . 2009-02-05 14:13 <DIR> d-------- c:\program files\Common Files\Ahead2009-02-05 14:13 . 2009-02-05 14:13 <DIR> d-------- c:\program files\Ahead2009-02-05 14:13 . 2004-07-26 16:16 1,568,768 --------- c:\windows\system32\ImagX7.dll2009-02-05 14:13 . 2004-07-26 16:16 476,320 --------- c:\windows\system32\ImagXpr7.dll2009-02-05 14:13 . 2004-07-26 16:16 471,040 --------- c:\windows\system32\ImagXRA7.dll2009-02-05 14:13 . 2004-07-09 08:43 364,544 --------- c:\windows\system32\TwnLib4.dll2009-02-05 14:13 . 2004-07-26 16:16 262,144 --------- c:\windows\system32\ImagXR7.dll2009-02-05 14:13 . 2001-07-09 10:50 155,648 --a------ c:\windows\system32\NeroCheck.exe2009-02-05 14:13 . 2000-06-26 10:45 106,496 --a------ c:\windows\system32\TwnLib20.dll2009-02-05 14:12 . 2009-02-06 17:27 <DIR> d--h----- c:\program files\InstallShield Installation Information2009-02-05 14:12 . 2009-02-05 14:12 <DIR> d-------- c:\program files\CyberLink DVD Solution2009-02-05 14:12 . 2009-02-05 14:12 <DIR> d-------- c:\program files\CyberLink2009-02-05 14:12 . 2009-02-06 01:29 <DIR> d-------- c:\program files\Common Files\InstallShield2009-02-05 14:12 . 2004-10-01 15:00 40,960 --a------ c:\program files\Uninstall_CDS.exe.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2009-02-05 19:28 --------- d-----w c:\program files\NotePad++2009-02-05 19:27 --------- d-----w c:\program files\Windows Media Connect 22009-02-05 19:27 --------- d-----w c:\program files\Foxit2009-01-17 03:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll2008-12-19 09:10 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll2008-12-03 04:37 49,480 ----a-w c:\windows\system32\sirenacm.dll.(((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))).---- Directory of c:\windows\Drivers ----2007-04-25 16:00 33823016 --a------ c:\windows\Drivers\qc848enu.exe 2004-09-23 14:56 3730 --a------ c:\windows\Drivers\swsetup\SP28818\SP28818.cva 2004-08-14 09:57 943 --a------ c:\windows\Drivers\Win\Audio\IBMTPI.XML 2004-08-09 15:27 8720 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\SMX.CAT 2004-08-09 15:27 8720 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\SMX.CAT 2004-08-03 08:56 74 --a------ c:\windows\Drivers\Win\Audio\DATA.TAG 2004-08-03 08:48 512 --a------ c:\windows\Drivers\Win\Audio\DATA2.CAB 2004-08-03 08:48 1656 --a------ c:\windows\Drivers\Win\Audio\LAYOUT.BIN 2004-08-03 08:48 142216 --a------ c:\windows\Drivers\Win\Audio\DATA1.HDR 2004-08-03 08:47 437812 --a------ c:\windows\Drivers\Win\Audio\SETUP.IBT 2004-08-03 08:47 396267 --a------ c:\windows\Drivers\Win\Audio\SETUP.INX 2004-08-03 08:47 1921214 --a------ c:\windows\Drivers\Win\Audio\DATA1.CAB 2004-07-28 20:11 796 --a------ c:\windows\Drivers\swsetup\SP28818\smwdms.txt 2004-07-28 20:11 552 --a------ c:\windows\Drivers\swsetup\SP28818\WSsmwdms.txt 2004-07-28 16:07 630 --a------ c:\windows\Drivers\Win\Audio\SETUP.ISS 2004-07-28 16:07 415 --a------ c:\windows\Drivers\Win\Audio\SETUP.INI 2004-07-28 16:07 308278 --a------ c:\windows\Drivers\Win\Audio\WIN256_3.BMP 2004-07-20 14:52 11537 --a------ c:\windows\Drivers\swsetup\SP28818\smx.cat 2004-07-20 14:52 11537 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\smx.cat 2004-07-20 14:52 11537 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\smx.cat 2004-07-16 13:57 60420 --a------ c:\windows\Drivers\swsetup\SP28818\smwdmCH4.inf 2004-07-16 13:57 60420 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\smwdmCH4.inf 2004-07-16 13:57 60420 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\smwdmCH4.inf 2004-07-16 12:04 62 --a------ c:\windows\Drivers\Win\Audio\SMOPT.INI 2004-07-01 10:10 39409 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\SMWDMCH4.INF 2004-07-01 10:10 39409 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\SMWDMCH4.INF 2004-06-23 09:42 266880 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\SMWDM.SYS 2004-06-23 09:42 266880 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\SMWDM.SYS 2004-04-19 02:10 460264 --a------ c:\windows\Drivers\Win\Audio\ENGINE32.CAB 2004-04-19 02:10 116688 --a------ c:\windows\Drivers\Win\Audio\SETUP.EXE 2004-02-20 16:15 5818 --a------ c:\windows\Drivers\Win\Audio\README.TXT 2004-02-09 15:29 3561 --a------ c:\windows\Drivers\swsetup\SP26997.CVA 2004-01-30 14:53 13167 --a------ c:\windows\Drivers\swsetup\smx.cat 2004-01-30 14:53 13167 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\smx.cat 2004-01-30 14:53 13167 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\smx.cat 2004-01-27 08:28 49065 --a------ c:\windows\Drivers\swsetup\smwdmCOM.inf 2004-01-27 08:28 49065 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\smwdmCOM.inf 2004-01-27 08:28 49065 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\smwdmCOM.inf 2004-01-22 15:10 75 --a------ c:\windows\Drivers\swsetup\data.tag 2004-01-22 11:40 7846 --a------ c:\windows\Drivers\swsetup\SP27103\SP27103.CVA 2004-01-14 14:33 74 --a------ c:\windows\Drivers\swsetup\SP28818\data.tag 2004-01-14 11:20 65096 --a------ c:\windows\Drivers\swsetup\SP28818\data1.hdr 2004-01-14 11:20 512 --a------ c:\windows\Drivers\swsetup\SP28818\data2.cab 2004-01-14 11:20 495 --a------ c:\windows\Drivers\swsetup\SP28818\layout.bin 2004-01-14 11:20 1265100 --a------ c:\windows\Drivers\swsetup\SP28818\data1.cab 2004-01-13 15:40 612032 --a------ c:\windows\Drivers\swsetup\SP28818\smwdm.sys 2004-01-13 15:40 612032 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\smwdm.sys 2004-01-13 15:40 612032 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\smwdm.sys 2003-12-19 14:59 239567 --a------ c:\windows\Drivers\swsetup\SP28818\setup.inx 2003-12-19 10:51 4928 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\ADI_RMV.EXE 2003-12-19 09:51 4928 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\ADI_RMV.EXE 2003-12-17 14:43 65100 --a------ c:\windows\Drivers\swsetup\data1.hdr 2003-12-17 14:43 512 --a------ c:\windows\Drivers\swsetup\data2.cab 2003-12-17 14:43 495 --a------ c:\windows\Drivers\swsetup\layout.bin 2003-12-17 14:43 1264981 --a------ c:\windows\Drivers\swsetup\data1.cab 2003-12-17 14:29 591936 --a------ c:\windows\Drivers\swsetup\smwdm.sys 2003-12-17 14:29 591936 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\smwdm.sys 2003-12-17 14:29 591936 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\smwdm.sys 2003-11-14 11:08 239484 --a------ c:\windows\Drivers\swsetup\setup.inx 2003-11-05 09:25 4864 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\ADI_RMV.EXE 2003-10-23 10:17 100384 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\AEAUDIO.sys 2003-10-23 10:17 100384 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\AEAUDIO.sys 2003-10-23 10:17 100384 --a------ c:\windows\Drivers\swsetup\AEAUDIO.sys 2003-09-25 15:01 2319 --a------ c:\windows\Drivers\swsetup\ALTMIXER.INI 2003-07-30 08:17 102400 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMax3CP.cpl 2003-07-30 08:15 155648 --a------ c:\windows\Drivers\swsetup\SM_Power\Sys\PwrMan.dll 2003-07-30 08:13 151552 --a------ c:\windows\Drivers\swsetup\SM_Micro\Sys\MicTab.dll 2003-07-30 08:08 143360 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMTray.exe 2003-07-29 14:14 1768 --a------ c:\windows\Drivers\swsetup\SP27103\setup.iss 2003-07-25 13:38 0 --a------ c:\windows\Drivers\swsetup\SP27103\NoDrvErr.txt 2003-07-21 11:26 16514 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smx.cat 2003-07-21 11:26 16514 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smx.cat 2003-06-27 12:25 55 --a------ c:\windows\Drivers\swsetup\SP27103\data.tag 2003-06-27 12:08 63298 --a------ c:\windows\Drivers\swsetup\SP27103\data1.hdr 2003-06-27 12:08 512 --a------ c:\windows\Drivers\swsetup\SP27103\data2.cab 2003-06-27 12:08 476 --a------ c:\windows\Drivers\swsetup\SP27103\layout.bin 2003-06-27 12:08 1262094 --a------ c:\windows\Drivers\swsetup\SP27103\data1.cab 2003-06-26 16:10 106496 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\DLSLoader.exe 2003-06-16 07:32 49152 --a------ c:\windows\Drivers\Win\Audio\SYS\DSNDUP.EXE 2003-06-16 06:32 49152 --a------ c:\windows\Drivers\swsetup\Sys\DSndUp.exe 2003-06-16 06:32 49152 --a------ c:\windows\Drivers\swsetup\SP28818\Sys\DSndUp.exe 2003-06-02 12:24 63570 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Arabic\SMaxFAQ.htm 2003-06-02 11:30 60990 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Hebrew\SMaxFAQ.htm 2003-05-29 08:16 17 --a------ c:\windows\Drivers\Win\Audio\AUDIO.TPI 2003-05-27 15:12 47456 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdmCH4.inf 2003-05-27 15:12 47456 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdmCH4.inf 2003-05-27 15:12 44103 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdmCH2.inf 2003-05-27 15:12 44103 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdmCH2.inf 2003-05-27 15:12 29234 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdmCH5.inf 2003-05-27 15:12 29234 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdmCH5.inf 2003-05-27 15:12 27269 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdmNV2.inf 2003-05-27 15:12 27269 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdmNV2.inf 2003-05-27 15:12 27192 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdmNV8.inf 2003-05-27 15:12 27192 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdmNV8.inf 2003-05-27 15:05 578304 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smwdm.sys 2003-05-27 15:05 578304 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smwdm.sys 2003-05-23 16:15 15254 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Thai\SMaxFAQ.htm 2003-05-23 14:43 235693 --a------ c:\windows\Drivers\swsetup\SP27103\setup.inx 2003-05-23 14:34 401 --a------ c:\windows\Drivers\swsetup\SP27103\Setup.ini 2003-05-23 14:34 308278 --a------ c:\windows\Drivers\swsetup\SP27103\win256_3.bmp 2003-05-23 14:34 308276 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX.bmp 2003-05-23 11:48 12901 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\TradChin\SMaxFAQ.htm 2003-05-23 10:10 12729 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SimpChin\SMaxFAQ.htm 2003-05-23 09:56 16035 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Japanese\SMaxFAQ.htm 2003-05-22 16:37 15568 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Korean\SMaxFAQ.htm 2003-05-22 16:14 16898 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Russian\SMaxFAQ.htm 2003-05-22 15:59 16368 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Dutch\SMaxFAQ.htm 2003-05-22 15:54 18143 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Swedish\SMaxFAQ.htm 2003-05-22 15:49 16651 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Norwegan\SMaxFAQ.htm 2003-05-22 15:40 18566 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Finnish\SMaxFAQ.htm 2003-05-22 15:34 17213 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Danish\SMaxFAQ.htm 2003-05-22 14:57 18075 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Italian\SMaxFAQ.htm 2003-05-22 14:49 18442 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\German\SMaxFAQ.htm 2003-05-22 14:34 19747 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\French\SMaxFAQ.htm 2003-05-15 07:49 15830 --a------ c:\windows\Drivers\swsetup\MIXER.INI 2003-05-12 14:55 978944 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\SynthCoreA.Dll 2003-05-08 10:34 69632 --a------ c:\windows\Drivers\swsetup\SP27103\DrvLsnr.exe 2003-05-07 09:31 19188 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Spanish\SMaxFAQ.htm 2003-05-07 09:31 16104 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\English\SMaxFAQ.htm 2003-05-07 09:30 19317 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Brazil\SMaxFAQ.htm 2003-05-05 08:41 126976 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMax3CP.cpl 2003-05-05 08:39 106496 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\MidiSynth.dll 2003-05-05 08:38 151552 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Micro\Sys\MicTab.dll 2003-05-05 06:57 143360 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMTray.exe 2003-04-30 13:14 16104 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\English\SMaxFAQ.htm 2003-04-30 08:47 19188 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Spanish\SMaxFAQ.htm 2003-04-30 08:43 19317 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\Brazil\SMaxFAQ.htm 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SP28818\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\smsens.sys 2003-04-08 09:30 3744 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\smsens.sys 2003-04-07 07:27 18130 --a------ c:\windows\Drivers\swsetup\SP27103\ADIALTGD.ini 2003-03-13 16:34 100224 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\AEAUDIO.sys 2003-03-13 16:34 100224 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\AEAUDIO.sys 2003-02-26 16:04 15568 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Korean\SMaxFAQ.htm 2003-02-26 15:48 16035 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Japanese\SMaxFAQ.htm 2003-02-26 14:42 60904 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Hebrew\SMaxFAQ.htm 2003-02-26 14:09 12901 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\TradChin\SMaxFAQ.htm 2003-02-26 13:56 15254 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Thai\SMaxFAQ.htm 2003-02-26 13:42 12729 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SimpChin\SMaxFAQ.htm 2003-02-26 13:25 16898 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Russian\SMaxFAQ.htm 2003-02-26 11:34 18143 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Swedish\SMaxFAQ.htm 2003-02-26 11:27 16651 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Norwegan\SMaxFAQ.htm 2003-02-26 10:03 18075 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Italian\SMaxFAQ.htm 2003-02-26 10:01 18442 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\German\SMaxFAQ.htm 2003-02-26 09:55 19747 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\French\SMaxFAQ.htm 2003-02-26 09:52 18566 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Finnish\SMaxFAQ.htm 2003-02-26 09:48 16368 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Dutch\SMaxFAQ.htm 2003-02-26 09:44 17213 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Danish\SMaxFAQ.htm 2003-02-26 09:15 63869 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\Arabic\SMaxFAQ.htm 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\WDMSTUB.SYS 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\WDMSTUB.SYS 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SP28818\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\WDMSTUB.sys 2003-01-17 13:25 10880 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\WDMSTUB.sys 2003-01-08 10:23 49152 --a------ c:\windows\Drivers\swsetup\SP27103\Sys\DSndUp.exe 2003-01-02 12:01 65536 --a------ c:\windows\Drivers\Win\Audio\MIGRATE\MIGRATE.DLL 2002-12-18 14:55 9 --a------ c:\windows\Drivers\swsetup\NoTskBar.txt 2002-12-17 16:03 4512 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\ADI_RMV.EXE 2002-11-06 20:23 49152 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\Sys\S11thk32.dll 2002-11-06 20:23 12288 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\Sys\Syncor11.drv 2002-11-06 18:00 40820 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\Sys\Syncor11.dll 2002-09-20 14:50 45056 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMAgent.exe 2002-09-20 14:50 45056 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMAgent.exe 2002-08-30 13:09 595 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\DLSLdr.mnf 2002-08-30 11:59 380928 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\SynCor.exe 2002-08-08 14:03 40960 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMAgentX.exe 2002-08-08 14:03 40960 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMAgentX.exe 2002-07-30 15:39 592 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMaxCP.mnf 2002-07-30 15:39 592 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMaxCP.mnf 2002-07-25 15:07 346602 --a------ c:\windows\Drivers\swsetup\SP27103\ikernel.ex_ 2002-07-25 14:07 346602 --a------ c:\windows\Drivers\swsetup\SP28818\ikernel.ex_ 2002-07-25 14:07 346602 --a------ c:\windows\Drivers\swsetup\ikernel.ex_ 2002-07-24 13:06 45056 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\Sys\SynthCore11Resources.dll 2002-07-01 10:23 65536 --a------ c:\windows\Drivers\swsetup\SP28818\Migrate\Migrate.dll 2002-07-01 10:23 65536 --a------ c:\windows\Drivers\swsetup\SP27103\Migrate\Migrate.dll 2002-07-01 10:23 65536 --a------ c:\windows\Drivers\swsetup\Migrate\Migrate.dll 2002-06-19 14:26 40960 --a------ c:\windows\Drivers\swsetup\SP28818\AEEnable.exe 2002-06-19 14:26 40960 --a------ c:\windows\Drivers\swsetup\SP27103\AEEnable.exe 2002-06-19 14:26 40960 --a------ c:\windows\Drivers\swsetup\AEEnable.exe 2002-06-19 13:26 40960 --a------ c:\windows\Drivers\Win\Audio\AEENABLE.EXE 2002-06-07 12:11 40960 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMAgentI.exe 2002-06-07 12:11 40960 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMAgentI.exe 2002-06-06 06:55 77824 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Micro\Sys\SMWizard.exe 2002-06-06 06:55 77824 --a------ c:\windows\Drivers\swsetup\SM_Micro\Sys\SMWizard.exe 2002-04-22 11:40 45056 --a------ c:\windows\Drivers\Win\Audio\ADMINCHK.DLL 2002-04-22 11:40 45056 --a------ c:\windows\Drivers\swsetup\SP28818\adminchk.dll 2002-04-22 11:40 45056 --a------ c:\windows\Drivers\swsetup\SP27103\adminchk.dll 2002-04-22 11:40 45056 --a------ c:\windows\Drivers\swsetup\adminchk.dll 2002-04-17 14:05 45056 --a------ c:\windows\Drivers\Win\Audio\SYS\CLEANUP.EXE 2002-04-17 14:05 45056 --a------ c:\windows\Drivers\swsetup\Sys\CleanUp.exe 2002-04-17 14:05 45056 --a------ c:\windows\Drivers\swsetup\SP28818\Sys\CleanUp.exe 2002-04-17 14:05 45056 --a------ c:\windows\Drivers\swsetup\SP27103\Sys\CleanUp.exe 2002-04-01 12:15 4816 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\AEAUDIO.sys 2002-04-01 12:15 4816 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\AEAUDIO.sys 2002-04-01 12:15 4816 --a------ c:\windows\Drivers\swsetup\SP28818\AEAUDIO.sys 2002-03-28 17:40 308278 --a------ c:\windows\Drivers\swsetup\win256_3.bmp 2002-03-28 17:40 308278 --a------ c:\windows\Drivers\swsetup\SP28818\win256_3.bmp 2002-03-26 16:53 308276 --a------ c:\windows\Drivers\swsetup\SP28818\SoundMAX.bmp 2002-03-26 16:53 308276 --a------ c:\windows\Drivers\swsetup\SoundMAX.bmp 2002-03-11 16:10 1078 --a------ c:\windows\Drivers\Win\Audio\SMAX3CP.ICO 2002-03-11 15:10 1078 --a------ c:\windows\Drivers\swsetup\SP28818\SMax3CP.ico 2002-03-11 15:10 1078 --a------ c:\windows\Drivers\swsetup\SP27103\SMax3CP.ico 2002-03-11 15:10 1078 --a------ c:\windows\Drivers\swsetup\SMax3CP.ico 2001-12-26 10:26 45056 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\inst16.exe 2001-12-26 10:26 45056 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\inst16.exe 2001-12-26 10:26 45056 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\inst16.exe 2001-11-19 13:42 7 --a------ c:\windows\Drivers\swsetup\SP28818\nocompi.txt 2001-11-19 13:42 7 --a------ c:\windows\Drivers\swsetup\SP27103\nocompi.txt 2001-11-19 13:42 7 --a------ c:\windows\Drivers\swsetup\nocompi.txt 2001-11-19 13:42 6 --a------ c:\windows\Drivers\swsetup\SP28818\nocompu.txt 2001-11-19 13:42 6 --a------ c:\windows\Drivers\swsetup\SP27103\nocompu.txt 2001-11-19 13:42 6 --a------ c:\windows\Drivers\swsetup\nocompu.txt 2001-10-25 16:40 401 --a------ c:\windows\Drivers\swsetup\SP28818\Setup.ini 2001-10-25 16:40 401 --a------ c:\windows\Drivers\swsetup\Setup.ini 2001-10-25 16:40 1768 --a------ c:\windows\Drivers\swsetup\SP28818\setup.iss 2001-10-25 16:40 1768 --a------ c:\windows\Drivers\swsetup\setup.iss 2001-10-18 13:39 4589638 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\4 MB General MIDI.dls 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\INSTALL.EXE 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\install.exe 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\swsetup\SP28818\install.exe 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\install.exe 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\install.exe 2001-10-04 14:49 36352 --a------ c:\windows\Drivers\swsetup\install.exe 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\REMOVE.EXE 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\Remove.exe 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\swsetup\SP28818\Remove.exe 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\Remove.exe 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\Remove.exe 2001-10-04 14:49 35328 --a------ c:\windows\Drivers\swsetup\Remove.exe 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\W2K_XP\MIGRATE.DLL 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\Win\Audio\SMAXWDM\SE\MIGRATE.DLL 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SP28818\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\migrate.dll 2001-10-03 12:14 381200 --a------ c:\windows\Drivers\swsetup\migrate.dll 2001-09-19 12:47 73785 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\ATL.DLL 2001-09-19 12:47 73785 --a------ c:\windows\Drivers\swsetup\Redist\ATL.DLL 2001-09-19 12:47 614672 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\Oleaut32.dll 2001-09-19 12:47 614672 --a------ c:\windows\Drivers\swsetup\Redist\Oleaut32.dll 2001-09-19 12:47 290869 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\Msvcrt.dll 2001-09-19 12:47 290869 --a------ c:\windows\Drivers\swsetup\Redist\Msvcrt.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\W2K_XP\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SP28818\SMAXWDM\SE\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SP28818\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\W2K_XP\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SP27103\SMAXWDM\SE\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SMAXWDM\W2K_XP\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\SMAXWDM\SE\a3d.dll 2001-09-19 12:32 720896 --a------ c:\windows\Drivers\swsetup\a3d.dll 2001-09-11 16:20 1285632 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\SMMedia.dll 2001-09-11 16:20 1285632 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\SMMedia.dll 2001-09-11 14:20 49152 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\_iscppr.exe 2001-09-11 14:20 30208 --a------ c:\windows\Drivers\swsetup\SP27103\SM_Panel\Sys\wdmioctl.dll 2001-09-11 14:20 30208 --a------ c:\windows\Drivers\swsetup\SM_Panel\Sys\wdmioctl.dll 2001-09-11 14:20 1514968 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\1.2MB XGLite.stxg 2001-08-24 14:45 61440 --a------ c:\windows\Drivers\Win\Audio\REMADI.EXE 2001-08-24 14:45 61440 --a------ c:\windows\Drivers\swsetup\SP28818\RemADI.exe 2001-08-24 14:45 61440 --a------ c:\windows\Drivers\swsetup\SP27103\RemADI.exe 2001-08-24 14:45 61440 --a------ c:\windows\Drivers\swsetup\RemADI.exe 2001-08-15 16:08 377856 --a------ c:\windows\Drivers\swsetup\SP28818\269601USA8.EXE 2001-04-13 14:22 2378700 --a------ c:\windows\Drivers\swsetup\SP27103\SoundMAX Synthesizer\DLS\techno.rmi 2000-06-08 15:00 995383 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\mfc42.dll 2000-06-08 15:00 995383 --a------ c:\windows\Drivers\swsetup\Redist\mfc42.dll 2000-06-08 15:00 16896 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\STDOLE2.TLB 2000-06-08 15:00 16896 --a------ c:\windows\Drivers\swsetup\Redist\STDOLE2.TLB 2000-06-08 15:00 164112 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\Olepro32.dll 2000-06-08 15:00 164112 --a------ c:\windows\Drivers\swsetup\Redist\Olepro32.dll 2000-06-08 15:00 16384 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\COMCAT.DLL 2000-06-08 15:00 16384 --a------ c:\windows\Drivers\swsetup\Redist\COMCAT.DLL 2000-06-08 15:00 143632 --a------ c:\windows\Drivers\swsetup\SP27103\Redist\ASYCFILT.DLL 2000-06-08 15:00 143632 --a------ c:\windows\Drivers\swsetup\Redist\ASYCFILT.DLL 2000-05-15 09:08 134656 --a------ c:\windows\Drivers\swsetup\SP27103\Setup.exe 2000-05-15 08:08 134656 --a------ c:\windows\Drivers\swsetup\SP28818\Setup.exe 2000-05-15 08:08 134656 --a------ c:\windows\Drivers\swsetup\Setup.exe ((((((((((((((((((((((((((((( SnapShot@2009-02-23_14.25.42.01 ))))))))))))))))))))))))))))))))))))))))).+ 2005-10-21 02:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-03-24 53408]"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-06-15 124656]"D-Link RangeBooster G WDA-2320"="c:\program files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe" [2007-08-29 1662976]"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll][HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]"ForceClassicControlPanel"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]"ForceClassicControlPanel"= 1 (0x1)"NoSMConfigurePrograms"= 1 (0x1)[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnkbackup=c:\windows\pss\Microsoft Office.lnkCommon Startup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]--a------ 2008-04-13 18:12 15360 c:\windows\system32\ctfmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]--a------ 2007-01-13 09:47 163840 c:\windows\system32\hkcmd.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]--a------ 2007-01-13 09:47 131072 c:\windows\system32\igfxtray.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]--a------ 2005-06-08 14:44 196608 c:\program files\Logitech\Video\ManifestEngine.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]--a------ 2005-06-08 15:24 458752 c:\program files\Logitech\Video\ISStart.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]--a------ 2005-06-08 15:14 217088 c:\program files\Logitech\Video\LogiTray.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]--a------ 2007-01-13 09:46 135168 c:\windows\system32\igfxpers.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]--a------ 2004-11-02 20:24 32768 c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaDrive]--a------ 2006-10-05 20:56 280779 c:\windows\VistaDrive\VistaDrive.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"enablefirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2009-02-06 547744]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [2009-02-06 99376]R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2009-02-06 57376]S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exe [2009-02-06 352338]S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2006-06-15 115952]..------- Supplementary Scan -------.uStart Page = hxxp://www.google.com/IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000FF - ProfilePath - c:\documents and settings\Patrick\Application Data\Mozilla\Firefox\Profiles\4olqbz24.default\FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll.**************************************************************************catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2009-02-23 15:35:07Windows 5.1.2600 Service Pack 3 NTFSscanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Common Files\Symantec Shared\ccSetMgr.exec:\program files\Common Files\Symantec Shared\ccEvtMgr.exec:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exec:\program files\Symantec AntiVirus\DefWatch.exec:\program files\Symantec AntiVirus\Rtvscan.exec:\windows\system32\wscntfy.exe.**************************************************************************.Completion time: 2009-02-23 15:37:16 - machine was rebooted [Patrick]ComboFix-quarantined-files.txt 2009-02-23 21:37:12ComboFix2.txt 2009-02-23 20:26:34Pre-Run: 32,240,447,488 bytes freePost-Run: 32,190,402,560 bytes free548 --- E O F --- 2009-02-16 05:49:40 Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Menu Démarrer > Exécuter > Tape combofix /u et valide.Refais un scan RSIT et poste le rapport log pour que je vérifie que c'est OK. Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Euh, mon ComboFix s'est desinstaller o.OC'est quoi un scan RSIT? ah je me rappelleVoici le rapport de RSIT:Logfile of random's system information tool 1.05 (written by random/random)Run by Patrick at 2009-02-23 15:56:36Microsoft Windows XP Professional Service Pack 3System drive C: has 32 GB (83%) free of 38 GBTotal RAM: 1015 MB (45% free)Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:56:51 PM, on 2/23/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16791)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec AntiVirus\DefWatch.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Symantec AntiVirus\Rtvscan.exeC:\Program Files\Common Files\Symantec Shared\ccApp.exeC:\PROGRA~1\SYMANT~1\VPTray.exeC:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exeC:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeC:\WINDOWS\system32\LVCOMSX.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\explorer.exeC:\Program Files\internet explorer\iexplore.exeC:\Documents and Settings\Patrick\Desktop\RSIT.exeC:\Program Files\trend micro\Patrick.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exeO4 - HKLM\..\Run: [D-Link RangeBooster G WDA-2320] C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exeO4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exeO4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXEO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exeO4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234160922453O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234160873796O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeO23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exeO23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeO23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeO23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe--End of file - 5613 bytes======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-03-24 53408]"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-06-15 124656]"D-Link RangeBooster G WDA-2320"=C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe [2007-08-29 1662976]"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]C:\WINDOWS\system32\igfxtray.exe [2007-01-13 131072][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaDrive]C:\WINDOWS\VistaDrive\VistaDrive.exe [2006-10-05 280779][HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]C:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]C:\WINDOWS\system32\igfxdev.dll [2007-01-13 204800][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]C:\WINDOWS\system32\NavLogon.dll [2006-06-15 43760][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-01-17 133632][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=323"ForceClassicControlPanel"=1"NoSMConfigurePrograms"=1"NoDriveAutoRun"=67108863"NoDrives"=0[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveAutoRun"="NoDriveTypeAutoRun"="NoDrives"=[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger""C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call""C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"======List of files/folders created in the last 1 months======2009-02-23 15:53:04 ----SHD---- C:\RECYCLER2009-02-23 15:52:50 ----D---- C:\ComboFix2009-02-23 15:37:20 ----D---- C:\WINDOWS\temp2009-02-23 15:37:18 ----A---- C:\ComboFix.txt2009-02-23 14:19:51 ----A---- C:\Boot.bak2009-02-23 14:19:47 ----RASHD---- C:\cmdcons2009-02-23 13:46:17 ----D---- C:\WINDOWS\ERDNT2009-02-23 09:17:12 ----D---- C:\Documents and Settings\Patrick\Application Data\Malwarebytes2009-02-23 09:17:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware2009-02-23 09:17:07 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes2009-02-23 09:00:42 ----HD---- C:\autorun.inf2009-02-22 19:10:12 ----D---- C:\rsit2009-02-22 19:10:12 ----D---- C:\Program Files\trend micro2009-02-15 19:24:33 ----D---- C:\WINDOWS\Drivers2009-02-15 13:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$2009-02-15 13:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$2009-02-15 13:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$2009-02-13 14:43:31 ----A---- C:\WINDOWS\OEWABLog.txt2009-02-13 14:43:06 ----D---- C:\Program Files\xerox2009-02-13 14:43:04 ----D---- C:\WINDOWS\system32\xircom2009-02-13 14:43:04 ----D---- C:\WINDOWS\system32\npp2009-02-13 14:43:04 ----D---- C:\WINDOWS\srchasst2009-02-13 14:43:04 ----D---- C:\Program Files\netmeeting2009-02-13 14:43:04 ----D---- C:\Program Files\msn gaming zone2009-02-13 14:43:04 ----D---- C:\Program Files\Common Files\speechengines2009-02-13 14:43:03 ----D---- C:\Program Files\microsoft frontpage2009-02-13 14:42:29 ----D---- C:\WINDOWS\Prefetch2009-02-13 14:40:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$2009-02-13 14:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$2009-02-13 14:40:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$2009-02-13 14:40:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$2009-02-13 14:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$2009-02-13 14:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$2009-02-13 14:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$2009-02-13 14:39:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$2009-02-13 14:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$2009-02-13 14:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$2009-02-13 14:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$2009-02-13 14:39:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$2009-02-13 14:39:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$2009-02-13 14:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$2009-02-13 14:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$2009-02-13 14:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$2009-02-13 14:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$2009-02-13 14:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$2009-02-13 14:36:20 ----A---- C:\WINDOWS\setuplog.txt2009-02-13 14:35:26 ----D---- C:\Program Files\Messenger2009-02-13 14:35:05 ----D---- C:\WINDOWS\system32\scripting2009-02-13 14:35:03 ----D---- C:\WINDOWS\system32\bits2009-02-13 14:35:03 ----D---- C:\Program Files\msn2009-02-13 14:35:02 ----D---- C:\Program Files\movie maker2009-02-13 14:32:29 ----D---- C:\WINDOWS\ServicePackFiles2009-02-13 14:26:59 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$2009-02-13 14:26:57 ----D---- C:\WINDOWS\EHome2009-02-11 00:38:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$2009-02-09 01:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$2009-02-09 01:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$2009-02-09 01:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$2009-02-09 01:15:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$2009-02-09 01:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$2009-02-09 01:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$2009-02-09 01:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$2009-02-09 01:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$2009-02-09 01:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$2009-02-09 01:13:51 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.22009-02-09 01:13:49 ----D---- C:\Program Files\MSXML 6.02009-02-09 01:13:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$2009-02-09 01:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$2009-02-09 01:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$2009-02-09 01:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$2009-02-09 01:13:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$2009-02-09 01:13:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$2009-02-09 01:12:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$2009-02-09 01:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$2009-02-09 01:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$2009-02-09 01:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$2009-02-09 01:12:03 ----D---- C:\WINDOWS\ie7updates2009-02-09 01:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$2009-02-09 01:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$2009-02-09 01:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$2009-02-09 01:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$2009-02-09 01:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$2009-02-09 01:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$2009-02-09 01:11:17 ----D---- C:\Program Files\MSXML 4.02009-02-09 01:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$2009-02-09 01:11:05 ----A---- C:\WINDOWS\imsins.BAK2009-02-09 01:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$2009-02-09 00:57:57 ----N---- C:\WINDOWS\system32\wmphoto.dll2009-02-09 00:57:55 ----N---- C:\WINDOWS\system32\windowscodecsext.dll2009-02-09 00:57:55 ----N---- C:\WINDOWS\system32\windowscodecs.dll2009-02-09 00:57:49 ----N---- C:\WINDOWS\system32\tspkg.dll2009-02-09 00:57:41 ----N---- C:\WINDOWS\system32\spupdwxp.exe2009-02-09 00:57:40 ----N---- C:\WINDOWS\system32\spnpinst.exe2009-02-09 00:57:40 ----A---- C:\WINDOWS\system32\spdwnwxp.exe2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slserv.exe2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slrundll.exe2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slgen.dll2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slextspk.dll2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slcoinst.dll2009-02-09 00:57:39 ----N---- C:\WINDOWS\slrundll.exe2009-02-09 00:57:36 ----N---- C:\WINDOWS\system32\setupn.exe2009-02-09 00:57:31 ----N---- C:\WINDOWS\system32\s3gnb.dll2009-02-09 00:57:27 ----N---- C:\WINDOWS\system32\rasqec.dll2009-02-09 00:57:27 ----N---- C:\WINDOWS\system32\qutil.dll2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qcliprov.dll2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qagentrt.dll2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qagent.dll2009-02-09 00:57:25 ----N---- C:\WINDOWS\system32\pnrpnsp.dll2009-02-09 00:57:25 ----N---- C:\WINDOWS\system32\photometadatahandler.dll2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2psvc.dll2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pnetsh.dll2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pgraph.dll2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pgasvc.dll2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2p.dll2009-02-09 00:57:23 ----N---- C:\WINDOWS\system32\onex.dll2009-02-09 00:57:18 ----N---- C:\WINDOWS\system32\nv4_disp.dll2009-02-09 00:57:14 ----N---- C:\WINDOWS\system32\napstat.exe2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\napmontr.dll2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\napipsec.dll2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\mtxparhd.dll2009-02-09 00:57:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll2009-02-09 00:57:12 ----N---- C:\WINDOWS\system32\mssha.dll2009-02-09 00:57:01 ----N---- C:\WINDOWS\system32\mdmxsdk.dll2009-02-09 00:56:56 ----N---- C:\WINDOWS\system32\l2gpstore.dll2009-02-09 00:56:56 ----N---- C:\WINDOWS\system32\kmsvc.dll2009-02-09 00:56:49 ----N---- C:\WINDOWS\system32\smtpapi.dll2009-02-09 00:56:49 ----N---- C:\WINDOWS\system32\rwnh.dll2009-02-09 00:56:47 ----N---- C:\WINDOWS\system32\comsdupd.exe2009-02-09 00:56:44 ----N---- C:\WINDOWS\system32\hsfcisp2.dll2009-02-09 00:56:40 ----N---- C:\WINDOWS\system32\faxpatch.exe2009-02-09 00:56:40 ----A---- C:\WINDOWS\002640_.tmp2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapsvc.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapqec.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappprxy.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapphost.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappgnui.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappcfg.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapp3hst.dll2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapolqec.dll2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3ui.dll2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3svc.dll2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3msm.dll2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3dlg.dll2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dot3cfg.dll2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dot3api.dll2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dimsroam.dll2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dimsntfy.dll2009-02-09 00:56:35 ----N---- C:\WINDOWS\system32\dhcpqec.dll2009-02-09 00:56:32 ----N---- C:\WINDOWS\system32\credssp.dll2009-02-09 00:56:29 ----N---- C:\WINDOWS\system32\bitsprx4.dll2009-02-09 00:56:29 ----N---- C:\WINDOWS\system32\azroles.dll2009-02-09 00:56:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll2009-02-09 00:56:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati3duag.dll2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati3d1ag.dll2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2dvag.dll2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2dvaa.dll2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2cqag.dll2009-02-09 00:47:43 ----N---- C:\WINDOWS\system32\tzchange.exe2009-02-09 00:35:12 ----A---- C:\WINDOWS\system32\mucltui.dll.mui2009-02-09 00:35:12 ----A---- C:\WINDOWS\system32\mucltui.dll2009-02-09 00:30:37 ----A---- C:\WINDOWS\system32\wucltui.dll.mui2009-02-09 00:30:37 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui2009-02-09 00:30:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution2009-02-09 00:30:36 ----A---- C:\WINDOWS\system32\wuapi.dll.mui2009-02-08 12:53:01 ----D---- C:\Program Files\Spybot - Search & Destroy2009-02-08 12:53:01 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy2009-02-07 14:02:09 ----D---- C:\Program Files\CCleaner2009-02-06 23:28:39 ----D---- C:\Program Files\WinDirStat2009-02-06 21:59:28 ----D---- C:\Program Files\Microsoft2009-02-06 21:59:16 ----D---- C:\Program Files\Windows Live SkyDrive2009-02-06 21:59:05 ----D---- C:\Program Files\Windows Live2009-02-06 21:56:10 ----D---- C:\Program Files\Common Files\Windows Live2009-02-06 17:25:27 ----D---- C:\WINDOWS\system32\ReinstallBackups2009-02-06 17:08:55 ----D---- C:\Documents and Settings\Patrick\Application Data\Mozilla2009-02-06 17:07:15 ----A---- C:\WINDOWS\NeroDigital.ini2009-02-06 17:07:13 ----D---- C:\Documents and Settings\Patrick\Application Data\CyberLink2009-02-06 16:52:43 ----D---- C:\Documents and Settings\Patrick\Application Data\Macromedia2009-02-06 16:49:27 ----D---- C:\Documents and Settings\Patrick\Application Data\Adobe2009-02-06 16:49:11 ----D---- C:\Documents and Settings\Patrick\Application Data\Identities2009-02-06 16:49:00 ----ASH---- C:\Documents and Settings\Patrick\Application Data\desktop.ini2009-02-06 16:48:59 ----SD---- C:\Documents and Settings\Patrick\Application Data\Microsoft2009-02-06 16:05:03 ----D---- C:\WINDOWS\system32\LogFiles2009-02-06 15:52:22 ----A---- C:\WINDOWS\system32\vfwwdm32.dll2009-02-06 15:52:22 ----A---- C:\WINDOWS\system32\ksuser.dll2009-02-06 07:39:08 ----A---- C:\WINDOWS\unvise32.exe2009-02-06 07:37:43 ----D---- C:\temp2009-02-06 01:56:06 ----D---- C:\WINDOWS\cache2009-02-06 01:33:07 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!2009-02-06 01:33:05 ----D---- C:\Program Files\Yahoo!2009-02-06 01:29:45 ----RA---- C:\WINDOWS\system32\InstMed.exe2009-02-06 01:29:42 ----A---- C:\WINDOWS\system32\lvcoinst.ini2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\LVUI2RC.dll2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\LVUI2.dll2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\lvcoinst.dll2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\lvcodec2.dll2009-02-06 01:29:38 ----D---- C:\Program Files\Common Files\Logitech2009-02-06 01:29:35 ----A---- C:\WINDOWS\system32\Lvkrn12n.dll2009-02-06 01:29:35 ----A---- C:\WINDOWS\system32\LCamCpl.dll2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\QCUI2.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltkrn12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltimg12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltfil12n.DLL2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltefx12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\LTDIS12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lftif12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lffax12n.dll2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\LFCMP12n.DLL2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lfbmp12n.dll2009-02-06 01:29:32 ----A---- C:\WINDOWS\system32\LQCUI2.dll2009-02-06 01:29:02 ----D---- C:\Program Files\Logitech2009-02-06 01:11:29 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink2009-02-06 01:09:34 ----D---- C:\WINDOWS\pss2009-02-06 00:52:31 ----A---- C:\WINDOWS\IDMan.INI2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\wnicapi.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\WlanApp.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\odSupp_M.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\JJAKEn.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\AQCKGen.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\ANIWZCS2.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\ANICtl.dll2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\aIPH.dll2009-02-06 00:40:52 ----D---- C:\Program Files\ANI2009-02-06 00:40:52 ----A---- C:\WINDOWS\system32\ANIOApi.dll2009-02-06 00:40:46 ----D---- C:\Program Files\D-Link2009-02-06 00:40:46 ----A---- C:\WINDOWS\system32\jswscsup.dll2009-02-06 00:40:46 ----A---- C:\WINDOWS\system32\DWLInst.dll2009-02-06 00:40:10 ----D---- C:\dlink2009-02-05 14:34:34 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL2009-02-05 14:34:29 ----D---- C:\Program Files\Symantec2009-02-05 14:34:29 ----A---- C:\WINDOWS\system32\capicom.dll2009-02-05 14:34:25 ----D---- C:\Program Files\Symantec AntiVirus2009-02-05 14:34:25 ----D---- C:\Program Files\Common Files\Symantec Shared2009-02-05 14:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec2009-02-05 14:33:42 ----D---- C:\Program Files\WinZip2009-02-05 14:29:07 ----A---- C:\WINDOWS\system32\igfxres.dll2009-02-05 14:24:47 ----D---- C:\AUD2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igxprd32.dll2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxtray.exe2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxpers.exe2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxexps.dll2009-02-05 14:23:59 ----DC---- C:\WINDOWS\system32\DRVSTORE2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpgd32.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpdx32.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpdv32.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\iglicd32.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igldev32.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxzoom.exe2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxsrvc.exe2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxsrvc.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxress.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxpph.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxext.exe2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxdo.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxdev.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxCoIn_v4764.dll2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxcfg.exe2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\hkcmd.exe2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\hccutils.dll2009-02-05 14:23:58 ----D---- C:\WINDOWS\system32\Lang2009-02-05 14:23:58 ----A---- C:\WINDOWS\system32\igxpun.exe2009-02-05 14:23:58 ----A---- C:\WINDOWS\system32\difxapi.dll2009-02-05 14:23:55 ----D---- C:\Intel2009-02-05 14:14:27 ----D---- C:\WINDOWS\Profiles2009-02-05 14:14:25 ----D---- C:\WINDOWS\system32\Adobe2009-02-05 14:14:25 ----D---- C:\Program Files\Common Files\Adobe2009-02-05 14:14:25 ----D---- C:\Program Files\Adobe2009-02-05 14:14:09 ----A---- C:\WINDOWS\IsUninst.exe2009-02-05 14:13:15 ----N---- C:\WINDOWS\system32\TwnLib4.dll2009-02-05 14:13:15 ----A---- C:\WINDOWS\system32\TwnLib20.dll2009-02-05 14:13:13 ----N---- C:\WINDOWS\system32\ImagXRA7.dll2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagXR7.dll2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagXpr7.dll2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagX7.dll2009-02-05 14:13:12 ----A---- C:\WINDOWS\system32\NeroCheck.exe2009-02-05 14:13:09 ----D---- C:\Program Files\Common Files\Ahead2009-02-05 14:13:08 ----D---- C:\Program Files\Ahead2009-02-05 14:12:52 ----D---- C:\Program Files\CyberLink2009-02-05 14:12:43 ----HD---- C:\Program Files\InstallShield Installation Information2009-02-05 14:12:43 ----D---- C:\Program Files\CyberLink DVD Solution2009-02-05 14:12:43 ----A---- C:\Program Files\Uninstall_CDS.exe2009-02-05 14:12:25 ----D---- C:\Program Files\Common Files\InstallShield2009-02-05 14:09:28 ----A---- C:\WINDOWS\ODBC.INI2009-02-05 14:09:03 ----D---- C:\Program Files\Microsoft ActiveSync2009-02-05 14:08:56 ----D---- C:\Program Files\Common Files\Designer2009-02-05 14:08:38 ----D---- C:\WINDOWS\ShellNew2009-02-05 14:08:32 ----D---- C:\Program Files\Microsoft Office2009-02-05 13:38:23 ----A---- C:\WINDOWS\SMWizard.INI2009-02-05 13:37:09 ----HD---- C:\Program Files\Uninstall Information2009-02-05 13:36:51 ----SD---- C:\WINDOWS\system32\Microsoft2009-02-05 13:36:51 ----A---- C:\WINDOWS\SchedLgU.Txt2009-02-05 13:34:17 ----D---- C:\WINDOWS\WBEM2009-02-05 13:34:14 ----D---- C:\WINDOWS\Offline Web Pages2009-02-05 13:33:46 ----HDC---- C:\WINDOWS\ie72009-02-05 13:33:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$2009-02-05 13:33:30 ----A---- C:\WINDOWS\system32\spupdsvc.exe2009-02-05 13:33:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$2009-02-05 13:33:22 ----N---- C:\WINDOWS\system32\spmsg.dll2009-02-05 13:33:21 ----HD---- C:\WINDOWS\$hf_mig$2009-02-05 13:33:15 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage2009-02-05 13:33:13 ----N---- C:\WINDOWS\system32\ieframe.dll.mui2009-02-05 13:33:13 ----N---- C:\WINDOWS\system32\advpack.dll.mui2009-02-05 13:33:12 ----N---- C:\WINDOWS\system32\ieui.dll2009-02-05 13:33:12 ----A---- C:\WINDOWS\system32\msfeedsbs.dll2009-02-05 13:33:12 ----A---- C:\WINDOWS\system32\msfeeds.dll2009-02-05 13:33:11 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe2009-02-05 13:33:11 ----N---- C:\WINDOWS\system32\msfeedssync.exe2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieudinit.exe2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\iertutil.dll2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieframe.dll2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\icardie.dll2009-02-05 13:32:33 ----RSD---- C:\WINDOWS\assembly2009-02-05 13:32:20 ----D---- C:\WINDOWS\Microsoft.NET2009-02-05 13:31:50 ----D---- C:\Program Files\Mozilla Firefox2009-02-05 13:31:43 ----D---- C:\Program Files\WinRAR2009-02-05 13:31:31 ----A---- C:\WINDOWS\control.ini2009-02-05 13:31:31 ----A---- C:\AUTOEXEC.BAT2009-02-05 13:31:18 ----A---- C:\WINDOWS\system32\mapi32.dll2009-02-05 13:31:16 ----D---- C:\WINDOWS\system32\dllcache2009-02-05 13:30:26 ----SD---- C:\WINDOWS\Downloaded Program Files2009-02-05 13:30:26 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest2009-02-05 13:30:22 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest2009-02-05 13:30:18 ----HD---- C:\Program Files\WindowsUpdate2009-02-05 13:30:01 ----D---- C:\WINDOWS\system32\DirectX2009-02-05 13:29:43 ----A---- C:\WINDOWS\system32\atrace.dll2009-02-05 13:29:41 ----A---- C:\WINDOWS\system32\desktop.ini2009-02-05 13:29:41 ----A---- C:\WINDOWS\desktop.ini2009-02-05 13:29:34 ----D---- C:\Program Files\Common Files\Services2009-02-05 13:29:34 ----A---- C:\WINDOWS\system32\acctres.dll2009-02-05 13:29:31 ----SD---- C:\WINDOWS\Tasks2009-02-05 13:29:31 ----D---- C:\Program Files\Common Files\MSSoap2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wucltui.dll2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wuauserv.dll2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wups.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuaueng.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuauclt1.exe2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuauclt.exe2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuapi.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll2009-02-05 13:29:25 ----A---- C:\WINDOWS\system32\qmgr.dll2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrslv.dll2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrdm.dll2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrcdlg.dll2009-02-05 13:29:21 ----A---- C:\WINDOWS\system32\racpldlg.dll2009-02-05 13:29:18 ----A---- C:\WINDOWS\system32\fltmc.exe2009-02-05 13:29:18 ----A---- C:\WINDOWS\system32\fltlib.dll2009-02-05 13:29:17 ----D---- C:\WINDOWS\system32\Restore2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srsvc.dll2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srrstr.dll2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srclient.dll2009-02-05 13:29:16 ----A---- C:\WINDOWS\system32\msoert2.dll2009-02-05 13:29:16 ----A---- C:\WINDOWS\system32\msoeacct.dll2009-02-05 13:29:15 ----A---- C:\WINDOWS\system32\inetres.dll2009-02-05 13:29:15 ----A---- C:\WINDOWS\system32\inetcomm.dll2009-02-05 13:29:13 ----D---- C:\Program Files\Outlook Express2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\schedsvc.dll2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\mstinit.exe2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\mstask.dll2009-02-05 13:29:09 ----D---- C:\Program Files\Common Files\System2009-02-05 13:29:08 ----D---- C:\Program Files\Common Files\Microsoft Shared2009-02-05 13:29:03 ----D---- C:\Program Files\Internet Explorer2009-02-05 13:28:28 ----D---- C:\Program Files\ComPlus Applications2009-02-05 13:28:26 ----A---- C:\WINDOWS\vbaddin.ini2009-02-05 13:28:26 ----A---- C:\WINDOWS\vb.ini2009-02-05 13:28:22 ----D---- C:\WINDOWS\Registration2009-02-05 13:28:06 ----D---- C:\Program Files\NotePad++2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\wul.exe2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\vcdrom.exe2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\TweakUI.exe2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\Timezone.exe.manifest2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\TimeZone.exe2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\pserv2.exe2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MsiZap.exe2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\msicuu.exe2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MS_Auto.exe2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MemTest.exe2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\latency.exe2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\Hoster.exe2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\cpuz.ini2009-02-05 13:28:02 ----D---- C:\WINDOWS\system32\cplicons2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\cpuz.exe2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\BootVis.exe2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\BootSafe.exe2009-02-05 13:27:55 ----D---- C:\Program Files\Windows Media Player2009-02-05 13:27:55 ----D---- C:\Program Files\Windows Media Connect 22009-02-05 13:27:53 ----D---- C:\Program Files\Foxit2009-02-05 13:27:49 ----D---- C:\WINDOWS\VistaDrive2009-02-05 13:27:49 ----A---- C:\WINDOWS\system32\write.exe2009-02-05 13:27:49 ----A---- C:\WINDOWS\system32\sndvol32.exe2009-02-05 13:27:44 ----A---- C:\WINDOWS\system32\calc.exe2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\winmine.exe2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\sol.exe2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\mshearts.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\usrlogon.cmd2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tsshutdn.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tslabels.ini2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tskill.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tsdiscon.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tscon.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\shadow.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\reset.exe2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\freecell.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\rwinsta.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\regini.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\rdpcfgex.dll2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\qwinsta.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\qappsrv.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\msg.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\msdtcprf.ini2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\logoff.exe2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\cdmodem.dll2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxlegih.dll2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxex.dll2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxdm.dll2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\dcomcnfg.exe2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\comrepl.dll2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\comaddin.dll2009-02-05 13:27:39 ----A---- C:\WINDOWS\system32\stclient.dll2009-02-05 13:27:39 ----A---- C:\WINDOWS\system32\comsnap.dll2009-02-05 13:27:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc2009-02-05 13:27:34 ----D---- C:\Program Files\Windows NT2009-02-05 13:27:34 ----A---- C:\WINDOWS\system32\mspaint.exe2009-02-05 13:27:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll2009-02-05 13:27:33 ----A---- C:\WINDOWS\system32\spider.exe2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\remotepg.dll2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\rdshost.exe2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\rdsaddin.exe2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\mstscax.dll2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\mstsc.exe2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\tscupgrd.exe2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\termsrv.dll2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\sessmgr.exe2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpwsx.dll2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpsnd.dll2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpclip.exe2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdchost.dll2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\qprocess.exe2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\icaapi.dll2009-02-05 13:27:30 ----D---- C:\WINDOWS\system32\MsDtc2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\mtxoci.dll2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtcuiu.dll2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtctm.dll2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtcprx.dll2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\cfgbkend.dll2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\xolehlp.dll2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\msdtclog.dll2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\msdtc.exe2009-02-05 13:27:28 ----D---- C:\WINDOWS\system32\Com2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\comsvcs.dll2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\colbact.dll2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\clbcatex.dll2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrvut.dll2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrvps.dll2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrv.dll2009-02-05 13:27:27 ----A---- C:\WINDOWS\system32\comuid.dll2009-02-05 13:27:27 ----A---- C:\WINDOWS\system32\clbcatq.dll2009-02-05 13:27:22 ----A---- C:\WINDOWS\system32\servdeps.dll2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\mmfutil.dll2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\licwmi.dll2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\cmprops.dll2009-02-05 07:26:34 ----A---- C:\WINDOWS\system32\h323log.txt2009-02-05 07:26:11 ----A---- C:\WINDOWS\system32\hidserv.dll2009-02-05 07:24:59 ----A---- C:\WINDOWS\system32\usbui.dll2009-02-05 07:23:33 ----SHD---- C:\WINDOWS\Installer2009-02-05 07:23:33 ----D---- C:\Program Files\Common Files\ODBC2009-02-05 07:23:33 ----D---- C:\Program Files\Common Files2009-02-05 07:23:33 ----D---- C:\Program Files2009-02-05 07:23:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2009-02-05 07:23:33 ----A---- C:\WINDOWS\ODBCINST.INI2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdtuq.dll2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdtuf.dll2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdazel.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdur.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdycc.dll2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdru1.dll2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdru.dll2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdbu.dll2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdblr.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll2009-02-05 07:23:24 ----RA---- C:\WINDOWS\system32\kbdhe.dll2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlv1.dll2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlv.dll2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlt1.dll2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlt.dll2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdest.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdycl.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdsl1.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdsl.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdro.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdpl1.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdpl.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdhu1.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdhu.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz2.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz1.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcr.dll2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\KBDAL.DLL2009-02-05 07:23:15 ----A---- C:\WINDOWS\system32\irclass.dll2009-02-05 07:23:13 ----N---- C:\WINDOWS\system32\CONFIG.TMP2009-02-05 07:23:13 ----A---- C:\WINDOWS\TASKMAN.EXE2009-02-05 07:23:13 ----A---- C:\WINDOWS\system32\batt.dll2009-02-05 07:23:12 ----A---- C:\WINDOWS\system32\storprop.dll2009-02-05 07:23:12 ----A---- C:\WINDOWS\notepad.exe2009-02-05 07:23:03 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini2009-02-05 07:22:34 ----RA---- C:\WINDOWS\SET7.tmp2009-02-05 07:22:32 ----RA---- C:\WINDOWS\SET4.tmp2009-02-05 07:22:31 ----RA---- C:\WINDOWS\SET3.tmp2009-02-05 07:22:27 ----D---- C:\WINDOWS\system32\CatRoot22009-02-05 07:22:27 ----D---- C:\WINDOWS\system32\CatRoot2009-02-05 07:22:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft2009-02-05 07:21:55 ----D---- C:\Documents and Settings2009-02-05 07:21:54 ----SHD---- C:\System Volume Information2009-02-05 07:20:14 ----RASH---- C:\boot.ini2009-02-05 07:16:43 ----RSD---- C:\WINDOWS\Fonts2009-02-05 07:16:43 ----D---- C:\WINDOWS\WinSxS2009-02-05 07:16:43 ----D---- C:\WINDOWS\Web2009-02-05 07:16:43 ----D---- C:\WINDOWS\twain_322009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\wins2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\wbem2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\usmt2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\spool2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ShellExt2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\Setup2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ras2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\PreInstall2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\oobe2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\mui2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\Macromed2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\inetsrv2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\IME2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\icsxml2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ias2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\export2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\en-us2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\en2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\drivers2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\dhcp2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\config2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\3com_dmi2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\30762009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\20522009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10542009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10422009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10412009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10372009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10332009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10312009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10282009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\10252009-02-05 07:16:43 ----D---- C:\WINDOWS\system322009-02-05 07:16:43 ----D---- C:\WINDOWS\system2009-02-05 07:16:43 ----D---- C:\WINDOWS\SoftwareDistribution2009-02-05 07:16:43 ----D---- C:\WINDOWS\security2009-02-05 07:16:43 ----D---- C:\WINDOWS\Resources2009-02-05 07:16:43 ----D---- C:\WINDOWS\repair2009-02-05 07:16:43 ----D---- C:\WINDOWS\Provisioning2009-02-05 07:16:43 ----D---- C:\WINDOWS\PeerNet2009-02-05 07:16:43 ----D---- C:\WINDOWS\pchealth2009-02-05 07:16:43 ----D---- C:\WINDOWS\Network Diagnostic2009-02-05 07:16:43 ----D---- C:\WINDOWS\mui2009-02-05 07:16:43 ----D---- C:\WINDOWS\msapps2009-02-05 07:16:43 ----D---- C:\WINDOWS\msagent2009-02-05 07:16:43 ----D---- C:\WINDOWS\Media2009-02-05 07:16:43 ----D---- C:\WINDOWS\l2schemas2009-02-05 07:16:43 ----D---- C:\WINDOWS\java2009-02-05 07:16:43 ----D---- C:\WINDOWS\inf2009-02-05 07:16:43 ----D---- C:\WINDOWS\ime2009-02-05 07:16:43 ----D---- C:\WINDOWS\Help2009-02-05 07:16:43 ----D---- C:\WINDOWS\Driver Cache2009-02-05 07:16:43 ----D---- C:\WINDOWS\dell2009-02-05 07:16:43 ----D---- C:\WINDOWS\Debug2009-02-05 07:16:43 ----D---- C:\WINDOWS\Cursors2009-02-05 07:16:43 ----D---- C:\WINDOWS\Config2009-02-05 07:16:43 ----D---- C:\WINDOWS\AppPatch2009-02-05 07:16:43 ----D---- C:\WINDOWS\addins2009-02-05 07:16:43 ----D---- C:\WINDOWS======List of files/folders modified in the last 1 months======2009-02-23 15:35:13 ----A---- C:\WINDOWS\system.ini2009-02-07 14:40:14 ----A---- C:\WINDOWS\win.ini2009-02-03 15:21:14 ----A---- C:\WINDOWS\system32\MRT.exe======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-01-24 195776]R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-02-20 62336]R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB); C:\WINDOWS\system32\DRIVERS\A3AB.sys [2007-05-24 547744]R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-13 5672032]R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2007-07-25 57376]R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090223.002\naveng.sys []R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090223.002\navex15.sys []R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-06-23 266880]R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-01-24 24768]R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-01-17 77568]S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-01-17 82944]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-03-24 192160]R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-03-24 169632]R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-06-15 31472]R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-06-15 1805552]S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exe [2007-08-02 352338]S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-02-23 2045632]S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-06-15 115952]S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-01-24 214720]S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]-----------------EOF----------------- Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 1/Désinstalle HijackThis.Télécharge ToolsCleaner2 sur ton Bureau.Double-clique sur ToolsCleaner2.exe pour le lancer.Clique sur Recherche et laisse le scan agir.Clique sur Suppression pour finaliser. Tu peux, si tu le souhaites, te servir des Options Facultatives.Clique sur Quitter pour obtenir le rapport. Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).2/Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar).Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage. Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).3/Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème.==Prévention==Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.Si tu veux faire un scan en ligne : LienComme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension NoScript pour plus de sécurité.Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, onglet Mises à jour automatiques).Si tu souhaites faire un scan en ligne, tu as Kaspersky.Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC : LienPar rapport au P2P : LienVoici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : LienSi c'est OK, tu peux rajouter [Résolu] devant le titre de ton sujet.Sois plus vigilant sur Internet Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Boujour, merci beaucoup pour votre aide. Vous etes le meilleur Ca c'est le rapport du ToolsCleaner2[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]-->- Recherche: C:\Combofix.txt: trouvé !C:\Combofix: trouvé !C:\Rsit: trouvé !C:\Documents and Settings\Patrick\Desktop\Rsit.exe: trouvé !C:\Program Files\trend micro\HijackThis.exe: trouvé !C:\Program Files\trend micro\hijackthis.log: trouvé ! Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Je crois que tu as oublié de cliquer sur Suppression dans ToolsCleaner. Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Ah merci, je l'ai supprimer maintenant. Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Tu peux supprimer ToolsCleaner maintenant et passer à la suite Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 J'ai supprimer ToolsCleaners Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Des questions ? Des remarques ? Lien vers le commentaire Partager sur d'autres sites More sharing options...
patrickng9 Publié le 23 février 2009 Auteur Signalement Share Publié le 23 février 2009 Non, pas questions. Tout va bien Vous etes un genie Lien vers le commentaire Partager sur d'autres sites More sharing options...
Destrio5 Publié le 23 février 2009 Signalement Share Publié le 23 février 2009 Vous etes un genie smile.gif---> Bonne soirée Lien vers le commentaire Partager sur d'autres sites More sharing options...
Publications recommandées