Infecté par TR/Vundo.Gen - Trojan

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Bonjour et merci de me répondre.
Voici le rapport obtenu:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:22, on 27/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: bambanner browser enhancer - {1a60f718-14c9-b49d-3d9c-c82feca9d86a} - C:\Windows\system32\fxmccdmtjpsbeobuh.dll
O2 - BHO: (no name) - {3FE9A08A-6D75-4124-B006-40A197729B89} - C:\Users\JC\AppData\Local\Temp\nnnKEtUo.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {9F539EEA-6BC1-436E-B60D-9662471E9417} - C:\Windows\system32\efcBurPh.dll (file missing)
O2 - BHO: {00918b70-a838-f4b8-a154-e4b1396e90cb} - {bc09e693-1b4e-451a-8b4f-838a07b81900} - C:\Windows\system32\easjtm.dll
O2 - BHO: (no name) - {BF2B683A-38B3-49F8-9C60-FA055DD49058} - C:\Windows\system32\cbXRjgFu.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [{ecac644c-86fd-817b-27eb-12dac5c1147c}] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\fxmccdmtjpsbeobuh.dll" DllStub
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\byXrQGaA.dll,#1
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [de70a30a] rundll32.exe "C:\Windows\system32\qtkwlslk.dll",b
O4 - HKLM\..\Run: [BMdd439096] Rundll32.exe "C:\Windows\system32\chgunhaf.dll",s
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [LSA Shellu] C:\Users\JC\lsass.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\JC\AppData\Local\Temp\qoMeETMG.dll,#1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: easjtm.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 10069 bytes

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

voila la suite, (encore merci;-)

ComboFix 08-09-26.06 - JC 2008-09-27 19:33:18.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1195 [GMT 2:00]
Lancé depuis: C:\Users\JC\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\network monitor
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Users\JC\AppData\Roaming\Microsoft\Windows\Cookies\jc@ad.yieldmanager[2].txt
C:\Users\JC\AppData\Roaming\Microsoft\Windows\Cookies\jc@servedby.topqualityads[1].txt
C:\Windows\cookies.ini
C:\Windows\system32\mcrh.tmp
C:\Windows\system32\MSINET.oca
C:\Windows\system32\pac.txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-27 au 2008-09-27 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-27 17:32 578,592 --sha-w C:\Windows\System32\uFgjRXbc.ini2
2008-09-27 14:53 73,216 ----a-w C:\Windows\System32\qtkwlslk.dll
2008-09-27 14:53 115,200 ----a-w C:\Windows\System32\reudrdfw.dll
2008-09-27 14:53 115,200 ----a-w C:\Windows\System32\easjtm.dll
2008-09-27 14:53 105,984 ----a-w C:\Windows\System32\chgunhaf.dll
2008-09-27 13:52 115,200 ----a-w C:\Windows\System32\uqmthn.dll
2008-09-27 13:52 115,200 ----a-w C:\Windows\System32\esjgbacy.dll
2008-09-27 13:47 105,984 ----a-w C:\Windows\System32\ttkjxbjm.dll
2008-09-27 13:42 27,050 ----a-w C:\Users\JC\AppData\Roaming\nvModes.dat
2008-09-27 11:25 --------- d-----w C:\Program Files\Trend Micro
2008-09-27 11:19 559,365 --sha-w C:\Windows\System32\hOWDffii.ini2
2008-09-27 11:16 115,200 ----a-w C:\Windows\System32\ikvxttem.dll
2008-09-27 11:16 115,200 ----a-w C:\Windows\System32\avwfzh.dll
2008-09-27 11:11 105,984 ----a-w C:\Windows\System32\dhrddnis.dll
2008-09-27 11:10 284,160 ----a-w C:\Windows\System32\iiffDWOh.dll
2008-09-26 22:18 554,734 --sha-w C:\Windows\System32\AdLkkUtv.ini2
2008-09-26 22:16 105,984 ----a-w C:\Windows\System32\rwslaqqk.dll
2008-09-26 22:15 284,160 ----a-w C:\Windows\System32\vtUkkLdA.dll
2008-09-26 19:07 587,213 --sha-w C:\Windows\System32\UBHOnpXx.ini2
2008-09-26 16:27 115,200 ----a-w C:\Windows\System32\zaabwk.dll
2008-09-26 16:27 115,200 ----a-w C:\Windows\System32\lipceymj.dll
2008-09-26 16:23 284,160 ----a-w C:\Windows\System32\xXpnOHBU.dll
2008-09-26 09:26 115,200 ----a-w C:\Windows\System32\wnrvue.dll
2008-09-26 09:26 115,200 ----a-w C:\Windows\System32\cywmwlhh.dll
2008-09-26 09:23 105,984 ----a-w C:\Windows\System32\rkforvqx.dll
2008-09-25 20:20 115,200 ----a-w C:\Windows\System32\cytdpb.dll
2008-09-25 20:20 115,200 ----a-w C:\Windows\System32\awrmkust.dll
2008-09-25 10:35 555,912 --sha-w C:\Windows\System32\YxyabaKj.ini2
2008-09-25 10:26 115,200 ----a-w C:\Windows\System32\wiahgm.dll
2008-09-25 10:26 115,200 ----a-w C:\Windows\System32\ogogjuro.dll
2008-09-25 10:25 105,472 ----a-w C:\Windows\System32\nfbyuavn.dll
2008-09-25 10:22 284,160 ----a-w C:\Windows\System32\jKabayxY.dll
2008-09-24 18:58 105,472 ----a-w C:\Windows\System32\iuhwhvox.dll
2008-09-24 18:57 284,160 ----a-w C:\Windows\System32\ssqPfEVm.dll
2008-09-24 17:24 561,558 --sha-w C:\Windows\System32\AdLkSvut.ini2
2008-09-24 17:21 84,992 ----a-w C:\Windows\System32\gwbwanpj.dll
2008-09-24 17:18 115,200 ----a-w C:\Windows\System32\lnwkonxk.dll
2008-09-24 17:18 115,200 ----a-w C:\Windows\System32\btfihq.dll
2008-09-24 17:15 105,472 ----a-w C:\Windows\System32\qdacnckp.dll
2008-09-24 17:14 284,160 ----a-w C:\Windows\System32\tuvSkLdA.dll
2008-09-24 10:50 565,198 --sha-w C:\Windows\System32\WFeOnnnn.ini2
2008-09-24 08:56 95,744 ----a-w C:\Windows\System32\alqyhrpl.dll
2008-09-24 08:56 115,200 ----a-w C:\Windows\System32\ymldnsmq.dll
2008-09-24 08:56 115,200 ----a-w C:\Windows\System32\mnojtt.dll
2008-09-24 08:55 284,672 ----a-w C:\Windows\System32\nnnnOeFW.dll
2008-09-23 20:09 284,160 ----a-w C:\Windows\System32\iifcDWoo.dll
2008-09-23 20:06 71 ----a-w C:\Users\JC\9974.bat
2008-09-23 20:06 40,960 ----a-w C:\Users\JC\index.exe
2008-09-23 17:22 71 ----a-w C:\Users\JC\6390.bat
2008-09-23 17:09 4,096 ----a-w C:\Windows\System32\fccDWqpQ.dll
2008-09-23 17:06 71 ----a-w C:\Users\JC\7616.bat
2008-09-23 16:43 71 ----a-w C:\Users\JC\1630.bat
2008-09-23 16:06 96,256 ----a-w C:\Windows\System32\uipeejhn.dll
2008-09-23 16:06 115,200 ----a-w C:\Windows\System32\nogokrsv.dll
2008-09-23 16:06 115,200 ----a-w C:\Windows\System32\jowpag.dll
2008-09-23 16:01 71 ----a-w C:\Users\JC\3191.bat
2008-09-23 15:30 71 ----a-w C:\Users\JC\2663.bat
2008-09-23 15:02 71 ----a-w C:\Users\JC\2609.bat
2008-09-23 14:45 555,530 --sha-w C:\Windows\System32\QWDMUvut.ini2
2008-09-23 14:45 115,200 ----a-w C:\Windows\System32\mjubeoln.dll
2008-09-23 14:45 115,200 ----a-w C:\Windows\System32\hejhvz.dll
2008-09-23 14:43 96,256 ----a-w C:\Windows\System32\nyimovwc.dll
2008-09-23 14:42 284,160 ----a-w C:\Windows\System32\tuvUMDWQ.dll
2008-09-23 14:39 71 ----a-w C:\Users\JC\4973.bat
2008-09-23 13:39 96,256 ----a-w C:\Windows\System32\lthfdrhm.dll
2008-09-23 13:38 284,160 ----a-w C:\Windows\System32\opnomlIa.dll
2008-09-23 13:34 71 ----a-w C:\Users\JC\3234.bat
2008-09-23 10:17 71 ----a-w C:\Users\JC\9234.bat
2008-09-23 08:09 71 ----a-w C:\Users\JC\4312.bat
2008-09-23 08:09 34,816 ----a-w C:\Windows\System32\khfFYSlM.dll
2008-09-23 08:09 34,816 ----a-w C:\Windows\System32\hgGyvtSk.dll
2008-09-22 19:00 71 ----a-w C:\Users\JC\6938.bat
2008-09-22 17:12 71 ----a-w C:\Users\JC\5399.bat
2008-09-22 17:08 547,918 --sha-w C:\Windows\System32\dLmoYcfe.ini2
2008-09-22 17:07 95,232 ----a-w C:\Windows\System32\xabkbclw.dll
2008-09-22 17:04 284,672 ----a-w C:\Windows\System32\efcYomLd.dll
2008-09-22 17:02 34,816 ----a-w C:\Windows\System32\ljJcawxx.dll
2008-09-22 17:02 34,816 ----a-w C:\Windows\System32\hgGxwuTn.dll
2008-09-22 17:01 71 ----a-w C:\Users\JC\3640.bat
2008-09-22 15:42 115,200 ----a-w C:\Windows\System32\tthrqu.dll
2008-09-22 15:42 115,200 ----a-w C:\Windows\System32\octbeiuo.dll
2008-09-22 15:39 95,232 ----a-w C:\Windows\System32\igwvdsov.dll
2008-09-20 20:02 221,184 ----a-w C:\Windows\System32\kfywvddj.dll
2008-09-20 20:02 115,200 ----a-w C:\Windows\System32\tojpacsj.dll
2008-09-20 20:02 115,200 ----a-w C:\Windows\System32\sdtakr.dll
2008-09-20 20:02 108,544 ----a-w C:\Windows\System32\gEWPhHyW.dll
2008-09-20 19:59 96,256 ----a-w C:\Windows\System32\pbxqxhhs.dll
2008-09-20 19:56 96,256 ----a-w C:\Windows\System32\dgwhlfrp.dll
2008-09-20 19:19 71 ----a-w C:\Users\JC\5056.bat
2008-09-20 15:26 552,650 --sha-w C:\Windows\System32\DMpqqYay.ini2
2008-09-20 13:31 74,752 ----a-w C:\Windows\System32\rQHAtQHb.dll
2008-09-20 13:31 221,184 ----a-w C:\Windows\System32\vaxygyui.dll
2008-09-20 13:31 108,544 ----a-w C:\Windows\System32\geBuUOhh.dll
2008-09-20 13:28 115,200 ----a-w C:\Windows\System32\ghgmvlmd.dll
2008-09-20 13:28 115,200 ----a-w C:\Windows\System32\bjhtyc.dll
2008-09-20 13:26 96,256 ----a-w C:\Windows\System32\vsjqpphj.dll
2008-09-20 13:25 284,672 ----a-w C:\Windows\System32\yaYqqpMD.dll
2008-09-20 13:21 71 ----a-w C:\Users\JC\7398.bat
2008-09-20 10:41 --------- d-----w C:\ProgramData\Lavasoft
2008-09-20 10:41 --------- d-----w C:\Program Files\Ad-Aware
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1a60f718-14c9-b49d-3d9c-c82feca9d86a}]
2008-08-29 14:11 166400 --a------ C:\Windows\system32\fxmccdmtjpsbeobuh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bc09e693-1b4e-451a-8b4f-838a07b81900}]
2008-09-27 16:53 115200 --a------ C:\Windows\system32\easjtm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF2B683A-38B3-49F8-9C60-FA055DD49058}]
2008-09-15 22:14 283648 --a------ C:\Windows\system32\cbXRjgFu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-10-09 729088]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"MSServer"="C:\Windows\system32\tuvUKbBq.dll" [2008-09-15 34304]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-04-23 176128]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-01 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-01 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-01 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-05-17 77824]
"pccguide.exe"="C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe" [2003-03-26 258048]
"PCCClient.exe"="C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe" [2003-03-26 462848]
"Pop3trap.exe"="C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe" [2003-03-26 315458]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"{ecac644c-86fd-817b-27eb-12dac5c1147c}"="C:\Windows\system32\fxmccdmtjpsbeobuh.dll" [2008-08-29 166400]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-06-14 155648]
"de70a30a"="C:\Windows\system32\qtkwlslk.dll" [2008-09-27 73216]
"BMdd439096"="C:\Windows\system32\chgunhaf.dll" [2008-09-27 105984]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 C:\WINDOWS\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-07 44128]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5F6E5BDB-1442-45B7-B0C9-E927035A7415}"= "C:\Windows\system32\tuvUKbBq.dll" [2008-09-15 34304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=easjtm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i263_32.drv
"vidc.XVID"= xvid.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.l3codec"= l3codecp.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"VIDC.i263"= i263_32.drv
"msacm.imc"= imc32.acm
"VIDC.VP31"= vp31vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-06-14 19:10 155648 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F82623D6-ECEC-4B8D-A97A-A4B7FB466766}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{EE3A4FBE-66DD-484A-9F72-3677D1306994}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{08F62DF6-F995-4843-93CD-017E93819D94}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 PCC_PFW;PC-Cillin Personal Firewall;C:\Windows\system32\Drivers\PCC_PFW.sys [2003-03-26 56796]
R2 PCCPFW;PC-cillin PersonalFirewall;C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe [2003-03-26 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0068cbbf-5293-11dd-ae64-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04ecf240-6401-11dd-8d17-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{467e1576-43af-11dd-85a8-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{467e157e-43af-11dd-85a8-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5acf64c1-7739-11dd-9c54-001b248e4747}]
\shell\Auto\command - H:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82919872-3354-11dd-8fd1-806e6f6e6963}]
\shell\AutoRun\command - E:\BeachSoccer-setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e5bc869-43a8-11dd-8f88-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b776010b-8993-11dd-bb6c-001a6bdfdafe}]
\shell\Auto\command - H:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf64ea65-87fc-11dd-8b35-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2d56d0a-5ef8-11dd-bf28-001b248e4747}]
\shell\Auto\command - G:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f84eb6b1-340a-11dd-b1d9-001a6bdfdafe}]
\shell\Auto\command - H:\Start.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{3FE9A08A-6D75-4124-B006-40A197729B89} - C:\Users\JC\AppData\Local\Temp\nnnKEtUo.dll
BHO-{9F539EEA-6BC1-436E-B60D-9662471E9417} - C:\Windows\system32\efcBurPh.dll
HKCU-Run-LSA Shellu - C:\Users\JC\lsass.exe
HKLM-Run-HP Software Update - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
ShellExecuteHooks-{114A72AF-007E-461D-89FF-864728C749C5} - C:\Windows\system32\tuvUKDTk.dll
ShellExecuteHooks-{4E3FD859-E3E7-41AA-9A6B-03D76CF89658} - C:\Windows\system32\khfDvuvv.dll
ShellExecuteHooks-{4CAFAF0C-C38F-43C1-8080-390E776254DE} - C:\Windows\system32\hgGyyVMF.dll


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\6ow7jdoz.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava11.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava12.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava13.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava14.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjava32.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
FF -: plugin - C:\Program Files\Java\jre1.6.0\bin\npoji610.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 19:39:04
Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


C:\Users\JC\AppData\Local\Temp\WSOCK32.DLL 14848 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\WINDOWS\System32\audiodg.exe
C:\Program Files\Ad-Aware\aawservice.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
.
**************************************************************************
.
Heure de fin: 2008-09-27 19:43:06 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-09-27 17:42:40

Avant-CF: Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application.
Après-CF: 93,474,041,856 octets libres

303 --- E O F --- 2008-09-12 18:00:04

que dois-je faire apres svp?

Il y a encore beaucoup de restes.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

voila le rapport MBAM:

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1221
Windows 6.0.6000

29/09/2008 00:21:48
mbam-log-2008-09-29 (00-21-48).txt

Type de recherche: Examen complet (C:\|D:\|F:\|)
Eléments examinés: 149771
Temps écoulé: 23 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 157

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\System32\cbXRjgFu.dll (Trojan.Vundo.H) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6931ba54-bc1b-4099-9959-6fda716b1ed8} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6931ba54-bc1b-4099-9959-6fda716b1ed8} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7bf1e2d7-45c9-425a-8464-14b4d233de51} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7bf1e2d7-45c9-425a-8464-14b4d233de51} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bambanner (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a60f718-14c9-b49d-3d9c-c82feca9d86a} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1a60f718-14c9-b49d-3d9c-c82feca9d86a} (Adware.BHO) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\de70a30a (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{ecac644c-86fd-817b-27eb-12dac5c1147c} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmdd439096 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\cbxrjgfu -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\cbxrjgfu -> Delete on reboot.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\System32\cbXRjgFu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\System32\uFgjRXbc.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\uFgjRXbc.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\wytjan.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\asurgwty.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ytwgrusa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\awtRIBQh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\hQBIRtwa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\hQBIRtwa.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\awtUkLba.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\abLkUtwa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\abLkUtwa.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\beborqwj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\jwqrobeb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\efcCrSmL.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\LmSrCcfe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\LmSrCcfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\efcYomLd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\dLmoYcfe.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\dLmoYcfe.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\geBRhgeB.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\BeghRBeg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\BeghRBeg.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\gwbwanpj.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\jpnawbwg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\iifcDWoo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ooWDcfii.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ooWDcfii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\iiffDWOh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\hOWDffii.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\hOWDffii.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\jKabayxY.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\YxyabaKj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\YxyabaKj.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mlJAsPff.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ffPsAJlm.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ffPsAJlm.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\nnNDsPhG.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\GhPsDNnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\GhPsDNnn.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\nnnnOeFW.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\WFeOnnnn.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\WFeOnnnn.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\opnomlIa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\aIlmonpo.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\aIlmonpo.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\pmnNDtUO.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\OUtDNnmp.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\OUtDNnmp.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\qoMebARH.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\HRAbeMoq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\HRAbeMoq.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\rqRLfFWQ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\QWFfLRqr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\QWFfLRqr.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\rqRLFvwV.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\VwvFLRqr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\VwvFLRqr.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ssqNHyXp.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\pXyHNqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ssqPfEVm.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mVEfPqss.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mVEfPqss.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\tuvSkLdA.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\AdLkSvut.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\AdLkSvut.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\tuvUMDWQ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\QWDMUvut.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\QWDMUvut.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\uclkwnpe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\epnwklcu.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\urQgGYPI.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\IPYGgQru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\IPYGgQru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\urqNDSiJ.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\JiSDNqru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\JiSDNqru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\urqnmJbX.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\XbJmnqru.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\XbJmnqru.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\vtUkkLdA.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\AdLkkUtv.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\AdLkkUtv.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\wvUKDWOg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\gOWDKUvw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\gOWDKUvw.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\xXpnOHBU.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\UBHOnpXx.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\UBHOnpXx.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\yaYqqpMD.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\DMpqqYay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\DMpqqYay.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Users\JC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBPRH0D\nd82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\JC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EWBPRH0D\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\JC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FLVKSY9A\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\JC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IGNOZFR4\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ahqvxapa.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ailxohgg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\aoiobeec.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\apyzow.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\avwfzh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\awrmkust.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\bjhtyc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\bpckog.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\btfihq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\cifftqad.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\cliaqdwp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\cytdpb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\cywmwlhh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\easjtm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\edstaedj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\entusv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\esjgbacy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\euloznnbbo.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\fyhaum.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ggwohetn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ghgmvlmd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\hejhvz.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ibkhluga.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\iifcCTJa.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ikvxttem.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\jjitfp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\jowpag.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\lipceymj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\llawauae.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\lnwkonxk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\maknjc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mbivyfox.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mjobaroy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\mjubeoln.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\nogokrsv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\octbeiuo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ogogjuro.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\pcwaod.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\qqusvpub.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\qujauyip.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\reudrdfw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\rQHAtQHb.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\scbcglas.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\sdtakr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\tfsqqphx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\tojpacsj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\tthrqu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\uqmthn.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\vatlop.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\vrvnodwo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\wiahgm.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\wnrvue.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\xqqnwt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\zaabwk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\ztwtsf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\zvphet.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\res\MTRA130t.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\vtUmJBUL.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\fxmccdmtjpsbeobuh.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\kqriutij.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\System32\fccDWqpQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

...bcp de fichiers infectés!!Ca fait peur!

Au redémarrage antivir a repéré deux autres infections:
un TR/Vundo.Gen et un TR/Crypt.XPACK.GEN
Dois-je les supprimer manuellement à l'aide de MBAM?

Apres cela reste r'il quelque chose à faire?

merci pour votre aide

J'ai cru lire sur d'autres post qu'il fallait faire un second rapport hijackthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:28:21, on 29/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: wytjan.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 7676 bytes

Refais un scan Combofix  

rapport combofix:

ComboFix 08-09-28.01 - JC 2008-09-29 21:39:02.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1352 [GMT 2:00]
Lancé depuis: C:\Users\JC\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\alqyhrpl.dll
C:\Windows\system32\aWoNgdEW.dll
C:\Windows\system32\bYOiGwXr.dll
C:\Windows\system32\byXpnnNE.dll
C:\Windows\system32\cbXpNgef.dll
C:\Windows\system32\cbXRHaYQ.dll
C:\Windows\system32\cgohsgpi.dll
C:\Windows\system32\chgunhaf.dll
C:\Windows\system32\cnojdqtr.dll
C:\Windows\system32\dgwhlfrp.dll
C:\Windows\system32\dhrddnis.dll
C:\Windows\system32\dkscevck.dll
C:\Windows\system32\eavvxosq.dll
C:\Windows\system32\enftycns.dll
C:\Windows\system32\geBuUOhh.dll
C:\Windows\system32\gEWPhHyW.dll
C:\Windows\system32\gqxeyhhi.dll
C:\Windows\system32\hgGxuvvU.dll
C:\Windows\system32\hgGxwuTn.dll
C:\Windows\system32\hgGyvtSk.dll
C:\Windows\system32\hveuuhuc.dll
C:\Windows\system32\igwvdsov.dll
C:\Windows\system32\iifedCTM.dll
C:\Windows\system32\iifgfDWp.dll
C:\Windows\system32\iuhwhvox.dll
C:\Windows\system32\kfywvddj.dll
C:\Windows\system32\khfDwuUN.dll
C:\Windows\system32\khfFYSlM.dll
C:\Windows\system32\kxsbdnux.dll
C:\Windows\system32\ljJcawxx.dll
C:\Windows\system32\ljjkKbbc.dll
C:\Windows\system32\lthfdrhm.dll
C:\Windows\system32\mnojtt.dll
C:\Windows\system32\mtscgwjc.dll
C:\Windows\system32\nfbyuavn.dll
C:\Windows\system32\nyimovwc.dll
C:\Windows\system32\pbxqxhhs.dll
C:\Windows\system32\phvinxxw.dll
C:\Windows\system32\pMdEwTJd.dll
C:\Windows\system32\pmnlkjJc.dll
C:\Windows\system32\qdacnckp.dll
C:\Windows\system32\rihbmftx.dll
C:\Windows\system32\rkforvqx.dll
C:\Windows\system32\rwmrhqjh.dll
C:\Windows\system32\rwslaqqk.dll
C:\Windows\system32\snvsxccd.dll
C:\Windows\system32\ssqNDstU.dll
C:\Windows\system32\ttkjxbjm.dll
C:\Windows\system32\tuvVLeDU.dll
C:\Windows\system32\uipeejhn.dll
C:\Windows\system32\urQiFUkj.dll
C:\Windows\system32\vaxygyui.dll
C:\Windows\system32\vsjqpphj.dll
C:\Windows\system32\vtUmKCus.dll
C:\Windows\system32\wppknmgr.dll
C:\Windows\system32\xabkbclw.dll
C:\Windows\system32\xdawsvfn.dll
C:\Windows\system32\xpcylqaq.dll
C:\Windows\system32\ymldnsmq.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-08-28 au 2008-09-29 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-29 19:35 27,050 ----a-w C:\Users\JC\AppData\Roaming\nvModes.dat
2008-09-29 09:16 --------- d-----w C:\ProgramData\Roxio
2008-09-29 08:50 --------- d-----w C:\Users\JC\AppData\Roaming\Roxio
2008-09-29 08:47 --------- d-----w C:\ProgramData\Sonic
2008-09-28 21:43 --------- d-----w C:\Users\JC\AppData\Roaming\Malwarebytes
2008-09-28 21:43 --------- d-----w C:\ProgramData\Malwarebytes
2008-09-28 21:43 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-27 11:25 --------- d-----w C:\Program Files\Trend Micro
2008-09-23 20:06 71 ----a-w C:\Users\JC\9974.bat
2008-09-23 20:06 40,960 ----a-w C:\Users\JC\index.exe
2008-09-23 17:22 71 ----a-w C:\Users\JC\6390.bat
2008-09-23 17:06 71 ----a-w C:\Users\JC\7616.bat
2008-09-23 16:43 71 ----a-w C:\Users\JC\1630.bat
2008-09-23 16:01 71 ----a-w C:\Users\JC\3191.bat
2008-09-23 15:30 71 ----a-w C:\Users\JC\2663.bat
2008-09-23 15:02 71 ----a-w C:\Users\JC\2609.bat
2008-09-23 14:39 71 ----a-w C:\Users\JC\4973.bat
2008-09-23 13:34 71 ----a-w C:\Users\JC\3234.bat
2008-09-23 10:17 71 ----a-w C:\Users\JC\9234.bat
2008-09-23 08:09 71 ----a-w C:\Users\JC\4312.bat
2008-09-22 19:00 71 ----a-w C:\Users\JC\6938.bat
2008-09-22 17:12 71 ----a-w C:\Users\JC\5399.bat
2008-09-22 17:01 71 ----a-w C:\Users\JC\3640.bat
2008-09-20 19:19 71 ----a-w C:\Users\JC\5056.bat
2008-09-20 13:21 71 ----a-w C:\Users\JC\7398.bat
2008-09-20 10:41 --------- d-----w C:\ProgramData\Lavasoft
2008-09-20 10:41 --------- d-----w C:\Program Files\Ad-Aware
2008-09-20 10:39 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-20 09:53 --------- d-----w C:\ProgramData\Avira
2008-09-20 09:53 --------- d-----w C:\Program Files\Avira
2008-09-20 09:26 71 ----a-w C:\Users\JC\9708.bat
2008-09-18 10:10 71 ----a-w C:\Users\JC\5001.bat
2008-09-18 10:04 114,232 ----a-w C:\Windows\System32\jomtmsrs.dll
2008-09-18 09:49 71 ----a-w C:\Users\JC\6494.bat
2008-09-18 08:44 71 ----a-w C:\Users\JC\2304.bat
2008-09-17 21:39 --------- d-----w C:\Program Files\HP
2008-09-17 21:38 71 ----a-w C:\Users\JC\7591.bat
2008-09-17 20:03 71 ----a-w C:\Users\JC\7789.bat
2008-09-17 15:58 71 ----a-w C:\Users\JC\9835.bat
2008-09-17 09:11 71 ----a-w C:\Users\JC\3021.bat
2008-09-16 19:40 71 ----a-w C:\Users\JC\3827.bat
2008-09-16 17:45 71 ----a-w C:\Users\JC\6693.bat
2008-09-16 17:34 71 ----a-w C:\Users\JC\5475.bat
2008-09-16 17:33 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-09-15 20:51 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-15 20:40 --------- d-----w C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-09-15 20:09 71 ----a-w C:\Users\JC\2216.bat
2008-09-14 16:09 71 ----a-w C:\Users\JC\2420.bat
2008-09-14 14:21 71 ----a-w C:\Users\JC\4399.bat
2008-09-14 12:00 71 ----a-w C:\Users\JC\9830.bat
2008-09-13 08:24 71 ----a-w C:\Users\JC\5871.bat
2008-09-13 08:18 71 ----a-w C:\Users\JC\9932.bat
2008-09-12 20:43 71 ----a-w C:\Users\JC\1279.bat
2008-09-12 17:56 --------- d-----w C:\Program Files\Windows Mail
2008-09-12 16:20 71 ----a-w C:\Users\JC\3489.bat
2008-09-12 16:05 71 ----a-w C:\Users\JC\3145.bat
2008-09-12 15:15 71 ----a-w C:\Users\JC\5511.bat
2008-09-12 15:02 71 ----a-w C:\Users\JC\4717.bat
2008-09-12 15:00 --------- d-----w C:\ProgramData\NOS
2008-09-12 15:00 --------- d-----w C:\Program Files\NOS
2008-09-12 13:47 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-09-12 13:47 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-12 13:46 --------- d--h--w C:\ProgramData\CanonBJ
2008-09-12 09:42 174 --sha-w C:\Program Files\desktop.ini
2008-09-12 09:31 71 ----a-w C:\Users\JC\9038.bat
2008-09-11 20:21 71 ----a-w C:\Users\JC\3505.bat
2008-09-09 22:04 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-09-09 22:03 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 03:34 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-07-30 23:47 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-19 05:10 53,448 ----a-w C:\Windows\System32\wuauclt.exe
2008-07-19 05:10 45,768 ----a-w C:\Windows\System32\wups2.dll
2008-07-19 05:09 1,811,656 ----a-w C:\Windows\System32\wuaueng.dll
2008-07-19 03:44 1,524,736 ----a-w C:\Windows\System32\wucltux.dll
2008-07-18 20:08 163,904 ----a-w C:\Windows\System32\wuwebv.dll
2008-07-18 18:44 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-07-15 23:48 2,048 ----a-w C:\Windows\System32\tzres.dll
.

((((((((((((((((((((((((((((( snapshot@2008-09-27_19.41.24.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-29 19:34:43 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-29 19:34:43 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-09-27 16:57:03 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-29 08:17:17 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-27 16:57:03 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-29 08:17:17 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-27 16:57:03 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-29 08:17:17 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-27 17:38:54 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-29 19:36:17 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-09-29 19:36:17 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-09-27 17:38:54 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-29 19:36:22 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-09-29 19:36:22 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2007-07-30 17:19:54 71,352 ------w C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
+ 2008-07-18 20:08:20 72,256 ------w C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe
- 2008-09-27 17:39:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-28 22:56:48 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-27 17:39:11 65,536 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-28 22:56:48 65,536 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-27 17:39:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-28 22:56:48 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-27 17:33:08 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-09-29 19:38:57 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-09-29 19:38:57 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-06-14 12:49:12 345,456 ----a-w C:\Windows\System32\FNTCACHE.DAT
+ 2008-09-28 22:24:08 345,456 ----a-w C:\Windows\System32\FNTCACHE.DAT
- 2008-09-24 17:15:59 103,924 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-09-29 19:42:01 103,924 ----a-w C:\Windows\System32\perfc009.dat
- 2008-09-24 17:15:59 117,572 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-09-29 19:42:01 117,572 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-09-24 17:15:59 610,142 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-09-29 19:42:01 610,142 ----a-w C:\Windows\System32\perfh009.dat
- 2008-09-24 17:15:59 690,832 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-09-29 19:42:01 690,832 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-09-14 13:51:55 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-09-27 18:35:03 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2008-09-27 13:44:23 6,412 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4240378360-3957530020-1513529585-1000_UserData.bin
+ 2008-09-29 19:36:41 7,478 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4240378360-3957530020-1513529585-1000_UserData.bin
- 2008-09-27 13:44:23 64,352 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-29 19:36:41 64,654 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-09-27 13:44:20 40,302 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-09-29 19:36:40 41,026 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-09-14 12:04:23 30,093,792 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-09-27 17:58:32 115,853,120 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2006-11-02 12:35:28 77,824 ----a-w C:\Windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6001.18000_none_fdcbbc4906dd2f5d\ehiExtens.dll
+ 2008-06-23 18:09:26 19,456 ----a-w C:\Windows\winsxs\x86_bth.inf_31bf3856ad364e35_6.0.6001.18000_none_7244c43bbb913795\bthenum.sys
+ 2006-11-02 09:46:02 24,576 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_d51103be4cb9d6c3\aelupsvc.dll
+ 2006-11-02 09:45:39 20,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_d51103be4cb9d6c3\sdbinst.exe
+ 2006-11-02 09:46:13 111,104 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_d51103be4cb9d6c3\shimeng.dll
+ 2006-11-02 07:11:38 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6001.18000_none_0c223829f24c6bcd\AcRes.dll
+ 2006-11-02 09:46:02 38,912 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\acppage.dll
+ 2006-11-02 07:11:39 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\acprgwiz.dll
+ 2006-11-02 09:45:32 8,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\pcaelv.exe
+ 2006-11-02 09:45:32 7,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\pcalua.exe
+ 2006-11-02 09:45:32 14,336 ----a-w C:\Windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6001.18000_none_94ca2703a87213b1\pcaui.exe
+ 2006-11-02 12:34:33 30,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmband.dll
+ 2006-11-02 12:34:33 62,976 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmcompos.dll
+ 2006-11-02 12:34:33 105,472 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmstyle.dll
+ 2006-11-02 12:34:33 20,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dswave.dll
+ 2006-11-02 09:46:05 52,224 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\mmci.dll
+ 2006-11-02 09:46:05 12,800 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\mmcico.dll
+ 2006-11-02 09:46:13 185,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-audio-volumecontrol_31bf3856ad364e35_6.0.6001.18000_none_c62871670779ffa4\SndVolSSO.dll
+ 2006-11-02 09:41:17 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6001.18000_none_175cb770bf6b8f77\netmsg.dll
+ 2006-11-02 09:46:11 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6001.18000_none_175cb770bf6b8f77\netrap.dll
+ 2006-11-02 09:44:52 34,304 ----a-w C:\Windows\winsxs\x86_microsoft-windows-bth-user_31bf3856ad364e35_6.0.6001.18000_none_65193febd52e137a\bthudtask.exe
+ 2006-11-02 09:46:14 34,304 ----a-w C:\Windows\winsxs\x86_microsoft-windows-bth-user_31bf3856ad364e35_6.0.6001.18000_none_65193febd52e137a\wshbth.dll
+ 2006-11-02 09:46:02 41,984 ----a-w C:\Windows\winsxs\x86_microsoft-windows-certutil_31bf3856ad364e35_6.0.6001.18000_none_b58507ed335c92cc\certenc.dll
+ 2006-11-02 09:46:03 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-base_31bf3856ad364e35_6.0.6001.18000_none_0dee367726857e43\comcat.dll
+ 2006-11-02 07:28:57 22,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-base_31bf3856ad364e35_6.0.6001.18000_none_0dee367726857e43\oleres.dll
+ 2006-11-02 09:46:02 23,552 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-complus-runtime_31bf3856ad364e35_6.0.6001.18000_none_59cabf11d4b18d8a\catsrvps.dll
+ 2006-09-18 21:27:45 61,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-complus-runtime_31bf3856ad364e35_6.0.6001.18000_none_59cabf11d4b18d8a\comempty.dat
+ 2006-11-02 09:46:11 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-complus-runtime_31bf3856ad364e35_6.0.6001.18000_none_59cabf11d4b18d8a\mtxex.dll
+ 2006-11-02 09:45:00 8,704 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-complus-ui_31bf3856ad364e35_6.0.6001.18000_none_b0a7c3b54838915e\dcomcnfg.exe
+ 2006-09-18 21:27:12 19,429 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-dtc-tracing_31bf3856ad364e35_6.0.6001.18000_none_17df4ac2f2cf5440\msdtcvtr.bat
+ 2006-09-18 21:35:10 27,792 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\compobj.dll
+ 2006-11-02 09:39:39 3,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\iprop.dll
+ 2006-09-18 21:35:13 42,592 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\ole2.dll
+ 2006-09-18 21:35:14 169,520 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\ole2disp.dll
+ 2006-09-18 21:35:15 153,008 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\ole2nls.dll
+ 2006-09-18 21:35:15 4,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\storage.dll
+ 2006-09-18 21:35:15 177,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-com-legacyole_31bf3856ad364e35_6.0.6001.18000_none_3f1ba507d2463833\typelib.dll
+ 2006-11-02 09:46:03 31,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-convert_31bf3856ad364e35_6.0.6001.18000_none_9cd54abba85233ff\cnvfat.dll
+ 2006-11-02 09:44:15 5,120 ----a-w C:\Windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.0.6001.18000_none_255246473e514737\wmi.dll
+ 2006-11-02 09:44:59 19,968 ----a-w C:\Windows\winsxs\x86_microsoft-windows-corruptedfilerecovery_31bf3856ad364e35_6.0.6001.18000_none_87b9b7e028c74e65\cofire.exe
+ 2006-11-02 09:45:20 36,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6001.18000_none_ed313ee5721aa9bc\IMJPUEX.EXE
+ 2006-11-02 09:46:05 11,264 ----a-w C:\Windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6001.18000_none_3a8c422a9f3101c4\padrs404.dll
+ 2006-11-02 09:46:05 11,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6001.18000_none_3a8c422a9f3101c4\padrs804.dll
+ 2006-11-02 09:46:13 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-d..oryservices-ntdsapi_31bf3856ad364e35_6.0.6001.18000_none_cedd4665f13650d7\w32topl.dll
+ 2006-11-02 09:46:05 4,608 ----a-w C:\Windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
+ 2006-11-02 12:36:25 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6001.18000_none_b6798caa9a04157b\dfsrres.dll
+ 2006-11-02 09:46:03 10,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6001.18000_none_d75a29a02e8fcf7a\dhcpcmonitor.dll
+ 2006-11-02 09:46:05 36,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directshow-other_31bf3856ad364e35_6.0.6001.18000_none_0d5187f9e0ba9013\mciqtz32.dll
+ 2006-11-02 09:46:03 593,920 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d_31bf3856ad364e35_6.0.6001.18000_none_eb4e0e435578fd76\d3dramp.dll
+ 2006-11-02 09:46:03 11,264 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d8thk.dll
+ 2006-11-02 09:46:03 30,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddrawex.dll
+ 2006-11-02 12:34:30 136,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directinput_31bf3856ad364e35_6.0.6001.18000_none_1d981a3c0baebdc7\dinput.dll
+ 2006-11-02 12:34:30 120,832 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directinput_31bf3856ad364e35_6.0.6001.18000_none_1d981a3c0baebdc7\gcdef.dll
+ 2006-11-02 12:34:30 36,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directinput_31bf3856ad364e35_6.0.6001.18000_none_1d981a3c0baebdc7\pid.dll
+ 2006-11-02 09:03:41 3,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnaddr.dll
+ 2006-11-02 09:46:04 56,832 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnathlp.dll
+ 2006-11-02 09:46:04 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnhpast.dll
+ 2006-11-02 09:46:04 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnhupnp.dll
+ 2006-11-02 09:03:41 3,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnlobby.dll
+ 2006-11-02 09:45:03 23,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-directx-directplay8_31bf3856ad364e35_6.0.6001.18000_none_78d68814bebf2d3b\dpnsvr.exe
+ 2006-11-02 09:39:16 536,576 ----a-w C:\Windows\winsxs\x86_microsoft-windows-diskmanagement_31bf3856ad364e35_6.0.6001.18000_none_0197b5b76fbd3f60\dmdskres.dll
+ 2006-11-02 09:46:03 23,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-diskmanagement_31bf3856ad364e35_6.0.6001.18000_none_0197b5b76fbd3f60\dmintf.dll
+ 2006-09-18 21:39:30 215,943 ----a-w C:\Windows\winsxs\x86_microsoft-windows-dssec_31bf3856ad364e35_6.0.6001.18000_none_5a65d782fc87d29e\dssec.dat
+ 2006-11-02 12:35:32 21,504 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6001.18000_none_2fddb7218242099b\ehdebug.dll
+ 2006-11-02 12:35:33 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ehome-ehssetup_31bf3856ad364e35_6.0.6001.18000_none_91c1b8b7b69b880e\ehssetup.dll
+ 2006-11-02 09:46:11 15,360 ----a-w C:\Windows\winsxs\x86_microsoft-windows-font-registrysettings_31bf3856ad364e35_6.0.6001.18000_none_95b1533bb11caa04\muifontsetup.dll
+ 2006-11-02 09:46:02 34,304 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\atmlib.dll
+ 2006-11-02 09:46:03 10,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\dciman32.dll
+ 2006-11-02 09:46:05 158,208 ----a-w C:\Windows\winsxs\x86_microsoft-windows-htmlhelp-infotech_31bf3856ad364e35_6.0.6001.18000_none_f6a3ed1413ba3d1f\itircl.dll
+ 2006-11-02 09:45:13 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-htmlhelp_31bf3856ad364e35_6.0.6001.18000_none_c855f6b284bc7b14\hh.exe
+ 2006-11-02 09:46:05 43,008 ----a-w C:\Windows\winsxs\x86_microsoft-windows-htmlhelp_31bf3856ad364e35_6.0.6001.18000_none_c855f6b284bc7b14\hhsetup.dll
+ 2006-11-02 09:46:05 58,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..hinese-imepadapplet_31bf3856ad364e35_6.0.6001.18000_none_fb2914a7fb7f05d4\IMTCDIC.dll
+ 2006-11-02 07:33:43 19,991,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..hinese-imepadapplet_31bf3856ad364e35_6.0.6001.18000_none_fb2914a7fb7f05d4\MSHWCHTR.dll
+ 2006-11-02 09:45:17 144,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.0.6001.18000_none_da73ab3e1517f045\iscsicli.exe
+ 2006-11-02 09:46:05 49,152 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..i_initiator_service_31bf3856ad364e35_6.0.6001.18000_none_da73ab3e1517f045\iscsidsc.dll
+ 2006-11-02 12:36:18 120,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..integration-support_31bf3856ad364e35_6.0.6001.18000_none_2834ca37a387d4a3\idq.dll
+ 2006-11-02 06:58:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18000_none_15475676099210e3\tzres.dll
+ 2008-01-19 07:33:33 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6001.18000_none_15475676099210e3\tzupd.exe
+ 2006-11-02 09:46:13 32,256 ----a-w C:\Windows\winsxs\x86_microsoft-windows-icm-base_31bf3856ad364e35_6.0.6001.18000_none_22c7ea5489633945\WcsPlugInService.dll
+ 2006-11-02 09:44:59 84,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-icm-ui_31bf3856ad364e35_6.0.6001.18000_none_3a58b76aa0cf669e\colorcpl.exe
+ 2006-11-02 09:46:05 21,504 ----a-w C:\Windows\winsxs\x86_microsoft-windows-icm-ui_31bf3856ad364e35_6.0.6001.18000_none_3a58b76aa0cf669e\icmui.dll
+ 2006-11-02 12:34:31 15,616 ----a-w C:\Windows\winsxs\x86_microsoft-windows-identitycrl_31bf3856ad364e35_6.0.6001.18000_none_518dd3eb3e5e6f23\ppcrlconfig.dll
+ 2006-11-02 12:34:31 254,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-identitycrl_31bf3856ad364e35_6.0.6001.18000_none_518dd3eb3e5e6f23\ppcrlui.dll
+ 2006-11-02 09:39:30 161,792 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18000_none_ae3221cd06c5e98c\ieakui.dll
+ 2008-06-23 18:03:40 2,455,488 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6001.18000_none_fb9216576bbe8c39\ieapfltr.dat
+ 2006-11-02 07:33:30 48,128 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18000_none_f36d8680ba269c41\mshtmler.dll
+ 2006-11-02 09:45:13 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\ieUnatt.exe
+ 2006-11-02 09:46:05 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ie-runoncessetup_31bf3856ad364e35_6.0.6001.18000_none_88eec871cb19b965\iessetup.dll
+ 2008-01-19 07:34:31 180,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18000_none_64a26c9fae1f0949\ieui.dll
+ 2006-11-02 12:36:24 98,133 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\adsutil.vbs
+ 2006-11-02 12:36:24 4,346 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\clusftp.vbs
+ 2006-11-02 12:36:24 4,341 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\clusweb.vbs
+ 2006-11-02 12:36:24 41,401 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacyscripts_31bf3856ad364e35_6.0.6001.18000_none_7e466ce97736febd\IIsExt.vbs
+ 2006-11-02 12:36:24 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6001.18000_none_8120d407b205fdca\iismui.dll
+ 2006-11-02 12:36:24 22,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_6.0.6001.18000_none_8120d407b205fdca\InetMgr6.exe
+ 2006-11-02 12:36:21 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\infoadmn.dll
+ 2006-11-02 12:36:21 9,728 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\infoctrs.dll
+ 2006-11-02 12:36:21 19,968 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\iscomlog.dll
+ 2006-11-02 12:36:21 7,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6001.18000_none_3931f7d521f321a6\rpcref.dll
+ 2006-11-02 12:36:19 8,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18000_none_10e972c4b4d2574c\iisrstap.dll
+ 2006-11-02 12:36:20 10,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6001.18000_none_10e972c4b4d2574c\wamregps.dll
+ 2006-11-02 07:15:56 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-installer-engine_31bf3856ad364e35_6.0.6001.18000_none_037a7e2bb384bf01\msimsg.dll
+ 2006-11-02 08:33:06 2,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-international-core_31bf3856ad364e35_6.0.6001.18000_none_e9aa6488d9c10036\normaliz.dll
+ 2006-11-02 09:46:11 10,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-lpksetup_31bf3856ad364e35_6.0.6001.18000_none_215961096c78771c\MUILanguageCleanup.dll
+ 2006-11-02 09:46:09 323,584 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..-components-jet2x3x_31bf3856ad364e35_6.0.6001.18000_none_e79f2d93ba6ffee6\msrd2x40.dll
+ 2006-11-02 12:35:27 8,704 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..essagingcoreservice_31bf3856ad364e35_6.0.6001.18000_none_e309c7bbe82e39d1\mqsvc.exe
+ 2006-11-02 09:46:06 413,696 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..onents-jetexchlotus_31bf3856ad364e35_6.0.6001.18000_none_c33bb5404d731490\msexch40.dll
+ 2006-11-02 12:35:09 3,295,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MIGUIImg.dll
+ 2006-11-02 12:35:09 82,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-m..onwizardapplication_31bf3856ad364e35_6.0.6001.18000_none_ba7b16e99455464b\MIGUIRes.dll
+ 2006-11-02 12:34:36 24,064 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6001.18000_none_f1582d884fb532fb\DirectDB.dll
+ 2006-11-02 08:48:55 84,480 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6001.18000_none_79b12a6a588ca469\INETRES.dll
+ 2006-11-02 12:34:36 2,836,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6001.18000_none_587ec186254a22ac\MSOERES.dll
+ 2006-11-02 07:28:10 39,424 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6001.18000_none_e9286d318a269033\ACCTRES.dll
+ 2006-11-02 12:35:51 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediafoundation_31bf3856ad364e35_6.0.6001.18000_none_9c5f2f3c0cc1aa83\mferror.dll
+ 2006-11-02 12:35:54 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-ssetup_31bf3856ad364e35_6.0.6001.18000_none_13b1244660e5fd4e\wmssetup.dll
+ 2006-11-02 12:35:57 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6001.18000_none_a7b5f0a040680d4c\asferror.dll
+ 2006-11-02 12:35:57 9,728 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-wmasf_31bf3856ad364e35_6.0.6001.18000_none_a7b5f0a040680d4c\LAPRXY.DLL
+ 2006-11-02 12:35:09 9,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6001.18000_none_58a7d7b2db3ffcd4\migres.dll
+ 2006-09-18 21:33:22 673,088 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mlang_31bf3856ad364e35_6.0.6001.18000_none_56df4b78e3fe4e3f\mlang.dat
+ 2006-11-02 12:36:06 150,016 ----a-w C:\Windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18000_none_f261ec400d1da6d8\MOVIEMK.exe
+ 2006-11-02 12:36:05 23,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-moviemaker_31bf3856ad364e35_6.0.6001.18000_none_f261ec400d1da6d8\WMM2EXT.dll
+ 2006-11-02 09:40:16 145,920 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6001.18000_none_c7427a4e786d74bc\msaudite.dll
+ 2006-11-02 12:35:28 13,824 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msmq-admin_31bf3856ad364e35_6.0.6001.18000_none_b74e019e3d6c64b6\mqcertui.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18000_none_886e409a96d6223c\msxml3r.dll
+ 2006-11-02 09:41:09 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18000_none_886dfc4296d66f1f\msxml6r.dll
+ 2006-11-02 09:46:10 34,304 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mulanttsvoicecommon_31bf3856ad364e35_6.0.6001.18000_none_e1e971f061eb63bb\MSTTSCommon.dll
+ 2006-11-02 09:46:10 47,104 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mulanttsvoicecommon_31bf3856ad364e35_6.0.6001.18000_none_e1e971f061eb63bb\MSTTSDecWrp.dll
+ 2006-11-02 09:46:10 8,704 ----a-w C:\Windows\winsxs\x86_microsoft-windows-mulanttsvoicecommon_31bf3856ad364e35_6.0.6001.18000_none_e1e971f061eb63bb\MSTTSLoc.dll
+ 2008-01-19 07:34:22 28,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.0.6001.18000_none_440e77d1ec053e6c\FwRemoteSvr.dll
+ 2008-01-19 07:36:07 272,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.0.6001.18000_none_440e77d1ec053e6c\polstore.dll
+ 2008-01-19 07:36:55 61,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.0.6001.18000_none_440e77d1ec053e6c\winipsec.dll
+ 2006-11-02 09:46:11 11,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..iagnosticsframework_31bf3856ad364e35_6.0.6001.18000_none_dc5ac24ae0ca36fc\ndproxystub.dll
+ 2006-11-02 15:42:50 5,120 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_a605893285497783\CvtResUI.dll
+ 2006-11-02 15:42:47 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.0.6001.18000_fr-fr_a605893285497783\mscorees.dll
+ 2006-11-02 12:34:31 268,800 ----a-w C:\Windows\winsxs\x86_microsoft-windows-nap-oobsha_31bf3856ad364e35_6.0.6001.18000_none_93e3b78243a9d8c2\msshavmsg.dll
+ 2006-11-02 08:21:55 11,722,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0001.dll
+ 2006-11-02 08:22:34 4,164,096 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0002.dll
+ 2006-11-02 08:22:13 1,452,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0003.dll
+ 2006-11-02 08:22:07 12,038,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0007.dll
+ 2006-11-02 08:22:05 2,628,608 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0009.dll
+ 2006-11-02 08:22:11 9,892,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons000a.dll
+ 2006-11-02 08:22:06 6,237,696 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons000c.dll
+ 2006-11-02 08:22:09 1,722,368 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons000d.dll
+ 2006-11-02 08:22:17 5,654,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons000f.dll
+ 2006-11-02 08:22:18 4,175,872 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0010.dll
+ 2006-11-02 08:22:10 2,466,816 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0011.dll
+ 2006-11-02 08:21:58 4,981,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0013.dll
+ 2006-11-02 08:22:25 3,331,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0018.dll
+ 2006-11-02 08:22:26 6,781,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0019.dll
+ 2006-11-02 08:22:14 6,014,976 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons001a.dll
+ 2006-11-02 08:22:47 6,585,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons001b.dll
+ 2006-11-02 08:22:31 6,346,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons001d.dll
+ 2006-11-02 08:22:45 1,236,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0020.dll
+ 2006-11-02 08:22:12 2,136,064 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0021.dll
+ 2006-11-02 08:22:44 5,499,904 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0022.dll
+ 2006-11-02 08:22:49 7,964,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0024.dll
+ 2006-11-02 08:22:42 5,791,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0026.dll
+ 2006-11-02 08:22:19 6,224,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0027.dll
+ 2006-11-02 08:22:41 4,096 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons002a.dll
+ 2006-11-02 08:22:16 1,782,272 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0039.dll
+ 2006-11-02 08:22:20 4,045,824 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons003e.dll
+ 2006-11-02 08:22:33 1,793,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0045.dll
+ 2006-11-02 08:22:25 1,808,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0046.dll
+ 2006-11-02 08:22:15 1,411,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0047.dll
+ 2006-11-02 08:22:39 1,558,016 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0049.dll
+ 2006-11-02 08:22:39 3,419,136 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons004a.dll
+ 2006-11-02 08:22:36 1,702,912 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons004b.dll
+ 2006-11-02 08:22:46 4,093,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons004c.dll
+ 2006-11-02 08:22:37 1,972,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons004e.dll
+ 2006-11-02 08:22:21 4,616,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0414.dll
+ 2006-11-02 08:22:24 5,090,816 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0416.dll
+ 2006-11-02 08:22:22 5,031,936 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0816.dll
+ 2006-11-02 08:22:29 7,042,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons081a.dll
+ 2006-11-02 08:22:27 6,917,120 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsLexicons0c1a.dll
+ 2006-11-02 08:21:54 5,071,872 ----a-w C:\Windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6001.18000_none_9ddad43a2abbd52d\NlsModels0011.dll
+ 2006-11-02 09:41:16 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-net-command-line-tool_31bf3856ad364e35_6.0.6001.18000_none_5232518072770fdb\neth.dll
+ 2006-11-02 09:46:14 11,264 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netbios_31bf3856ad364e35_6.0.6001.18000_none_59e1b82a6b1f4ec0\wshnetbs.dll
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\bench_24.bin
+ 2006-09-19 11:41:49 4,280 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\bench_32.bin
+ 2006-09-19 11:41:49 9,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\bench_48.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\house_24.bin
+ 2006-09-19 11:41:49 4,280 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\house_32.bin
+ 2006-09-19 11:41:49 9,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\house_48.bin
+ 2006-09-19 11:41:49 2,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\office_24.bin
+ 2006-09-19 11:41:49 4,280 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\office_32.bin
+ 2006-09-19 11:41:49 9,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6001.18000_none_d5836ad30e0ac92d\office_48.bin
+ 2006-11-02 09:46:02 24,064 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\brdgcfg.dll
+ 2006-11-02 07:38:48 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6001.18000_none_07e9f0db06159927\bridgeres.dll
+ 2006-11-02 09:46:11 11,264 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6001.18000_none_789b515a7625c7d5\nlmsprep.dll
+ 2006-11-02 09:46:12 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkprofile_31bf3856ad364e35_6.0.6001.18000_none_789b515a7625c7d5\npmproxy.dll
+ 2006-11-02 12:36:04 51,712 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6001.18000_none_e3c78331f0bd2d51\CRPPresentation.dll
+ 2006-11-02 12:36:04 89,600 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networkprojection_31bf3856ad364e35_6.0.6001.18000_none_e3c78331f0bd2d51\NetProj.exe
+ 2006-11-02 07:38:59 2,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-networktopology_31bf3856ad364e35_6.0.6001.18000_none_d155f734fa7d6b4f\lltdres.dll
+ 2006-11-02 09:45:30 74,752 ----a-w C:\Windows\winsxs\x86_microsoft-windows-newdev_31bf3856ad364e35_6.0.6001.18000_none_11764b5450a917b3\newdev.exe
+ 2006-11-02 07:09:42 9,029 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\ANSI.SYS
+ 2006-11-02 07:09:49 12,498 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\append.exe
+ 2006-11-02 07:10:16 10,544 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\COMM.drv
+ 2006-11-02 07:09:49 50,648 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\COMMAND.COM
+ 2006-11-02 07:10:28 32,816 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\COMMDLG.DLL
+ 2006-11-02 07:09:45 27,097 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\country.sys
+ 2006-09-18 21:43:37 27,200 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\ctl3dv2.dll
+ 2006-11-02 07:10:32 39,424 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\DDEML.DLL
+ 2006-11-02 07:09:52 20,634 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\debug.exe
+ 2006-11-02 07:10:37 53,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\dosx.exe
+ 2006-11-02 07:10:29 28,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\DRWATSON.EXE
+ 2006-09-18 21:43:40 69,886 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\edit.com
+ 2006-11-02 07:09:50 12,642 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\edlin.exe
+ 2006-11-02 07:09:51 8,424 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\exe2bin.exe
+ 2006-11-02 07:10:13 24,576 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\GDI.EXE
+ 2006-11-02 07:09:59 19,694 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\GRAPHICS.COM
+ 2006-11-02 07:09:41 4,768 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\HIMEM.SYS
+ 2006-11-02 07:09:57 14,710 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\KB16.COM
+ 2006-11-02 07:09:44 42,809 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\KEY01.SYS
+ 2006-11-02 07:10:15 2,000 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\keyboard.drv
+ 2006-11-02 07:09:44 42,537 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\KEYBOARD.SYS
+ 2006-11-02 07:10:07 92,320 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\krnl386.exe
+ 2006-09-18 21:43:37 221,600 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\lanman.drv
+ 2006-09-18 21:43:37 9,936 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\lzexpand.dll
+ 2006-11-02 07:09:55 39,274 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\mem.exe
+ 2006-11-02 07:10:21 68,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\MMSYSTEM.DLL
+ 2006-11-02 07:10:18 2,032 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\mouse.drv
+ 2006-09-18 21:43:37 108,464 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\netapi.dll
+ 2006-11-02 07:09:56 7,052 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\nlsfunc.exe
+ 2006-11-02 07:09:29 27,866 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTDOS.SYS
+ 2006-11-02 07:09:35 29,146 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTDOS404.SYS
+ 2006-11-02 07:09:38 29,370 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTDOS411.SYS
+ 2006-11-02 07:09:40 29,274 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTDOS412.SYS
+ 2006-11-02 07:09:31 29,146 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTDOS804.SYS
+ 2006-11-02 07:09:20 33,952 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTIO.SYS
+ 2006-11-02 07:09:23 34,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTIO404.SYS
+ 2006-11-02 07:09:24 35,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTIO411.SYS
+ 2006-11-02 07:09:26 35,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTIO412.SYS
+ 2006-11-02 07:09:22 34,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\NTIO804.SYS
+ 2006-11-02 09:46:12 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\ntvdmd.dll
+ 2006-09-18 21:43:37 82,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\olecli.dll
+ 2006-11-02 07:10:34 24,064 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\OLESVR.DLL
+ 2006-09-18 21:43:37 46,592 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\pmspl.dll
+ 2006-11-02 07:10:00 2,842 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\redir.exe
+ 2006-11-02 07:09:53 11,753 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\setver.exe
+ 2006-11-02 07:10:14 5,120 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\SHELL.DLL
+ 2006-11-02 07:10:16 1,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\sound.drv
+ 2006-09-18 21:43:37 18,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\sysedit.exe
+ 2006-11-02 07:10:14 3,360 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\system.drv
+ 2006-11-02 07:10:26 4,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\TIMER.DRV
+ 2006-11-02 07:10:25 13,888 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\TOOLHELP.DLL
+ 2006-11-02 07:10:12 47,840 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\USER.EXE
+ 2006-09-18 21:43:37 9,008 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\ver.dll
+ 2006-11-02 07:10:17 2,176 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\vga.drv
+ 2006-11-02 07:10:30 12,704 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WFWNET.DRV
+ 2006-11-02 07:10:35 9,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WIFEMAN.DLL
+ 2006-11-02 08:35:53 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\win.com
+ 2006-09-18 21:43:37 13,312 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\win87em.dll
+ 2006-09-18 21:43:37 256,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\winhelp.exe
+ 2006-11-02 07:10:35 5,120 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINNLS.DLL
+ 2006-11-02 07:10:22 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL
+ 2006-11-02 07:10:18 2,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSPOOL.EXE
+ 2006-11-02 07:10:27 2,864 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WOWDEB.EXE
+ 2006-11-02 07:10:24 8,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WOWEXEC.EXE
+ 2006-11-02 09:45:33 60,416 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6001.18000_none_d6543f9ff5ec4aec\printui.exe
+ 2006-11-02 09:45:02 17,408 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6001.18000_none_61237ad0fed51e58\diskperf.exe
+ 2006-11-02 09:45:35 37,376 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6001.18000_none_61237ad0fed51e58\relog.exe
+ 2006-11-02 09:45:49 39,936 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6001.18000_none_61237ad0fed51e58\typeperf.exe
+ 2006-11-02 09:46:12 39,424 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
+ 2006-11-02 09:46:12 31,744 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfdisk.dll
+ 2006-11-02 09:46:12 28,672 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfos.dll
+ 2006-11-02 09:46:12 35,840 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfproc.dll
+ 2006-11-02 09:45:31 61,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..randprintui-ntprint_31bf3856ad364e35_6.0.6001.18000_none_f0037a3c7d6c36a4\ntprint.exe
+ 2006-11-02 09:45:32 7,680 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6001.18000_none_b3dc8e9f30720cdd\plasrv.exe
+ 2006-11-02 12:36:18 20,992 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ting-lprportmonitor_31bf3856ad364e35_6.0.6001.18000_none_b403a1813dce9905\lprmon.dll
+ 2006-11-02 12:36:18 11,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..ting-lprportmonitor_31bf3856ad364e35_6.0.6001.18000_none_b403a1813dce9905\lprmonui.dll
+ 2006-11-02 12:35:39 1,486,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6001.18000_none_aa47d5c4002219b8\WinCollabRes.dll
+ 2008-06-12 21:51:06 30,674 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfc.dat
+ 2008-06-12 21:51:06 30,674 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfd.dat
+ 2008-06-12 21:51:06 287,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfh.dat
+ 2008-06-12 21:51:06 287,440 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\perfi.dat
+ 2006-11-02 09:42:44 17,408 ----a-w C:\Windows\winsxs\x86_microsoft-windows-p..unterinfrastructure_31bf3856ad364e35_6.0.6001.18000_none_7185fd57fee6c971\prflbmsg.dll
+ 2006-11-02 12:35:38 18,944 ----a-w C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpperf.dll
+ 2006-11-02 09:45:32 13,312 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ping-utilities_31bf3856ad364e35_6.0.6001.18000_none_a931a5078fdac855\PATHPING.EXE
+ 2006-11-02 09:45:49 12,288 ----a-w C:\Windows\winsxs\x86_microsoft-windows-ping-utilities_31bf3856ad364e35_6.0.6001.18000_none_a931a5078fdac855\TRACERT.EXE
+ 2006-11-02 09:46:12 15,360 ----a-w C:\Windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\pacerprf.dll
+ 2006-11-02 09:46:13 33,280 ----a-w C:\Windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\traffic.dll
+ 2006-11-02 09:46:14 13,824 ----a-w C:\Windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18000_none_ae4b689057a4a1e3\wshqos.dll
+ 2006-11-02 12:36:25 7,168 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\mll_hp.dll
+ 2006-11-02 12:36:25 17,408 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\ntmsevt.dll
+ 2006-11-02 12:36:25 43,008 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsm.exe
+ 2006-11-02 12:36:25 26,624 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmmllsv.exe
+ 2006-11-02 12:36:25 22,016 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmsink.exe
+ 2006-11-02 12:36:25 54,272 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..emanagement-service_31bf3856ad364e35_6.0.6001.18000_none_0e3e31f00e12b007\rsmui.exe
+ 2006-11-02 09:46:12 10,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
+ 2006-11-02 09:45:34 16,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasautou.exe
+ 2006-11-02 09:46:12 32,768 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6001.18000_none_0de067e17a6f4519\rasmxs.dll
+ 2006-11-02 09:46:12 22,016 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6001.18000_none_0de067e17a6f4519\rasser.dll
+ 2006-11-02 09:45:34 16,896 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasclienttools_31bf3856ad364e35_6.0.6001.18000_none_6f46cfc8a8b142a0\rasdial.exe
+ 2006-11-02 09:46:12 36,352 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rasrtutils_31bf3856ad364e35_6.0.6001.18000_none_0d159410ea7a8f9d\rtutils.dll
+ 2006-11-02 09:46:02 13,824 ----a-w C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\clb.dll
+ 2006-11-02 09:45:35 9,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedt32.exe
+ 2006-11-02 12:35:24 40,960 ----a-w C:\Windows\winsxs\x86_microsoft-windows-remoteassistance-exe_31bf3856ad364e35_6.0.6001.18000_none_3758172c01e5ce47\racpldlg.dll
+ 2006-11-02 09:45:37 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-restartmanager_31bf3856ad364e35_6.0.6001.18000_none_803567cb241e9c20\RmClient.exe
+ 2008-06-23 18:08:51 14,848 ----a-w C:\Windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6001.18000_none_547dcc3187eaff70\wshrm.dll
+ 2006-11-02 09:46:03 10,240 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..gevolumewmiprovider_31bf3856ad364e35_6.0.6001.18000_none_17d3c60709ecb009\dfrgifps.dll
+ 2006-11-02 12:35:38 12,555,776 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..inboxgames-shanghai_31bf3856ad364e35_6.0.6001.18000_none_c0a3fbb5ef29fe27\Mahjong.dll
+ 2006-11-02 12:35:37 29,001,216 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..iuminboxgames-chess_31bf3856ad364e35_6.0.6001.18000_none_74d4a1cd7e673a2e\Chess.dll
+ 2006-11-02 12:35:35 4,305,408 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6001.18000_none_a2611d5c392f48a1\MineSweeper.dll
+ 2006-11-02 12:35:36 28,665,856 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6001.18000_none_062b7e7afe71e492\PurblePlace.dll
+ 2006-11-02 12:35:35 8,384,512 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6001.18000_none_062b7e7afe71e492\PurblePlace2.dll
+ 2006-11-02 09:46:12 42,496 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.0.6001.18000_none_4849149a305ec4a4\pstorec.dll
+ 2006-11-02 09:46:12 23,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-s..ty-protectedstorage_31bf3856ad364e35_6.0.6001.18000_none_4849149a305ec4a4\pstorsvc.dll
+ 2006-11-02 09:46:14 8,192 ----a-w C:\Windows\winsxs\x86_microsoft-windows-session0viewer_31bf3856ad364e35_6.0.6001.18000_none_e1e6e80246adfe72\WlS0WndH.dll
+ 2006-11-02 09:43:11 2,928,640 ----a-w C:\Windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6001.18000_none_322c7e4ead424897\W32UIImg.dll
+ 2006-11-02 09:46:13 4,608 ----a-w C:\Windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
+ 2006-11-02 12:35:15 66,048 ----a-w C:\Windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6001.18000_none_cedcabbd26a81ad6\sbdrop.dll
+ 2006-11-02 09:46:12 66,560 ----a-w C:\Windows\winsxs\x86_microsoft-windows-smartcardsubsystem_31bf3856ad364e35_6.0.6001.18000_none_17fd3fa469f2e862\SCardDlg.dll
+ 2006-11-02 09:46:13 9,728 ----a-w C:\Windows\winsxs\x86_microsoft-windows-smbserver_31bf3856ad364e35_6.0.6001.18000_none_f8f4e8f8eadb7d91\sscore.dll
+ 2006-11-02 09:45:46 12,800 ----a-w C:\Windows\winsxs\x86_microsoft-windows-snmp-trap-service_31bf3856ad364e35_6.0.6001.18000_none_cf8afedd3f67da88\snmptrap.exe
+ 2006-11-02 12:34:32 16,384 ----a-w C:\Windows\winsxs\x86_microsoft-windows-speech-userexperience_31bf3856ad364e35_6.0.6001.18000_none_1c09f00b4bcc9fbc\SpeechUXPS.DLL
+ 2006-11-02 09:46:13 151,040 ----a-w C:\Windows\winsxs\x86_microsoft-windows-sqlliteoledb_31bf3856ad364e35_6.0.6001.18000_none_be7f06c980d3ea88\sqlceoledb30.dll
+ 2006-11-02 09:39:30 3,072 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..-platform-libraries_31bf3856ad364e35_6.0.6001.18000_none_ea70eae59b4e2b12\icmp.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penchs.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pencht.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penjpn.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penkor.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\penusa.dll
+ 2006-11-02 09:45:32 6,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pipanel.exe
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\pipres.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchobj.dll
+ 2006-11-02 07:39:56 1,536 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..acyinkingcomponents_31bf3856ad364e35_6.0.6001.18000_none_41f1cbcb89954931\skchui.dll
+ 2006-11-02 12:35:47 19,968 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6001.18000_none_4264ef6a4d057d2c\jnwmon.dll
+ 2006-11-02 12:35:47 22,528 ----a-w C:\Windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6001.18000_none_426

Est il possible de m'expliquer rapidement ce que vous tirer de ces rapports svp?

...sinon j'attends la suite de la procédure ;-)

merci encore de ton aide angeldark

Suppression de fichiers infectés, listing de fichiers, etc.

Reposte un rapport Hijackthis.

rapport Hijacthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:57:54, on 30/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O20 - AppInit_DLLs: wytjan.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 7948 bytes

Re,

Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

ok c'est fait!
Besoin d'un autre scan?

Ouaip  

aussitot dit aussitot fait, encore merci de la rapidité des réponses!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:17:02, on 30/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

--
End of file - 7716 bytes

Encore des soucis ?

Non j'ai pas l'impression!
Je te remercie de ton aide
tres bon helper ;-)
j'espere ne plus avoir besoin de tes services!!

Bon surf