bonjour,
cet aprés midi je voulé me refaire une partie d'un jeu que j'adore et possede mais je ne possedait plus la boite,donc plus la clé cd,c'est pourquoi j'ai voulu m'en procurer une mais il s'avere que c'est surement un virus!
depuis mes pages sont tres tres lente,dailleur je ne peux pas acceder au forum-sécurité virus-c'est pourquoi je vous demande,s'il vous plais, de m'aider j'en ai grand besoin!
merci d'avance les professionnielle de IDN qui m'avais deja bien aider il y a 4-5 mois!

Ce sujet a été déplacé de la catégorie Internet-Reseaux vers la catégorie Sécurité - Virus par Sam85

reçu en mp:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:42, on 13/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Windows Media Connect\mswmcls.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Connect\mswmc.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [18cf4ce9] rundll32.exe "C:\WINDOWS\system32\rkuupakd.dll",b
O4 - HKLM\..\Run: [BM1bfc7f75] Rundll32.exe "C:\WINDOWS\system32\hawncrol.dll",s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5b9750d472d7a6e0.spaces [...] nPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFF8D776-ECCB-4EF3-8BC6-82AB57A85934}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: mldixj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O24 - Desktop Component 0: (no name) - http://wallpapers.theotaku.com/ima [...] 015530.jpg
O24 - Desktop Component 1: (no name) - http://image.jeuxvideo.com/images/pc/s/c/scr2pc080.jpg

oufffff je peux enfin acceder au forum,car j'ai d'abord fais une"pré-désinfection"
avec vundofix,mais 2 fichiers infectés n'ont pas pu etre supprimés
donc je tél de suite MBAM merci Sham_rock!

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1053
Windows 5.1.2600 Service Pack 2

12:16:24 15/08/2008
mbam-log-8-15-2008 (12-16-24).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 158264
Temps écoulé: 1 hour(s), 36 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 12
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 31

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winjgf32 (Dialer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Adsl Software Ltd (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm1bfc7f75 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\BASE (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\DELETED (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\SAVED (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0059634.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061524.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061526.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061528.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061530.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061531.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061532.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{F75EEC69-6E97-419B-93B4-6A3A275301C4}\RP365\A0061534.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\ctuppxfk.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\hawncrol.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\mldixj.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\orkamhjt.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\pmnOeedc.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\qwdsmoog.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\VundoFix Backups\vgrmiy.dll.bad (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgutojkf.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jacxebao.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\luslnnkt.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\PMNLMKKD.0LL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\RKUUPAKD.0LL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rqiufbqq.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080618205655140.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080618211329921.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080619132754734.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ADSL Software Ltd\WinSpywareProtect\LOG\20080619210520812.log (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winjgf32.dll (Dialer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1bfc7f75.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM1bfc7f75.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

euhhhhhhhh j'ai eu un probleme sham rock,aprés redémarrage du pc de part combofix,il me dis le rapport et tout...puis je vais pour te le poster...et plus de internet,plus rien!donc ma livebox était connécté comme il faut et sa venais de mes reseaux,j'ai du changer des adresses ip,puis par miracle sa remarche!
donc sans attendre les 2 rapports:

Combofix:

ComboFix 08-08-15.04 - HP_Propriétaire 2008-08-16 15:08:50.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.575 [GMT 2:00]
Endroit: C:\Documents and Settings\HP_Propriétaire\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@67.201.36[1].txt
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@adtrgt[2].txt
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@clickintext[1].txt
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@erreurchasseur[1].txt
C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@metaffiliation[2].txt
C:\WINDOWS\system32\btxuoafp.ini
C:\WINDOWS\system32\dkapuukr.ini
C:\WINDOWS\system32\qnalipks.ini

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-16 to 2008-08-16 ))))))))))))))))))))))))))))))))))))
.

2008-08-15 20:46 . <REP> C:\WINDOWS\LastGood.Tmp
2008-08-15 16:08 . 2008-08-15 16:10 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-08-15 14:07 . 2008-08-15 14:13 <REP> d-------- C:\Program Files\MeuhMeuhTV Alpha
2008-08-14 21:09 . 2008-08-14 21:09 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-14 21:09 . 2008-08-14 21:09 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-14 20:14 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-14 19:39 . 2008-08-14 20:04 <REP> d-------- C:\VundoFix Backups
2008-08-14 14:33 . 2008-08-15 14:58 <REP> d-------- C:\divx
2008-08-14 14:31 . 2008-07-23 18:50 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-08-13 14:38 . 2008-08-13 14:38 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-08-13 14:38 . 2008-07-04 08:34 860,160 --a------ C:\WINDOWS\system32\lameACM.acm
2008-08-13 14:38 . 2008-01-10 14:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-08-13 14:38 . 2004-01-25 18:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-08-13 14:38 . 2007-09-04 18:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-08-13 14:38 . 2008-01-10 14:16 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-08-13 14:38 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-08-13 14:38 . 2008-06-12 20:36 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-08-13 14:38 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-08-13 14:38 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-08-13 14:38 . 2008-07-30 21:09 38 --a------ C:\WINDOWS\avisplitter.ini
2008-08-13 13:43 . 2008-08-13 20:33 <REP> d-------- C:\Program Files\VirtualDub
2008-08-13 11:11 . 2008-08-13 11:11 <REP> d-------- C:\Program Files\InterMute
2008-08-12 21:07 . 2008-08-12 21:07 <REP> d-------- C:\Program Files\Roxio
2008-08-12 21:07 . 2008-08-12 21:07 <REP> d-------- C:\Program Files\Fichiers communs\Roxio Shared
2008-08-12 14:01 . 2008-08-12 14:01 <REP> d-------- C:\Program Files\Activision
2008-08-01 18:03 . 2008-08-01 18:45 <REP> d-------- C:\Program Files\PGameScan
2008-07-31 22:15 . 2008-07-31 22:15 <REP> d-------- C:\Program Files\CCleaner
2008-07-31 19:29 . 2008-07-31 19:29 8,704 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-07-28 15:40 . 2008-07-31 22:04 <REP> d-------- C:\Program Files\Hamachi
2008-07-28 15:40 . 2008-07-31 21:39 17,480 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-07-26 23:29 . 2008-07-28 14:45 <REP> d-------- C:\Program Files\Starcraft
2008-07-26 23:29 . 2008-07-28 14:32 33,475 --a------ C:\WINDOWS\scunin.dat
2008-07-26 23:29 . 2008-07-28 14:32 967 --a------ C:\WINDOWS\ScUnin.pif
2008-07-26 22:58 . 2008-07-26 22:58 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-07-25 10:36 . 2008-07-25 10:36 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-07-25 10:36 . 2008-07-25 10:36 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-07-23 18:50 . 2008-07-23 18:50 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-07-23 18:50 . 2008-07-23 18:50 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-07-23 18:48 . 2008-07-23 18:48 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-07-23 18:48 . 2008-07-23 18:48 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-07-23 18:47 . 2008-07-23 18:47 634,880 --a------ C:\WINDOWS\system32\divxdec.ax
2008-07-23 18:47 . 2008-07-23 18:47 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax
2008-07-23 18:47 . 2008-07-23 18:47 8,835 --a------ C:\WINDOWS\system32\dpufr.qm
2008-07-23 18:47 . 2008-07-23 18:47 3,067 --a------ C:\WINDOWS\system32\dtu_fr.qm
2008-07-23 18:47 . 2008-07-23 18:47 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-07-23 18:47 . 2008-07-23 18:47 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-07-23 18:46 . 2008-07-23 18:46 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR
2008-07-18 16:51 . 2008-07-18 16:59 <REP> d-------- C:\Program Files\Doom 3
2008-07-18 14:24 . 2008-07-18 14:24 <REP> d-------- C:\Program Files\RayV

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-16 13:00 --------- d-----w C:\Program Files\eMule
2008-08-15 17:20 --------- d-----w C:\Program Files\Everest Poker
2008-08-15 11:22 --------- d-----w C:\Program Files\Fichiers communs\Labtec
2008-08-15 11:20 --------- d-----w C:\Program Files\Logitech
2008-08-14 18:14 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-08-14 13:18 --------- d-----w C:\Program Files\DivX
2008-08-12 13:44 --------- d-----w C:\Program Files\Electronic Arts
2008-08-12 12:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-01 13:48 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-08-01 13:48 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-08-01 13:48 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-07-30 18:15 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-26 20:53 --------- d-----w C:\Program Files\ATI Technologies
2008-07-23 16:50 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
2008-07-23 16:50 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-07-23 16:50 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-07-21 20:31 --------- d-----w C:\Program Files\Anno 1701
2008-07-16 20:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-16 20:33 25,259 ----a-w C:\WINDOWS\Fonts\DNfont7.zip
2008-07-08 19:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Philips
2008-07-08 19:29 --------- d-----w C:\Program Files\Philips
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-07-04 06:33 3,230,720 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-07-04 06:33 3,230,720 ----a-w C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-07-04 03:48 9,490,432 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-07-04 03:25 421,888 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-07-04 03:23 309,248 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-07-04 03:14 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-07-04 03:14 184,320 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-07-04 03:14 143,360 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-07-04 03:13 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-07-04 03:13 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-07-04 03:12 561,152 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-07-04 03:10 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-07-04 03:06 253,952 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-07-04 03:00 3,786,144 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-07-04 02:55 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-07-04 02:49 2,140,672 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-07-04 02:34 48,640 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-07-04 02:30 348,160 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-07-04 02:29 32,768 ----a-w C:\WINDOWS\system32\atiadlxx.dll
2008-07-04 02:28 53,248 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-07-04 02:28 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-07-04 02:22 565,248 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-07-03 19:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-06-30 12:21 --------- d-----w C:\Program Files\Navilog1
2008-06-27 09:29 --------- d-----w C:\Program Files\Power IE
2008-06-25 17:50 --------- d-----w C:\Program Files\Infogrames
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-23 15:39 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2008-06-23 15:39 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
2008-06-23 15:39 1,024,000 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2008-06-23 09:49 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
2008-06-20 18:02 --------- d-----w C:\Program Files\THQ
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-19 19:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-18 19:47 --------- d-----w C:\Program Files\Trend Micro
2008-06-16 10:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-01-19 21:01 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-01-02 11:18 0 -c--a-w C:\Program Files\Global.sw
.

((((((((((((((((((((((((((((( snapshot@2008-06-20_21.46.35.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-04-14 15:52:45 272,768 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\bthport.sys
+ 2007-11-30 11:19:06 234,872 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
+ 2004-08-05 18:00:00 138,496 -c----w C:\WINDOWS\$NtUninstallKB951748$\afd.sys
+ 2008-02-20 05:35:05 148,992 -c----w C:\WINDOWS\$NtUninstallKB951748$\dnsapi.dll
+ 2004-08-05 18:00:00 247,808 -c----w C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
+ 2007-11-30 12:39:29 234,872 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w C:\WINDOWS\$NtUninstallKB951748$\spuninst\updspapi.dll
+ 2007-10-30 17:20:55 360,064 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
+ 2006-08-16 09:37:30 225,664 -c----w C:\WINDOWS\$NtUninstallKB951748$\tcpip6.sys
- 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-02-04 09:10:10 208,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingDevice.dll
+ 2008-02-04 09:06:54 417,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\ImagingServices.dll
+ 2008-02-04 09:08:42 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\LiveAlbumXCtrl.dll
+ 2008-02-04 09:07:46 1,779,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\MicrosoftEffects.dll
+ 2008-02-04 09:05:04 46,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\PhotoViewerShim.dll
+ 2008-02-04 09:06:46 372,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXAlbumDownloadWizard.exe
+ 2008-02-01 10:23:12 279,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\wlxclip.dll
+ 2008-02-01 10:13:40 191,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXDSPA.dll
+ 2008-02-04 09:10:02 130,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXGrinderScheduler.dll
+ 2008-02-04 09:06:00 59,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXImageTranscode.dll
+ 2008-02-04 09:08:26 712,224 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXMediaPublishSubscribe.dll
+ 2008-02-01 10:17:40 587,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPGSS.SCR
+ 2008-02-04 09:07:22 1,565,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcq.dll
+ 2008-02-01 10:13:40 227,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoAcquireWizard.exe
+ 2008-02-04 09:08:38 86,560 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoCinematic.dll
+ 2008-02-04 09:08:32 83,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoClassic.dll
+ 2008-02-04 09:09:08 125,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGallery.exe
+ 2008-02-01 10:13:42 16,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoGalleryRepair.exe
+ 2008-02-04 09:06:54 394,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoLibraryDatabase.dll
+ 2008-02-04 09:06:20 1,515,040 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoViewer.dll
+ 2008-02-04 09:06:20 1,250,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPhotoVoyager.dll
+ 2008-02-04 09:06:18 752,672 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipeline.dll
+ 2008-02-04 09:06:14 734,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXPipetran.dll
+ 2008-02-01 10:13:42 101,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHost.exe
+ 2008-02-04 09:05:00 20,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeControlHostPS.dll
+ 2008-02-04 09:05:04 53,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXQuickTimeShellExt.dll
+ 2008-02-04 09:08:42 85,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXThumbCache.dll
+ 2008-02-04 09:10:04 144,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVAFilt.dll
+ 2008-02-04 09:07:40 675,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoAcquireWizard.exe
+ 2008-02-04 09:07:10 69,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoCameraAutoPlayManager.exe
+ 2008-02-04 09:10:10 165,408 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\812AF07A89569CA418D33695C7D50D86\12.0.1329\WLXVideoTrim.dll
+ 2008-07-26 20:54:03 10,134 ----a-r C:\WINDOWS\Installer\{0004D4C8-7F6C-BA20-32B2-5C861FA340CB}\ARPPRODUCTICON.exe
+ 2008-07-11 16:02:16 22,486 ----a-r C:\WINDOWS\Installer\{04C44CDC-9977-4AA2-B7E3-78981D0FEF76}\ARPPRODUCTICON.exe
- 2007-03-06 23:12:51 368,640 -c--a-r C:\WINDOWS\Installer\{06180081-3E21-46D6-9A91-D927BA08F41D}\ENCICO6B.EXE
+ 2008-08-15 18:51:30 368,640 ----a-r C:\WINDOWS\Installer\{06180081-3E21-46D6-9A91-D927BA08F41D}\ENCICO6B.EXE
+ 2008-07-26 20:54:15 10,134 ----a-r C:\WINDOWS\Installer\{10053F59-0765-163D-F759-155E6DA35AB6}\ARPPRODUCTICON.exe
+ 2008-07-26 20:54:23 10,134 ----a-r C:\WINDOWS\Installer\{101E4225-8983-7850-3E8C-00C5E0A13B40}\ARPPRODUCTICON.exe
+ 2008-07-26 20:54:23 9,158 ----a-r C:\WINDOWS\Installer\{101E4225-8983-7850-3E8C-00C5E0A13B40}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2008-08-12 19:07:43 6,656 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\PnpWCfg.exe
+ 2008-08-12 19:07:43 38,400 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\RoxioCentral.exe
+ 2008-08-12 19:07:43 7,168 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\sbe1stpb.exe
+ 2008-08-12 19:07:43 7,168 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\sbe1stpr.exe
+ 2008-08-12 19:07:43 9,728 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\sbesch.exe
+ 2008-08-12 19:07:43 31,744 ----a-r C:\WINDOWS\Installer\{1E2F8094-9DCD-4B87-ADB3-25CC5A0442FF}\sbewin32.exe
+ 2008-07-26 20:54:09 10,134 ----a-r C:\WINDOWS\Installer\{3F555374-449A-0734-73EA-5FF6207FA30F}\ARPPRODUCTICON.exe
- 2008-01-03 20:50:13 29,926 ----a-r C:\WINDOWS\Installer\{4781569D-5404-1F26-4B2B-6DF444441031}\ARPPRODUCTICON.exe
+ 2008-07-08 20:06:49 29,926 ----a-r C:\WINDOWS\Installer\{4781569D-5404-1F26-4B2B-6DF444441031}\ARPPRODUCTICON.exe
+ 2008-07-26 20:54:05 10,134 ----a-r C:\WINDOWS\Installer\{5141D667-6FE0-DFD6-FDC8-C981DC06520C}\ARPPRODUCTICON.exe
+ 2008-07-26 20:53:43 10,134 ----a-r C:\WINDOWS\Installer\{51C9B6D6-BF0F-3BA5-1EA4-17C6190DBE07}\ARPPRODUCTICON.exe
+ 2008-07-26 20:54:18 10,134 ----a-r C:\WINDOWS\Installer\{86F68693-A637-1F4D-5D4F-4D58486A4601}\ARPPRODUCTICON.exe
+ 2008-07-29 13:22:34 10,134 ----a-r C:\WINDOWS\Installer\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\ARPPRODUCTICON.exe
+ 2008-07-29 13:28:31 10,134 ----a-r C:\WINDOWS\Installer\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\ARPPRODUCTICON.exe
- 2008-02-28 02:01:16 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-08-10 22:01:00 123,008 ----a-r C:\WINDOWS\Installer\{A70FA218-6598-4AC9-813D-63597C5DD068}\WLXPhotoGalleryIcon.exe
+ 2008-07-26 20:54:06 10,134 ----a-r C:\WINDOWS\Installer\{AE888E0F-6727-0045-A966-CFB975AC15BA}\ARPPRODUCTICON.exe
- 2008-01-03 16:34:04 9,158 ----a-r C:\WINDOWS\Installer\{BA20221E-4D27-8DFA-14C2-D673CEB1C888}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2008-07-26 13:42:46 9,158 ----a-r C:\WINDOWS\Installer\{BA20221E-4D27-8DFA-14C2-D673CEB1C888}\NewShortcut11_EAB9635D261D49BE88DDE71A7C809B2D.exe
+ 2008-07-26 20:53:51 10,134 ----a-r C:\WINDOWS\Installer\{C952BD03-9AC6-F898-B17F-9352638EC93C}\ARPPRODUCTICON.exe
+ 2008-07-26 20:53:53 10,134 ----a-r C:\WINDOWS\Installer\{CADF1911-C4FB-8651-36E0-FF06DAA75F28}\ARPPRODUCTICON.exe
+ 2008-08-12 13:35:09 33,982 ----a-r C:\WINDOWS\Installer\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}\ARPPRODUCTICON.exe
+ 2008-08-12 13:35:10 40,960 ----a-r C:\WINDOWS\Installer\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}\NewShortcut3_96B87C3D64854A7D96EBB2C8CB752619.exe
+ 2008-08-12 13:35:10 40,960 ----a-r C:\WINDOWS\Installer\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}\NewShortcut31_96B87C3D64854A7D96EBB2C8CB752619.exe
+ 2008-07-26 20:53:48 10,134 ----a-r C:\WINDOWS\Installer\{FA3A247D-437A-455E-A88F-7EB6E5F9E799}\ARPPRODUCTICON.exe
- 1998-11-13 12:16:44 308,224 ----a-w C:\WINDOWS\IsUn040c.exe
+ 1998-11-13 11:16:44 308,224 ----a-w C:\WINDOWS\IsUn040c.exe
- 1999-01-08 10:54:40 19,968 -c--a-w C:\WINDOWS\Lhsp\Dialog\AExLxd60.dll
+ 1999-01-08 09:54:40 19,968 ----a-w C:\WINDOWS\Lhsp\Dialog\AExLxd60.dll
- 1999-04-09 08:18:38 35,328 -c--a-w C:\WINDOWS\Lhsp\Dialog\FRFgnd60.dll
+ 1999-04-09 07:18:38 35,328 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFgnd60.dll
- 1999-04-09 08:18:38 176,128 -c--a-w C:\WINDOWS\Lhsp\Dialog\FRFlxd60.dll
+ 1999-04-09 07:18:38 176,128 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFlxd60.dll
- 1999-01-08 10:54:40 29,184 -c--a-w C:\WINDOWS\Lhsp\Dialog\WexLxd60.dll
+ 1999-01-08 09:54:40 29,184 ----a-w C:\WINDOWS\Lhsp\Dialog\WexLxd60.dll
- 1999-04-26 08:17:06 596,480 -c--a-w C:\WINDOWS\Lhsp\G2P\FRFg2p60.dll
+ 1999-04-26 07:17:06 596,480 ----a-w C:\WINDOWS\Lhsp\G2P\FRFg2p60.dll
- 1999-04-22 14:13:40 147,456 -c--a-w C:\WINDOWS\Lhsp\Language\FRFCT160.dll
+ 1999-04-22 13:13:40 147,456 ----a-w C:\WINDOWS\Lhsp\Language\FRFCT160.dll
- 1999-04-09 08:20:04 279,552 -c--a-w C:\WINDOWS\Lhsp\System\LHSAPI30.DLL
+ 1999-04-09 07:20:04 279,552 ----a-w C:\WINDOWS\Lhsp\System\LHSAPI30.DLL
- 1999-04-19 11:07:58 70,656 -c--a-w C:\WINDOWS\Lhsp\System\ttsdct32.dll
+ 1999-04-19 10:07:58 70,656 ----a-w C:\WINDOWS\Lhsp\System\ttsdct32.dll
- 1999-04-21 16:01:38 202,240 -c--a-w C:\WINDOWS\Lhsp\System\ttsmgr32.dll
+ 1999-04-21 15:01:38 202,240 ----a-w C:\WINDOWS\Lhsp\System\ttsmgr32.dll
- 1999-04-19 11:06:34 554,496 -c--a-w C:\WINDOWS\Lhsp\TPP\FRFeml60.dll
+ 1999-04-19 10:06:34 554,496 ----a-w C:\WINDOWS\Lhsp\TPP\FRFeml60.dll
- 1999-04-19 11:06:34 62,976 -c--a-w C:\WINDOWS\Lhsp\TPP\FRFtxt60.dll
+ 1999-04-19 10:06:34 62,976 ----a-w C:\WINDOWS\Lhsp\TPP\FRFtxt60.dll
- 1999-02-23 10:51:40 27,136 -c--a-w C:\WINDOWS\Lhsp\ttsFRFwr.dll
+ 1999-02-23 09:51:40 27,136 ----a-w C:\WINDOWS\Lhsp\ttsFRFwr.dll
- 1998-09-23 07:42:36 419,328 -c--a-w C:\WINDOWS\Lhsp\Voice\FRFvf160.dll
+ 1998-09-23 06:42:36 419,328 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvf160.dll
- 1998-09-23 07:42:36 424,448 -c--a-w C:\WINDOWS\Lhsp\Voice\FRFvm160.dll
+ 1998-09-23 06:42:36 424,448 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvm160.dll
- 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 06:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe
- 1999-01-12 14:19:12 248,832 -c--a-w C:\WINDOWS\speech\spchtel.dll
+ 1999-01-12 13:19:12 248,832 ----a-w C:\WINDOWS\speech\spchtel.dll
- 1999-01-12 14:19:12 562,176 -c--a-w C:\WINDOWS\speech\speech.dll
+ 1999-01-12 13:19:12 562,176 ----a-w C:\WINDOWS\speech\speech.dll
- 1999-01-12 14:09:36 380,928 -c--a-w C:\WINDOWS\speech\vcmd.exe
+ 1999-01-12 13:09:36 380,928 ----a-w C:\WINDOWS\speech\vcmd.exe
- 1999-01-12 14:19:12 156,160 -c--a-w C:\WINDOWS\speech\vcmshl.dll
+ 1999-01-12 13:19:12 156,160 ----a-w C:\WINDOWS\speech\vcmshl.dll
- 1999-01-12 14:19:12 179,712 -c--a-w C:\WINDOWS\speech\Vdict.dll
+ 1999-01-12 13:19:12 179,712 ----a-w C:\WINDOWS\speech\Vdict.dll
- 1999-01-12 14:19:12 173,056 -c--a-w C:\WINDOWS\speech\VText.dll
+ 1999-01-12 13:19:12 173,056 ----a-w C:\WINDOWS\speech\VText.dll
- 1999-01-12 10:35:30 53,760 -c--a-w C:\WINDOWS\speech\WrapSAPI.dll
+ 1999-01-12 09:35:30 53,760 ----a-w C:\WINDOWS\speech\WrapSAPI.dll
- 1999-01-12 14:19:12 128,000 -c--a-w C:\WINDOWS\speech\Xcommand.dll
+ 1999-01-12 13:19:12 128,000 ----a-w C:\WINDOWS\speech\Xcommand.dll
- 1999-01-12 14:19:12 208,896 -c--a-w C:\WINDOWS\speech\Xlisten.dll
+ 1999-01-12 13:19:12 208,896 ----a-w C:\WINDOWS\speech\Xlisten.dll
- 1999-01-12 14:19:12 203,776 -c--a-w C:\WINDOWS\speech\XTel.Dll
+ 1999-01-12 13:19:12 203,776 ----a-w C:\WINDOWS\speech\XTel.Dll
- 1999-01-12 14:19:12 195,584 -c--a-w C:\WINDOWS\speech\Xvoice.dll
+ 1999-01-12 13:19:12 195,584 ----a-w C:\WINDOWS\speech\Xvoice.dll
- 2007-06-05 17:40:44 149,278 ----a-w C:\WINDOWS\system32\atiicdxx.dat
+ 2008-06-10 21:50:17 174,819 ----a-w C:\WINDOWS\system32\atiicdxx.dat
- 2007-06-02 02:25:36 40,960 ----a-w C:\WINDOWS\system32\ATIODCLI.exe
+ 2007-08-21 19:36:12 40,960 ----a-w C:\WINDOWS\system32\ATIODCLI.exe
- 2007-06-02 02:26:52 81,920 ----a-w C:\WINDOWS\system32\ATIODE.exe
+ 2007-08-21 21:51:16 81,920 ----a-w C:\WINDOWS\system32\ATIODE.exe
- 2007-06-27 01:30:45 972,072 ----a-w C:\WINDOWS\system32\ativva6x.dat
+ 2008-07-04 02:48:42 887,724 ----a-w C:\WINDOWS\system32\ativva6x.dat
- 2008-02-23 14:18:44 34,308 ----a-w C:\WINDOWS\system32\BASSMOD.dll
+ 2008-08-01 19:10:45 34,308 ----a-w C:\WINDOWS\system32\BASSMOD.dll
+ 2006-09-24 23:00:00 45,056 ----a-w C:\WINDOWS\system32\besch.exe
+ 2006-09-24 23:00:00 28,672 ----a-w C:\WINDOWS\system32\besched.dll
- 2008-04-21 07:02:27 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
+ 2008-06-23 15:39:58 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2008-04-21 07:02:27 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
+ 2008-06-23 15:39:58 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
- 2008-04-21 07:02:28 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
+ 2008-06-23 15:39:59 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
- 2007-12-04 01:33:16 682,496 ----a-w C:\WINDOWS\system32\divx.dll
+ 2008-07-25 08:34:36 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
+ 2008-07-25 08:34:42 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
+ 2008-07-25 08:34:40 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
+ 2008-07-25 08:34:40 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
+ 2008-07-25 08:34:40 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
+ 2008-07-25 08:34:30 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
- 2008-04-21 07:02:28 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 15:40:00 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-21 07:02:28 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 15:40:00 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-04-21 07:02:28 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 15:40:00 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-04-21 07:02:29 251,392 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2008-06-23 15:40:00 251,392 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-04-21 07:02:29 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2008-06-23 15:40:00 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2008-04-21 07:02:29 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 15:40:00 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-05 18:00:00 331,776 ----a-w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-05-01 14:31:48 331,776 ----a-w C:\WINDOWS\system32\dllcache\msadce.dll
- 2008-04-21 07:02:34 3,080,704 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-23 15:40:02 3,080,704 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-21 07:02:34 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 15:40:03 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-04-21 07:02:34 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 15:40:03 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-21 07:02:35 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 15:40:04 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2001-08-23 16:15:46 3,328 ----a-w C:\WINDOWS\system32\dllcache\pciide.sys
+ 2001-08-23 15:15:46 3,328 ----a-w C:\WINDOWS\system32\dllcache\pciide.sys
- 2004-08-03 21:59:42 25,088 ----a-w C:\WINDOWS\system32\dllcache\pciidex.sys
+ 2004-08-03 20:59:42 25,088 ----a-w C:\WINDOWS\system32\dllcache\pciidex.sys
- 2008-04-21 07:02:35 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 15:40:04 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2008-04-21 07:02:37 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2008-06-23 15:40:05 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2008-04-21 07:02:38 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2008-06-23 15:40:06 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2008-04-21 07:02:39 617,984 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 15:40:06 617,984 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-04-21 07:02:40 663,552 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 15:40:08 663,552 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:35:05 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:06 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2007-11-29 22:28:24 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-07-25 08:34:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
+ 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
+ 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
+ 2008-07-25 08:34:50 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
+ 2008-07-25 08:34:46 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
+ 2008-07-25 08:34:46 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
+ 2008-07-25 08:34:46 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
- 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-06-14 17:59:52 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
+ 2006-08-09 01:00:00 2,432 ----a-w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2006-08-09 01:00:00 2,560 ----a-w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2006-09-21 13:59:52 99,720 ----a-w C:\WINDOWS\system32\drivers\drvmcdb.sys
- 2005-09-25 18:11:20 5,888 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
+ 2005-09-25 17:11:20 5,888 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
- 2005-09-25 18:11:20 127,488 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
+ 2005-09-25 17:11:20 127,488 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
- 2001-08-23 16:15:46 3,328 ----a-w C:\WINDOWS\system32\drivers\pciide.sys
+ 2001-08-23 15:15:46 3,328 ----a-w C:\WINDOWS\system32\drivers\pciide.sys
- 2004-08-03 21:59:42 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
+ 2004-08-03 20:59:42 25,088 ----a-w C:\WINDOWS\system32\drivers\pciidex.sys
+ 2008-07-25 08:34:52 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
- 2008-04-21 07:02:28 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 15:40:00 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-21 07:02:28 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 15:40:00 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-21 07:02:28 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 15:40:00 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2008-05-31 15:22:45 192,976 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-08-16 13:15:19 255,064 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-04-21 07:02:29 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2008-06-23 15:40:00 251,392 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2005-09-25 18:11:20 1,568,768 ----a-w C:\WINDOWS\system32\imagX7.dll
+ 2005-09-25 17:11:20 1,568,768 ----a-w C:\WINDOWS\system32\imagX7.dll
- 2005-09-25 18:11:20 476,320 ----a-w C:\WINDOWS\system32\imagXpr7.dll
+ 2005-09-25 17:11:20 476,320 ----a-w C:\WINDOWS\system32\imagXpr7.dll
- 2005-09-25 18:11:20 262,144 ----a-w C:\WINDOWS\system32\imagXR7.dll
+ 2005-09-25 17:11:20 262,144 ----a-w C:\WINDOWS\system32\imagXR7.dll
- 2005-09-25 18:11:20 471,040 ----a-w C:\WINDOWS\system32\imagXRA7.dll
+ 2005-09-25 17:11:20 471,040 ----a-w C:\WINDOWS\system32\imagXRA7.dll
- 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-04-21 07:02:29 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2008-06-23 15:40:00 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
- 2008-04-21 07:02:29 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 15:40:00 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2003-11-04 13:10:36 98,304 ----a-w C:\WINDOWS\system32\lffax13n.dll
+ 2003-11-04 13:11:32 155,648 ----a-w C:\WINDOWS\system32\lftif13n.dll
+ 2003-10-01 23:00:00 208,896 ----a-w C:\WINDOWS\system32\lockout.dll
+ 2003-10-01 23:00:00 45,056 ----a-w C:\WINDOWS\system32\lockres.dll
+ 2003-12-12 14:06:30 1,693,696 ----a-w C:\WINDOWS\system32\ltclr13n.dll
+ 2008-03-24 18:21:00 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-24 18:21:00 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 1999-06-25 09:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
+ 1999-06-25 07:55:30 149,504 ----a-w C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE
- 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-08-05 18:11:01 15,888,504 ----a-w C:\WINDOWS\system32\MRT.exe
+ 1998-07-13 04:00:00 141,312 ----a-w C:\WINDOWS\system32\mscmcfr.dll
- 2008-04-21 07:02:34 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-23 15:40:02 3,080,704 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-21 07:02:34 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 15:40:03 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-21 07:02:34 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 15:40:03 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-04-21 07:02:35 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 15:40:04 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
- 2002-02-04 08:43:00 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
+ 2003-04-18 16:29:26 82,432 ----a-w C:\WINDOWS\system32\msxml4r.dll
- 2005-09-25 18:11:20 155,648 ----a-w C:\WINDOWS\system32\NeroCheck.exe
+ 2005-09-25 17:11:20 155,648 ----a-w C:\WINDOWS\system32\NeroCheck.exe
- 2005-09-25 18:11:20 90,184 ----a-w C:\WINDOWS\system32\NeroCo.dll
+ 2005-09-25 17:11:20 90,184 ----a-w C:\WINDOWS\system32\NeroCo.dll
- 2008-04-21 07:02:35 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 15:40:04 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2005-04-17 21:21:16 372,736 ----a-w C:\WINDOWS\system32\Px.dll
+ 2008-07-23 16:50:46 551,672 ------w C:\WINDOWS\system32\Px.dll
- 2004-09-27 06:00:00 56,832 ----a-w C:\WINDOWS\system32\pxcpya64.exe
+ 2008-07-23 16:50:46 66,296 ------w C:\WINDOWS\system32\pxcpya64.exe
- 2005-04-15 07:01:00 417,792 ----a-w C:\WINDOWS\system32\pxdrv.dll
+ 2008-07-23 16:50:48 518,904 ------w C:\WINDOWS\system32\pxdrv.dll
- 2005-01-12 08:03:00 61,440 ----a-w C:\WINDOWS\system32\pxhpinst.exe
+ 2008-07-23 16:50:48 72,440 ------w C:\WINDOWS\system32\pxhpinst.exe
- 2005-01-12 08:03:00 56,320 ----a-w C:\WINDOWS\system32\pxinsa64.exe
+ 2008-07-23 16:50:46 64,760 ------w C:\WINDOWS\system32\pxinsa64.exe
- 2005-04-17 21:20:20 172,032 ----a-w C:\WINDOWS\system32\PxMas.dll
+ 2008-07-23 16:50:50 187,128 ------w C:\WINDOWS\system32\PxMas.dll
- 2005-04-17 21:24:26 1,134,592 ----a-w C:\WINDOWS\system32\PxSFS.DLL
+ 2008-07-23 16:50:48 1,628,920 ------w C:\WINDOWS\system32\PxSFS.DLL
- 2005-04-17 21:19:50 339,968 ----a-w C:\WINDOWS\system32\PxWave.dll
+ 2008-07-23 16:50:48 379,640 ------w C:\WINDOWS\system32\PxWave.dll
- 2005-04-17 21:22:06 151,552 ----a-w C:\WINDOWS\system32\pxwma.dll
+ 2006-06-09 09:54:34 157,352 ------w C:\WINDOWS\system32\pxwma.dll
+ 2001-08-23 16:15:46 3,328 ----a-w C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\pciide.sys
+ 2004-08-03 21:59:42 25,088 ----a-w C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\pciidex.sys
- 2008-04-21 07:02:37 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2008-06-23 15:40:05 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2008-04-21 07:02:38 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2008-06-23 15:40:06 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2005-09-25 18:11:20 364,544 ----a-w C:\WINDOWS\system32\TwnLib4.dll
+ 2005-09-25 17:11:20 364,544 ----a-w C:\WINDOWS\system32\TwnLib4.dll
- 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2004-09-16 07:00:00 77,824 ----a-w C:\WINDOWS\system32\UMLoader.dll
+ 2006-07-24 23:00:00 77,824 ----a-w C:\WINDOWS\system32\UMLoader.dll
- 2008-04-21 07:02:39 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 15:40:06 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2005-01-12 07:00:00 28,672 ----a-w C:\WINDOWS\system32\VXBLOCK.dll
+ 2008-07-23 16:50:46 88,824 ------w C:\WINDOWS\system32\VXBLOCK.dll
- 2008-04-21 07:02:40 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2008-06-23 15:40:08 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
- 2008-04-17 11:03:45 370,176 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:42:35 370,176 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2006-09-12 22:43:06 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_c9ba3671\ATL80.dll
+ 2006-09-12 22:41:36 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcm80.dll
+ 2006-09-12 22:41:36 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcp80.dll
+ 2006-09-12 22:41:36 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_691a48fd\msvcr80.dll
+ 2006-09-13 00:12:34 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfc80.dll
+ 2006-09-13 00:12:40 1,092,608 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfc80u.dll
+ 2006-09-13 00:12:44 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfcm80.dll
+ 2006-09-13 00:12:46 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_3a00bc02\mfcm80u.dll
+ 2006-09-12 23:54:30 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80CHS.dll
+ 2006-09-12 23:54:30 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80CHT.dll
+ 2006-09-12 23:54:28 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80DEU.dll
+ 2006-09-12 23:54:30 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ENU.dll
+ 2006-09-12 23:54:30 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ESP.dll
+ 2006-09-12 23:54:28 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80FRA.dll
+ 2006-09-12 23:54:30 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80ITA.dll
+ 2006-09-12 23:54:30 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80JPN.dll
+ 2006-09-12 23:54:30 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.363_x-ww_8f4fd500\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-27 22:57 68856]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 18:51 57344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04 52736]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 17:30 7110656]
"HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35 49152]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-05-05 01:21 278528]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 22:43 233472]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"F-Secure Manager"="C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" [2005-10-26 03:51 122929]
"F-Secure TNB"="C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" [2005-07-18 16:51 700416]
"F-Secure Startup Wizard"="C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" [2005-10-18 10:29 372736]
"News Service"="C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" [2005-05-31 14:45 356352]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44 61440]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2007-08-25 19:50 40960]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-03 05:50 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"XboxStat"="c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 18:05 734264]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2005-09-25 19:11 155648]
"nwiz"="nwiz.exe" [2005-08-02 17:30 1519616 C:\WINDOWS\system32\nwiz.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 57344 C:\WINDOWS\ALCXMNTR.EXE]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm
"VIDC.MJPG"= pvmjpg21.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\AntivirusFirewall\\backweb\\6588780\\Program\\fspex.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\RayV\\RayV\\RayV.exe"=
"C:\\WINDOWS\\system32\\winver.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6346:TCP"= 6346:TCP:shaerasa

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-11-18 17:04]
R2 acedrv11;acedrv11;C:\WINDOWS\system32\drivers\acedrv11.sys [2008-01-23 10:19]
R2 BackWeb Plug-in - 6588780;Antivirus Firewall;C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE [2008-01-03 22:09]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 17:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSgk.sys [2008-03-19 10:53]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\AntivirusFirewall\Anti-Virus\Win2K\FSrec.sys [2004-06-01 11:03]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2004-08-05 20:00]
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-07-27 23:42]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
S3 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [2008-02-26 15:49]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bef1afb3-bab8-11dc-8929-0013d358bdf3}]
\Shell\AutoRun\command - K:\Autoplay.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

2008-08-16 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job
- C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 18:36]
.
- - - - ORPHANS REMOVED - - - -

BHO-{CD1D1A7F-12BA-4B17-9928-2365AF70BF20} - C:\WINDOWS\system32\pmnOeedc.dll
HKLM-Run-LogitechVideoRepair - C:\Program Files\Logitech\Video\ISStart.exe
HKLM-Run-18cf4ce9 - C:\WINDOWS\system32\jvdaxbhx.dll
HKLM-Run-PCDrProfiler - (no file)
Notify-pmnlmkKd - pmnlmkKd.dll
MSConfigStartUp-Steam - C:\Program Files\Steam\Steam.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\b6wcz14v.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-16 15:16:31
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32.exe
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\FSRW.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Windows Media Connect\mswmcls.exe
C:\Program Files\Windows Media Connect\mswmccds.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSAV32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AntivirusFirewall\FWES\program\fsdfwd.exe
C:\Program Files\Windows Media Connect\mswmc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\FSAW.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-16 15:23:31 - machine was rebooted [HP_Propri‚taire]
ComboFix-quarantined-files.txt 2008-08-16 13:23:21
ComboFix2.txt 2008-06-21 20:28:51

Pre-Run: 17,711,730,688 octets libres
Post-Run: 17,750,614,016 octets libres

643 --- E O F --- 2008-08-15 14:10:54


Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23:01, on 16/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Connect\mswmcls.exe
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Connect\mswmc.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [XboxStat] "c:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\AntivirusFirewall\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - C:\WINDOWS\web\OpenFrame.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-5b9750d472d7a6e0.spaces [...] nPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFF8D776-ECCB-4EF3-8BC6-82AB57A85934}: NameServer = 192.168.1.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O24 - Desktop Component 0: (no name) - http://wallpapers.theotaku.com/ima [...] 015530.jpg
O24 - Desktop Component 1: (no name) - http://image.jeuxvideo.com/images/pc/s/c/scr2pc080.jpg

--
End of file - 10861 bytes

c'est pas le meme que sur le tuto je comprends rien

oui ba j'ai fais un scans et il trouve 2000 infections un truc comme sa mais c'est tout apres il fais rien?....