Help plz ! Trojan!!

Bonsoir,mon antivirus a détécté plusieur trojan dans système32 j'ai un logiciel nividia qui souvre tout seule au demarage du pc alors que ma CG est une ATI avec mes pliotes ATI...Je vous mets un LOG hijackthis pour vous aider, merci de m'aider.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:05, on 12/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\viZion\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [USB Print] Servces.exe
O4 - HKLM\..\RunServices: [USB Print] Servces.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [USB Print] Servces.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/g [...] ection.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autob [...] nstall.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/fil [...] inder2.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 7156 bytes

Bonjour, j'ai fait une analyse combifx, voila mon LOG combofix et mon LOG hijkackthis.

ComboFix 07-10-12.4 - viZion 2007-10-13 13:28:20.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.386 [GMT 2:00]
Running from: C:\Documents and Settings\viZion\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\bifrost\klog.dat
C:\Program Files\bifrost\server.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-13 to 2007-10-13 ))))))))))))))))))))))))))))))))))))
.

2007-10-11 18:58 163,840 --a------ C:\Program Files\hatred.exe
2007-10-11 18:58 81,920 --a------ C:\Program Files\keygen.exe
2007-10-11 18:57 <REP> d-------- C:\WINDOWS\system32\rundll
2007-10-11 18:54 <REP> d-------- C:\Program Files\Bifrost
2007-10-10 20:36 2,948 --a------ C:\WINDOWS\mozver.dat
2007-10-09 22:01 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-08 19:20 <REP> d-------- C:\Program Files\DIFX
2007-10-05 23:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\X10 Settings
2007-10-05 22:36 <REP> d-------- C:\Program Files\Electronic Arts
2007-10-05 22:36 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-10-05 22:36 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-10-05 22:35 <REP> d-------- C:\WINDOWS\system32\AGEIA
2007-10-05 22:35 <REP> d-------- C:\Program Files\AGEIA Technologies
2007-10-05 22:33 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2007-10-05 18:29 <REP> d-------- C:\Documents and Settings\viZion\Application Data\Dev-Cpp
2007-10-05 18:28 <REP> d-------- C:\Dev-Cpp
2007-10-04 21:09 <REP> d-------- C:\Documents and Settings\viZion\.CodeBlocks
2007-10-04 21:08 <REP> d-------- C:\Program Files\CodeBlocks
2007-09-30 21:08 <REP> d-------- C:\Program Files\EsetOnlineScanner
2007-09-30 02:46 19,456 --a------ C:\WINDOWS\system32\dllcache\agt040d.dll
2007-09-30 02:46 5,632 --a------ C:\WINDOWS\system32\kbdusa.dll
2007-09-30 02:46 5,632 --a------ C:\WINDOWS\system32\dllcache\kbdusa.dll
2007-09-29 21:10 <REP> d-------- C:\Program Files\SLD Codec Pack
2007-09-29 20:42 <REP> d-------- C:\Documents and Settings\viZion\Application Data\Sonic
2007-09-29 20:42 <REP> d-------- C:\Documents and Settings\viZion\Application Data\Leadertech
2007-09-29 20:29 <REP> d-------- C:\Program Files\MSXML 6.0
2007-09-29 20:28 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-09-29 20:26 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-29 20:24 <REP> d-------- C:\Program Files\MSBuild
2007-09-29 20:20 <REP> d-------- C:\WINDOWS\system32\XPSViewer
2007-09-29 20:20 <REP> d-------- C:\Program Files\Reference Assemblies
2007-09-29 20:19 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-09-29 16:24 <REP> d-------- C:\Program Files\Navilog1
2007-09-29 10:10 <REP> d-------- C:\Program Files\Lavasoft
2007-09-29 10:09 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-09-28 18:15 <REP> d-------- C:\Documents and Settings\viZion\Application Data\Sierra
2007-09-28 18:12 <REP> d-------- C:\Program Files\PowerISO
2007-09-28 17:29 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-09-28 17:09 <REP> d-------- C:\Program Files\Sierra
2007-09-23 20:40 <REP> d--h----- C:\WINDOWS\PIF
2007-09-23 14:59 <REP> d-------- C:\Program Files\uTorrent
2007-09-23 14:59 <REP> d-------- C:\Documents and Settings\viZion\Application Data\uTorrent
2007-09-17 18:11 51,200 --a------ C:\WINDOWS\NirCmd.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-13 11:41 832,288 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2007-10-13 11:41 22,815,776 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2007-10-13 11:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-13 09:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-12 23:37 79,832 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2007-10-12 23:37 306,920 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2007-10-12 21:29 --------- d-----w C:\Program Files\mIRC
2007-10-12 15:26 --------- d-----w C:\Program Files\eMule
2007-09-28 15:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-09-23 12:59 --------- d-----w C:\Program Files\BitTorrent
2007-09-23 12:59 --------- d-----w C:\Documents and Settings\viZion\Application Data\BitTorrent
2007-09-22 12:16 --------- d-----w C:\Program Files\CCleaner
2007-09-17 15:42 --------- d-----w C:\Program Files\a-squared Anti-Malware
2007-09-16 14:54 --------- d-----w C:\Documents and Settings\viZion\Application Data\teamspeak2
2007-09-16 14:40 --------- d-----w C:\Program Files\OFFICE One6.5
2007-09-12 21:59 --------- d-----w C:\Documents and Settings\viZion\Application Data\Apple Computer
2007-09-08 16:02 --------- d-----w C:\Program Files\QuickTime
2007-09-08 16:02 --------- d-----w C:\Program Files\iTunes
2007-09-08 16:02 --------- d-----w C:\Program Files\iPod
2007-09-08 16:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-08 16:01 --------- d-----w C:\Program Files\Fichiers communs\Apple
2007-09-08 16:01 --------- d-----w C:\Program Files\Apple Software Update
2007-09-08 16:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-09-07 21:17 --------- d-----w C:\Program Files\Realtek
2007-09-07 21:15 --------- d-----w C:\Program Files\Setup Files
2007-09-07 21:02 --------- d-----w C:\Program Files\MSI
2007-09-07 20:49 --------- d-----w C:\Program Files\VIA
2007-09-07 19:06 315,392 ----a-w C:\WINDOWS\HideWin.exe
2007-09-07 19:01 --------- d-----w C:\Program Files\Lavalys
2007-09-06 07:57 --------- d-----w C:\Program Files\MSN Messenger
2007-09-04 14:31 --------- d-----w C:\Program Files\Anco
2007-09-03 16:49 82,061 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2007-09-03 16:49 81,549 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2007-08-28 19:19 --------- d-----w C:\Program Files\Hewlett-Packard
2007-08-28 19:19 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2007-08-28 19:06 --------- d-----w C:\Program Files\HP
2007-08-28 17:08 --------- d-----w C:\Program Files\Samsung
2007-08-27 18:17 --------- d-----w C:\Program Files\VentriloMIX
2007-08-26 17:15 --------- d-----w C:\Documents and Settings\viZion\Application Data\VadeRetro
2007-08-26 16:53 --------- d-----w C:\Program Files\Teamspeak2_RC2
2007-08-26 13:27 --------- d-----w C:\Program Files\VideoLAN
2007-08-26 13:27 --------- d-----w C:\Documents and Settings\viZion\Application Data\vlc
2007-08-25 20:12 --------- d-----w C:\Documents and Settings\viZion\Application Data\AdobeUM
2007-08-25 19:59 --------- d-----w C:\Documents and Settings\viZion\Application Data\Ventrilo
2007-08-25 19:50 --------- d-----w C:\Program Files\Yahoo!
2007-08-25 19:49 --------- d-----w C:\Documents and Settings\viZion\Application Data\Yahoo!
2007-08-25 19:47 --------- d-----w C:\Program Files\Common Files
2007-08-25 19:47 --------- d-----w C:\Documents and Settings\viZion\Application Data\Logitech
2007-08-25 19:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogiShrd
2007-08-25 19:46 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2007-08-25 19:46 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2007-08-25 19:46 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2007-08-25 19:45 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2007-08-25 19:45 --------- d-----w C:\Program Files\Logitech
2007-08-25 19:45 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2007-08-25 19:45 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2007-08-25 19:44 --------- d-----w C:\Documents and Settings\viZion\Application Data\InstallShield
2007-08-25 17:58 --------- d-----w C:\Program Files\Valve
2007-08-25 17:34 --------- d-----w C:\Documents and Settings\viZion\Application Data\OD2
2007-08-25 17:12 --------- d-----w C:\Program Files\MSXML 4.0
2007-08-25 17:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-25 16:58 --------- d-----w C:\Program Files\Kit ADSL
2007-08-25 16:56 --------- d-----w C:\Documents and Settings\viZion\Application Data\Grisoft
2007-08-25 16:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-25 16:50 --------- d-----w C:\Program Files\Kaspersky Lab
2007-08-25 16:45 --------- d-----w C:\Documents and Settings\viZion\Application Data\OFFICE One v6
2007-08-25 16:33 --------- d-----w C:\Program Files\ISSENDIS
2007-08-25 16:33 --------- d-----w C:\Program Files\Fichiers communs\Ciel
2007-08-25 16:33 --------- d-----w C:\Program Files\Fichiers communs\Borland Shared
2007-08-25 16:33 --------- d-----w C:\Program Files\Ciel
2007-08-25 16:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ciel
2007-08-25 16:31 77,824 ----a-w C:\WINDOWS\uinst001.exe
2007-08-25 16:30 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-08-25 16:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-08-25 16:24 --------- d-----w C:\Program Files\AOL 9.0
2007-08-25 16:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-08-25 15:28 --------- d-----w C:\Program Files\CyberLink
2007-08-25 15:27 --------- d-----w C:\Program Files\SmartSound Software
2007-08-25 15:27 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems
2007-08-25 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-08-25 15:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-08-25 15:26 --------- d-----w C:\Program Files\Windows Media Components
2007-08-25 15:26 --------- d-----w C:\Program Files\Ulead Systems
2007-08-25 15:20 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-08-25 15:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2007-08-25 15:19 --------- d-----w C:\Program Files\Sonic
2007-08-25 15:19 --------- d-----w C:\Program Files\Fichiers communs\TiVo Shared
2007-08-25 15:19 --------- d-----w C:\Program Files\Fichiers communs\SureThing Shared
2007-08-25 15:19 --------- d-----w C:\Program Files\Fichiers communs\Sonic Shared
2007-08-25 15:18 --------- d-----w C:\Program Files\Goto Software
2007-08-25 15:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\VadeRetro
2007-08-25 15:17 8,552 ----a-w C:\WINDOWS\system32\drivers\asctrm.sys
2007-08-25 15:17 --------- d-----w C:\Program Files\Real
2007-08-25 15:17 --------- d-----w C:\Program Files\Learn2.com
2007-08-25 15:17 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-08-25 15:17 --------- d-----w C:\Program Files\Fichiers communs\Nullsoft
2007-08-25 15:17 --------- d-----w C:\Program Files\Fichiers communs\aolshare
2007-08-25 15:17 --------- d-----w C:\Program Files\Fichiers communs\AOL
2007-08-25 15:17 --------- d-----w C:\Program Files\AOL Compagnon
2007-08-25 15:17 --------- d-----w C:\Documents and Settings\viZion\Application Data\You've Got Pictures Screensaver
2007-06-13 13:22:28 576,512 --sh--r C:\WINDOWS\system32\Servces.exe
.

((((((((((((((((((((((((((((( snapshot_2007-09-30_ 03613,35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-09 13:19:28 582,656 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\rpcrt4.dll
+ 2007-06-18 22:24:36 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB933729\SP2QFE\spru040c.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB933729\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB933729\update\updspapi.dll
+ 2007-08-20 09:49:19 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
+ 2007-08-20 09:49:28 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
+ 2007-08-20 09:49:19 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
+ 2007-08-20 09:49:19 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
+ 2007-08-17 10:13:10 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2007-08-20 09:49:20 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
+ 2007-08-20 09:49:20 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
+ 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
+ 2007-08-20 09:49:20 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
+ 2007-08-20 09:49:20 387,584 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
+ 2007-08-20 09:49:23 6,066,176 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
+ 2007-08-20 09:49:23 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
+ 2007-08-20 09:49:23 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
+ 2007-08-17 10:13:10 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2007-08-17 10:13:39 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2007-08-20 09:49:23 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
+ 2007-08-20 09:49:24 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
+ 2007-08-20 09:49:24 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
+ 2007-08-20 09:49:26 3,592,192 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
+ 2007-08-20 09:49:26 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
+ 2007-08-20 09:49:26 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
+ 2007-08-20 09:49:27 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
+ 2007-08-20 09:49:27 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
+ 2007-08-20 09:49:27 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
+ 2007-08-20 09:49:28 1,161,728 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
+ 2007-08-20 09:49:28 232,960 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
+ 2007-08-20 09:49:28 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
+ 2007-08-21 06:25:34 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
+ 2007-09-30 17:44:03 499,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\48afce2b9bec106866a92982487b8cec\ComSvcConfig.ni.exe
+ 2007-09-30 17:44:04 1,118,208 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\0389c8f21c1eac45c8fc6c3b4d902dff\Microsoft.Transactions.Bridge.ni.dll
+ 2007-09-30 17:44:05 405,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a782f02906caefae490dd1090fae736b\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2007-09-30 20:11:14 1,568,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\27281a7d2816f903f2f360713190d801\PresentationBuildTasks.ni.dll
+ 2007-09-30 17:44:06 135,168 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\ee10240e3a881dd9e7ff3731c6971fa6\ServiceModelReg.ni.exe
+ 2007-09-30 20:10:31 286,720 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\692ca2097ad877f2aad89e269c263e7d\SMDiagnostics.ni.dll
+ 2007-09-30 20:10:33 323,584 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMSvcHost\b3161bfd171661b0fbb983b861b2ebf6\SMSvcHost.ni.exe
+ 2007-09-30 20:11:17 262,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\sysglobl\181ba96a10fbada8ae356ee763fba166\sysglobl.ni.dll
+ 2007-09-30 17:43:37 241,664 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\78fa8a55f6afa48374852374c40a4ba9\System.IdentityModel.Selectors.ni.dll
+ 2007-09-30 17:43:35 987,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\acd485472da2adc22ddbb0963d281a0f\System.IdentityModel.ni.dll
+ 2007-09-30 17:43:37 421,888 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IO.Log\086844c5ec5348191b7e5b2503f08239\System.IO.Log.ni.dll
+ 2007-09-30 17:43:40 2,363,392 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\368b8e3cb72a34d1769034cf95114d4c\System.Runtime.Serialization.ni.dll
+ 2007-09-30 17:44:01 17,534,976 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3d6c3df0602db4616c72ee5206be7614\System.ServiceModel.ni.dll
+ 2007-09-30 20:11:16 2,031,616 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Speech\f6d4b9f699b2bbc4e57f9ba6eaab7a46\System.Speech.ni.dll
+ 2007-09-30 20:11:18 483,328 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\0b511c96a1563ff18e9b630d34ead04c\UIAutomationClient.ni.dll
+ 2007-09-30 20:11:19 1,118,208 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\ef0d4845bd87f04613e0dd4a5247d2f3\UIAutomationClientsideProviders.ni.dll
+ 2007-09-30 20:11:21 274,432 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\3a660fc91392187135dfbd7d9b54ba4c\WindowsFormsIntegration.ni.dll
+ 2007-09-30 20:10:34 380,928 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WsatConfig\cde20a85eb626b958b8565aeae05b1ed\WsatConfig.ni.exe
- 2007-07-19 22:47:22 109,056 ----a-w C:\WINDOWS\catchme.exe
+ 2007-09-28 07:06:08 135,168 ----a-w C:\WINDOWS\catchme.exe
+ 2007-09-30 15:28:56 585,791 ----a-w C:\WINDOWS\gmer.dll
+ 2007-06-29 07:38:18 581,632 ----a-w C:\WINDOWS\gmer.exe
+ 2007-06-27 13:22:39 124,928 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\advpack.dll
+ 2006-10-17 09:57:50 214,528 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\dxtrans.dll
+ 2007-06-27 13:22:40 132,608 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\extmgr.dll
+ 2006-10-17 09:58:20 61,952 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\icardie.dll
+ 2007-06-27 08:27:04 63,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe
+ 2007-06-27 13:22:40 153,088 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakeng.dll
+ 2007-06-27 13:22:42 230,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieaksie.dll
+ 2007-06-27 07:00:33 161,792 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieakui.dll
+ 2007-06-27 13:22:45 383,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieapfltr.dll
+ 2007-06-27 13:22:48 384,512 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iedkcs32.dll
+ 2007-06-27 13:23:23 6,058,496 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieframe.dll
+ 2007-06-27 13:23:23 44,544 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iernonce.dll
+ 2007-06-27 13:23:25 267,776 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iertutil.dll
+ 2007-06-27 08:27:05 13,824 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe
+ 2007-06-27 08:28:24 625,152 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe
+ 2007-06-27 13:23:31 27,648 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\jsproxy.dll
+ 2007-06-27 13:23:32 459,264 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeeds.dll
+ 2007-06-27 13:23:32 52,224 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msfeedsbs.dll
+ 2007-07-19 06:58:09 3,583,488 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtml.dll
+ 2007-06-27 13:24:06 477,696 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mshtmled.dll
+ 2007-06-27 13:24:07 193,024 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\msrating.dll
+ 2007-06-27 13:24:09 671,232 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\mstime.dll
+ 2007-06-27 13:24:09 102,400 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\occache.dll
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\updspapi.dll
+ 2007-06-27 13:24:10 105,984 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\url.dll
+ 2007-06-27 13:24:14 1,152,000 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\urlmon.dll
+ 2007-06-27 13:24:15 232,960 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\webcheck.dll
+ 2007-06-27 13:24:19 823,808 -c----w C:\WINDOWS\ie7updates\KB939653-IE7\wininet.dll
- 2007-06-28 14:44:14 2,165,760 ----a-w C:\WINDOWS\MicCal.exe
+ 2006-10-11 15:42:58 2,157,568 ----a-w C:\WINDOWS\MicCal.exe
- 2007-07-05 14:08:46 16,380,416 ----a-w C:\WINDOWS\RTHDCPL.exe
+ 2007-03-21 12:49:20 16,126,464 ----a-w C:\WINDOWS\RTHDCPL.EXE
- 2007-06-15 14:45:50 1,826,816 ----a-w C:\WINDOWS\SkyTel.exe
+ 2007-03-16 13:06:54 1,822,720 ----a-w C:\WINDOWS\SkyTel.exe
+ 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\sp2gdr\inetcomm.dll
+ 2007-08-21 06:25:34 683,520 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\sp2qfe\inetcomm.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\SoftwareDistribution\Download\597d86b79933edac6fa897d33c53f918\update\updspapi.dll
+ 2007-08-20 09:59:29 124,928 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\advpack.dll
+ 2007-08-20 09:59:29 214,528 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\dxtrans.dll
+ 2007-08-20 09:59:29 132,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\extmgr.dll
+ 2007-08-20 09:59:29 63,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\icardie.dll
+ 2007-08-17 10:22:11 63,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ie4uinit.exe
+ 2007-08-20 09:59:29 153,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieakeng.dll
+ 2007-08-20 09:59:29 230,400 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieakui.dll
+ 2007-08-20 09:59:29 383,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieapfltr.dll
+ 2007-08-20 09:59:29 384,512 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\iedkcs32.dll
+ 2007-08-20 09:59:29 6,058,496 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieframe.dll
+ 2007-08-20 09:59:29 44,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\iernonce.dll
+ 2007-08-20 09:59:30 267,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\iertutil.dll
+ 2007-08-17 10:22:11 13,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\ieudinit.exe
+ 2007-08-17 10:22:32 625,152 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\iexplore.exe
+ 2007-08-20 09:59:30 27,648 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\jsproxy.dll
+ 2007-08-20 09:59:30 459,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\msfeeds.dll
+ 2007-08-20 09:59:30 52,224 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\msfeedsbs.dll
+ 2007-08-20 09:59:30 3,584,512 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\mshtml.dll
+ 2007-08-20 09:59:30 477,696 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\mshtmled.dll
+ 2007-08-20 09:59:30 193,024 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\msrating.dll
+ 2007-08-20 09:59:30 671,232 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\mstime.dll
+ 2007-08-20 09:59:31 102,400 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\occache.dll
+ 2007-08-20 09:59:31 105,984 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\url.dll
+ 2007-08-20 09:59:31 1,152,000 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\urlmon.dll
+ 2007-08-20 09:59:31 232,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\webcheck.dll
+ 2007-08-20 09:59:31 824,832 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2gdr\wininet.dll
+ 2007-08-20 09:49:19 124,928 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\advpack.dll
+ 2007-08-20 09:49:28 214,528 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\dxtrans.dll
+ 2007-08-20 09:49:19 132,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\extmgr.dll
+ 2007-08-20 09:49:19 63,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\icardie.dll
+ 2007-08-17 10:13:10 70,656 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ie4uinit.exe
+ 2007-08-20 09:49:20 153,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieakeng.dll
+ 2007-08-20 09:49:20 230,400 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieaksie.dll
+ 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieapfltr.dat
+ 2007-08-20 09:49:20 383,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieapfltr.dll
+ 2007-08-20 09:49:20 387,584 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\iedkcs32.dll
+ 2007-08-20 09:49:23 6,066,176 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieframe.dll
+ 2007-08-20 09:49:23 44,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\iernonce.dll
+ 2007-08-20 09:49:23 267,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\iertutil.dll
+ 2007-08-17 10:13:10 13,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\ieudinit.exe
+ 2007-08-17 10:13:39 625,152 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\iexplore.exe
+ 2007-08-20 09:49:23 27,648 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\jsproxy.dll
+ 2007-08-20 09:49:24 459,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\msfeeds.dll
+ 2007-08-20 09:49:24 52,224 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\msfeedsbs.dll
+ 2007-08-20 09:49:26 3,592,192 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\mshtml.dll
+ 2007-08-20 09:49:26 478,208 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\mshtmled.dll
+ 2007-08-20 09:49:26 193,024 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\msrating.dll
+ 2007-08-20 09:49:27 671,232 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\mstime.dll
+ 2007-08-20 09:49:27 102,400 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\occache.dll
+ 2007-08-20 09:49:27 105,984 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\url.dll
+ 2007-08-20 09:49:28 1,161,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\urlmon.dll
+ 2007-08-20 09:49:28 232,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\webcheck.dll
+ 2007-08-20 09:49:28 825,344 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\sp2qfe\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\SoftwareDistribution\Download\cf14a1fec6e784e2f656a71bf1839c21\update\updspapi.dll
+ 2007-07-09 13:11:46 584,192 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\SP2GDR\rpcrt4.dll
+ 2007-06-12 21:53:14 121,856 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\SP2GDR\spru040c.dll
+ 2007-07-09 13:19:28 582,656 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\SP2QFE\rpcrt4.dll
+ 2007-06-18 22:24:36 369,152 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\SP2QFE\spru040c.dll
+ 2005-10-12 23:15:23 15,072 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\spmsg.dll
+ 2005-10-12 23:15:24 216,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\spuninst.exe
+ 2005-10-12 23:15:23 22,752 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\update\spcustom.dll
+ 2005-10-12 23:15:26 727,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\update\update.exe
+ 2005-10-12 23:15:43 394,976 ----a-w C:\WINDOWS\SoftwareDistribution\Download\f481ea94a34c702b77bda577798d89f0\update\updspapi.dll
- 2007-06-27 13:22:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-08-20 09:59:29 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelFrench.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelGerman.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelJapanese.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelKorean.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelPortugese.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSimplifiedChinese.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSpanish.dll
+ 2007-04-20 05:57:28 53,248 ----a-w C:\WINDOWS\system32\AgCPanelSwedish.dll
+ 2007-04-20 05:57:30 53,248 ----a-w C:\WINDOWS\system32\AgCPanelTraditionalChinese.dll
+ 2007-06-12 07:22:58 207,277 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\app.bin
+ 2007-04-16 07:24:38 122,249 ----a-w C:\WINDOWS\system32\AGEIA\AG1011\diag.bin
+ 2007-06-12 07:22:58 214,141 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\app.bin
+ 2007-07-10 09:13:42 113,313 ----a-w C:\WINDOWS\system32\AGEIA\AG1021\diag.bin
- 2007-08-25 16:59:19 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2007-09-30 13:12:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2007-08-25 16:53:00 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2007-09-30 13:12:29 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2007-08-25 16:53:00 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2007-09-30 13:12:29 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2005-04-14 05:54:22 331,184 ------w C:\WINDOWS\system32\difxapi.dll
+ 2007-04-11 13:35:38 331,184 ------w C:\WINDOWS\system32\difxapi.dll
- 2007-06-27 13:22:39 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-08-20 09:59:29 124,928 ------w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2004-08-10 12:00:00 19,456 ----a-w C:\WINDOWS\system32\dllcache\agt0401.dll
+ 2004-08-10 12:00:00 10,752 ----a-w C:\WINDOWS\system32\dllcache\c_iscii.dll
- 2006-10-17 09:57:50 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-08-20 09:59:29 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-06-27 13:22:40 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-08-20 09:59:29 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2004-08-10 12:00:00 6,144 ----a-w C:\WINDOWS\system32\dllcache\ftlx041e.dll
+ 2007-08-20 09:59:29 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-06-27 08:27:04 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-08-17 10:22:11 63,488 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-06-27 13:22:40 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-08-20 09:59:29 153,088 ------w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-06-27 13:22:42 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-08-20 09:59:29 230,400 ------w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-06-27 07:00:33 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-08-17 07:34:25 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-06-27 13:22:45 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-08-20 09:59:29 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-06-27 13:22:48 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-08-20 09:59:29 384,512 ------w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-06-27 13:23:23 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-08-20 09:59:29 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-06-27 13:23:23 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-08-20 09:59:29 44,544 ------w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-06-27 13:23:25 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-08-20 09:59:30 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-06-27 08:27:05 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-08-17 10:22:11 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-06-27 08:28:24 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-08-17 10:22:32 625,152 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2007-06-27 13:23:31 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-08-20 09:59:30 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbda1.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbda2.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbda3.dll
+ 2004-08-10 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dllcache\kbdarme.dll
+ 2004-08-10 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dllcache\kbdarmw.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbddiv1.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbddiv2.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdfa.dll
+ 2004-08-10 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dllcache\kbdgeo.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdheb.dll
+ 2004-08-10 12:00:00 6,144 ----a-w C:\WINDOWS\system32\dllcache\kbdinbe1.dll
+ 2004-08-10 12:00:00 6,656 ----a-w C:\WINDOWS\system32\dllcache\kbdinben.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdindev.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdinguj.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdinhin.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdinkan.dll
+ 2004-08-10 12:00:00 6,656 ----a-w C:\WINDOWS\system32\dllcache\kbdinmal.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdinmar.dll
+ 2004-08-10 12:00:00 6,144 ----a-w C:\WINDOWS\system32\dllcache\kbdinpun.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdintam.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdintel.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdsyr1.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdsyr2.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdth0.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdth1.dll
+ 2004-08-10 12:00:00 6,144 ----a-w C:\WINDOWS\system32\dllcache\kbdth2.dll
+ 2004-08-10 12:00:00 6,144 ----a-w C:\WINDOWS\system32\dllcache\kbdth3.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdurdu.dll
+ 2004-08-10 12:00:00 5,632 ----a-w C:\WINDOWS\system32\dllcache\kbdvntc.dll
- 2007-06-27 13:23:32 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-08-20 09:59:30 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-06-27 13:23:32 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-08-20 09:59:30 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-07-19 06:58:09 3,583,488 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-08-20 09:59:30 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-06-27 13:24:06 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-08-20 09:59:30 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-06-27 13:24:07 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-08-20 09:59:30 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-06-27 13:24:09 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-08-20 09:59:30 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-06-27 13:24:09 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-08-20 09:59:31 102,400 ------w C:\WINDOWS\system32\dllcache\occache.dll
+ 2004-08-10 12:00:00 185,344 ----a-w C:\WINDOWS\system32\dllcache\thawbrkr.dll
- 2007-06-27 13:24:10 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-08-20 09:59:31 105,984 ------w C:\WINDOWS\system32\dllcache\url.dll
- 2007-06-27 13:24:14 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-08-20 09:59:31 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-06-27 13:24:15 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-08-20 09:59:31 232,960 ------w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-06-27 13:24:19 823,808 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-08-20 09:59:31 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-09-30 15:28:56 70,001 ----a-w C:\WINDOWS\system32\drivers\gmer.sys
- 2007-07-18 17:26:04 4,547,584 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
+ 2007-03-26 17:21:06 4,395,008 ----a-w C:\WINDOWS\system32\drivers\RtkHDAud.sys
- 2006-10-17 18:22:26 9,216 ----a-w C:\WINDOWS\system32\drivers\videX32.sys
+ 2006-09-13 05:39:10 9,728 ----a-w C:\WINDOWS\system32\drivers\videX32.sys
+ 2005-05-19 13:52:58 17,792 ----a-w C:\WINDOWS\system32\drivers\x10ufx2.sys
+ 2005-05-03 16:43:28 69,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\ALCMTR.EXE
+ 2006-05-04 14:26:36 2,808,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\ALCWZRD.EXE
+ 2006-10-11 15:42:58 2,157,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\MicCal.exe
+ 2007-03-15 12:39:04 262,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RTCOMDLL.dll
+ 2007-03-21 12:49:20 16,126,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RTHDCPL.EXE
+ 2007-03-26 17:21:06 4,395,008 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RtkHDAud.sys
+ 2007-03-07 12:59:30 131,072 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RtlCPAPI.dll
+ 2007-03-23 17:19:10 9,715,200 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RTLCPL.EXE
+ 2007-01-16 08:39:36 1,191,936 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\RtlUpd.exe
+ 2007-03-16 13:06:54 1,822,720 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\SkyTel.exe
+ 2006-07-21 14:14:36 86,016 -c--a-w C:\WINDOWS\system32\DRVSTORE\hdart_C71723100C9B1362CA9E28BC0C6DB02E6CB8385E\SOUNDMAN.EXE
+ 2007-06-26 09:15:22 117,888 -c--a-w C:\WINDOWS\system32\DRVSTORE\PhysX32_28DEC1919B015F1DB41BE86D222D95CA59F30701\physX32.sys
+ 2006-05-29 10:02:28 27,904 -c--a-w C:\WINDOWS\system32\DRVSTORE\viaagp1_2CAE3F589B8C492BA07E3F383C8D7DDA7D3362CE\VIAAGP1.SYS
+ 2006-05-29 10:03:00 6,144 -c--a-w C:\WINDOWS\system32\DRVSTORE\viaidexp_01AD248FB404DC452B9428110B36FBAE5A9FBD01\viaidexp.sys
+ 2006-09-13 05:39:40 100,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\viamraid_8AE7DD368D222C8184CE002415CCFCBC46427580\viamraid.sys
+ 2006-09-13 05:39:10 9,728 -c--a-w C:\WINDOWS\system32\DRVSTORE\vminiide_B5B4443879A8FBF0BA8013EAC6F5432589BD35CA\videX32.sys
+ 2006-09-13 05:39:12 11,776 -c--a-w C:\WINDOWS\system32\DRVSTORE\vminiide_B5B4443879A8FBF0BA8013EAC6F5432589BD35CA\videX64.sys
+ 2006-09-13 05:39:16 11,264 -c--a-w C:\WINDOWS\system32\DRVSTORE\vminiide_B5B4443879A8FBF0BA8013EAC6F5432589BD35CA\xfilt.sys
+ 2006-09-13 05:39:18 13,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\vminiide_B5B4443879A8FBF0BA8013EAC6F5432589BD35CA\xfiltx64.sys
- 2006-10-17 09:57:50 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-08-20 09:59:29 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-06-27 13:22:40 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-08-20 09:59:29 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-09-29 18:31:00 561,528 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-09-30 13:12:10 488,296 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-10-17 09:58:20 61,952 ------w C:\WINDOWS\system32\icardie.dll
+ 2007-08-20 09:59:29 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-06-27 08:27:04 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-08-17 10:22:11 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-06-27 13:22:40 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-08-20 09:59:29 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-06-27 13:22:42 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-08-20 09:59:29 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-06-27 07:00:33 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-06-27 13:22:45 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-08-20 09:59:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-06-27 13:22:48 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-08-20 09:59:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-06-27 13:23:23 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-08-20 09:59:29 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-06-27 13:23:23 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-08-20 09:59:29 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-06-27 13:23:25 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-08-20 09:59:30 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-06-27 08:27:05 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-17 10:22:11 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2007-06-27 13:23:31 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-08-20 09:59:30 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-07-27 13:49:02 196,683 ----a-w C:\WINDOWS\system32\lnod32apiA.dll
+ 2007-07-27 13:49:02 225,355 ----a-w C:\WINDOWS\system32\lnod32apiW.dll
+ 2005-12-05 18:25:22 139,264 ----a-w C:\WINDOWS\system32\lnod32umc.dll
+ 2005-12-05 11:37:10 106,496 ----a-w C:\WINDOWS\system32\lnod32upd.dll
+ 2007-10-10 18:38:25 2,115,816 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-10-10 18:38:25 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2007-09-06 02:50:42 17,474,680 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-06-27 13:23:32 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-08-20 09:59:30 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-06-27 13:23:32 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-20 09:59:30 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-07-19 06:58:09 3,583,488 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-08-20 09:59:30 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-06-27 13:24:06 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-08-20 09:59:30 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-06-27 13:24:07 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-08-20 09:59:30 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-06-27 13:24:09 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-08-20 09:59:30 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2007-06-27 13:24:09 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-08-20 09:59:31 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-08-02 16:11:28 253,952 ----a-w C:\WINDOWS\system32\OnlineScannerDLLA.dll
+ 2007-08-02 16:11:14 241,664 ----a-w C:\WINDOWS\system32\OnlineScannerDLLW.dll
+ 2007-08-08 14:30:12 19,456 ----a-w C:\WINDOWS\system32\OnlineScannerLang.dll
+ 2007-06-13 09:10:34 77,824 ----a-w C:\WINDOWS\system32\OnlineScannerUninstaller.exe
- 2007-09-29 18:24:54 70,260 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-10-12 17:10:40 70,260 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-09-29 18:24:54 83,286 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2007-10-12 17:10:40 83,286 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2007-09-29 18:24:54 436,496 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-10-12 17:10:40 436,496 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-09-29 18:24:54 504,910 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2007-10-12 17:10:40 504,910 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2007-06-19 06:59:36 70,400 ----a-w C:\WINDOWS\system32\PhysXLoader.dll
+ 2001-08-23 14:58:06 36,224 ----a-w C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\isapnp.sys
+ 2004-08-03 22:37:06 68,608 ----a-w C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\pci.sys
+ 2006-05-29 10:03:00 6,144 ----a-w C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\viaidexp.sys
+ 2004-08-03 22:37:06 68,608 ----a-w C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\pci.sys
+ 2005-05-03 16:43:28 69,632 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\ALCMTR.EXE
+ 2006-05-04 14:26:36 2,808,832 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\ALCWZRD.EXE
+ 2004-08-03 21:08:00 60,288 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\drmk.sys
+ 2004-08-03 21:15:22 140,928 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ks.sys
+ 2004-08-03 22:54:30 4,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksuser.dll
+ 2004-03-16 08:58:20 136,960 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\portcls.sys
+ 2004-08-03 21:08:04 48,640 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\stream.sys
+ 2007-06-28 14:44:14 2,165,760 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\MicCal.exe
+ 2007-07-13 12:56:58 262,144 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RTCOMDLL.dll
+ 2007-07-05 14:08:46 16,380,416 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RTHDCPL.EXE
+ 2007-07-18 17:26:04 4,547,584 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RtkHDAud.sys
+ 2007-03-07 12:59:30 131,072 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RTLCPAPI.dll
+ 2007-03-23 17:19:10 9,715,200 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RTLCPL.EXE
+ 2007-01-16 08:39:36 1,191,936 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\RtlUpd.exe
+ 2007-06-15 14:45:50 1,826,816 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\SkyTel.exe
+ 2006-07-21 14:14:36 86,016 ----a-w C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\SOUNDMAN.EXE
- 2004-08-10 12:00:00 581,120 ----a-w C:\WINDOWS\system32\rpcrt4.dll
+ 2007-07-09 13:11:46 584,192 ----a-w C:\WINDOWS\system32\rpcrt4.dll
- 2007-07-13 12:56:58 262,144 ----a-w C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
+ 2007-03-15 12:39:04 262,144 ----a-w C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll
+ 2006-10-29 18:05:32 11,379 ----a-w C:\WINDOWS\system32\rundll\DLL\adm.dll
+ 2001-10-15 18:39:30 32,768 ----a-w C:\WINDOWS\system32\rundll\DLL\edll.dll
+ 2007-10-11 19:03:30 8,879 ----a-w C:\WINDOWS\system32\rundll\DLL\engine.dll
+ 2006-10-03 21:32:12 4,126 ----a-w C:\WINDOWS\system32\rundll\DLL\login.dll
+ 2002-03-23 07:36:52 8,192 ----a-w C:\WINDOWS\system32\rundll\DLL\mOTFv3.dll
+ 2001-05-27 17:21:32 1,656,320 ----a-w C:\WINDOWS\system32\rundll\DLL\Nvidia.exe
+ 2006-10-02 22:13:50 5,156 ----a-w C:\WINDOWS\system32\rundll\DLL\operator.dll
+ 2006-08-08 18:36:24 19,352 ----a-w C:\WINDOWS\system32\rundll\DLL\protcom.dll
- 2006-09-25 15:58:48 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2005-10-12 23:15:23 15,072 ------w C:\WINDOWS\system32\spmsg.dll
- 2007-07-22 16:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2007-10-05 08:07:31 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-06-27 13:24:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-08-20 09:59:31 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-06-27 13:24:14 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-08-20 09:59:31 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-06-27 13:24:15 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-20 09:59:31 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-06-27 13:24:19 823,808 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-08-20 09:59:31 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2006-12-01 20:56:00 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 22:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 22:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 22:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 22:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 22:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 22:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 22:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 22:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 22:46:44 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01]
"ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 03:52]
"DetectorApp"="C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 06:15]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-05-19 22:36]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 15:32 C:\WINDOWS\KHALMNPR.Exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 14:49 C:\WINDOWS\RTHDCPL.EXE]
"USB Print"="Servces.exe" [2007-06-13 15:22 C:\WINDOWS\system32\Servces.exe]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="C:\APPS\SMP\SmpSys.exe" [2005-11-17 09:51]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"USB Print"="Servces.exe" [2007-06-13 15:22 C:\WINDOWS\system32\Servces.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"USB Print"=Servces.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys
R0 xfilt;VIA SATA IDE Hot-plug Driver;C:\WINDOWS\system32\DRIVERS\xfilt.sys
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter;C:\WINDOWS\system32\Drivers\LUsbFilt.Sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys
S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys

.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 13:41:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-13 13:42:24
C:\ComboFix2.txt ... 2007-09-30 00:37
C:\ComboFix3.txt ... 2007-09-17 18:23
.
--- E O F ---


LOG Hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:50:41, on 13/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
c:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\APPS\SMP\SmpSys.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
c:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\viZion\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [USB Print] Servces.exe
O4 - HKLM\..\RunServices: [USB Print] Servces.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [USB Print] Servces.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/g [...] ection.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autob [...] nstall.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/fil [...] inder2.CAB
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDevice

Bien

Relance un scan HijackThis et coche les lignes ci-dessous :

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [USB Print] Servces.exe
O4 - HKLM\..\RunServices: [USB Print] Servces.exe
O4 - HKCU\..\Run: [USB Print] Servces.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/g [...] ection.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autob [...] nstall.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/fil [...] inder2.CAB

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.c [...] MoveIt.exe
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt aste List of Files/Folders to be moved.

C:\WINDOWS\system32\Servces.exe

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles avec un nouveau Hijackthis.

Bien

Fais une analyse antivirus en ligne sur Panda
http://www.pandasoftware.com/activ [...] ncipal.htm

Colle son rapport ici.

Bonjour, voila mon rapport de pandaScan: (analyze rapide)


;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-10-14 12:03:43
PROTECTIONS: 1
MALWARE: 13
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Kaspersky Internet Security 7.0.0.119 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.doubleclick.net/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Cookies\vizion@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.tradedoubler.com/]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.tradedoubler.com/]
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.mediaplex.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.xiti.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Cookies\vizion@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Cookies\vizion@bs.serving-sys[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Cookies\vizion@weborama[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.overture.com/]
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.bluestreak.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.adrevolver.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.adrevolver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.smartadserver.com/]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Cookies\vizion@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\viZion\Application Data\Mozilla\Firefox\Profiles\nvs93tzw.default\cookies.txt[.smartadserver.com/]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================

non,pour le moment tout est parfait,je te remercie vraiment beaucoup d'aillieur.
juste un dernier problème c'est que dans mon analyse spybot jai 4mouchard qui revienne a chaque fois, je peut faire autant d'analyse il partent pas on dirait.

Voila le rapport Spybot.

--- Report generated: 2007-10-14 20:32 ---

AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done)


Advertising.com: Cookie traceur (Firefox: default) (Cookie, nothing done)


DoubleClick: Cookie traceur (Firefox: default) (Cookie, nothing done)


HitBox: Cookie traceur (Firefox: default) (Cookie, nothing done)


HitBox: Cookie traceur (Firefox: default) (Cookie, nothing done)


HitBox: Cookie traceur (Firefox: default) (Cookie, nothing done)


HitBox: Cookie traceur (Firefox: default) (Cookie, nothing done)


MediaPlex: Cookie traceur (Firefox: default) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: default) (Cookie, nothing done)


Tradedoubler: Cookie traceur (Firefox: default) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)


AdRevolver: Cookie traceur (Firefox: default) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-08-25 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-07-31 Tools.dll (2.1.2.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-10-10 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-10-10 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-10-10 Includes\HijackersC.sbi (*)
2007-10-04 Includes\Keyloggers.sbi (*)
2007-10-10 Includes\KeyloggersC.sbi (*)
2007-10-04 Includes\Malware.sbi (*)
2007-10-10 Includes\MalwareC.sbi (*)
2007-09-05 Includes\PUPS.sbi (*)
2007-10-10 Includes\PUPSC.sbi (*)
2007-10-10 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-10-10 Includes\SecurityC.sbi (*)
2007-10-10 Includes\Spybots.sbi (*)
2007-10-10 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-10-04 Includes\Trojans.sbi (*)
2007-10-10 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll

Ok je te remercie beaucoup