Lenteur, bugs, gros problèmes...

personne pour m'aider ??

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Merci  
Je fais ça de suite

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:19, on 08/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\msnlogm.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\msnlogs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [msnsyslog] C:\WINDOWS\msnlogm.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Microsoft] svhost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [BM0fddfe9c] Rundll32.exe "C:\WINDOWS\system32\iqfrtees.dll",s
O4 - HKLM\..\Run: [0ceecd00] rundll32.exe "C:\WINDOWS\system32\qqbvgsdk.dll",b
O4 - HKLM\..\RunServices: [Microsoft] svhost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Policies\Explorer\Run: [WinUpdating] WinUpdating.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Unknown owner - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE (file missing)
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 7599 bytes

Re,

Bien infecté(e)  

1) Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
Guide d'utilisation : http://mickael.barroux.free.fr/securite/sdfix.php

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

Redémarre ton ordinateur

Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).

A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.

Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".

Choisis ton compte.
Déroule la liste des instructions ci-dessous :

Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.

Appuie sur Y pour commencer le processus de nettoyage.

Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.

Appuie sur une touche pour redémarrer le PC.

Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.

Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.

Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.

Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.

Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum.
N.B.:
- Le fichier SDFIX_README.htm (dans le dossier SDFix) contient la liste des malwares pris en compte par l'outil.
- Andy fait plusieurs mises à jour, souvent plus d'une par jour... N'hésitez donc pas à demander de télécharger une nouvelle version lorsque le nettoyage dure et que l'outil ne semble pas tout voir.

2) Tu es infecté(e) par "Vundo". Supprime tous les cracks de ton PC s'ils sont présents car sinon ils relanceront l'infection.

Télécharge Vundofix (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-dessus, à partir de "clique sur le bouton Scan for Vundo".

N.B : Il se peut que vundofix ne détecte rien, dans ce cas-là pas de rapport nécessaire, dis-moi juste qu'il n'a rien trouvé.

 

Merci pour ton aide Merillym  

voici le rapport de sdfix, je fais le reste de suite :


SDFix: Version 1.167
Run by monstrum on 08/04/2008 at 23:41

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\ADMINI~1.ORD\Bureau\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service

Rebooting


Checking Files :

Trojan Files Found:

C:\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe - Deleted
C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe - Deleted
C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\temp_01.exe - Deleted
C:\WINDOWS\system32\WinSpooler.exe - Deleted
C:\WINDOWS\system32\WinUpdating.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 00:01:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:c67092a3
"s2"=dword:40cf06dd
"h0"=dword:00000002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 52\"
"h0"=dword:00000001
"ujdew"=hex:56,b1,b0,3e,94,73,f4,38,1c,95,5e,70,9b,76,92,35,62,cf,5f,b2,53,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:c3,fa,a7,15,02,e5,58,b1,ac,2d,04,a1,da,d7,36,67,ed,b5,fc,94,1c,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 52\"
"h0"=dword:00000001
"ujdew"=hex:56,b1,b0,3e,94,73,f4,38,1c,95,5e,70,9b,76,92,35,62,cf,5f,b2,53,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"h0"=dword:00000000
"khjeh"=hex:c3,fa,a7,15,02,e5,58,b1,ac,2d,04,a1,da,d7,36,67,ed,b5,fc,94,1c,..

scanning hidden registry entries ...

scanning hidden files ...

C:\WINDOWS\system32\dllcache\ngrpci.sys 32840 bytes executable
C:\WINDOWS\system32\dllcache\nic1394.sys 61824 bytes executable
C:\WINDOWS\system32\dllcache\nikedrv.sys 12032 bytes executable
C:\WINDOWS\system32\dllcache\nm5a2wdm.sys 126080 bytes executable
C:\WINDOWS\system32\dllcache\nm6wdm.sys 87040 bytes executable
C:\WINDOWS\system32\dllcache\nscirda.sys 28672 bytes executable
C:\WINDOWS\system32\dllcache\nsmmc.sys 7552 bytes executable
C:\WINDOWS\system32\dllcache\ntapm.sys 9472 bytes executable
C:\WINDOWS\system32\dllcache\ntgrip.sys 51552 bytes executable
C:\WINDOWS\system32\dllcache\opl3sax.sys
C:\WINDOWS\system32\dllcache\oprghdlr.sys 3456 bytes executable
C:\WINDOWS\system32\dllcache\otc06x5.sys
C:\WINDOWS\system32\dllcache\otceth5.sys
C:\WINDOWS\system32\dllcache\otcsercb.sys
C:\WINDOWS\system32\dllcache\ovca.sys
C:\WINDOWS\system32\dllcache\ovcam2.sys
C:\WINDOWS\system32\dllcache\paqsp.dll 157696 bytes executable
C:\WINDOWS\system32\dllcache\parport.sys
C:\WINDOWS\system32\dllcache\pc100nds.sys
C:\WINDOWS\system32\dllcache\pca200e.sys
C:\WINDOWS\system32\dllcache\pci.sys 68608 bytes executable
C:\WINDOWS\system32\dllcache\pciide.sys
C:\WINDOWS\system32\dllcache\pciidex.sys
C:\WINDOWS\system32\dllcache\pcmcia.sys
C:\WINDOWS\system32\dllcache\pcmlm56.sys
C:\WINDOWS\system32\dllcache\pcntn5hl.sys
C:\WINDOWS\system32\dllcache\pcntn5m.sys
C:\WINDOWS\system32\dllcache\pcntpci5.sys
C:\WINDOWS\system32\dllcache\pctspk.exe
C:\WINDOWS\system32\dllcache\pcx500.sys
C:\WINDOWS\system32\dllcache\perc2.sys
C:\WINDOWS\system32\dllcache\perc2hib.sys
C:\WINDOWS\system32\dllcache\perm2.sys
C:\WINDOWS\system32\dllcache\perm2dll.dll
C:\WINDOWS\system32\dllcache\perm3.sys
C:\WINDOWS\system32\dllcache\perm3dd.dll
C:\WINDOWS\system32\dllcache\phdsext.ax
C:\WINDOWS\system32\dllcache\philcam1.dll
C:\WINDOWS\system32\dllcache\philcam1.sys
C:\WINDOWS\system32\dllcache\philcam2.sys
C:\WINDOWS\system32\dllcache\phildec.sys
C:\WINDOWS\system32\dllcache\philtune.sys
C:\WINDOWS\system32\dllcache\phvfwext.dll
C:\WINDOWS\system32\dllcache\pid.dll
C:\WINDOWS\system32\dllcache\pjlmon.dll
C:\WINDOWS\system32\dllcache\plugin.ocx
C:\WINDOWS\system32\dllcache\pnrmc.sys
C:\WINDOWS\system32\dllcache\portcls.sys
C:\WINDOWS\system32\dllcache\powerfil.sys
C:\WINDOWS\system32\dllcache\ppa.sys
C:\WINDOWS\system32\dllcache\ppa3.sys
C:\WINDOWS\system32\dllcache\prnport.vbs.new
C:\WINDOWS\system32\dllcache\ovcd.sys 28032 bytes executable

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 153


Remaining Services :



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:* isabled:Antivirus Firewall"
"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:* isabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:* isabled:Azureus"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:* isabled:Bonjour"
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"="C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe:* isabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"="C:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe:* isabled reamweaver 8"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:* isabled:eMule"
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:* isabled:FlashFXP v3"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:* isabled:Flashget"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:* isabled:LimeWire"
"C:\\Program Files\\Soldier of Fortune II - Double Helix\\SoF2MP.exe"="C:\\Program Files\\Soldier of Fortune II - Double Helix\\SoF2MP.exe:* isabled:SoF2MP"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:* isabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:* isabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"="C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe:*:Enabled:Antivirus Firewall"
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :


File Backups: - C:\DOCUME~1\ADMINI~1.ORD\Bureau\SDFix\backups\backups.zip

Files with Hidden Attributes :

Thu 3 Apr 2008 692,359 ..SH. --- "C:\WINDOWS\system32\arhyibrx.tmp"
Wed 2 Apr 2008 4,678,314 ..SH. --- "C:\WINDOWS\system32\bchbejke.tmp"
Mon 24 Mar 2008 1,548,953 ..SH. --- "C:\WINDOWS\system32\faxwfxlw.tmp"
Wed 3 May 2006 163,328 ..SHR --- "C:\WINDOWS\system32\flvDX.dll"
Thu 27 Mar 2008 1,566,607 ..SH. --- "C:\WINDOWS\system32\hyggxrto.tmp"
Wed 21 Feb 2007 31,744 ..SHR --- "C:\WINDOWS\system32\msfDX.dll"
Sun 30 Mar 2008 1,561,471 ..SH. --- "C:\WINDOWS\system32\ptlbwgww.tmp"
Sun 8 Apr 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\DRMv1.bak"
Sun 26 Jun 2005 616,448 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygwin1.dll"
Tue 21 Jun 2005 45,568 ..SHR --- "C:\Program Files\eRightSoft\SUPER\cygz.dll"
Tue 15 May 2007 72,704 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe"
Fri 27 Oct 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll"
Sun 8 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users.WINDOWS\DRM\Cache\Indiv01.tmp"
Sat 26 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\585dc2612ebcefc90e7dee4c276ee95e\BIT6.tmp"

Finished!



p.s : les cracks sont-ils succeptibles de repropager le virus, même si je ne les utilisent pas ??

le rapport de VUndoFix :

VundoFix V7.0.3

Scan started at 00:49:49 09/04/2008

Listing files found while scanning....

C:\WINDOWS\system32\afuxgcdt.dll
C:\WINDOWS\system32\bhcdinhf.dll
C:\WINDOWS\system32\cvalgfir.dll
C:\windows\system32\ddcbbay.dll
C:\WINDOWS\system32\dtdowdam.dll
C:\WINDOWS\system32\euohpiel.dll
C:\WINDOWS\system32\exxqdjwu.dll
C:\WINDOWS\system32\fbkhfnww.dll
C:\WINDOWS\system32\fsxsumwm.dll
C:\WINDOWS\system32\gxgmsemg.dll
C:\WINDOWS\system32\iqfrtees.dll
C:\WINDOWS\system32\jpistyyk.ini
C:\WINDOWS\system32\kyytsipj.dll
C:\WINDOWS\system32\leiphoue.ini
C:\WINDOWS\system32\lrmnuajf.dll
C:\WINDOWS\system32\lspqqcqe.dll
C:\WINDOWS\system32\mitebhar.dll
C:\WINDOWS\system32\mnoxdgjs.dll
C:\WINDOWS\system32\ncckluiw.dll
C:\windows\system32\pmkjg.dll
C:\WINDOWS\system32\qcrfumuq.dll
C:\WINDOWS\system32\ssqPjijK.dll
C:\WINDOWS\system32\tbtttatp.dll
C:\WINDOWS\system32\ttiqfcsw.dll
C:\WINDOWS\system32\uanxlmsp.dll
C:\WINDOWS\system32\uwjdqxxe.ini
C:\WINDOWS\system32\vbxinkpw.dll
C:\WINDOWS\system32\vlaxvcrx.dll
C:\WINDOWS\system32\ybraokoi.dll
C:\WINDOWS\system32\yuolfqbv.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\afuxgcdt.dll
C:\WINDOWS\system32\afuxgcdt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\bhcdinhf.dll
C:\WINDOWS\system32\bhcdinhf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cvalgfir.dll
C:\WINDOWS\system32\cvalgfir.dll Has been deleted!

Attempting to delete C:\windows\system32\ddcbbay.dll
C:\windows\system32\ddcbbay.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\dtdowdam.dll
C:\WINDOWS\system32\dtdowdam.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\euohpiel.dll
C:\WINDOWS\system32\euohpiel.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\exxqdjwu.dll
C:\WINDOWS\system32\exxqdjwu.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\fbkhfnww.dll
C:\WINDOWS\system32\fbkhfnww.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fsxsumwm.dll
C:\WINDOWS\system32\fsxsumwm.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gxgmsemg.dll
C:\WINDOWS\system32\gxgmsemg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iqfrtees.dll
C:\WINDOWS\system32\iqfrtees.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jpistyyk.ini
C:\WINDOWS\system32\jpistyyk.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\kyytsipj.dll
C:\WINDOWS\system32\kyytsipj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\leiphoue.ini
C:\WINDOWS\system32\leiphoue.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\lrmnuajf.dll
C:\WINDOWS\system32\lrmnuajf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lspqqcqe.dll
C:\WINDOWS\system32\lspqqcqe.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mitebhar.dll
C:\WINDOWS\system32\mitebhar.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mnoxdgjs.dll
C:\WINDOWS\system32\mnoxdgjs.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ncckluiw.dll
C:\WINDOWS\system32\ncckluiw.dll Has been deleted!

Attempting to delete C:\windows\system32\pmkjg.dll
C:\windows\system32\pmkjg.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qcrfumuq.dll
C:\WINDOWS\system32\qcrfumuq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqPjijK.dll
C:\WINDOWS\system32\ssqPjijK.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\tbtttatp.dll
C:\WINDOWS\system32\tbtttatp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ttiqfcsw.dll
C:\WINDOWS\system32\ttiqfcsw.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\uanxlmsp.dll
C:\WINDOWS\system32\uanxlmsp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\uwjdqxxe.ini
C:\WINDOWS\system32\uwjdqxxe.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\vbxinkpw.dll
C:\WINDOWS\system32\vbxinkpw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vlaxvcrx.dll
C:\WINDOWS\system32\vlaxvcrx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ybraokoi.dll
C:\WINDOWS\system32\ybraokoi.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yuolfqbv.dll
C:\WINDOWS\system32\yuolfqbv.dll Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V7.0.3

Scan started at 01:17:48 09/04/2008

Listing files found while scanning....

C:\WINDOWS\system32\exxqdjwu.dll
C:\WINDOWS\system32\lxnikvmk.dll
C:\WINDOWS\system32\ssqPjijK.dll
C:\WINDOWS\system32\ttiqfcsw.dll
C:\WINDOWS\system32\uwjdqxxe.ini

Beginning removal...

Attempting to delete C:\WINDOWS\system32\exxqdjwu.dll
C:\WINDOWS\system32\exxqdjwu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lxnikvmk.dll
C:\WINDOWS\system32\lxnikvmk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\ssqPjijK.dll
C:\WINDOWS\system32\ssqPjijK.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\ttiqfcsw.dll
C:\WINDOWS\system32\ttiqfcsw.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\uwjdqxxe.ini
C:\WINDOWS\system32\uwjdqxxe.ini Has been deleted!

Performing Repairs to the registry.
Done!



p.s : apparament, il n'arrive pas à supprimer cinq fichiers

Et le rapport d'hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:08:01, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\msnlogm.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\msnlogs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [msnsyslog] C:\WINDOWS\msnlogm.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [0ceecd00] rundll32.exe "C:\WINDOWS\system32\uuvpqpdt.dll",b
O4 - HKLM\..\Run: [BM0fddfe9c] Rundll32.exe "C:\WINDOWS\system32\lxnikvmk.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Unknown owner - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE (file missing)
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 7263 bytes

 

On continue  

1) Affiche les fichiers et dossiers cachés …
Pour ce faire, tu vas dans un dossier, par ex. "Mes Images".
Ensuite, clique sur > Outils > Options des dossiers ...
clique sur l' onglet « Affichage » et ...
coche ---> Afficher les fichiers et dossiers cachés
décoche > Masquer les extensions des fichiers dont le type est connu
décoche > Masquer les fichiers protégés du système d' exploitation (recommandé).
« Appliquer » et « OK ».

2) Désactive toute protection résidente ( antivirus…) !
Déconnecte-toi d’internet, ferme tous les programmes en cours et laisse combofix travailler : ne fais donc pas autre chose en même temps !

Télécharge Combofix de sUBs
Sauvegarde le sur ton bureau et pas ailleurs !
Redémarre en mode sans échecs : aide ici >>>
http://forum.telecharger.01net.com/telecharger/virus_et...
/!\ Ne jamais redémarrer en mode sans échec via msconfig ! /!\

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport. Il se trouve ici : C:\Combofix.txt

3) Copie/colle un nouveau rapport HiJackThis avec.

 

Bonjour Merillym,
comment dois-je faire pour me déconnecter d'internet ??
avant avec orange je pouvais le faire, mais maintenant j'ai Alice.
Merci

pfff je suis bête, je vais débrancher l'alice box  

ComboFix 08-04-08.10 - monstrum 2008-04-09 18:19:58.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.265 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur.ORDI\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
TimedOut: progfile.dat

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\#SharedObjects\6NS7HQCD\iforex.com
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\#SharedObjects\6NS7HQCD\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\#SharedObjects\6NS7HQCD\www.broadcaster.com
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\Documents and Settings\Administrateur.ORDI\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\lswmv.ini
C:\Program Files\Fichiers communs\{0CEEC~1
C:\Program Files\Fichiers communs\{0CEEC~2
C:\Program Files\Fichiers communs\uninstall information
C:\WINDOWS\BM0fddfe9c.xml
C:\WINDOWS\msnlogm.exe
C:\WINDOWS\msnlogs.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\arhyibrx.ini
C:\WINDOWS\system32\awtuvvw.dll
C:\WINDOWS\system32\begpkptp.dll
C:\WINDOWS\system32\beiyncyg.dll
C:\WINDOWS\system32\bjcearus.dll
C:\WINDOWS\system32\bnqnghcj.dll
C:\WINDOWS\system32\boyttvmf.dll
C:\WINDOWS\system32\bthrxajb.dll
C:\WINDOWS\system32\cbxyxuu.dll
C:\WINDOWS\system32\ccknyjfh.ini
C:\WINDOWS\system32\ccpjpkbs.dll
C:\WINDOWS\system32\ckwlrjor.dll
C:\WINDOWS\system32\cpibdjkd.dll
C:\WINDOWS\system32\cqlnmidu.ini
C:\WINDOWS\system32\dcoulqoq.dll
C:\WINDOWS\system32\dlgvqjca.dll
C:\WINDOWS\system32\dssqrwkp.dll
C:\WINDOWS\system32\dxarjpaw.ini
C:\WINDOWS\system32\efjjkwwf.dll
C:\WINDOWS\system32\ejuujufc.dll
C:\WINDOWS\system32\equloejv.ini
C:\WINDOWS\system32\evdikvcu.dll
C:\WINDOWS\system32\eytrpjja.dll
C:\WINDOWS\system32\faxwfxlw.ini
C:\WINDOWS\system32\faxwfxlw.tmp
C:\WINDOWS\system32\fjcvxgsf.ini
C:\WINDOWS\system32\flxrucqx.dll
C:\WINDOWS\system32\fmvttyob.ini
C:\WINDOWS\system32\fnrjeipx.dll
C:\WINDOWS\system32\foccvhul.dll
C:\WINDOWS\system32\fsgxvcjf.dll
C:\WINDOWS\system32\fsyxxpvx.dll
C:\WINDOWS\system32\fwwkjjfe.ini
C:\WINDOWS\system32\fymolodm.ini
C:\WINDOWS\system32\gebxuvt.dll
C:\WINDOWS\system32\gjkmp.ini
C:\WINDOWS\system32\gjkmp.ini2
C:\WINDOWS\system32\gycnyieb.ini
C:\WINDOWS\system32\haxmprkb.dll
C:\WINDOWS\system32\hcqmvixi.dll
C:\WINDOWS\system32\hensfcro.dll
C:\WINDOWS\system32\hfjynkcc.dll
C:\WINDOWS\system32\hmutulru.dll
C:\WINDOWS\system32\ibuetvsy.dll
C:\WINDOWS\system32\idtlfdyw.dll
C:\WINDOWS\system32\iudhjwpf.dll
C:\WINDOWS\system32\jifjbbao.dll
C:\WINDOWS\system32\jitedcpc.dll
C:\WINDOWS\system32\jkkifgg.dll
C:\WINDOWS\system32\jkkllmn.dll
C:\WINDOWS\system32\jlnmp.ini
C:\WINDOWS\system32\jlnmp.ini2
C:\WINDOWS\system32\jqcocvxb.dll
C:\WINDOWS\system32\jshsrwbr.ini
C:\WINDOWS\system32\jslldueo.dll
C:\WINDOWS\system32\jxbcanyq.ini
C:\WINDOWS\system32\kdsgvbqq.ini
C:\WINDOWS\system32\kfftyhal.dll
C:\WINDOWS\system32\krmrwvye.dll
C:\WINDOWS\system32\kteshflq.dll
C:\WINDOWS\system32\kwyfvvdm.dll
C:\WINDOWS\system32\lgbvmrwt.dll
C:\WINDOWS\system32\lilcfmrt.ini
C:\WINDOWS\system32\ljjggdc.dll
C:\WINDOWS\system32\ljjkhgf.dll
C:\WINDOWS\system32\lncldopt.dll
C:\WINDOWS\system32\losnixgr.dll
C:\WINDOWS\system32\lxkufxkr.dll
C:\WINDOWS\system32\lxnikvmk.dll
C:\WINDOWS\system32\mantec~1
C:\WINDOWS\system32\mbqypqjg.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdolomyf.dll
C:\WINDOWS\system32\mxeotarr.ini
C:\WINDOWS\system32\nmcnmkrq.dll
C:\WINDOWS\system32\nnnkkjh.dll
C:\WINDOWS\system32\nnnnlli.dll
C:\WINDOWS\system32\okjkkeed.dll
C:\WINDOWS\system32\opnnlig.dll
C:\WINDOWS\system32\orcfsneh.ini
C:\WINDOWS\system32\oyrwiegw.dll
C:\WINDOWS\system32\pdjeomsa.ini
C:\WINDOWS\system32\pdtdbodd.dll
C:\WINDOWS\system32\pucjprds.ini
C:\WINDOWS\system32\qommjki.dll
C:\WINDOWS\system32\qoqluocd.ini
C:\WINDOWS\system32\qynacbxj.dll
C:\WINDOWS\system32\rgxinsol.ini
C:\WINDOWS\system32\rwdihnis.dll
C:\WINDOWS\system32\sdrpjcup.dll
C:\WINDOWS\system32\sggdyebn.dll
C:\WINDOWS\system32\smante~1
C:\WINDOWS\system32\ssqPjijK.dll
C:\WINDOWS\system32\ssqpnnm.dll
C:\WINDOWS\system32\svreouwx.dll
C:\WINDOWS\system32\sxntspsf.ini
C:\WINDOWS\system32\tdpqpvuu.ini
C:\WINDOWS\system32\ttiqfcsw.dll
C:\WINDOWS\system32\tuvssqp.dll
C:\WINDOWS\system32\tuvwxvt.dll
C:\WINDOWS\system32\urqnlmj.dll
C:\WINDOWS\system32\urqpmjj.dll
C:\WINDOWS\system32\urqrqop.dll
C:\WINDOWS\system32\uwkbiqgp.dll
C:\WINDOWS\system32\vaccmrps.dll
C:\WINDOWS\system32\vjeoluqe.dll
C:\WINDOWS\system32\vpggyjni.dll
C:\WINDOWS\system32\waiijxue.ini
C:\WINDOWS\system32\wapjraxd.dll
C:\WINDOWS\system32\wgeiwryo.ini
C:\WINDOWS\system32\wgvejncp.dll
C:\WINDOWS\system32\wlxfwxaf.dll
C:\WINDOWS\system32\xaolcqff.dll
C:\WINDOWS\system32\xbgtjxsc.dll
C:\WINDOWS\system32\xdedowxn.dll
C:\WINDOWS\system32\xeaybxaq.ini
C:\WINDOWS\system32\xfiwedpo.dll
C:\WINDOWS\system32\xnttmlup.dll
C:\WINDOWS\system32\xpohpvtd.dll
C:\WINDOWS\system32\xtruobao.dll
C:\WINDOWS\system32\xvpxxysf.ini
C:\WINDOWS\system32\xxyaxxu.dll
C:\WINDOWS\system32\yayawtq.dll
C:\WINDOWS\system32\yayaywv.dll
C:\WINDOWS\system32\yayvtqq.dll
C:\WINDOWS\system32\yiyrutjr.dll
C:\WINDOWS\system32\ypphhyns.ini
C:\WINDOWS\system32\yyjbumna.dll
C:\WINDOWS\wnsxs~1

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-09 to 2008-04-09 ))))))))))))))))))))))))))))))))))))
.

2008-04-09 18:28 . 2008-04-09 18:28 <REP> d-------- C:\WINDOWS\LastGood
2008-04-09 11:07 . 2008-04-09 11:35 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-04-09 01:20 . 2008-04-09 01:20 3,648 --a------ C:\WINDOWS\system32\xcnrvscj.dll
2008-04-09 01:11 . 2008-04-09 16:01 345 --ahs---- C:\WINDOWS\system32\nVwvDcdd.ini
2008-04-09 00:49 . 2008-04-09 01:31 <REP> d-------- C:\VundoFix Backups
2008-04-09 00:19 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-04-09 00:18 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-04-09 00:17 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-04-09 00:16 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-04-09 00:15 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-04-09 00:14 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-04-09 00:13 . 2004-08-19 16:09 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll
2008-04-09 00:12 . 2001-08-23 17:03 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2008-04-09 00:11 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-04-09 00:10 . 2004-08-19 16:09 154,112 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-04-09 00:09 . 2004-08-19 16:09 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-04-09 00:08 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-04-09 00:07 . 2001-08-23 17:16 630,016 --a--c--- C:\WINDOWS\system32\dllcache\eqn.sys
2008-04-09 00:06 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-04-09 00:05 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-04-09 00:04 . 2001-08-23 17:03 715,466 --a--c--- C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2008-04-09 00:03 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-04-09 00:02 . 2004-08-19 16:09 1,888,992 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll
2008-04-09 00:01 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-04-09 00:00 . 2004-05-13 01:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\OLD4D.tmp
2008-04-08 23:59 . 2008-04-08 23:59 <REP> d-------- C:\WINDOWS\msagent
2008-04-08 23:36 . 2008-04-08 23:36 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-08 23:10 . 2008-04-08 23:10 3,648 --a------ C:\WINDOWS\system32\rviclcpi.dll
2008-04-08 17:14 . 2008-04-08 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-04-08 16:24 . 2008-04-08 16:24 3,648 --a------ C:\WINDOWS\system32\cytynvct.dll
2008-04-08 15:17 . 2008-04-08 15:17 3,648 --a------ C:\WINDOWS\system32\busydidf.dll
2008-04-05 22:20 . 2008-04-05 22:29 93,248 --a------ C:\WINDOWS\system32\ffiirxnw.dll
2008-04-03 18:27 . 2008-04-03 18:27 692,359 ---hs---- C:\WINDOWS\system32\arhyibrx.tmp
2008-04-02 19:15 . 2008-04-02 19:15 4,678,314 ---hs---- C:\WINDOWS\system32\bchbejke.tmp
2008-04-02 19:14 . 2008-04-02 19:11 4,678,314 ---hs---- C:\WINDOWS\system32\bchbejke.ini
2008-04-02 19:11 . 2008-04-02 19:16 210 --a------ C:\WINDOWS\system32\iierdsxd.tmp
2008-04-02 14:17 . 2008-04-02 19:11 4,678,314 ---hs---- C:\WINDOWS\system32\iierdsxd.ini
2008-04-02 12:23 . 2008-04-02 12:55 4,094,421 ---hs---- C:\WINDOWS\system32\qfycwepv.ini
2008-04-01 18:09 . 2008-04-01 20:41 3,175,990 ---hs---- C:\WINDOWS\system32\muluupfe.ini
2008-03-31 18:17 . 2008-03-31 20:47 1,577,486 ---hs---- C:\WINDOWS\system32\xeutpitu.ini
2008-03-31 11:36 . 2008-03-31 15:37 1,561,651 ---hs---- C:\WINDOWS\system32\jrhakrrd.ini
2008-03-30 12:17 . 2008-03-30 12:17 1,561,471 ---hs---- C:\WINDOWS\system32\ptlbwgww.tmp
2008-03-30 12:17 . 2008-03-30 12:17 1,561,471 ---hs---- C:\WINDOWS\system32\ptlbwgww.ini
2008-03-30 00:31 . 2008-03-30 12:16 1,561,411 ---hs---- C:\WINDOWS\system32\vltivvep.ini
2008-03-29 16:01 . 2008-03-29 16:01 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-29 14:03 . 2008-03-29 21:17 1,560,991 ---hs---- C:\WINDOWS\system32\ovyurjpx.ini
2008-03-29 09:31 . 2008-03-29 14:02 1,560,811 ---hs---- C:\WINDOWS\system32\hdhrifws.ini
2008-03-27 16:30 . 2008-03-27 16:30 1,566,607 ---hs---- C:\WINDOWS\system32\hyggxrto.tmp
2008-03-27 16:30 . 2008-03-27 16:29 1,566,607 ---hs---- C:\WINDOWS\system32\hyggxrto.ini
2008-03-27 14:10 . 2008-03-27 16:29 1,566,607 ---hs---- C:\WINDOWS\system32\ludeaowb.ini
2008-03-26 14:14 . 2008-03-26 16:36 1,586,047 ---hs---- C:\WINDOWS\system32\pkcknkol.ini
2008-03-25 22:37 . 2008-03-25 22:38 1,573,566 ---hs---- C:\WINDOWS\system32\ewegbysg.ini
2008-03-25 18:38 . 2008-03-25 22:36 1,575,401 ---hs---- C:\WINDOWS\system32\xbpyucjl.ini
2008-03-24 16:59 . 2008-03-24 19:51 1,578,025 ---hs---- C:\WINDOWS\system32\dynfsrig.ini
2008-03-24 14:15 . 2008-03-24 14:54 1,548,953 ---hs---- C:\WINDOWS\system32\rrcrjejo.ini
2008-03-24 13:05 . 2008-03-24 13:06 2,214 ---hs---- C:\WINDOWS\system32\wjnepkrg.ini
2008-03-24 13:02 . 2008-03-24 13:05 2,094 ---hs---- C:\WINDOWS\system32\rdoarmdi.ini
2008-03-23 17:04 . 2008-03-23 17:15 1,614 ---hs---- C:\WINDOWS\system32\wforytlo.ini
2008-03-22 09:21 . 2008-03-22 15:25 1,374 ---hs---- C:\WINDOWS\system32\cbwolnib.ini
2008-03-21 12:46 . 2008-03-21 22:40 1,539,183 ---hs---- C:\WINDOWS\system32\jhxtglsm.ini
2008-03-20 21:27 . 2008-03-21 12:41 1,540,334 ---hs---- C:\WINDOWS\system32\flroalwc.ini
2008-03-20 19:46 . 2008-03-20 21:27 1,540,034 ---hs---- C:\WINDOWS\system32\rpbtpsxq.ini
2008-03-20 09:15 . 2008-03-20 19:16 1,541,463 ---hs---- C:\WINDOWS\system32\iqgqviau.ini
2008-03-18 21:28 . 2008-03-18 21:31 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-18 21:26 . 2008-03-18 22:21 <REP> d-------- C:\Program Files\Guitar Pro 5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-09 16:14 --------- d-----w C:\Program Files\Lx_cats
2008-04-09 14:30 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\OpenOffice.org2
2008-04-08 21:05 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-08 10:45 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-04-04 20:12 --------- d-----w C:\Program Files\Opera
2008-04-04 20:04 --------- d-----w C:\Program Files\Geneatique2007
2008-04-03 20:28 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\LimeWire
2008-03-18 19:29 --------- d-----w C:\Program Files\eMule
2008-03-11 17:31 --------- d-----w C:\Program Files\Azureus
2008-03-11 17:31 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\Azureus
2008-02-22 18:49 --------- d-----w C:\Program Files\Alcohol Soft
2008-02-22 18:40 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-22 18:28 --------- d-----w C:\Program Files\Mvm
2008-02-22 18:28 --------- d-----w C:\Program Files\Borland
2008-02-18 20:29 --------- d-----w C:\Program Files\Total Video Converter
2008-02-14 11:25 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-12 20:26 --------- d-----w C:\Program Files\Protectis
2008-02-12 13:23 6,688 ----a-w C:\WINDOWS\movexe.exe
2008-02-12 12:51 --------- d-----w C:\Program Files\Tracker Software
2008-02-10 23:24 --------- d-----w C:\Program Files\LimeWire
2008-01-28 18:49 30,601 ----a-w C:\Documents and Settings\Administrateur.ORDI\x.exe
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2007-03-25 21:47 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2006-11-11 16:02 359808 b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1FC0254A-241B-4D41-95A1-9591C3194404}]
C:\WINDOWS\system32\pmkjg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A12F8F9B-7758-460E-9D67-C33CEE3E5F34}]
C:\WINDOWS\system32\ddcDvwVn.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 19:09 15360]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-28 21:57 68856]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-12-22 09:09 221056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2007-01-23 13:34 53248 C:\WINDOWS\system32\SiSPower.dll]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]
"0ceecd00"="C:\WINDOWS\system32\uuvpqpdt.dll" [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\opnnkji]
opnnkji.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^TimeLeft.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\TimeLeft.lnk
backup=C:\WINDOWS\pss\TimeLeft.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^UDPixel.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\UDPixel.lnk
backup=C:\WINDOWS\pss\UDPixel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-02-28 23:06 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-01-15 17:14 147456 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2005-08-01 08:05 94208 C:\Program Files\Lexmark 2300 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]
C:\Program Files\AntivirusFirewall\Common\FSM32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Startup Wizard]
C:\Program Files\AntivirusFirewall\FSGUI\FSSW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB]
C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
C:\Program Files\FlashGet\FlashGet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2007-11-20 21:21 1840128 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2004-12-14 19:57 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2004-12-14 19:51 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
--a------ 2005-07-21 02:07 200704 C:\Program Files\Lexmark 2300 Series\lxcgmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
C:\Program Files\MSN Webcam Recorder\ml20gui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnsyslog]
C:\WINDOWS\msnlogm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\News Service]
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperCopier2.exe]
--a------ 2006-07-07 18:45 1052672 C:\Program Files\SuperCopier2\SuperCopier2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-03-28 21:57 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 02:08]
S2 BackWeb Plug-in - 6588780;Antivirus Firewall;C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE []
S2 Ca536av;Icatch(VII) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca536av.sys []
S2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys []
S2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys []
S2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys []
S3 GoogleDesktopManager-091907-194040;Google Desktop Manager 5.1.709.19590;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-20 21:21]
S3 USBCamera;Icatch(VII) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk536.sys []
S3 XDva009;XDva009;C:\WINDOWS\system32\XDva009.sys []

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-05-17 08:04:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-09 18:28:17
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IcoSauve.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-09 18:44:27 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-09 16:44:13
Pre-Run: 12,425,211,904 octets libres
Post-Run: 11,341,271,040 octets libres
.
2008-04-08 22:44:27 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:17, on 09/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1FC0254A-241B-4D41-95A1-9591C3194404} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A12F8F9B-7758-460E-9D67-C33CEE3E5F34} - C:\WINDOWS\system32\ddcDvwVn.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [0ceecd00] rundll32.exe "C:\WINDOWS\system32\uuvpqpdt.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: opnnkji - opnnkji.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Unknown owner - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE (file missing)
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 7705 bytes

 

Désactive toute protection résidente ( antivirus…) !

Copie le texte se situant dans le cadre ci-dessous, sans le mot citation :




Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :



Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.
S'il n'y a pas de redémarrage, poste quand même les rapports.

 

Salut Merillym



tu veux dire CFScript.txt ??

Et ?

non désolé je pensais juste que tu m'"enguelait" vu que c'était en gras, désolé  

    En gras c'est pour attirer l'attention sur des points essentiels de la manip'  

voilà : ComboFix 08-04-08.10 - monstrum 2008-04-10 19:40:39.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.97 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur.ORDI\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur.ORDI\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::
C:\WINDOWS\system32\arhyibrx.tmp
C:\WINDOWS\system32\bchbejke.ini
C:\WINDOWS\system32\bchbejke.tmp
C:\WINDOWS\system32\busydidf.dll
C:\WINDOWS\system32\cbwolnib.ini
C:\WINDOWS\system32\cytynvct.dll
C:\WINDOWS\system32\dynfsrig.ini
C:\WINDOWS\system32\ewegbysg.ini
C:\WINDOWS\system32\ffiirxnw.dll
C:\WINDOWS\system32\flroalwc.ini
C:\WINDOWS\system32\hdhrifws.ini
C:\WINDOWS\system32\hyggxrto.ini
C:\WINDOWS\system32\hyggxrto.tmp
C:\WINDOWS\system32\iierdsxd.ini
C:\WINDOWS\system32\iierdsxd.tmp
C:\WINDOWS\system32\iqgqviau.ini
C:\WINDOWS\system32\jhxtglsm.ini
C:\WINDOWS\system32\jrhakrrd.ini
C:\WINDOWS\system32\ludeaowb.ini
C:\WINDOWS\system32\muluupfe.ini
C:\WINDOWS\system32\nVwvDcdd.ini
C:\WINDOWS\system32\ovyurjpx.ini
C:\WINDOWS\system32\pkcknkol.ini
C:\WINDOWS\system32\ptlbwgww.ini
C:\WINDOWS\system32\ptlbwgww.tmp
C:\WINDOWS\system32\qfycwepv.ini
C:\WINDOWS\system32\rdoarmdi.ini
C:\WINDOWS\system32\rpbtpsxq.ini
C:\WINDOWS\system32\rrcrjejo.ini
C:\WINDOWS\system32\rviclcpi.dll
C:\WINDOWS\system32\vltivvep.ini
C:\WINDOWS\system32\wforytlo.ini
C:\WINDOWS\system32\wjnepkrg.ini
C:\WINDOWS\system32\xbpyucjl.ini
C:\WINDOWS\system32\xcnrvscj.dll
C:\WINDOWS\system32\xeutpitu.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\arhyibrx.tmp
C:\WINDOWS\system32\bchbejke.ini
C:\WINDOWS\system32\bchbejke.tmp
C:\WINDOWS\system32\busydidf.dll
C:\WINDOWS\system32\cbwolnib.ini
C:\WINDOWS\system32\cytynvct.dll
C:\WINDOWS\system32\dynfsrig.ini
C:\WINDOWS\system32\ewegbysg.ini
C:\WINDOWS\system32\ffiirxnw.dll
C:\WINDOWS\system32\flroalwc.ini
C:\WINDOWS\system32\hdhrifws.ini
C:\WINDOWS\system32\hyggxrto.ini
C:\WINDOWS\system32\hyggxrto.tmp
C:\WINDOWS\system32\iierdsxd.ini
C:\WINDOWS\system32\iierdsxd.tmp
C:\WINDOWS\system32\iqgqviau.ini
C:\WINDOWS\system32\jhxtglsm.ini
C:\WINDOWS\system32\jrhakrrd.ini
C:\WINDOWS\system32\ludeaowb.ini
C:\WINDOWS\system32\muluupfe.ini
C:\WINDOWS\system32\nVwvDcdd.ini
C:\WINDOWS\system32\ovyurjpx.ini
C:\WINDOWS\system32\pkcknkol.ini
C:\WINDOWS\system32\ptlbwgww.ini
C:\WINDOWS\system32\ptlbwgww.tmp
C:\WINDOWS\system32\qfycwepv.ini
C:\WINDOWS\system32\rdoarmdi.ini
C:\WINDOWS\system32\rpbtpsxq.ini
C:\WINDOWS\system32\rrcrjejo.ini
C:\WINDOWS\system32\rviclcpi.dll
C:\WINDOWS\system32\vltivvep.ini
C:\WINDOWS\system32\wforytlo.ini
C:\WINDOWS\system32\wjnepkrg.ini
C:\WINDOWS\system32\xbpyucjl.ini
C:\WINDOWS\system32\xcnrvscj.dll
C:\WINDOWS\system32\xeutpitu.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))))))
.

2008-04-10 13:06 . 2004-08-19 16:09 1,888,992 --a--c--- C:\WINDOWS\system32\dllcache\OLD1EB.tmp
2008-04-10 13:05 . 2004-08-19 19:09 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\OLDA9.tmp
2008-04-10 13:04 . 2008-04-10 13:07 <REP> d-------- C:\WINDOWS\LastGood
2008-04-09 00:49 . 2008-04-09 01:31 <REP> d-------- C:\VundoFix Backups
2008-04-09 00:19 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-04-09 00:18 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-04-09 00:17 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-04-09 00:16 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-04-09 00:15 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-04-09 00:14 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-04-09 00:13 . 2004-08-19 16:09 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll
2008-04-09 00:12 . 2001-08-23 17:03 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2008-04-09 00:11 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-04-09 00:10 . 2004-08-19 16:09 154,112 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-04-09 00:09 . 2004-08-19 16:09 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-04-09 00:08 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-04-09 00:07 . 2001-08-23 17:16 630,016 --a--c--- C:\WINDOWS\system32\dllcache\eqn.sys
2008-04-09 00:06 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-04-09 00:05 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-04-09 00:04 . 2001-08-23 17:03 715,466 --a--c--- C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2008-04-09 00:03 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-04-09 00:02 . 2004-08-19 16:09 1,888,992 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll
2008-04-09 00:01 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-04-09 00:00 . 2004-05-13 01:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\OLD4D.tmp
2008-04-08 23:59 . 2008-04-08 23:59 <REP> d-------- C:\WINDOWS\msagent
2008-04-08 23:36 . 2008-04-08 23:36 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-08 17:14 . 2008-04-08 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-04-05 22:20 . 2008-04-05 22:29 93,248 --a------ C:\WINDOWS\system32\cmvtdyqp.dll
2008-03-29 16:01 . 2008-03-29 16:01 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-18 21:28 . 2008-03-18 21:31 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-18 21:26 . 2008-03-18 22:21 <REP> d-------- C:\Program Files\Guitar Pro 5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-09 17:38 --------- d-----w C:\Program Files\Lx_cats
2008-04-09 14:30 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\OpenOffice.org2
2008-04-09 11:45 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-04-08 21:05 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-04 20:12 --------- d-----w C:\Program Files\Opera
2008-04-04 20:04 --------- d-----w C:\Program Files\Geneatique2007
2008-04-03 20:28 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\LimeWire
2008-03-18 19:29 --------- d-----w C:\Program Files\eMule
2008-03-11 17:31 --------- d-----w C:\Program Files\Azureus
2008-03-11 17:31 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\Azureus
2008-02-22 18:49 --------- d-----w C:\Program Files\Alcohol Soft
2008-02-22 18:40 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-22 18:28 --------- d-----w C:\Program Files\Mvm
2008-02-22 18:28 --------- d-----w C:\Program Files\Borland
2008-02-18 20:29 --------- d-----w C:\Program Files\Total Video Converter
2008-02-14 11:25 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-12 20:26 --------- d-----w C:\Program Files\Protectis
2008-02-12 13:23 6,688 ----a-w C:\WINDOWS\movexe.exe
2008-02-12 12:51 --------- d-----w C:\Program Files\Tracker Software
2008-02-10 23:24 --------- d-----w C:\Program Files\LimeWire
2008-01-28 18:49 30,601 ----a-w C:\Documents and Settings\Administrateur.ORDI\x.exe
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2007-03-25 21:47 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2006-11-11 16:02 359808 b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot@2008-04-09_18.43.29.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-03 21:10:08 53,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\1394bus.sys
+ 2001-08-17 20:06:48 11,264 ----a-w C:\WINDOWS\LastGood\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:28:00 762,780 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3cwmcru.sys
+ 2001-08-23 15:46:44 689,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 ----a-w C:\WINDOWS\LastGood\system32\dllcache\3dfxvsm.sys
+ 2004-08-03 21:00:04 12,288 ----a-w C:\WINDOWS\LastGood\system32\dllcache\4mmdat.sys
+ 2004-08-03 21:10:12 48,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\61883.sys
+ 2001-08-23 15:46:44 38,400 ----a-w C:\WINDOWS\LastGood\system32\dllcache\8514a.dll
+ 2001-08-23 15:46:58 98,304 ----a-w C:\WINDOWS\LastGood\system32\dllcache\a3d.dll
+ 2001-08-23 15:46:58 462,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\a3dapi.dll
+ 2001-08-17 19:52:00 23,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\abp480n5.sys
+ 2004-08-03 20:32:22 231,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97sis.sys
+ 2004-08-03 20:32:32 84,480 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ac97via.sys
+ 2001-08-23 15:46:58 61,952 ----a-w C:\WINDOWS\LastGood\system32\dllcache\acerscad.dll
+ 2001-08-17 19:53:02 7,424 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adm8830.sys
+ 2004-08-19 17:09:19 29,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admexs.dll
+ 2004-08-03 20:32:24 10,880 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admjoy.sys
+ 2002-09-06 20:59:59 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\admxprox.dll
+ 2001-08-17 18:11:16 46,112 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adpu160m.sys
+ 2002-09-06 20:59:59 50,176 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adrot.dll
+ 2004-08-19 14:09:20 4,255 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv01nt5.dll
+ 2004-08-19 14:09:20 3,967 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv02nt5.dll
+ 2004-08-19 14:09:20 3,615 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv05nt5.dll
+ 2004-08-19 14:09:20 3,647 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv07nt5.dll
+ 2004-08-19 14:09:20 3,135 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv08nt5.dll
+ 2004-08-19 14:09:20 3,711 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv09nt5.dll
+ 2004-08-19 14:09:20 3,775 ----a-w C:\WINDOWS\LastGood\system32\dllcache\adv11nt5.dll
+ 2004-08-03 21:07:42 42,368 ----a-w C:\WINDOWS\LastGood\system32\dllcache\agp440.sys
+ 2004-08-03 21:07:44 44,928 ----a-w C:\WINDOWS\LastGood\system32\dllcache\agpcpq.sys
+ 2001-08-17 19:52:02 12,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aha154x.sys
+ 2001-08-17 20:07:36 55,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aic78xx.sys
+ 2001-08-17 18:11:18 27,678 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aliide.sys
+ 2004-08-03 21:07:42 42,752 ----a-w C:\WINDOWS\LastGood\system32\dllcache\alim1541.sys
+ 2001-08-17 18:11:20 16,969 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amb8002.sys
+ 2004-08-03 21:07:44 43,008 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amdagp.sys
+ 2001-08-17 19:52:04 12,032 ----a-w C:\WINDOWS\LastGood\system32\dllcache\amsint.sys
+ 2004-08-03 20:31:20 36,224 ----a-w C:\WINDOWS\LastGood\system32\dllcache\an983.sys
+ 2001-08-17 19:47:22 6,272 ----a-w C:\WINDOWS\LastGood\system32\dllcache\apmbatt.sys
+ 2004-08-19 17:09:19 110,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\appconf.dll
+ 2004-08-19 17:09:19 334,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aqueue.dll
+ 2001-08-17 19:52:00 26,496 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asc3550.sys
+ 2006-12-13 12:52:44 377,344 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asp51.dll
+ 2001-08-17 18:12:34 97,354 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aspndis3.sys
+ 2002-09-06 20:59:59 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aspperf.dll
+ 2002-09-06 20:59:59 29,184 ----a-w C:\WINDOWS\LastGood\system32\dllcache\asptxn.dll
+ 2001-08-23 15:46:44 96,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati.dll
+ 2001-08-23 14:59:32 77,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati.sys
+ 2004-08-03 20:29:30 56,623 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1btxx.sys
+ 2004-08-03 20:29:30 11,615 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1mdxx.sys
+ 2004-08-03 20:29:30 12,047 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1pdxx.sys
+ 2004-08-03 20:29:32 30,671 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1raxx.sys
+ 2004-08-03 20:29:32 63,663 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1rvxx.sys
+ 2004-08-03 20:29:32 26,367 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1snxx.sys
+ 2004-08-03 20:29:32 21,343 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1ttxx.sys
+ 2004-08-03 20:29:32 36,463 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1tuxx.sys
+ 2004-08-03 20:29:32 29,455 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1xbxx.sys
+ 2004-08-03 20:29:32 34,735 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati1xsxx.sys
+ 2004-08-19 14:09:20 229,376 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2cqag.dll
+ 2004-08-19 14:09:20 377,984 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2dvaa.dll
+ 2004-08-19 14:09:20 201,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2dvag.dll
+ 2004-08-19 13:53:40 327,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2mtaa.sys
+ 2004-08-19 13:53:42 701,440 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati2mtag.sys
+ 2004-08-19 14:09:20 870,784 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati3d1ag.dll
+ 2004-08-19 14:09:20 1,888,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atibt829.sys
+ 2001-08-23 15:46:44 382,592 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidrab.dll
+ 2001-08-23 15:46:44 137,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidrae.dll
+ 2001-08-23 15:46:44 268,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atidvai.dll
+ 2001-08-23 15:47:26 37,376 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atievxx.exe
+ 2001-08-23 14:59:36 289,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimpab.sys
+ 2001-08-23 14:59:36 75,392 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimpae.sys
+ 2001-08-23 14:59:38 281,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atimtai.sys
+ 2004-08-03 20:29:28 57,856 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinbtxx.sys
+ 2004-08-03 20:29:30 13,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinmdxx.sys
+ 2004-08-03 20:29:30 14,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinpdxx.sys
+ 2004-08-03 20:29:30 52,224 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinraxx.sys
+ 2004-08-03 20:29:32 104,960 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinrvxx.sys
+ 2004-08-03 20:29:32 28,672 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinsnxx.sys
+ 2004-08-03 20:29:32 13,824 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinttxx.sys
+ 2004-08-03 20:29:32 73,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atintuxx.sys
+ 2004-08-03 20:29:32 31,744 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinxbxx.sys
+ 2004-08-03 20:29:32 63,488 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atinxsxx.sys
+ 2001-08-17 18:49:36 10,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atipcxxx.sys
+ 2001-08-23 15:46:44 104,832 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atiraged.dll
+ 2001-08-23 14:59:40 70,784 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atiragem.sys
+ 2001-08-17 18:49:12 49,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atirtcap.sys
+ 2001-08-17 18:49:18 26,880 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atirtsnd.sys
+ 2001-08-17 18:49:22 17,152 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atitunep.sys
+ 2001-08-17 18:49:28 17,152 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atitvsnd.sys
+ 2001-08-17 18:49:38 9,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativmdcd.sys
+ 2004-08-19 14:09:20 32,768 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativtmxx.dll
+ 2001-08-17 18:49:44 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativttxx.sys
+ 2004-08-19 14:09:20 516,768 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativvaxx.dll
+ 2001-08-17 18:49:48 26,624 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ativxbar.sys
+ 2001-08-17 18:49:34 23,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atixbar.sys
+ 2004-08-19 14:09:22 21,183 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv01nt5.dll
+ 2004-08-19 14:09:22 11,359 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv02nt5.dll
+ 2004-08-19 14:09:22 25,471 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv04nt5.dll
+ 2004-08-19 14:09:22 14,143 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv06nt5.dll
+ 2004-08-19 14:09:22 17,279 ----a-w C:\WINDOWS\LastGood\system32\dllcache\atv10nt5.dll
+ 2002-09-06 20:59:59 9,216 ----a-w C:\WINDOWS\LastGood\system32\dllcache\authfilt.dll
+ 2004-08-03 21:10:12 38,912 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avc.sys
+ 2001-08-17 20:01:12 36,096 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avcaudio.sys
+ 2004-08-03 21:10:00 13,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avcstrm.sys
+ 2001-08-23 15:46:58 87,552 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmcoxp.dll
+ 2001-08-23 15:46:58 144,384 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmenum.dll
+ 2001-08-17 18:13:48 37,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\avmwan.sys
+ 2001-08-17 18:19:16 36,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\aztw2320.sys
+ 2001-08-17 18:13:56 89,952 ----a-w C:\WINDOWS\LastGood\system32\dllcache\b1cbase.sys
+ 2001-08-23 15:00:08 97,248 ----a-w C:\WINDOWS\LastGood\system32\dllcache\b57xp32.sys
+ 2001-08-23 15:46:44 342,336 ----a-w C:\WINDOWS\LastGood\system32\dllcache\banshee.dll
+ 2001-08-17 18:48:28 36,128 ----a-w C:\WINDOWS\LastGood\system32\dllcache\banshee.sys
+ 2001-08-17 19:57:54 14,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\battc.sys
+ 2001-08-17 18:11:28 66,557 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm42u.sys
+ 2001-08-17 18:11:26 54,271 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 18:11:30 26,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcm4e5.sys
+ 2001-08-17 19:28:00 871,388 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bcmdm.sys
+ 2004-08-03 21:10:14 11,776 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bdasup.sys
+ 2001-08-23 15:46:58 105,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\binlsvc.dll
+ 2001-08-23 15:46:58 19,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brbidiif.dll
+ 2001-08-23 15:46:58 9,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brcoinst.dll
+ 2001-08-23 15:46:58 12,800 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brevif.dll
+ 2001-08-17 19:12:22 12,160 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brfiltlo.sys
+ 2001-08-17 19:12:24 3,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brfiltup.sys
+ 2001-08-23 15:46:58 15,360 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfbidi.dll
+ 2001-08-23 15:46:58 81,920 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfcwia.dll
+ 2001-08-23 15:46:58 29,696 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmflpt.dll
+ 2001-08-23 15:47:30 32,256 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfrsmg.exe
+ 2001-08-23 15:46:58 41,472 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brmfusb.dll
+ 2002-09-06 20:59:59 45,568 ----a-w C:\WINDOWS\LastGood\system32\dllcache\browscap.dll
+ 2001-08-17 19:12:24 3,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brparimg.sys
+ 2001-08-23 15:01:54 39,808 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brparwdm.sys
+ 2001-08-23 15:46:58 5,120 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brscnrsm.dll
+ 2001-08-23 15:46:58 9,728 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brserif.dll
+ 2001-08-17 19:12:20 60,416 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brserwdm.sys
+ 2001-08-17 19:12:20 11,008 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brusbmdm.sys
+ 2001-08-17 19:12:22 10,368 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brusbscn.sys
+ 2001-08-17 18:11:24 31,529 ----a-w C:\WINDOWS\LastGood\system32\dllcache\brzwlan.sys
+ 2004-08-03 21:10:40 17,024 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthenum.sys
+ 2004-08-03 21:10:40 38,016 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthmodem.sys
+ 2004-08-03 20:58:40 100,992 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthpan.sys
+ 2004-08-19 13:55:32 274,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthport.sys
+ 2004-08-03 21:10:38 35,456 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthprint.sys
+ 2004-08-03 21:10:36 18,944 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bthusb.sys
+ 2001-08-23 15:02:02 14,080 ----a-w C:\WINDOWS\LastGood\system32\dllcache\bulltlp3.sys
+ 2001-08-23 15:46:58 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_adsiisex.dll
+ 2001-08-23 15:46:58 45,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\EXCH_aqadmin.dll
+ 2003-03-24 13:52:04 147,513 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4apws.dll
+ 2003-03-24 13:52:04 49,210 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4areg.dll
+ 2003-03-24 13:52:04 102,509 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4atxt.dll
+ 2003-03-24 13:52:04 41,020 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avnb.dll
+ 2003-03-24 13:52:04 32,826 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4avss.dll
+ 2003-03-24 13:52:04 49,212 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awebs.dll
+ 2004-05-12 22:39:48 876,653 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp4awel.dll
+ 2002-05-14 11:08:54 14,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98sadm.exe
+ 2002-05-14 11:08:54 109,328 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fp98swin.exe
+ 2003-03-24 13:52:04 188,494 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpcount.exe
+ 2003-03-24 13:52:04 20,541 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpexedll.dll
+ 2004-05-12 22:39:48 598,071 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmc.dll
+ 2003-04-14 18:29:34 217,088 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpmmcsat.dll
+ 2003-03-24 13:52:04 20,538 ----a-w C:\WINDOWS\LastGood\system32\dllcache\fpremadm.exe
+ 2002-09-06 20:59:59 6,144 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ftpsapi2.dll
+ 2004-08-19 17:09:27 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisext51.dll
+ 2004-08-19 17:09:27 64,512 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iismap.dll
+ 2002-09-06 20:59:59 14,848 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisreset.exe
+ 2002-09-06 20:59:59 5,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstap.dll
+ 2004-08-19 17:09:55 31,232 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrstas.exe
+ 2004-08-19 17:09:27 133,632 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisrtl.dll
+ 2002-09-06 20:59:59 173,056 ----a-w C:\WINDOWS\LastGood\system32\dllcache\iisui.dll
+ 2004-08-19 17:09:29 842,240 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.dll
+ 2002-09-06 20:59:59 7,680 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetmgr.exe
+ 2002-09-06 20:59:59 19,968 ----a-w C:\WINDOWS\LastGood\system32\dllcache\inetsloc.dll
+ 2004-08-19 17:09:29 13,312 ----a-w C:\WINDOWS\LastGood\system32\dllcache\infoadmn.dll
+ 2004-08-19 17:09:31 68,608 ----a-w C:\WINDOWS\LastGood\system32\dllcache\isatq.dll
+ 2007-02-28 16:08:15 2,139,648 ----a-w C:\WINDOWS\LastGood\system32\dllcache\ntkrnlmp.exe
+ 2001-08-23 15:46:46 66,048 ----a-w C:\WINDOWS\LastGood\system32\dllcache\s3legacy.dll
+ 2003-03-24 13:52:04 20,536 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.dll
+ 2003-03-24 13:52:04 16,437 ----a-w C:\WINDOWS\LastGood\system32\dllcache\shtml.exe
+ 2004-08-19 17:09:41 189,440 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpadm.dll
+ 2004-08-19 17:09:43 2,134,528 ----a-w C:\WINDOWS\LastGood\system32\dllcache\smtpsnap.dll
+ 2004-08-19 17:09:45 8,192 ----a-w C:\WINDOWS\LastGood\system32\dllcache\staxmem.dll
+ 2003-03-24 13:52:04 32,827 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptest.exe
+ 2003-04-14 18:29:34 16,384 ----a-w C:\WINDOWS\LastGood\system32\dllcache\tcptsat.dll
+ 2002-09-06 20:59:59 7,168 ----a-w C:\WINDOWS\LastGood\system32\dllcache\wamregps.dll
+ 2004-08-19 17:09:27 64,512 -c--a-w C:\WINDOWS\system32\dllcache\iismap.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 19:09 15360]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-28 21:57 68856]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-12-22 09:09 221056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2007-01-23 13:34 53248 C:\WINDOWS\system32\SiSPower.dll]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]

C:\Documents and Settings\Administrateur.ORDI\Menu D‚marrer\Programmes\D‚marrage\
IcoSauve.lnk - C:\WINDOWS\system32\IcoSauve.exe [2007-02-28 15:40:29 112128]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2007-02-28 16:42:24 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^TimeLeft.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\TimeLeft.lnk
backup=C:\WINDOWS\pss\TimeLeft.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^UDPixel.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\UDPixel.lnk
backup=C:\WINDOWS\pss\UDPixel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-02-28 23:06 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-01-15 17:14 147456 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2005-08-01 08:05 94208 C:\Program Files\Lexmark 2300 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]
C:\Program Files\AntivirusFirewall\Common\FSM32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Startup Wizard]
C:\Program Files\AntivirusFirewall\FSGUI\FSSW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB]
C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
C:\Program Files\FlashGet\FlashGet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2007-11-20 21:21 1840128 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2004-12-14 19:57 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2004-12-14 19:51 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
--a------ 2005-07-21 02:07 200704 C:\Program Files\Lexmark 2300 Series\lxcgmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
C:\Program Files\MSN Webcam Recorder\ml20gui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnsyslog]
C:\WINDOWS\msnlogm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\News Service]
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperCopier2.exe]
--a------ 2006-07-07 18:45 1052672 C:\Program Files\SuperCopier2\SuperCopier2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-03-28 21:57 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 02:08]
S2 BackWeb Plug-in - 6588780;Antivirus Firewall;C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE []
S2 Ca536av;Icatch(VII) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca536av.sys []
S2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys []
S2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys []
S2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys []
S3 GoogleDesktopManager-091907-194040;Google Desktop Manager 5.1.709.19590;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-20 21:21]
S3 USBCamera;Icatch(VII) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk536.sys []
S3 XDva009;XDva009;C:\WINDOWS\system32\XDva009.sys []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-05-17 08:04:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-10 19:45:00
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-10 19:50:14
ComboFix-quarantined-files.txt 2008-04-10 17:50:04
ComboFix2.txt 2008-04-09 16:44:28
Pre-Run: 10,280,837,120 octets libres
Post-Run: 10,230,370,304 octets libres
.
2008-04-08 22:44:27 --- E O F ---

et : Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07:07, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.aliceadsl.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Unknown owner - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE (file missing)
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

--
End of file - 7512 bytes

Re,

Je te réponds demain  

Bonne nuit  

merci, bonne nuit à toi aussi  

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

 

Salut,
Je le ferais cet après midi, j'ai essayé de le faire hier mais c'était long  

Re,

Oki pas de souci, pense bien à cliquer sur "supprimer la sélection".

 

Bonjour   désolé pour le retard

alors voilà le rapport (par contre j'ai un problème au démarrage, une fenetre "protection de fichiers windows" apparait, c'est normal docteur ?? encore merci Merillym

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 237035
Temps écoulé: 5 hour(s), 9 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 92

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\bthrxajb.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ccpjpkbs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ckwlrjor.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ejuujufc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ffiirxnw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\idtlfdyw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jslldueo.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kteshflq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lxkufxkr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vpggyjni.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\xaolcqff.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\yiyrutjr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092711.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092713.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092719.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092720.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092722.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092724.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092725.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092727.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092731.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092734.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092737.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092738.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092741.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092742.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092743.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092747.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092758.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092766.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092769.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092772.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092776.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092780.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092785.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092788.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092793.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092795.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092796.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092798.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092802.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092803.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092812.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092814.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092817.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092825.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097196.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097303.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099507.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099511.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099512.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099521.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099524.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099530.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109148.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109150.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109151.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109157.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109172.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109179.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109182.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109189.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109217.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109221.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109232.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP176\A0119969.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\cvalgfir.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\fbkhfnww.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\fsxsumwm.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\mnoxdgjs.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\qcrfumuq.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\ybraokoi.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aforjuqt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atdvmnhn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bqwdydil.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cmvtdyqp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dmvbiuys.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dviubyrv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ejeydghv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\flqvnryb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lhsshsbt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oieurlpm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\owfagmls.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qoowvteq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qqxyivaa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rsydayfu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\syjxqkwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tcbpfbum.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vqyttbwf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wrnkwxdg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Re,

Télécharge ce programme puis double clic dessus (ferme ton antivirus s'il te détecte quoi que ce soit)
http://www.suspectfile.com/systemscan/

-Coche uniquement cette case, décoche tout le reste :

-Recent Files, 30 days

Puis clic sur scan now, soit patient.
Une fois qu'il aura terminé, un rapport va s'ouvrir, copie et colle son contenu ici et vérifie qu'il soit bien en entier, si besoin crée deux messages.

 

Je croyais que ça allait durer une plombe, et au final ça a duré 2 secondes  

SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe
Running in: User mode
Date: 15/04/2008
Time: 21:00:41

Output limited to:
-Recent files

===================== RECENT FILES =====================

Showing files newer than 30 days

----- recent files in C:\
03/04/2008 19:39:36 19318 byte 12 days old -- lxcgscan.log
08/04/2008 15:25:04 3951 byte 7 days old -- Start_.cmd
09/04/2008 01:31:09 (DIR) 0 byte 6 days old -- VundoFix Backups
09/04/2008 04:30:49 (DIR) 0 byte 6 days old -- 327882R2FWJFW
09/04/2008 19:20:24 5531 byte 6 days old -- VundoFix.txt
10/04/2008 19:50:15 37318 byte 5 days old -- ComboFix.txt
10/04/2008 19:50:16 (DIR) 0 byte 5 days old -- QooBox
11/04/2008 02:22:01 (DIR) 0 byte 4 days old -- RECYCLER
11/04/2008 19:32:43 (DIR) 0 byte 4 days old -- Program Files
14/04/2008 03:42:57 (DIR) 0 byte 1 days old -- Config.Msi
15/04/2008 12:09:13 704643072 byte 0 days old -- pagefile.sys
15/04/2008 12:09:14 (DIR)469291008 byte 0 days old -- hiberfil.sys
15/04/2008 12:09:41 (DIR) 0 byte 0 days old -- WINDOWS

----- recent files in C:\WINDOWS\
18/03/2008 22:21:06 (DIR) 0 byte 28 days old -- Fonts
28/03/2008 13:10:06 (DIR) 0 byte 18 days old -- Network Diagnostic
04/04/2008 22:03:32 (DIR) 0 byte 11 days old -- twain_32
04/04/2008 22:03:33 (DIR) 0 byte 11 days old -- SETUP536
08/04/2008 23:36:41 (DIR) 0 byte 7 days old -- ERUNT
08/04/2008 23:59:01 (DIR) 0 byte 7 days old -- msagent
09/04/2008 00:44:26 81952 byte 6 days old -- WgaNotify.log
09/04/2008 17:06:49 71072 byte 6 days old -- BM0fddfe9c.txt
09/04/2008 18:24:56 (DIR) 0 byte 6 days old -- erdnt
09/04/2008 22:23:21 (DIR) 0 byte 6 days old -- Prefetch
10/04/2008 19:44:55 227 byte 5 days old -- system.ini
10/04/2008 19:50:19 53248 byte 5 days old -- PSEXESVC.EXE
14/04/2008 03:18:44 1462 byte 1 days old -- win.ini
14/04/2008 03:41:44 (DIR) 0 byte 1 days old -- WinSxS
14/04/2008 03:42:37 (DIR) 0 byte 1 days old -- Installer
14/04/2008 18:22:02 (DIR) 0 byte 1 days old -- Microsoft.NET
14/04/2008 18:24:42 (DIR) 0 byte 1 days old -- assembly
14/04/2008 21:10:56 172976 byte 1 days old -- wmsetup.log
14/04/2008 23:03:34 32542 byte 1 days old -- SchedLgU.Txt
15/04/2008 04:17:39 9714382 byte 0 days old -- ntbtlog.txt
15/04/2008 12:05:32 (DIR) 0 byte 0 days old -- system32
15/04/2008 12:09:15 2048 byte 0 days old -- bootstat.dat
15/04/2008 12:09:32 159 byte 0 days old -- wiadebug.log
15/04/2008 12:09:33 313 byte 0 days old -- wiaservc.log
15/04/2008 12:09:33 0 byte 0 days old -- 0.log
15/04/2008 12:09:42 (DIR) 0 byte 0 days old -- LastGood
15/04/2008 12:09:42 487450 byte 0 days old -- setupapi.log
15/04/2008 12:09:42 (DIR) 0 byte 0 days old -- inf
15/04/2008 14:43:45 (DIR) 0 byte 0 days old -- TEMP
15/04/2008 16:52:38 69 byte 0 days old -- NeroDigital.ini
15/04/2008 17:17:54 2044126 byte 0 days old -- WindowsUpdate.log

----- recent files in C:\WINDOWS\Downloaded Program Files\

----- recent files in C:\WINDOWS\system\

----- recent files in C:\WINDOWS\system32\
18/03/2008 21:31:25 37888 byte 28 days old -- rar.exe
19/03/2008 19:39:14 1403480 byte 27 days old -- FNTCACHE.DAT
29/03/2008 16:01:18 (DIR) 0 byte 17 days old -- LogFiles
31/03/2008 11:32:39 2228 byte 15 days old -- wpa.dbl
05/04/2008 22:29:19 91200 byte 10 days old -- cfywlpnp.dll
05/04/2008 22:29:21 91200 byte 10 days old -- eerwcyka.dll
05/04/2008 22:29:21 91200 byte 10 days old -- ewqnkwsm.dll
05/04/2008 22:29:21 90688 byte 10 days old -- dunxogbj.dll
05/04/2008 22:29:22 90688 byte 10 days old -- fvykbxxa.dll
05/04/2008 22:29:22 90688 byte 10 days old -- goarahql.dll
05/04/2008 22:29:23 90688 byte 10 days old -- iufracgb.dll
05/04/2008 22:29:23 90688 byte 10 days old -- isqdnecv.dll
05/04/2008 22:29:23 91712 byte 10 days old -- kqekgxbe.dll
05/04/2008 22:29:23 91712 byte 10 days old -- jandmcnf.dll
05/04/2008 22:29:23 92224 byte 10 days old -- himdfben.dll
05/04/2008 22:29:23 91200 byte 10 days old -- hydtwgpb.dll
05/04/2008 22:29:24 91712 byte 10 days old -- mfsmjhre.dll
05/04/2008 22:29:24 91200 byte 10 days old -- mgpwfnuf.dll
05/04/2008 22:29:25 91712 byte 10 days old -- nyqmhuhq.dll
05/04/2008 22:29:25 91712 byte 10 days old -- qajsrwnh.dll
05/04/2008 22:29:25 91200 byte 10 days old -- pflwevhw.dll
05/04/2008 22:29:25 91712 byte 10 days old -- nenuaovf.dll
05/04/2008 22:29:27 93248 byte 10 days old -- vqncdcyi.dll
05/04/2008 22:29:28 91712 byte 10 days old -- xhpxlafo.dll
07/04/2008 17:34:42 3072 byte 8 days old -- CONFIG.NT
09/04/2008 18:26:04 (DIR) 0 byte 6 days old -- config
12/04/2008 14:15:20 (DIR) 0 byte 3 days old -- drivers
14/04/2008 03:41:57 1039354 byte 1 days old -- PerfStringBackup.INI
14/04/2008 03:41:57 85152 byte 1 days old -- perfc00C.dat
14/04/2008 03:41:57 71154 byte 1 days old -- perfc009.dat
14/04/2008 03:41:57 491694 byte 1 days old -- perfh00C.dat
14/04/2008 03:41:57 423718 byte 1 days old -- perfh009.dat
14/04/2008 23:06:40 (DIR) 0 byte 1 days old -- dllcache
15/04/2008 12:09:39 (DIR) 0 byte 0 days old -- CatRoot2

----- recent files in C:\WINDOWS\system32\drivers\
09/04/2008 18:27:52 (DIR) 0 byte 6 days old -- etc

----- recent files in C:\WINDOWS\temp\
12/04/2008 22:25:01 3365002 byte 3 days old -- SPL125E.tmp
14/04/2008 03:38:57 2 byte 1 days old -- dd_dotnetfx20error.txt
14/04/2008 03:39:13 21420 byte 1 days old -- dd_depcheck_NETFX20_EXP_35.txt
14/04/2008 03:41:58 5158 byte 1 days old -- ASPNETSetup_00000.log
14/04/2008 03:42:57 10436056 byte 1 days old -- dd_NET_Framework20_Setup01B2.txt
14/04/2008 03:43:11 69824 byte 1 days old -- uxeventlog.txt
14/04/2008 03:43:11 134100 byte 1 days old -- dd_dotnetfx20install.txt
14/04/2008 20:21:15 131187 byte 1 days old -- SPL1D0.tmp
15/04/2008 12:09:18 255 byte 0 days old -- WGAErrLog.txt

----- recent files in C:\Program Files\
18/03/2008 22:21:10 (DIR) 0 byte 28 days old -- Guitar Pro 5
04/04/2008 22:04:20 (DIR) 0 byte 11 days old -- Geneatique2007
04/04/2008 22:12:48 (DIR) 0 byte 11 days old -- Opera
08/04/2008 17:14:03 (DIR) 0 byte 7 days old -- Trend Micro
08/04/2008 23:59:01 (DIR) 0 byte 7 days old -- netmeeting
09/04/2008 00:05:42 (DIR) 0 byte 6 days old -- Windows Media Player
09/04/2008 18:24:47 (DIR) 0 byte 6 days old -- Fichiers communs
11/04/2008 19:31:13 (DIR) 0 byte 4 days old -- Common Files
11/04/2008 19:32:48 (DIR) 0 byte 4 days old -- Malwarebytes' Anti-Malware
14/04/2008 03:40:40 (DIR) 0 byte 1 days old -- Internet Explorer
15/04/2008 01:01:14 (DIR) 0 byte 0 days old -- BitLord
15/04/2008 14:43:45 (DIR) 0 byte 0 days old -- Lx_cats
15/04/2008 18:41:46 (DIR) 0 byte 0 days old -- Mozilla Firefox
15/04/2008 20:05:22 (DIR) 0 byte 0 days old -- eMule

----- recent files in C:\Program Files\Fichiers communs\

----- recent files in C:\Documents and Settings\Administrateur.ORDI\Application Data\
03/04/2008 22:28:57 (DIR) 0 byte 12 days old -- LimeWire
11/04/2008 19:33:04 (DIR) 0 byte 4 days old -- Malwarebytes
12/04/2008 15:42:24 (DIR) 0 byte 3 days old -- Adobe
15/04/2008 14:05:47 (DIR) 0 byte 0 days old -- OpenOffice.org2

----- recent files in C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\
10/04/2008 21:13:58 (DIR) 0 byte 5 days old -- plugtmp-2
10/04/2008 23:27:34 16384 byte 5 days old -- ~DF61C4.tmp
11/04/2008 00:08:08 (DIR) 0 byte 4 days old -- plugtmp
11/04/2008 02:07:21 (DIR) 0 byte 4 days old -- plugtmp-1
11/04/2008 17:24:39 5173 byte 4 days old -- TFR20A.tmp
11/04/2008 19:30:16 (DIR) 0 byte 4 days old -- DRDld
11/04/2008 19:37:02 311296 byte 4 days old -- ~DF1B1E.tmp
12/04/2008 03:12:14 (DIR) 0 byte 3 days old -- plugtmp-3
12/04/2008 15:24:37 156 byte 3 days old -- Twunk001.MTX
12/04/2008 15:24:37 0 byte 3 days old -- Twunk002.MTX
12/04/2008 15:24:48 1493 byte 3 days old -- TWAIN.LOG
12/04/2008 15:24:48 2 byte 3 days old -- Twain001.Mtx
12/04/2008 15:25:41 18537 byte 3 days old -- 20061025110315-300px-john-frusciante-1-.jpg
12/04/2008 15:25:42 18537 byte 3 days old -- 20061025110315-300px-john-frusciante-1--1.jpg
12/04/2008 15:42:25 691 byte 3 days old -- alm.log
12/04/2008 15:42:25 2274 byte 3 days old -- amt.log
12/04/2008 20:31:43 (DIR) 0 byte 3 days old -- plugtmp-4
12/04/2008 22:11:00 28513 byte 3 days old -- le_gang.gp4
12/04/2008 23:32:02 (DIR) 0 byte 3 days old -- plugtmp-5
12/04/2008 23:33:35 5448 byte 3 days old -- 1683820220_small.jpg
13/04/2008 18:10:16 512 byte 2 days old -- ~DF86C0.tmp
13/04/2008 18:10:16 262144 byte 2 days old -- ~DF866D.tmp
13/04/2008 18:10:22 512 byte 2 days old -- ~DF9692.tmp
13/04/2008 18:10:22 262144 byte 2 days old -- ~DF95F2.tmp
13/04/2008 22:50:17 4779 byte 2 days old -- Lennon, Julian - Salt Water.gp4
13/04/2008 22:50:53 1958 byte 2 days old -- Lennon, John - Working Class Hero.zip
13/04/2008 23:06:15 11545 byte 2 days old -- 6918.gp3
14/04/2008 00:21:03 (DIR) 0 byte 1 days old -- plugtmp-6
14/04/2008 00:22:59 0 byte 1 days old -- 7nbFB.tmp
14/04/2008 03:01:34 (DIR) 0 byte 1 days old -- plugtmp-7
14/04/2008 03:03:16 0 byte 1 days old -- 3c11F3.tmp
14/04/2008 03:06:39 524288 byte 1 days old -- ~DFB11D.tmp
14/04/2008 03:14:56 3099 byte 1 days old -- Lynyrd Skynyrd - Sweet Home Alabama (2).zip
14/04/2008 03:17:55 0 byte 1 days old -- 3sv202.tmp
14/04/2008 03:18:11 0 byte 1 days old -- cxb203.tmp
14/04/2008 03:19:38 0 byte 1 days old -- nwo204.tmp
14/04/2008 14:44:36 (DIR) 0 byte 1 days old -- plugtmp-8
14/04/2008 20:59:48 (DIR) 0 byte 1 days old -- plugtmp-9
14/04/2008 22:55:32 (DIR) 0 byte 1 days old -- MessengerCache
15/04/2008 12:09:24 (DIR) 0 byte 0 days old -- WPDNSE
15/04/2008 12:14:21 6168 byte 0 days old -- jusched.log
15/04/2008 14:43:20 (DIR) 0 byte 0 days old -- audacity_1_2_temp
15/04/2008 15:11:22 (DIR) 0 byte 0 days old -- flashgot.6lumh0y1.default
15/04/2008 17:05:16 (DIR) 0 byte 0 days old -- plugtmp-10
15/04/2008 18:41:08 6597 byte 0 days old -- LVCOMSX.LOG
15/04/2008 20:00:42 72 byte 0 days old -- 0093624745020-01_03.ram
15/04/2008 20:53:49 (DIR) 0 byte 0 days old -- plugtmp-11
15/04/2008 20:59:25 65 byte 0 days old -- systemscan.ini
15/04/2008 20:59:26 16384 byte 0 days old -- ~DFC86F.tmp
15/04/2008 20:59:26 16384 byte 0 days old -- ~DFC86A.tmp
15/04/2008 20:59:26 (DIR) 0 byte 0 days old -- nsc2D0.tmp
15/04/2008 20:59:26 (DIR) 0 byte 0 days old -- nsc2CF.tmp

==========================================
Scan completed in 0 minutes
End of report


~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
SystemScan uses some freeware tools that remain property of their authors:

* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
* dumphive (Markus Stephany)--> "Registry scan"
* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

Thanks to all of them for their hard work

Re,

Il y a quelque chose de bizarre... J'ai l'impression que tu t'es fait réinfecter entre temps. As-tu bien supprimé tous les cracks présents sur ton PC ? As-tu bien fait attention à ne pas relancer un cracks et/ou un fichier de p22 ?

Bon, on va vérifier quelque chose. Refais un combofix normal et poste-moi le rapport. Fais bien attention à me poster le rapport du dernier scan effectué avec combofix.

Bonne nuit, à demain  

Re,
ben lorsque j'ai réutilisé photoshop, mon PC s'est vraiment ralenti tout d'un coup, ça pourrait être du à ça ?? Le problème c'est que je ne sais pas où sont les fichiers crackés, il y en a tellement :s
Bonne nuit, à demain  

Supprime les tous si tu veux espérer te débarrasser de ce trojan vundo ( une vraie plaie ! ).

Avant de faire un combofix, tu vas d'abord me faire ce scan en ligne.

Fais un scan en linge avec BitDefender, avec internet explorer ! Sauvegarde tes musiques et photos, il arrive que BitDefender les supprime  

http://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

Tutorial en image : http://forum.pcastuces.com/sujet.asp?f=25&s=31584

Poste-moi le rapport en entier  

Bonne nuit, à demain  

Et il n'y a que les cracks qui peuvent être infectés, ou même des fichiers mp3 et des films par exemple ??
Je fais le scan maintenant  
Bonne nuit  

Re,

J'attends le rapport de BitDefender  

Re  
voilà :

<HTML>
<HEAD>
<TITLE>BitDefender Online Scanner - Rapport d'analyse</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >


<table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
<tr>
<td width="458">
<p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender Online Scanner</b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>
<tr>
<td colspan="3" width="912">
<p><font face="Arial"><span style="font-size:11pt;"><B>Rapport d'analyse généré à: Wed, Apr 16, 2008 - 01:25:30</b></span></font></p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B>Voie d'analyse: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;</span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Statistiques</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Temps</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">00:59:24</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">83597</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Directoires</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">14527</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Secteurs de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">3</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">761</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">3801</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>



<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Résultats</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Virus identifiés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">42</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers infectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">148</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers suspects</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Désinfectés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">0</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Fichiers effacés</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">148</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Info sur les moteurs</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Définition virus</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">1144398</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Version des moteurs</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">16</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Archive des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">41</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Unpack des plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">7</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">E-mail plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">6</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Système plugins</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">5</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td width="458">
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="451" colspan="2" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Paramètres d'analyse</b></font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Première action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Désinfecté</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Seconde Action</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Heuristique</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Acceptez les avertissements</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Extensions analysées</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas;</font></p>
</td>
</tr>

<tr>
<td width="57%">
<p><font face="Arial" size="2">Excludez les extensions</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2"> </font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse d'emails</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des Archives</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyser paquets programmes</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse des fichiers</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">Analyse de boot</font></p>
</td>
<td width="43%" align="right">
<p><font face="Arial" size="2">Oui</font></p>
</td>
</tr>
</table>
</td>
<td width="40%">
<p> </p>
</td>
<td width="10%">
<p> </p>
</td>
</tr>

<tr>
<td colspan=2>  
<table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
<tr>
<td width="252" bgcolor="#CCCCCC">
<p><font face="Arial" size="2"><B>Fichier analysé</b></font></p>
</td>
<td width="195" bgcolor="#CCCCCC" align="right">
<p align="left"><b><font size="2" face="Arial"> Statut</font></b></p>
</td>
</tr>
<tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe=>(NSIS o)=>zlib_nsis0011</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: DeepScan:Generic.Zlob.38B68927</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe=>(NSIS o)=>zlib_nsis0011</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe=>(NSIS o)=>zlib_nsis0011</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la mise à jour</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088859.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.DVS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088859.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088859.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088875.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.DVS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088875.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088875.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088898.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EDV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088898.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088915.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIK</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088915.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088936.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIK</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP166\A0088936.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0089015.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEP</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0089015.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0089028.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.DVS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0089028.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0089028.ini</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0090025.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0090025.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0090026.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0090026.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091025.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091025.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091057.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091057.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091071.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091071.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091072.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP167\A0091072.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092282.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFJ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092282.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092292.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092292.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092310.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092310.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092331.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFQ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP168\A0092331.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092393.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFY</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092393.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092410.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFY</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092410.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092421.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EDO</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP169\A0092421.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092710.exe=>(NSIS o)=>lzma_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Comet.C.1.A</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092710.exe=>(NSIS o)=>lzma_nsis0001</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092710.exe=>(NSIS o)</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la mise à jour</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092712.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092712.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092716.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092716.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092723.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092723.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092726.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.GI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092726.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092728.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092728.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092729.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092729.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092730.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.GI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092730.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092732.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFJ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092732.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092735.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092735.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092740.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092740.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092744.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092744.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092745.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEQ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092745.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092746.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIK</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092746.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092749.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092749.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092750.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092750.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092754.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEP</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092754.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092755.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EER</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092755.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092756.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092756.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092757.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092757.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092759.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092759.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092760.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EDT</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092760.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092768.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092768.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092773.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092773.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092779.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092779.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092786.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGS</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092786.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092791.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EES</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092791.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092797.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFQ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092797.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092799.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGE</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092799.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092800.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092800.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092801.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEQ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092801.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092808.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092808.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092810.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092810.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092813.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EDU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092813.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092816.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092816.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092820.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092820.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092821.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092821.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092822.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092822.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092824.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092824.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092827.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP172\A0092827.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0096192.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0096192.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097192.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097192.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097197.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Clickspring.R</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097197.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097198.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Agent.AHAU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097198.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097199.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Agent.AHBI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097199.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097199.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097298.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Agent.AHBI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097298.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097298.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097301.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Agent.AHAU</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097301.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097302.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Agent.AHBI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097302.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Echec de la désinfection</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097302.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097304.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Clickspring.R</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP174\A0097304.exe</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099505.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099505.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099506.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFB</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099506.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099508.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EEF</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099508.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099516.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099516.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099528.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099528.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099531.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFV</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0099531.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0101118.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0101118.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109131.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EGM</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109131.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109152.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.GI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109152.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109153.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Détecté avec: Adware.Virtumonde.GIL</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109153.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109154.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.GI</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109154.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109155.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Infecté par: Trojan.Vundo.EFJ</font></p>
</td>
</tr><tr>
<td width="57%">
<p><font face="Arial" size="2">C:\System Volume Information\_restore{6D711132-397B-4A55-913E-7B5AEFC9E608}\RP175\A0109155.dll</font></p>
</td>
<td width="43%" align="left">
<p><font face="Arial" size="2">Supprimé</font></p>
</td>
</tr><tr>
<td width="5

Re,

Bien !

As-tu bien supprimé tous els cracks présents sur ton PC ? En gros ce sont tous tes logiciels, fichiers etc... acquis "sans payer" pour ne pas dire illégalement  

Fais maintenant un nouveau scan avec combofix et poste-moi le rapport généré.

 

Re,  
Alors j'ai fais le tri dans mon PC, j'ai supprimé tous les cracks, en esperant ne pas en avoir oublié...

Voilà le rapport :
ComboFix 08-04-08.10 - monstrum 2008-04-16 16:33:10.3 - NTFSx86
Endroit: C:\Documents and Settings\Administrateur.ORDI\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\dunxogbj.dll
C:\WINDOWS\system32\goarahql.dll
C:\WINDOWS\system32\jandmcnf.dll
C:\WINDOWS\system32\kqekgxbe.dll
C:\WINDOWS\system32\mfsmjhre.dll
C:\WINDOWS\system32\nenuaovf.dll
C:\WINDOWS\system32\nyqmhuhq.dll
C:\WINDOWS\system32\qajsrwnh.dll
C:\WINDOWS\system32\xhpxlafo.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-03-16 to 2008-04-16 ))))))))))))))))))))))))))))))))))))
.

2008-04-16 14:10 . 2008-04-16 14:10 <REP> d-------- C:\WINDOWS\LastGood
2008-04-16 00:19 . 2008-04-16 01:25 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-11 19:33 . 2008-04-11 19:33 <REP> d-------- C:\Documents and Settings\Administrateur.ORDI\Application Data\Malwarebytes
2008-04-11 19:32 . 2008-04-11 19:32 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-11 19:32 . 2008-04-11 19:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-04-09 00:49 . 2008-04-09 01:31 <REP> d-------- C:\VundoFix Backups
2008-04-09 00:19 . 2001-08-17 21:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2008-04-09 00:18 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2008-04-09 00:17 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2008-04-09 00:16 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2008-04-09 00:15 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-04-09 00:14 . 2004-08-19 16:09 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2008-04-09 00:13 . 2004-08-19 16:09 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll
2008-04-09 00:12 . 2001-08-23 17:03 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2008-04-09 00:11 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys
2008-04-09 00:10 . 2004-08-19 16:09 154,112 --a--c--- C:\WINDOWS\system32\dllcache\irftp.exe
2008-04-09 00:09 . 2004-08-19 16:09 702,845 --a--c--- C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-04-09 00:08 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2008-04-09 00:07 . 2001-08-23 17:16 630,016 --a--c--- C:\WINDOWS\system32\dllcache\eqn.sys
2008-04-09 00:06 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2008-04-09 00:05 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys
2008-04-09 00:04 . 2001-08-23 17:03 715,466 --a--c--- C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2008-04-09 00:03 . 2001-08-17 21:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2008-04-09 00:02 . 2004-08-19 16:09 1,888,992 --a--c--- C:\WINDOWS\system32\dllcache\ati3duag.dll
2008-04-09 00:01 . 2001-08-17 21:28 762,780 --a--c--- C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-04-09 00:00 . 2004-05-13 01:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\OLD4D.tmp
2008-04-08 23:59 . 2008-04-08 23:59 <REP> d-------- C:\WINDOWS\msagent
2008-04-08 23:36 . 2008-04-08 23:36 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-08 17:14 . 2008-04-08 17:14 <REP> d-------- C:\Program Files\Trend Micro
2008-03-29 16:01 . 2008-03-29 16:01 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-03-18 21:28 . 2008-03-18 21:31 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-03-18 21:26 . 2008-03-18 22:21 <REP> d-------- C:\Program Files\Guitar Pro 5

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-16 14:32 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\OpenOffice.org2
2008-04-16 14:31 --------- d-----w C:\Program Files\Lx_cats
2008-04-16 00:04 --------- d-----w C:\Program Files\eMule
2008-04-15 22:06 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-15 20:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-04-14 23:01 --------- d-----w C:\Program Files\BitLord
2008-04-11 17:31 --------- d-----w C:\Program Files\Common Files
2008-04-08 21:05 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-04-04 20:12 --------- d-----w C:\Program Files\Opera
2008-04-04 20:04 --------- d-----w C:\Program Files\Geneatique2007
2008-04-03 20:28 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\LimeWire
2008-03-11 17:31 --------- d-----w C:\Program Files\Azureus
2008-03-11 17:31 --------- d-----w C:\Documents and Settings\Administrateur.ORDI\Application Data\Azureus
2008-02-22 18:49 --------- d-----w C:\Program Files\Alcohol Soft
2008-02-22 18:40 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-22 18:28 --------- d-----w C:\Program Files\Mvm
2008-02-22 18:28 --------- d-----w C:\Program Files\Borland
2008-02-18 20:29 --------- d-----w C:\Program Files\Total Video Converter
2008-02-12 13:23 6,688 ----a-w C:\WINDOWS\movexe.exe
2008-01-28 18:49 30,601 ----a-w C:\Documents and Settings\Administrateur.ORDI\x.exe
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,744 --sh--r C:\WINDOWS\system32\msfDX.dll
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-03-25 21:47 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2007-03-25 21:47 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2006-11-11 16:02 359808 b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((( snapshot_2008-04-10_19.49.46,36 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-07-18 17:39:15 68,608 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-04-14 01:41:26 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2007-07-18 17:39:24 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2008-04-14 01:41:36 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2007-07-18 17:39:24 4,308,992 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-04-14 01:41:05 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2007-07-18 17:39:26 482,304 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-04-14 01:41:39 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2007-07-18 17:39:22 2,902,016 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2008-04-14 01:41:16 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2007-07-18 17:39:09 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2008-04-14 01:41:44 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2007-07-18 17:39:09 114,176 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2008-04-14 01:41:44 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2007-07-18 17:39:30 260,096 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-04-14 01:41:37 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2007-07-18 17:39:18 5,156,864 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-04-14 01:41:13 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2007-07-18 17:39:14 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2008-04-14 01:41:23 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2007-07-18 17:39:08 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-04-14 01:41:14 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2007-07-18 17:39:11 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2008-04-14 01:41:25 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2007-07-18 17:39:23 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2008-04-14 01:41:30 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2007-07-18 17:39:23 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2008-04-14 01:41:32 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2007-07-18 17:39:24 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2008-04-14 01:41:33 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2007-07-18 17:39:12 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2008-04-14 01:41:45 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2007-07-18 17:39:12 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2008-04-14 01:41:46 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2007-07-18 17:39:13 647,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2008-04-14 01:41:48 655,360 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2007-07-18 17:39:14 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2008-04-14 01:41:49 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2007-07-18 17:39:12 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2008-04-14 01:41:33 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2007-07-18 17:39:32 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-04-14 01:41:31 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2007-07-18 17:39:32 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2008-04-14 01:41:29 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2007-07-18 17:39:06 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2008-04-14 01:41:40 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2007-07-18 17:39:31 667,648 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2008-04-14 01:41:29 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2007-07-18 17:39:32 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2008-04-14 01:41:09 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2007-07-18 17:39:08 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-04-14 01:41:42 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2007-07-18 17:39:07 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2008-04-14 01:41:28 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2007-07-18 17:39:08 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2008-04-14 01:41:27 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2007-07-18 17:39:28 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2008-04-14 01:41:34 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2007-07-18 17:39:15 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2008-04-14 01:41:35 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2007-07-18 17:39:29 413,696 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2008-04-14 01:41:15 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2007-07-18 17:39:27 716,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2008-04-14 01:41:17 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2007-07-18 17:39:10 888,832 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2008-04-14 01:41:18 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2007-07-18 17:39:22 5,001,216 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2008-04-14 01:41:50 5,070,848 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2007-07-18 17:39:17 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2008-04-14 01:41:47 188,416 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2007-07-18 17:39:16 397,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2008-04-14 01:41:23 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2007-07-18 17:39:17 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2008-04-14 01:41:41 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2007-07-18 17:39:30 577,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2008-04-14 01:41:09 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2007-07-18 17:39:27 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2008-04-14 01:41:43 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2007-07-18 17:39:30 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2008-04-14 01:41:41 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2007-07-18 17:39:27 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2008-04-14 01:41:38 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2007-07-18 17:39:28 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-04-14 01:41:37 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2007-07-18 17:39:14 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2008-04-14 01:41:10 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2007-07-18 17:39:17 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2008-04-14 01:41:11 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2007-07-18 17:39:31 835,584 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2008-04-14 01:41:21 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2007-07-18 17:39:19 86,016 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2008-04-14 01:41:22 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2007-07-18 17:39:19 823,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2008-04-14 01:41:20 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2007-07-18 17:39:20 5,152,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2008-04-14 01:41:24 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2007-07-18 17:39:20 2,027,520 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2008-04-14 01:41:12 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2007-07-18 17:39:29 2,940,928 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-14 01:41:19 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2008-04-14 16:22:09 27,136 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll
+ 2008-04-14 16:22:17 884,736 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll
+ 2008-04-14 16:22:20 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll
+ 2008-04-14 16:22:18 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe
+ 2008-04-14 16:22:24 876,544 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll
+ 2008-04-14 16:22:25 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll
+ 2008-04-14 16:22:33 1,695,744 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll
+ 2008-04-14 16:22:34 167,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll
+ 2008-04-14 16:22:43 1,056,768 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\0a689dfc7efa3305a9b38ecea1bde867\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2008-04-14 16:22:43 33,792 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\13ce05082a6d47918a8f800ac73feecf\Microsoft.PowerShell.Commands.Utility.resources.ni.dll
+ 2008-04-14 16:22:38 21,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1665b51234d77b96eff1a7143897f17c\Microsoft.PowerShell.Commands.Management.resources.ni.dll
+ 2008-04-14 16:22:48 176,128 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1f92ba5b0eb2009ced69ac221cbfe0ca\Microsoft.PowerShell.Security.ni.dll
+ 2008-04-14 16:22:37 520,192 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\47b91fae323d79d3371c184390375bf1\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2008-04-14 16:22:49 18,944 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\54242ec15752bd983708ea1b531f4a3e\Microsoft.PowerShell.Security.resources.ni.dll
+ 2008-04-14 16:22:47 39,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\794bc0023130d1d66161d4c7f76270dc\Microsoft.PowerShell.ConsoleHost.resources.ni.dll
+ 2008-04-14 16:22:46 548,864 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\dcf6054c13f72a8ce232d1e7206bdfa0\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2008-04-14 16:22:55 1,740,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll
+ 2008-04-14 12:04:00 11,722,752 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll
+ 2008-04-14 16:22:59 1,011,712 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll
+ 2008-04-14 12:05:10 7,049,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll
+ 2008-04-14 16:23:03 1,798,144 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll
+ 2008-04-14 12:06:02 10,969,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll
+ 2008-04-14 16:23:07 1,224,704 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll
+ 2008-04-14 16:23:10 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll
+ 2008-04-14 12:06:13 229,376 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll
+ 2008-04-14 12:06:11 1,667,072 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll
+ 2008-04-14 16:23:13 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll
+ 2008-04-14 16:23:13 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll
+ 2008-04-14 16:23:32 204,800 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management.A#\3e06e49494455f225a7fed21cb68e27f\System.Management.Automation.resources.ni.dll
+ 2008-04-14 16:23:31 5,230,592 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management.A#\8ad8e484b0d467876bf75bb5509b45fa\System.Management.Automation.ni.dll
+ 2008-04-14 16:23:35 733,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll
+ 2008-04-14 16:23:37 233,472 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll
+ 2008-04-14 16:23:39 679,936 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll
+ 2008-04-14 16:24:32 2,342,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll
+ 2008-04-14 16:24:34 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll
+ 2008-04-14 16:24:41 1,986,560 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll
+ 2008-04-14 16:24:20 12,509,184 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll
+ 2008-04-14 12:07:00 13,193,216 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll
+ 2008-04-14 12:07:15 5,771,264 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll
+ 2008-04-14 12:04:45 8,265,728 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll
+ 2008-04-15 22:20:26 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-04-15 22:20:26 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-04-15 22:20:26 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-04-15 22:20:29 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-04-15 22:20:30 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-04-15 22:20:27 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
+ 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2005-09-23 05:28:52 72,704 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2007-10-23 23:47:38 82,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe
- 2005-09-23 05:28:52 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
+ 2007-10-23 23:47:38 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
- 2005-09-23 05:28:56 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
+ 2007-10-23 23:47:40 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll
- 2005-09-23 05:28:52 86,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2007-10-23 23:47:38 97,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
- 2005-09-23 05:28:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2007-10-23 23:47:26 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
- 2005-09-23 05:28:42 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2007-10-23 23:47:30 145,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
- 2005-09-23 05:28:44 4,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2007-10-23 23:47:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
- 2005-09-23 05:29:04 183,808 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2007-10-23 23:47:48 193,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
- 2005-09-23 05:28:28 208,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2007-10-23 23:47:20 218,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
- 2005-09-23 05:28:56 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2007-10-23 23:47:40 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
- 2005-09-23 05:28:58 138,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2007-10-23 23:47:42 147,968 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
- 2005-09-23 05:28:36 87,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
+ 2007-10-23 23:47:26 99,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2007-04-13 01:21:18 58,712 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2007-10-23 23:47:42 59,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
- 2005-09-23 05:28:32 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2007-10-23 23:47:22 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2007-04-13 01:20:52 10,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2007-10-23 23:47:22 22,024 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
- 2007-04-13 01:20:52 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2007-10-23 23:47:22 17,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
- 2007-04-13 01:20:52 23,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2007-10-23 23:47:22 33,288 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
- 2007-04-13 01:20:50 75,264 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2007-10-23 23:47:22 84,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
- 2005-09-23 05:28:32 13,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2007-10-23 23:47:22 24,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
- 2007-04-13 01:20:52 32,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2007-10-23 23:47:22 32,776 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
- 2005-09-23 05:28:32 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2007-10-23 23:47:22 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2007-04-13 01:20:52 33,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2007-10-23 23:47:22 33,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
- 2007-04-13 01:20:52 32,600 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2007-10-23 23:47:22 33,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2007-04-13 01:20:52 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2007-10-23 23:47:22 507,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
- 2005-09-23 05:28:56 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2007-10-23 23:47:40 106,496 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
- 2007-04-13 01:21:16 88,576 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2007-10-23 23:47:40 101,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
- 2005-09-23 05:28:42 76,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2007-10-23 23:47:30 80,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
- 2005-09-23 05:28:42 1,144,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2007-10-23 23:47:30 1,162,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
- 2005-09-23 05:28:42 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2007-10-23 23:47:30 13,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 05:28:58 17,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2007-10-23 23:47:42 27,136 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
- 2005-09-23 05:28:56 68,608 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2007-10-23 23:47:40 69,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
- 2005-09-23 05:28:44 31,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2007-10-23 23:47:30 35,320 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
- 2005-09-23 05:28:38 52,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2007-10-23 23:47:28 66,552 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
- 2007-04-13 01:20:58 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2007-10-23 23:47:28 5,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
- 2005-09-23 05:29:12 547,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
+ 2007-10-23 23:47:54 572,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 05:28:56 788,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2007-10-23 23:47:40 798,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2007-10-23 23:47:36 18,936 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
- 2007-04-13 01:21:16 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2007-10-23 23:47:40 9,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 05:28:56 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2007-10-23 23:47:40 8,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
- 2005-09-23 05:28:56 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2007-10-23 23:47:40 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
- 2005-09-23 05:28:56 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
+ 2007-10-23 23:47:40 6,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2007-04-13 01:21:16 228,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2007-10-23 23:47:40 230,904 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
- 2007-04-13 01:21:16 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2007-10-23 23:47:40 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 05:28:56 55,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2007-10-23 23:47:40 65,032 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
- 2005-09-23 05:28:56 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2007-10-23 23:47:40 72,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 05:28:48 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2007-10-23 23:47:34 40,960 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2007-04-13 01:21:10 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2007-10-23 23:47:36 348,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
- 2005-09-23 05:28:48 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2007-10-23 23:47:36 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2007-04-13 01:21:10 647,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2007-10-23 23:47:36 655,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
- 2005-09-23 05:28:48 73,728 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2007-10-23 23:47:36 77,824 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
- 2007-04-13 01:21:08 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2007-10-23 23:47:34 749,568 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
- 2005-09-23 05:29:10 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2007-10-23 23:47:52 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 05:29:10 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2007-10-23 23:47:52 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
- 2005-09-23 05:29:08 667,648 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
+ 2007-10-23 23:47:50 671,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 05:28:30 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2007-10-23 23:47:20 28,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
- 2005-09-23 05:29:10 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2007-10-23 23:47:52 5,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 05:28:30 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
+ 2007-10-23 23:47:20 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 05:28:30 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2007-10-23 23:47:20 12,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2005-09-23 05:28:30 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2007-10-23 23:47:20 7,168 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
- 2007-04-13 01:20:52 87,040 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
+ 2007-10-23 23:47:22 97,792 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 05:28:48 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2007-10-23 23:47:36 69,632 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
- 2007-04-13 01:21:18 802,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2007-10-23 23:47:40 822,280 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2005-09-23 05:28:56 73,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
+ 2007-10-23 23:47:40 83,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 05:28:56 288,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2007-10-23 23:47:40 308,224 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
- 2007-04-13 01:21:16 36,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2007-10-23 23:47:40 47,104 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
- 2007-04-13 01:21:16 326,656 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2007-10-23 23:47:40 348,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
- 2005-09-23 05:28:56 81,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2007-10-23 23:47:40 94,208 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
- 2007-04-13 01:21:16 4,308,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2007-10-23 23:47:40 4,444,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 01:21:16 102,912 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
- 2005-09-23 05:29:00 330,752 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2007-10-23 23:47:44 340,992 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
- 2005-09-23 05:28:56 67,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2007-10-23 23:47:40 77,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
- 2005-09-23 05:28:50 9,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2007-10-23 23:47:36 18,944 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
- 2007-04-13 01:21:18 227,328 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2007-10-23 23:47:40 242,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
- 2007-04-13 01:21:18 68,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2007-10-23 23:47:40 70,144 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
- 2005-09-23 05:28:56 10,240 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2007-10-23 23:47:40 19,456 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
- 2007-04-13 01:21:12 5,634,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2007-10-23 23:47:36 5,814,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2005-09-23 05:29:00 22,528 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2007-10-23 23:47:44 31,744 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
- 2007-04-13 01:21:16 99,152 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2007-10-23 23:47:40 101,880 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe
- 2007-04-13 01:21:18 15,360 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2007-10-23 23:47:40 24,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll
- 2005-09-23 05:28:56 78,336 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2007-10-23 23:47:40 89,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
- 2007-04-13 01:21:12 136,192 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2007-10-23 23:47:36 144,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll
- 2005-09-23 05:28:56 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2007-10-23 23:47:40 53,248 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 05:28:56 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2007-10-23 23:47:40 32,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
- 2005-09-23 05:29:02 59,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
+ 2007-10-23 23:47:46 61,952 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 05:28:58 7,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2007-10-23 23:47:42 16,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
- 2005-09-23 05:28:56 107,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2007-10-23 23:47:40 119,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
- 2005-09-23 05:29:00 85,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2007-10-23 23:47:44 95,232 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
- 2007-04-13 01:21:18 382,464 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2007-10-23 23:47:40 392,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2007-04-13 01:21:18 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2007-10-23 23:47:40 110,592 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
- 2007-04-13 01:21:18 413,696 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
+ 2007-10-23 23:47:42 425,984 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2007-04-13 01:21:16 2,902,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2007-10-23 23:47:40 3,036,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
- 2007-04-13 01:21:18 482,304 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2007-10-23 23:47:40 483,840 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2007-04-13 01:21:18 716,800 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2007-10-23 23:47:40 741,376 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
- 2007-04-13 01:20:58 888,832 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2007-10-23 23:47:28 933,888 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
- 2007-04-13 01:21:16 5,001,216 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2007-10-23 23:47:40 5,070,848 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2005-09-23 05:28:56 397,312 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2007-10-23 23:47:40 401,408 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
- 2007-04-13 01:21:18 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2007-10-23 23:47:40 188,416 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
- 2007-04-13 01:21:16 2,940,928 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2007-10-23 23:47:40 3,076,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2005-09-23 05:28:56 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2007-10-23 23:47:40 81,920 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2007-04-13 01:21:16 577,536 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2007-10-23 23:47:40 630,784 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2007-04-13 01:21:16 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
- 2007-04-13 01:21:18 47,616 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2007-10-23 23:47:40 57,392 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
- 2007-04-13 01:21:18 114,176 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
+ 2007-10-23 23:47:40 113,664 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2007-04-13 01:21:16 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2007-10-23 23:47:40 372,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
- 2007-04-13 01:21:16 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
+ 2007-10-23 23:47:40 299,008 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 05:28:56 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2007-10-23 23:47:40 131,072 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 05:28:56 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2007-10-23 23:47:40 258,048 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 05:28:56 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2007-10-23 23:47:40 114,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2007-04-13 01:21:18 260,096 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2007-10-23 23:47:40 261,120 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
- 2007-04-13 01:21:16 5,156,864 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2007-10-23 23:47:40 5,431,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
- 2005-09-23 05:28:56 835,584 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2007-10-23 23:47:40 884,736 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 05:28:56 86,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2007-10-23 23:47:40 90,112 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
- 2005-09-23 05:28:56 823,296 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2007-10-23 23:47:40 839,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
- 2007-04-13 01:21:16 5,152,768 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2007-10-23 23:47:40 5,013,504 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2007-04-13 01:21:16 2,027,520 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2007-10-23 23:47:40 2,068,480 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
- 2005-09-23 05:28:56 71,680 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2007-10-23 23:47:40 81,400 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
- 2007-04-13 01:21:28 1,166,672 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2007-10-23 23:47:48 1,172,472 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe
- 2007-04-13 01:20:50 1,330,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2007-10-23 23:47:20 1,344,000 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
- 2007-04-13 01:20:52 406,016 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2007-10-23 23:47:22 434,688 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2005-09-23 05:28:56 28,160 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2007-10-23 23:47:40 37,896 ----a-w C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
- 2005-09-23 05:28:38 83,456 ----a-w C:\WINDOWS\system32\dfshim.dll
+ 2007-10-23 23:47:28 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
- 2007-04-13 01:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll
+ 2007-10-23 23:47:38 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
- 2005-09-23 05:28:52 150,016 ----a-w C:\WINDOWS\system32\mscorier.dll
+ 2007-10-23 23:47:38 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
- 2005-09-23 05:28:52 74,240 ----a-w C:\WINDOWS\system32\mscories.dll
+ 2007-10-23 23:47:38 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
- 2005-09-23 05:29:00 6,144 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2007-10-23 23:47:44 15,360 ----a-w C:\WINDOWS\system32\mui\0409\mscorees.dll
- 2008-03-31 09:35:36 69,970 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-14 01:41:57 71,154 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-03-31 09:35:36 83,380 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-14 01:41:57 85,152 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-03-31 09:35:36 418,454 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-14 01:41:57 423,718 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-03-31 09:35:36 485,450 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-14 01:41:57 491,694 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-14 01:41:30 8,192 ----a-w C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2007-10-23 23:47:56 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll
+ 2007-10-23 23:47:56 558,080 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
+ 2007-10-23 23:47:56 635,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
- 2007-07-18 17:39:09 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-04-14 01:41:44 258,048 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2007-07-18 17:39:09 114,176 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2008-04-14 01:41:44 113,664 ----a-w C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 19:09 15360]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-02-28 23:06 2321600]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-03-28 21:57 68856]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-12-22 09:09 221056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"="SiSPower.dll" [2007-01-23 13:34 53248 C:\WINDOWS\system32\SiSPower.dll]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"LXCGCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-07-20 19:48 73728]

C:\Documents and Settings\Administrateur.ORDI\Menu D%u201Amarrer\Programmes\D%u201Amarrage\
IcoSauve.lnk - C:\WINDOWS\system32\IcoSauve.exe [2007-02-28 15:40:29 112128]

C:\Documents and Settings\All Users.WINDOWS\Menu D%u201Amarrer\Programmes\D%u201Amarrage\
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2007-02-28 16:42:24 262144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Adobe Gamma.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.3.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.3.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^TimeLeft.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\TimeLeft.lnk
backup=C:\WINDOWS\pss\TimeLeft.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^UDPixel.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\UDPixel.lnk
backup=C:\WINDOWS\pss\UDPixel.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Administrateur.ORDI^Menu Démarrer^Programmes^Démarrage^Xfire.lnk]
path=C:\Documents and Settings\Administrateur.ORDI\Menu Démarrer\Programmes\Démarrage\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Last.fm Helper.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Last.fm Helper.lnk
backup=C:\WINDOWS\pss\Last.fm Helper.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=C:\WINDOWS\pss\Outil de mise à jour Google.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
--a------ 2007-02-28 23:06 2321600 C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2007-01-15 17:14 147456 C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EzPrint]
--a------ 2005-08-01 08:05 94208 C:\Program Files\Lexmark 2300 Series\ezprint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Manager]
C:\Program Files\AntivirusFirewall\Common\FSM32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure Startup Wizard]
C:\Program Files\AntivirusFirewall\FSGUI\FSSW.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F-Secure TNB]
C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
C:\Program Files\FlashGet\FlashGet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2007-11-20 21:21 1840128 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2004-12-14 19:57 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2004-12-14 19:51 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcgmon.exe]
--a------ 2005-07-21 02:07 200704 C:\Program Files\Lexmark 2300 Series\lxcgmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Webcam Recorder]
C:\Program Files\MSN Webcam Recorder\ml20gui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnsyslog]
C:\WINDOWS\msnlogm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\News Service]
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperCopier2.exe]
--a------ 2006-07-07 18:45 1052672 C:\Program Files\SuperCopier2\SuperCopier2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-03-28 21:57 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSave]
C:\Program Files\Save\Save.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 02:08]
S2 BackWeb Plug-in - 6588780;Antivirus Firewall;C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE []
S2 Ca536av;Icatch(VII) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca536av.sys []
S2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sy

Re,

C'est bien ce que je pensais, il y a eu réinfection car tu n'avais pas supprimé les cracks de ton PC. Pourtant :



Donc tu me fais un peu perdre mon temps car du coup je dois à nouveau redésinfecter ton PC. Enfin, j'espère au moins que tu as compris maintenant. Tu vas donc devoir refaire des procédures déjà faites.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

 

Désolé  

Re,

J'attends le rapport de MBAM.

 

Bonjour  
Je fais ça dans l'apres midi  

Re, il n'a rien détecté  

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 614

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 210159
Temps écoulé: 4 hour(s), 3 minute(s), 27 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Re,

Refais un scan avec suspectfile et poste-moi le rapport  

Bonne nuit, à demain  

voilà, bonne nuit  

SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
System directory: C:\WINDOWS
SystemScan file: C:\Documents and Settings\Administrateur.ORDI\Bureau\sys40796.exe
Running in: User mode
Date: 17/04/2008
Time: 23:58:39

Output limited to:
-Recent files

===================== RECENT FILES =====================

Showing files newer than 30 days

----- recent files in C:\
03/04/2008 19:39:36 19318 byte 14 days old -- lxcgscan.log
09/04/2008 01:31:09 (DIR) 0 byte 8 days old -- VundoFix Backups
09/04/2008 19:20:24 5531 byte 8 days old -- VundoFix.txt
16/04/2008 16:39:39 (DIR) 0 byte 1 days old -- QooBox
16/04/2008 16:39:39 67248 byte 1 days old -- ComboFix.txt
16/04/2008 17:12:40 (DIR) 0 byte 1 days old -- RECYCLER
17/04/2008 12:47:34 (DIR) 0 byte 0 days old -- Program Files
17/04/2008 13:04:47 (DIR) 0 byte 0 days old -- Config.Msi
17/04/2008 14:51:42 13030 byte 0 days old -- PDOXUSRS.NET
17/04/2008 22:53:27 704643072 byte 0 days old -- pagefile.sys
17/04/2008 22:53:28 (DIR)469291008 byte 0 days old -- hiberfil.sys
17/04/2008 22:53:53 (DIR) 0 byte 0 days old -- WINDOWS

----- recent files in C:\WINDOWS\
28/03/2008 13:10:06 (DIR) 0 byte 20 days old -- Network Diagnostic
04/04/2008 22:03:32 (DIR) 0 byte 13 days old -- twain_32
04/04/2008 22:03:33 (DIR) 0 byte 13 days old -- SETUP536
08/04/2008 23:36:41 (DIR) 0 byte 9 days old -- ERUNT
08/04/2008 23:59:01 (DIR) 0 byte 9 days old -- msagent
09/04/2008 00:44:26 81952 byte 8 days old -- WgaNotify.log
09/04/2008 17:06:49 71072 byte 8 days old -- BM0fddfe9c.txt
09/04/2008 18:24:56 (DIR) 0 byte 8 days old -- erdnt
09/04/2008 22:23:21 (DIR) 0 byte 8 days old -- Prefetch
14/04/2008 03:18:44 1462 byte 3 days old -- win.ini
14/04/2008 03:41:44 (DIR) 0 byte 3 days old -- WinSxS
14/04/2008 18:22:02 (DIR) 0 byte 3 days old -- Microsoft.NET
14/04/2008 18:24:42 (DIR) 0 byte 3 days old -- assembly
16/04/2008 00:20:07 (DIR) 0 byte 1 days old -- Downloaded Program Files
16/04/2008 01:25:31 (DIR) 0 byte 1 days old -- BDOSCAN8
16/04/2008 16:36:29 227 byte 1 days old -- system.ini
16/04/2008 16:39:40 53248 byte 1 days old -- PSEXESVC.EXE
16/04/2008 16:39:46 (DIR) 0 byte 1 days old -- system32
17/04/2008 10:04:07 (DIR) 0 byte 0 days old -- TEMP
17/04/2008 13:04:47 (DIR) 0 byte 0 days old -- Installer
17/04/2008 17:43:22 174592 byte 0 days old -- wmsetup.log
17/04/2008 17:47:57 32542 byte 0 days old -- SchedLgU.Txt
17/04/2008 21:56:02 9975604 byte 0 days old -- ntbtlog.txt
17/04/2008 22:53:28 2048 byte 0 days old -- bootstat.dat
17/04/2008 22:53:43 313 byte 0 days old -- wiaservc.log
17/04/2008 22:53:44 1089693 byte 0 days old -- WindowsUpdate.log
17/04/2008 22:53:46 159 byte 0 days old -- wiadebug.log
17/04/2008 22:53:47 0 byte 0 days old -- 0.log
17/04/2008 22:53:53 (DIR) 0 byte 0 days old -- inf
17/04/2008 22:53:53 (DIR) 0 byte 0 days old -- LastGood
17/04/2008 22:53:53 498361 byte 0 days old -- setupapi.log
17/04/2008 22:54:25 69 byte 0 days old -- NeroDigital.ini

----- recent files in C:\WINDOWS\Downloaded Program Files\

----- recent files in C:\WINDOWS\system\

----- recent files in C:\WINDOWS\system32\
19/03/2008 19:39:14 1403480 byte 29 days old -- FNTCACHE.DAT
29/03/2008 16:01:18 (DIR) 0 byte 19 days old -- LogFiles
07/04/2008 17:34:42 3072 byte 10 days old -- CONFIG.NT
09/04/2008 18:26:04 (DIR) 0 byte 8 days old -- config
14/04/2008 03:41:57 423718 byte 3 days old -- perfh009.dat
14/04/2008 03:41:57 85152 byte 3 days old -- perfc00C.dat
14/04/2008 03:41:57 1039354 byte 3 days old -- PerfStringBackup.INI
14/04/2008 03:41:57 491694 byte 3 days old -- perfh00C.dat
14/04/2008 03:41:57 71154 byte 3 days old -- perfc009.dat
16/04/2008 14:10:01 2228 byte 1 days old -- wpa.dbl
16/04/2008 16:33:32 (DIR) 0 byte 1 days old -- drivers
17/04/2008 17:50:17 (DIR) 0 byte 0 days old -- dllcache
17/04/2008 22:53:51 (DIR) 0 byte 0 days old -- CatRoot2

----- recent files in C:\WINDOWS\system32\drivers\
09/04/2008 18:27:52 (DIR) 0 byte 8 days old -- etc

----- recent files in C:\WINDOWS\temp\
17/04/2008 10:04:06 (DIR) 0 byte 0 days old -- Fichiers Internet temporaires
17/04/2008 10:04:07 (DIR) 0 byte 0 days old -- History
17/04/2008 10:04:07 (DIR) 0 byte 0 days old -- Cookies
17/04/2008 22:53:32 255 byte 0 days old -- WGAErrLog.txt

----- recent files in C:\Program Files\
04/04/2008 22:04:20 (DIR) 0 byte 13 days old -- Geneatique2007
04/04/2008 22:12:48 (DIR) 0 byte 13 days old -- Opera
08/04/2008 17:14:03 (DIR) 0 byte 9 days old -- Trend Micro
08/04/2008 23:59:01 (DIR) 0 byte 9 days old -- netmeeting
09/04/2008 00:05:42 (DIR) 0 byte 8 days old -- Windows Media Player
11/04/2008 19:31:13 (DIR) 0 byte 6 days old -- Common Files
11/04/2008 19:32:48 (DIR) 0 byte 6 days old -- Malwarebytes' Anti-Malware
14/04/2008 03:40:40 (DIR) 0 byte 3 days old -- Internet Explorer
15/04/2008 01:01:14 (DIR) 0 byte 2 days old -- BitLord
15/04/2008 23:55:15 (DIR) 0 byte 2 days old -- Adobe
16/04/2008 00:06:46 (DIR) 0 byte 1 days old -- Fichiers communs
16/04/2008 19:52:32 (DIR) 0 byte 1 days old -- Lx_cats
16/04/2008 20:15:53 (DIR) 0 byte 1 days old -- GIMP-2.0
16/04/2008 22:56:00 (DIR) 0 byte 1 days old -- Google
17/04/2008 12:47:34 (DIR) 0 byte 0 days old -- Smart Projects
17/04/2008 22:53:56 (DIR) 0 byte 0 days old -- Mozilla Firefox
17/04/2008 23:03:33 (DIR) 0 byte 0 days old -- eMule

----- recent files in C:\Program Files\Fichiers communs\
16/04/2008 00:06:46 (DIR) 0 byte 1 days old -- Adobe

----- recent files in C:\Documents and Settings\Administrateur.ORDI\Application Data\
03/04/2008 22:28:57 (DIR) 0 byte 14 days old -- LimeWire
11/04/2008 19:33:04 (DIR) 0 byte 6 days old -- Malwarebytes
12/04/2008 15:42:24 (DIR) 0 byte 5 days old -- Adobe
17/04/2008 12:37:05 (DIR) 0 byte 0 days old -- OpenOffice.org2
17/04/2008 14:42:03 (DIR) 0 byte 0 days old -- gtk-2.0

----- recent files in C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\
16/04/2008 17:23:32 0 byte 1 days old -- isEF.tmp
16/04/2008 17:59:21 20513 byte 1 days old -- 23,under-the-bridge,664838.gp4
16/04/2008 20:09:38 (DIR) 0 byte 1 days old -- plugtmp
16/04/2008 20:17:02 (DIR) 0 byte 1 days old -- fontconfig
17/04/2008 01:21:58 2019923 byte 0 days old -- Under the Bridge.rar
17/04/2008 10:17:42 0 byte 0 days old -- uy877.tmp
17/04/2008 13:02:26 0 byte 0 days old -- is146.tmp
17/04/2008 15:57:59 (DIR) 0 byte 0 days old -- MessengerCache
17/04/2008 17:08:44 (DIR) 0 byte 0 days old -- flashgot.6lumh0y1.default
17/04/2008 17:52:09 311296 byte 0 days old -- ~DF589D.tmp
17/04/2008 22:53:48 1953 byte 0 days old -- LVCOMSX.LOG
17/04/2008 22:53:52 (DIR) 0 byte 0 days old -- WPDNSE
17/04/2008 22:58:49 1536 byte 0 days old -- jusched.log
17/04/2008 23:17:52 71916 byte 0 days old -- photo.jpg
17/04/2008 23:26:45 0 byte 0 days old -- g5728.tmp
17/04/2008 23:33:15 (DIR) 0 byte 0 days old -- plugtmp-1
17/04/2008 23:58:19 16384 byte 0 days old -- ~DFD6CC.tmp
17/04/2008 23:58:19 65 byte 0 days old -- systemscan.ini
17/04/2008 23:58:20 (DIR) 0 byte 0 days old -- nst86.tmp

==========================================
Scan completed in 0,3 minutes
End of report


~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
SystemScan uses some freeware tools that remain property of their authors:

* SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
* dumphive (Markus Stephany)--> "Registry scan"
* Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
* Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

Thanks to all of them for their hard work