Virus Bagle ? Enfin je pense...
Forum Sécurité - Virus : Virus Bagle ? Enfin je pense...
Bonjour !
Donc message : "....exe n'est pas une application win32 valide"
Antivirus inactif et pas possible de passer en mode sans échec.
J'ai réussi à avoir un rapport combofix :
ComboFix 08-11-12.02 - rv 2008-11-14 17:22:14.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.96 [GMT 1:00]
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\rv\Application Data\m
c:\documents and settings\rv\Application Data\m\data.oct
c:\documents and settings\rv\Application Data\m\flec006.exe
c:\documents and settings\rv\Application Data\m\list.oct
c:\documents and settings\rv\Application Data\m\shared\12Ghosts_JustAWindow_8.11_Crack.zip
c:\documents and settings\rv\Application Data\m\shared\310-011 - Solaris 8 System Administration I Practice Test Questions 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\3D Good Ole Summer Time 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\3nity_Music_CD_Burner_1.1_Cracked.zip
c:\documents and settings\rv\Application Data\m\shared\642-432 Practice Exam Testing Engine Software 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Acceleration_Startup_Manager_+_Release_RAM_Bundle_2.0.zip
c:\documents and settings\rv\Application Data\m\shared\ADingOD ParkFont 1.4.zip
c:\documents and settings\rv\Application Data\m\shared\Advanced_Access_Password_Recovery_2.5.zip
c:\documents and settings\rv\Application Data\m\shared\Adware_Removal_8.0.18.zip
c:\documents and settings\rv\Application Data\m\shared\AIM_Fix_1.6.815.1339.zip
c:\documents and settings\rv\Application Data\m\shared\Animals_Pack2_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\antivir workstation win en.zip
c:\documents and settings\rv\Application Data\m\shared\Apache Admin 2.5.zip
c:\documents and settings\rv\Application Data\m\shared\Audio Converter 8.20.zip
c:\documents and settings\rv\Application Data\m\shared\Automatic FTP Upload Software 7.0.zip
c:\documents and settings\rv\Application Data\m\shared\avast!.Home.Edition.4.6.763.Crack.WORKING.zip
c:\documents and settings\rv\Application Data\m\shared\AZ Paint Pro 7.8.0.zip
c:\documents and settings\rv\Application Data\m\shared\Backup_In_Time_2007_2.0.6_(Key).zip
c:\documents and settings\rv\Application Data\m\shared\Barcode4NET 2.0.zip
c:\documents and settings\rv\Application Data\m\shared\Basketball 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\BAT-Spooler_Standard_Edition_1.zip
c:\documents and settings\rv\Application Data\m\shared\BeatHarness 1.0 Beta 2.zip
c:\documents and settings\rv\Application Data\m\shared\BigTime 1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Bonrix_Simple_GroupMail_1.01_[Key].zip
c:\documents and settings\rv\Application Data\m\shared\Capitalor_Pivot_Calculator_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Cashflow_Plan_Micro_1.31_(Serial).zip
c:\documents and settings\rv\Application Data\m\shared\Catalogic 2.0 Build 302.zip
c:\documents and settings\rv\Application Data\m\shared\CD to WMA MP3 Ripper 1.60.zip
c:\documents and settings\rv\Application Data\m\shared\Celebrity_Solitaire_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Chris Dunn Lookup 7.2.9.zip
c:\documents and settings\rv\Application Data\m\shared\Code 93 Barcode Premium Package 1.1.zip
c:\documents and settings\rv\Application Data\m\shared\ColorSwap 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\ConsoXL_1.1.0.zip
c:\documents and settings\rv\Application Data\m\shared\CopyText_2.2.zip
c:\documents and settings\rv\Application Data\m\shared\Custom_Screensaver_Selection_7_1.zip
c:\documents and settings\rv\Application Data\m\shared\Data_Destroyer_8.27t.zip
c:\documents and settings\rv\Application Data\m\shared\Data_Tracker_for_Research_1.09_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\DBF_Doctor_1.68_Build_54_Patch.zip
c:\documents and settings\rv\Application Data\m\shared\dbManager_Plugin.zip
c:\documents and settings\rv\Application Data\m\shared\Depreciation_4562_Pro_1.5.zip
c:\documents and settings\rv\Application Data\m\shared\Desktop_Sticky_Note_2.3.zip
c:\documents and settings\rv\Application Data\m\shared\Disguise_1.30.zip
c:\documents and settings\rv\Application Data\m\shared\Dodge_That_Anvil_b7r4.zip
c:\documents and settings\rv\Application Data\m\shared\DP Multicrypt 1.6.zip
c:\documents and settings\rv\Application Data\m\shared\Eastsea System Cleaner 4.10 Serial.zip
c:\documents and settings\rv\Application Data\m\shared\EasyCalc_1.22.zip
c:\documents and settings\rv\Application Data\m\shared\es-Builder 1.9.zip
c:\documents and settings\rv\Application Data\m\shared\eXComboBox_LITE_3.1.0.2_Key.zip
c:\documents and settings\rv\Application Data\m\shared\Expression_Media_Encoder_Preview_Key.zip
c:\documents and settings\rv\Application Data\m\shared\ExTuber 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Falco_Icon_Studio_1.7.zip
c:\documents and settings\rv\Application Data\m\shared\Filmerit 3.0.8.zip
c:\documents and settings\rv\Application Data\m\shared\FireTuneUp_1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Floppy Image Creator 5.3.0.10.zip
c:\documents and settings\rv\Application Data\m\shared\FontExplorerL.M. 5.6.4.zip
c:\documents and settings\rv\Application Data\m\shared\FreeDiff_1.1.2.zip
c:\documents and settings\rv\Application Data\m\shared\FreeMem 2.00.zip
c:\documents and settings\rv\Application Data\m\shared\FXLib_3.01.zip
c:\documents and settings\rv\Application Data\m\shared\FXstyle Bulk Email Direct Sender 3.0.zip
c:\documents and settings\rv\Application Data\m\shared\Google Index Notification 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\History_Destroyer_3.1_Key+Serial.zip
c:\documents and settings\rv\Application Data\m\shared\i-netLock+_3.2.6.zip
c:\documents and settings\rv\Application Data\m\shared\Image Enhance 3.2.4.zip
c:\documents and settings\rv\Application Data\m\shared\iPod Movie Converter Suite 2.0.zip
c:\documents and settings\rv\Application Data\m\shared\Karmatic Revolution Font 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\KeepEmOut 1.3.0.0.zip
c:\documents and settings\rv\Application Data\m\shared\Macro Buddy 1.55.zip
c:\documents and settings\rv\Application Data\m\shared\MailZip Pro 1.zip
c:\documents and settings\rv\Application Data\m\shared\Mathwiz Financial Calculator 6.22.1008.zip
c:\documents and settings\rv\Application Data\m\shared\MegaEPG 1.0.2 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\Motocross Mania Demo.zip
c:\documents and settings\rv\Application Data\m\shared\MS_Word_Backup_File_Auto_Save_Software_7.0_[Key+Serial].zip
c:\documents and settings\rv\Application Data\m\shared\MSD_Collections_Multiuser_2.10_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\MSN7_Task_Monitor_1.21.zip
c:\documents and settings\rv\Application Data\m\shared\MultiGrabber 3.6.zip
c:\documents and settings\rv\Application Data\m\shared\NativeJ_4.8.3_Patch.zip
c:\documents and settings\rv\Application Data\m\shared\Neoava Guard 1.0 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\neoSearch 1.47.zip
c:\documents and settings\rv\Application Data\m\shared\Operation_Flashpoint_Resistance_M113_+_M163_Weapons_Pack.zip
c:\documents and settings\rv\Application Data\m\shared\OptimFROG 4.600ex.zip
c:\documents and settings\rv\Application Data\m\shared\Paper Valet 2.1.08.zip
c:\documents and settings\rv\Application Data\m\shared\Parallels Compressor 2.1.1670.zip
c:\documents and settings\rv\Application Data\m\shared\Pavtube Video Converter 1.0.1.59.zip
c:\documents and settings\rv\Application Data\m\shared\Perfect DVD Duplication 3.0.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\Piano_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Pic2Pic_Plus_1.4_Serial.zip
c:\documents and settings\rv\Application Data\m\shared\Picture_Show_2.5.77_Crack.zip
c:\documents and settings\rv\Application Data\m\shared\Pidro Challenge 2.1.zip
c:\documents and settings\rv\Application Data\m\shared\Power Audio CD Burner 1.01.zip
c:\documents and settings\rv\Application Data\m\shared\Project_Genie_Standard_Edition_1.0_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\ProPrompter Software 3.0 [Key].zip
c:\documents and settings\rv\Application Data\m\shared\Publish Query to HTML for SQL Server Pro 1.02.zip
c:\documents and settings\rv\Application Data\m\shared\Radius_Test_2.4.3.zip
c:\documents and settings\rv\Application Data\m\shared\Replay Media Splitter 1.2 (Crack).zip
c:\documents and settings\rv\Application Data\m\shared\RSS Replay 1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Ruby Encryption Library 1.0 (Cracked).zip
c:\documents and settings\rv\Application Data\m\shared\Secret Messenger 2.1.zip
c:\documents and settings\rv\Application Data\m\shared\Serious_Sam_demo.zip
c:\documents and settings\rv\Application Data\m\shared\Shareaza_Turbo_Accelerator_2.5.5_(Key+Serial).zip
c:\documents and settings\rv\Application Data\m\shared\Simplexar Statsar 1.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\Snowflake_Flurry_Screensaver_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\SOFTWARE.-.Avast.Antivirus.Pro.Version.4.6.665.+.KeyGen.zip
c:\documents and settings\rv\Application Data\m\shared\SolSuite_Solitaire_2006_6.10.zip
c:\documents and settings\rv\Application Data\m\shared\SonicLite 1.0.0 BETA.zip
c:\documents and settings\rv\Application Data\m\shared\Speech_Master_3.0.zip
c:\documents and settings\rv\Application Data\m\shared\Sqirlz_Water_Reflections_2.2.zip
c:\documents and settings\rv\Application Data\m\shared\Squeaky Clean 1.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\SurfTabs 1.8.70.zip
c:\documents and settings\rv\Application Data\m\shared\Symantec.Norton.SystemWorks.2005.+.Antivirus.2005.+.Internet.Security.2005.+.keygen.zip
c:\documents and settings\rv\Application Data\m\shared\Symantec.pcAnywhere.12.0.zip
c:\documents and settings\rv\Application Data\m\shared\TerraClient 1.3.3.zip
c:\documents and settings\rv\Application Data\m\shared\Text_Suite_Pro_with_M_Player_1.1_3.5.5530.zip
c:\documents and settings\rv\Application Data\m\shared\The Ozone Cow Brain Saver 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Unreal_Tournament_2003_-_PA_Soldier_skin.zip
c:\documents and settings\rv\Application Data\m\shared\VersaSRS Help Desk 3.3.0.zip
c:\documents and settings\rv\Application Data\m\shared\VeryPDF_PDF_Editor_1.1.zip
c:\documents and settings\rv\Application Data\m\shared\Virtual_Library_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Vocalise TTS 1.0.1 [Key+Serial].zip
c:\documents and settings\rv\Application Data\m\shared\Warcraft_III_-_The_Beginning_map.zip
c:\documents and settings\rv\Application Data\m\shared\Web_TimeSheet_7.1.zip
c:\documents and settings\rv\Application Data\m\shared\WebInject 1.41.zip
c:\documents and settings\rv\Application Data\m\shared\Whois 1.01.zip
c:\documents and settings\rv\Application Data\m\shared\Windows & Internet Cleaner Pro 3.22.zip
c:\documents and settings\rv\Application Data\m\shared\Younicate 0.8 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\Zinf_Audio_Player_2.2.1.zip
c:\documents and settings\rv\Application Data\m\shared\ZipWorx_Explorer_Wizard_2.5_[With_Crack].zip
c:\documents and settings\rv\Application Data\m\srvlist.oct
c:\documents and settings\rv\Local Settings\Application Data\eddzaq.dat
c:\documents and settings\rv\Local Settings\Application Data\eddzaq.exe
c:\documents and settings\rv\Local Settings\Application Data\eddzaq_nav.dat
c:\documents and settings\rv\Local Settings\Application Data\eddzaq_navps.dat
c:\documents and settings\rv\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
c:\program files\Internet Explorer\fxavx.ini
c:\program files\UberIcon\UberIcon Manager.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\drivers\downld\101421.exe
c:\windows\system32\drivers\downld\101718.exe
c:\windows\system32\drivers\downld\102578.exe
c:\windows\system32\drivers\downld\102609.exe
c:\windows\system32\drivers\downld\104125.exe
c:\windows\system32\drivers\downld\104609.exe
c:\windows\system32\drivers\downld\104781.exe
c:\windows\system32\drivers\downld\105343.exe
c:\windows\system32\drivers\downld\105609.exe
c:\windows\system32\drivers\downld\108484.exe
c:\windows\system32\drivers\downld\109093.exe
c:\windows\system32\drivers\downld\112312.exe
c:\windows\system32\drivers\downld\112406.exe
c:\windows\system32\drivers\downld\115531.exe
c:\windows\system32\drivers\downld\117359.exe
c:\windows\system32\drivers\downld\118046.exe
c:\windows\system32\drivers\downld\119750.exe
c:\windows\system32\drivers\downld\120437.exe
c:\windows\system32\drivers\downld\120859.exe
c:\windows\system32\drivers\downld\120906.exe
c:\windows\system32\drivers\downld\125843.exe
c:\windows\system32\drivers\downld\126484.exe
c:\windows\system32\drivers\downld\129906.exe
c:\windows\system32\drivers\downld\131984.exe
c:\windows\system32\drivers\downld\133093.exe
c:\windows\system32\drivers\downld\134453.exe
c:\windows\system32\drivers\downld\137000.exe
c:\windows\system32\drivers\downld\145187.exe
c:\windows\system32\drivers\downld\14654656.exe
c:\windows\system32\drivers\downld\146593.exe
c:\windows\system32\drivers\downld\14710953.exe
c:\windows\system32\drivers\downld\14716718.exe
c:\windows\system32\drivers\downld\14769453.exe
c:\windows\system32\drivers\downld\14782718.exe
c:\windows\system32\drivers\downld\14800750.exe
c:\windows\system32\drivers\downld\14811578.exe
c:\windows\system32\drivers\downld\14863375.exe
c:\windows\system32\drivers\downld\15202812.exe
c:\windows\system32\drivers\downld\15264531.exe
c:\windows\system32\drivers\downld\154343.exe
c:\windows\system32\drivers\downld\166109.exe
c:\windows\system32\drivers\downld\177609.exe
c:\windows\system32\drivers\downld\185734.exe
c:\windows\system32\drivers\downld\213609.exe
c:\windows\system32\drivers\downld\220437.exe
c:\windows\system32\drivers\downld\224343.exe
c:\windows\system32\drivers\downld\226218.exe
c:\windows\system32\drivers\downld\229640.exe
c:\windows\system32\drivers\downld\231203.exe
c:\windows\system32\drivers\downld\231890.exe
c:\windows\system32\drivers\downld\238171.exe
c:\windows\system32\drivers\downld\241015.exe
c:\windows\system32\drivers\downld\241515.exe
c:\windows\system32\drivers\downld\241656.exe
c:\windows\system32\drivers\downld\246125.exe
c:\windows\system32\drivers\downld\249859.exe
c:\windows\system32\drivers\downld\249937.exe
c:\windows\system32\drivers\downld\252046.exe
c:\windows\system32\drivers\downld\252296.exe
c:\windows\system32\drivers\downld\253062.exe
c:\windows\system32\drivers\downld\254515.exe
c:\windows\system32\drivers\downld\258343.exe
c:\windows\system32\drivers\downld\266734.exe
c:\windows\system32\drivers\downld\289156.exe
c:\windows\system32\drivers\downld\292890.exe
c:\windows\system32\drivers\downld\303687.exe
c:\windows\system32\drivers\downld\306812.exe
c:\windows\system32\drivers\downld\47531.exe
c:\windows\system32\drivers\downld\49484.exe
c:\windows\system32\drivers\downld\50671.exe
c:\windows\system32\drivers\downld\51921.exe
c:\windows\system32\drivers\downld\54390.exe
c:\windows\system32\drivers\downld\57109.exe
c:\windows\system32\drivers\downld\58281.exe
c:\windows\system32\drivers\downld\59234.exe
c:\windows\system32\drivers\downld\60484.exe
c:\windows\system32\drivers\downld\61437.exe
c:\windows\system32\drivers\downld\62062.exe
c:\windows\system32\drivers\downld\62484.exe
c:\windows\system32\drivers\downld\66828.exe
c:\windows\system32\drivers\downld\67640.exe
c:\windows\system32\drivers\downld\68234.exe
c:\windows\system32\drivers\downld\69359.exe
c:\windows\system32\drivers\downld\72265.exe
c:\windows\system32\drivers\downld\73671.exe
c:\windows\system32\drivers\downld\76062.exe
c:\windows\system32\drivers\downld\77703.exe
c:\windows\system32\drivers\downld\78671.exe
c:\windows\system32\drivers\downld\83531.exe
c:\windows\system32\drivers\downld\83796.exe
c:\windows\system32\drivers\downld\84812.exe
c:\windows\system32\drivers\downld\84890.exe
c:\windows\system32\drivers\downld\89390.exe
c:\windows\system32\drivers\downld\89406.exe
c:\windows\system32\drivers\downld\90140.exe
c:\windows\system32\drivers\downld\90640.exe
c:\windows\system32\drivers\downld\93046.exe
c:\windows\system32\drivers\downld\97390.exe
c:\windows\system32\drivers\downld\97625.exe
c:\windows\system32\drivers\downld\99328.exe
c:\windows\system32\drivers\srosa.sys
c:\windows\system32\drivers\winfilse.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-14 au 2008-11-14 ))))))))))))))))))))))))))))))))))))
.
2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\report
2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Backup
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\VPTNFILE.653
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\LPT$VPN.653
2008-11-14 13:09 . 2008-11-14 13:09 1,961,645 --a------ c:\windows\tsc.ptn
2008-11-14 13:09 . 2008-11-14 13:09 1,213,784 --a------ c:\windows\vsapi32.dll
2008-11-14 13:09 . 2008-11-14 13:09 348,229 --a------ c:\windows\tsc.exe
2008-11-14 13:09 . 2008-11-14 13:09 91,744 --a------ c:\windows\BPMNT.dll
2008-11-14 13:09 . 2008-11-14 13:09 71,749 --a------ c:\windows\hcextoutput.dll
2008-11-14 13:09 . 2008-11-14 17:15 803 --a------ c:\windows\tsc.ini
2008-11-14 13:08 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Temp
2008-11-14 13:08 . 2008-11-14 13:08 <REP> d-------- c:\windows\AU_Log
2008-11-14 13:08 . 2008-11-14 13:08 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-14 13:08 . 2008-11-14 13:08 286,720 --a------ c:\windows\PATCH.EXE
2008-11-14 13:08 . 2008-11-14 13:08 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-14 13:08 . 2008-11-14 13:08 170 --a------ c:\windows\GetServer.ini
2008-11-14 12:47 . 2008-11-14 12:54 <REP> d-------- c:\windows\avxoscan
2008-11-14 11:49 . 1996-08-20 20:37 15,840 --a------ c:\windows\system32\Machnm1.exe
2008-11-14 11:49 . 2005-09-25 16:37 5,632 --a------ c:\windows\system32\Machnm64.sys
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\system32\118290.54
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\118294.78
2008-11-14 11:49 . 2003-08-13 00:27 2,304 --a------ c:\windows\system32\Machnm32.sys
2008-11-14 10:47 . 2008-11-14 10:47 <REP> d-------- c:\windows\Sun
2008-11-13 21:36 . 2008-11-13 21:35 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-13 21:36 . 2008-11-13 21:35 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-13 21:28 . 2008-11-14 10:47 <REP> d-------- c:\program files\Java
2008-11-13 21:27 . 2008-11-13 21:27 <REP> d-------- c:\program files\Fichiers communs\Java
2008-11-13 21:07 . 2008-11-14 10:47 <REP> d-------- c:\windows\BDOSCAN8
2008-11-13 20:31 . 2008-11-14 11:40 7,168 --a------ c:\windows\system32\drivers\srosa2.sys
2008-11-13 19:15 . 2008-11-14 15:01 <REP> d-------- c:\program files\eMule
2008-11-13 19:05 . 2008-11-13 19:57 <REP> d-------- c:\documents and settings\rv\Contacts
2008-11-13 19:03 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2008-11-13 19:01 . 2008-11-13 19:01 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-11-13 19:00 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Favorites
2008-11-13 18:59 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Toolbar
2008-11-13 18:56 . 2008-11-13 18:56 <REP> d----c--- c:\windows\system32\DRVSTORE
2008-11-13 18:48 . 2008-11-13 19:02 <REP> d-------- c:\program files\Windows Live
2008-11-13 18:48 . 2008-11-13 18:57 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
2008-11-13 18:48 . 2008-11-13 18:48 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-13 18:18 . 2008-11-13 18:18 <REP> d-------- c:\documents and settings\rv\Application Data\Yahoo!
2008-11-13 18:18 . 2008-11-13 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\program files\Yahoo!
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-13 18:11 . 2008-11-13 18:21 <REP> d-------- c:\program files\Google
2008-11-13 18:11 . 2008-11-13 19:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-11-13 13:39 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-11-13 13:39 . 2007-07-30 19:18 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\MSBuild
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\Microsoft Works
2008-11-13 13:32 . 2008-11-13 13:32 <REP> d-------- c:\program files\Microsoft.NET
2008-11-13 13:29 . 2008-11-13 13:33 <REP> d-------- c:\windows\SHELLNEW
2008-11-13 13:29 . 2008-11-13 13:29 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-13 13:28 . 2008-11-13 13:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-13 13:27 . 2008-11-13 13:27 <REP> dr-h----- C:\MSOCache
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- c:\program files\ArcSoft
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- C:\My Documents
2008-11-13 13:18 . 1999-05-26 09:46 212,480 --a------ c:\windows\system32\pcdlib32.dll
2008-11-13 13:18 . 1996-07-01 00:00 77,312 --a------ c:\windows\system32\TWAIN_32.DLL
2008-11-13 13:18 . 2008-11-13 13:18 1,325 --a------ c:\windows\photoimpression.ini
2008-11-13 13:13 . 2008-11-13 13:17 <REP> d-------- c:\program files\EPSON
2008-11-13 13:13 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
2008-11-13 13:13 . 1999-06-15 11:31 96,768 --a------ c:\windows\SlantAdj.dll
2008-11-13 13:13 . 1999-12-07 02:03 73,216 --a------ c:\windows\ADE.DLL
2008-11-13 13:13 . 1999-04-27 00:17 3,136 --a------ c:\windows\Ade001.bin
2008-11-13 13:13 . 2001-03-18 15:16 1,571 --a------ c:\windows\Faxcpp1.ini
2008-11-13 13:13 . 2001-03-18 15:16 422 --a------ c:\windows\Faxcpp.ini
2008-11-13 13:13 . 1999-08-09 23:50 72 --a------ c:\windows\system32\epDPE.ini
2008-11-13 13:12 . 2008-11-14 11:48 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-11-13 13:12 . 2008-11-14 12:39 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2008-11-13 13:09 . 2008-11-13 13:09 <REP> d-------- c:\program files\Canon
2008-11-13 13:07 . 2004-08-03 22:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-13 13:06 . 2008-11-13 13:06 <REP> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2008-11-13 13:06 . 2006-07-10 19:00 139,776 --a------ c:\windows\system32\CNMLM74.DLL
2008-11-13 13:06 . 2005-03-08 08:17 90,112 -ra------ c:\windows\system32\CNMCP74.exe
2008-11-13 13:06 . 2006-07-10 19:00 8,704 --a------ c:\windows\system32\CNMVS74.DLL
2008-11-13 12:21 . 2008-11-13 12:25 <REP> d-------- c:\documents and settings\rv\Application Data\vlc
2008-11-13 12:14 . 2008-11-13 12:14 <REP> d-------- c:\program files\VideoLAN
2008-11-13 11:52 . 2008-11-13 20:33 <REP> d-------- c:\program files\Neuf
2008-11-13 11:24 . 2008-11-13 11:40 <REP> d-------- C:\TEMP
2008-11-13 11:22 . 2008-11-13 11:22 <REP> d-------- c:\program files\Alwil Software
2008-11-13 11:18 . 2008-11-13 11:18 <REP> d---s---- c:\documents and settings\rv\UserData
2008-11-12 23:06 . 2008-08-28 11:35 333,056 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-12 23:06 . 2008-06-14 18:59 272,768 --------- c:\windows\system32\drivers\bthport.sys
2008-11-12 23:06 . 2008-06-14 18:59 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-12 23:06 . 2008-08-14 10:51 138,368 -----c--- c:\windows\system32\dllcache\afd.sys
2008-11-12 23:05 . 2006-12-07 06:29 2,374,472 -----c--- c:\windows\system32\dllcache\wmvcore.dll
2008-11-12 23:05 . 2008-08-14 14:44 2,182,400 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,138,112 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,059,776 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,017,792 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-12 23:05 . 2008-09-15 16:14 1,847,040 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-12 23:05 . 2008-10-24 12:25 455,936 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 23:05 . 2008-05-01 15:31 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2008-11-12 23:05 . 2008-05-08 13:28 202,752 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-11-12 23:04 . 2008-09-04 17:45 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 23:04 . 2008-04-11 19:40 683,520 -----c--- c:\windows\system32\dllcache\inetcomm.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-14 16:23 --------- d-----w c:\program files\UberIcon
2008-11-12 21:50 --------- d-----w c:\program files\JDoe Tools
2008-11-12 20:47 --------- d-----w c:\program files\microsoft frontpage
2008-11-12 20:45 --------- d-----w c:\program files\Real Alternative
2008-11-12 20:45 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-11-12 20:45 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-12 20:44 --------- d-----w c:\program files\QuickTime Alternative
2008-11-12 20:44 --------- d-----w c:\program files\Media Player Classic
2008-11-12 20:42 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-12 20:40 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-09-15 15:14 1,847,040 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-20 05:33 671,744 ----a-w c:\windows\system32\wininet.dll
2008-08-14 13:44 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 11:46 160496 --a------ c:\program files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-22 7311360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-22 86016]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-13 136600]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-14 81000]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
R1 sK9Ou0s;sK9Ou0s;c:\windows\system32\drivers\srosa2.sys [2008-11-14 7168]
R3 USBSTOR;Pilote de stockage de masse USB;c:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26368]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [ ]
S3 usbscan;Pilote de scanneur USB;c:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'
2008-11-14 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -
HKCU-Run-UberIcon - c:\program files\UberIcon\UberIcon Manager.exe
HKCU-Run-eddzaq - c:\documents and settings\rv\local settings\application data\eddzaq.exe
HKLM-Run-nwiz - nwiz.exe
HKU-Default-Run-UberIcon - c:\program files\UberIcon\UberIcon Manager.exe
.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://fr.yahoo.com
R0 -: HKLM-Main,Start Page = hxxp://fr.yahoo.com
R1 -: HKCU-SearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
O8 -: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 -: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
O17 -: HKLM\CCS\Interface\{87F3B734-941B-437F-B281-E317F628EED0}: NameServer = 192.168.1.1
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\bdoscandellang.ini
c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-14 17:24:02
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srosa]
.
Heure de fin: 2008-11-14 17:26:00
ComboFix-quarantined-files.txt 2008-11-14 16:25:58
Avant-CF: 73,373,966,336 octets libres
Après-CF: 73,340,260,352 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
465 --- E O F --- 2008-11-12 22:11:36
Merci d'avance à celui qui m'aidera 
Merci bien, voilà le rapport :
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1398
Windows 5.1.2600 Service Pack 2
14/11/2008 19:15:48
mbam-log-2008-11-14 (19-15-48).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 71609
Temps écoulé: 31 minute(s), 47 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c
windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\cmdow.exe (Malware.Tool) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
Re,
Voilà, désolé pour le temps d'attente mais je n'avais pas accès au PC, bon maintenant je ne peux plus ouvrir de page internet (avec iexplorer....)
Voici le rapport
ComboFix 08-11-19.08 - rv 2008-11-20 18:35:02.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.47 [GMT 1:00]
Lancé depuis: G:\killbaggle.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\srosa2.sys
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-20 au 2008-11-20 ))))))))))))))))))))))))))))))))))))
.
2008-11-19 20:27 . 2008-11-19 20:27 69 --a------ c:\windows\NeroDigital.ini
2008-11-19 20:23 . 2008-11-19 20:23 <REP> d--h----- c:\windows\msdownld.tmp
2008-11-19 20:23 . 2008-11-19 20:23 759 --a------ c:\windows\system32\spupdsvc.inf
2008-11-19 20:10 . 2008-09-19 22:57 120,056 --------- c:\windows\system32\pxcpyi64.exe
2008-11-19 20:10 . 2008-09-19 22:57 118,520 --------- c:\windows\system32\pxinsi64.exe
2008-11-19 20:09 . 2008-11-19 20:11 <REP> d-------- c:\program files\DivX
2008-11-19 19:45 . 2008-11-19 19:45 <REP> d-------- c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP
2008-11-19 19:45 . 2008-11-19 19:45 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
2008-11-19 14:52 . 2008-11-19 14:52 <REP> d-------- c:\windows\system32\fr-fr
2008-11-19 14:41 . 2008-11-19 20:09 <REP> d-------- c:\documents and settings\rv\Application Data\DivX
2008-11-19 12:59 . 2008-11-19 12:59 <REP> d-------- c:\documents and settings\rv\Application Data\Ahead
2008-11-18 14:53 . 2008-11-18 14:53 <REP> d-------- c:\program files\SlySoft
2008-11-18 14:47 . 2008-11-18 14:47 223,128 --a------ c:\windows\system32\drivers\vaxscsi.sys
2008-11-18 14:46 . 2008-11-18 14:48 <REP> d-------- c:\program files\Alcohol Soft
2008-11-18 14:43 . 2008-11-18 14:43 642,560 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-18 14:43 . 2008-11-18 14:43 96,384 --a------ c:\windows\system32\drivers\sptd1389.sys
2008-11-17 17:56 . 2008-11-17 17:56 <REP> d-------- c:\program files\MSXML 4.0
2008-11-16 14:15 . 2008-11-17 16:08 <REP> d-------- c:\program files\adslTV
2008-11-16 14:00 . 2008-11-16 14:00 <REP> d-------- c:\documents and settings\rv\Application Data\Todae
2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\program files\Winamp Toolbar
2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\program files\Winamp Remote
2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar
2008-11-16 13:52 . 2008-11-17 10:58 <REP> d-------- c:\documents and settings\All Users\Application Data\OrbNetworks
2008-11-16 13:50 . 2008-11-16 13:53 <REP> d-------- c:\program files\Winamp
2008-11-16 13:50 . 2008-11-16 13:56 <REP> d-------- c:\documents and settings\rv\Application Data\Winamp
2008-11-16 10:03 . 2008-11-16 10:11 <REP> d-------- c:\documents and settings\rv\Application Data\dvdcss
2008-11-15 20:14 . 2008-11-15 20:14 <REP> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
2008-11-15 20:14 . 2008-11-15 20:16 4,212 ---h----- c:\windows\system32\zllictbl.dat
2008-11-15 20:13 . 2008-11-15 20:13 75,932 --a------ c:\windows\system32\drivers\klick.dat
2008-11-15 20:13 . 2008-11-15 20:13 74,396 --a------ c:\windows\system32\drivers\klin.dat
2008-11-15 20:13 . 2008-11-15 20:45 67,616 --ahs---- c:\windows\system32\drivers\fidbox.dat
2008-11-15 20:13 . 2007-06-21 21:55 54,672 --a------ c:\windows\system32\vsutil_loc040c.dll
2008-11-15 20:13 . 2007-06-21 21:55 42,384 --a------ c:\windows\zllsputility_loc040c.dll
2008-11-15 20:13 . 2007-06-21 21:55 21,904 --a------ c:\windows\system32\imsinstall_loc040c.dll
2008-11-15 20:13 . 2007-06-21 21:55 17,808 --a------ c:\windows\system32\imslsp_install_loc040c.dll
2008-11-15 20:13 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dll
2008-11-15 20:13 . 2008-11-15 20:45 1,868 --ahs---- c:\windows\system32\drivers\fidbox.idx
2008-11-15 20:12 . 2008-11-15 20:50 <REP> d-------- c:\windows\system32\ZoneLabs
2008-11-15 20:12 . 2008-11-15 20:12 <REP> d-------- c:\program files\Zone Labs
2008-11-15 20:12 . 2007-05-31 00:03 110,360 --a------ c:\windows\system32\drivers\kl1.sys
2008-11-15 20:11 . 2008-11-15 20:51 <REP> d-------- c:\windows\Internet Logs
2008-11-15 16:47 . 2008-11-19 19:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-15 16:00 . 2008-11-15 16:04 <REP> d-------- c:\program files\Spybot - Search & Destroy
2008-11-15 16:00 . 2008-11-15 18:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-15 13:48 . 2008-11-15 13:48 <REP> d-------- c:\program files\splus
2008-11-15 13:48 . 2005-10-17 18:13 447,488 --a------ c:\windows\system32\splus.cpl
2008-11-15 11:51 . 2008-11-15 11:51 <REP> d-------- C:\fsaua.data
2008-11-15 10:53 . 2008-11-15 15:30 <REP> d-------- c:\windows\system32\CatRoot_bak
2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\documents and settings\rv\Application Data\Malwarebytes
2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-14 18:27 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-14 18:27 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\report
2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Backup
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\VPTNFILE.653
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\LPT$VPN.653
2008-11-14 13:09 . 2008-11-14 13:09 1,961,645 --a------ c:\windows\tsc.ptn
2008-11-14 13:09 . 2008-11-14 13:09 1,213,784 --a------ c:\windows\vsapi32.dll
2008-11-14 13:09 . 2008-11-14 13:09 348,229 --a------ c:\windows\tsc.exe
2008-11-14 13:09 . 2008-11-14 13:09 91,744 --a------ c:\windows\BPMNT.dll
2008-11-14 13:09 . 2008-11-14 13:09 71,749 --a------ c:\windows\hcextoutput.dll
2008-11-14 13:09 . 2008-11-14 17:15 803 --a------ c:\windows\tsc.ini
2008-11-14 13:08 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Temp
2008-11-14 13:08 . 2008-11-14 13:08 <REP> d-------- c:\windows\AU_Log
2008-11-14 13:08 . 2008-11-14 13:08 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-14 13:08 . 2008-11-14 13:08 286,720 --a------ c:\windows\PATCH.EXE
2008-11-14 13:08 . 2008-11-14 13:08 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-14 13:08 . 2008-11-14 13:08 170 --a------ c:\windows\GetServer.ini
2008-11-14 12:47 . 2008-11-14 12:54 <REP> d-------- c:\windows\avxoscan
2008-11-14 11:49 . 1996-08-20 20:37 15,840 --a------ c:\windows\system32\Machnm1.exe
2008-11-14 11:49 . 2005-09-25 16:37 5,632 --a------ c:\windows\system32\Machnm64.sys
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\system32\118290.54
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\118294.78
2008-11-14 11:49 . 2003-08-13 00:27 2,304 --a------ c:\windows\system32\Machnm32.sys
2008-11-14 10:47 . 2008-11-14 10:47 <REP> d-------- c:\windows\Sun
2008-11-13 21:36 . 2008-11-13 21:35 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-13 21:36 . 2008-11-13 21:35 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-13 21:28 . 2008-11-14 10:47 <REP> d-------- c:\program files\Java
2008-11-13 21:27 . 2008-11-13 21:27 <REP> d-------- c:\program files\Fichiers communs\Java
2008-11-13 21:07 . 2008-11-14 10:47 <REP> d-------- c:\windows\BDOSCAN8
2008-11-13 19:15 . 2008-11-20 12:46 <REP> d-------- c:\program files\eMule
2008-11-13 19:05 . 2008-11-13 19:57 <REP> d-------- c:\documents and settings\rv\Contacts
2008-11-13 19:03 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2008-11-13 19:01 . 2008-11-13 19:01 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-11-13 19:00 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Favorites
2008-11-13 18:59 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Toolbar
2008-11-13 18:56 . 2008-11-13 18:56 <REP> d----c--- c:\windows\system32\DRVSTORE
2008-11-13 18:48 . 2008-11-13 19:02 <REP> d-------- c:\program files\Windows Live
2008-11-13 18:48 . 2008-11-13 18:57 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
2008-11-13 18:48 . 2008-11-13 18:48 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-13 18:18 . 2008-11-13 18:18 <REP> d-------- c:\documents and settings\rv\Application Data\Yahoo!
2008-11-13 18:18 . 2008-11-13 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\program files\Yahoo!
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-13 18:11 . 2008-11-13 18:21 <REP> d-------- c:\program files\Google
2008-11-13 18:11 . 2008-11-19 20:01 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-11-13 13:39 . 2008-07-18 22:07 270,880 --a------ c:\windows\system32\mucltui.dll
2008-11-13 13:39 . 2008-07-18 22:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\MSBuild
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\Microsoft Works
2008-11-13 13:32 . 2008-11-13 13:32 <REP> d-------- c:\program files\Microsoft.NET
2008-11-13 13:29 . 2008-11-13 13:33 <REP> d-------- c:\windows\SHELLNEW
2008-11-13 13:29 . 2008-11-13 13:29 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-13 13:28 . 2008-11-14 20:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-13 13:27 . 2008-11-13 13:27 <REP> dr-h----- C:\MSOCache
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- c:\program files\ArcSoft
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- C:\My Documents
2008-11-13 13:18 . 1999-05-26 09:46 212,480 --a------ c:\windows\system32\pcdlib32.dll
2008-11-13 13:18 . 1996-07-01 00:00 77,312 --a------ c:\windows\system32\TWAIN_32.DLL
2008-11-13 13:18 . 2008-11-13 13:18 1,325 --a------ c:\windows\photoimpression.ini
2008-11-13 13:13 . 2008-11-13 13:17 <REP> d-------- c:\program files\EPSON
2008-11-13 13:13 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
2008-11-13 13:13 . 1999-06-15 11:31 96,768 --a------ c:\windows\SlantAdj.dll
2008-11-13 13:13 . 1999-12-07 02:03 73,216 --a------ c:\windows\ADE.DLL
2008-11-13 13:13 . 1999-04-27 00:17 3,136 --a------ c:\windows\Ade001.bin
2008-11-13 13:13 . 2001-03-18 15:16 1,571 --a------ c:\windows\Faxcpp1.ini
2008-11-13 13:13 . 2001-03-18 15:16 422 --a------ c:\windows\Faxcpp.ini
2008-11-13 13:13 . 1999-08-09 23:50 72 --a------ c:\windows\system32\epDPE.ini
2008-11-13 13:12 . 2008-11-14 11:48 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-11-13 13:12 . 2008-11-14 12:39 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2008-11-13 13:09 . 2008-11-13 13:09 <REP> d-------- c:\program files\Canon
2008-11-13 13:07 . 2004-08-03 22:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-13 13:06 . 2008-11-13 13:06 <REP> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2008-11-13 13:06 . 2006-07-10 19:00 139,776 --a------ c:\windows\system32\CNMLM74.DLL
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-14 16:23 --------- d-----w c:\program files\UberIcon
2008-11-12 21:50 --------- d-----w c:\program files\JDoe Tools
2008-11-12 20:47 --------- d-----w c:\program files\microsoft frontpage
2008-11-12 20:45 --------- d-----w c:\program files\Real Alternative
2008-11-12 20:45 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-11-12 20:45 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-12 20:44 --------- d-----w c:\program files\QuickTime Alternative
2008-11-12 20:44 --------- d-----w c:\program files\Media Player Classic
2008-11-12 20:42 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-12 20:40 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2007-09-26 17:31 2,532,922 ----a-w c:\windows\inf\SET6B.tmp
.
((((((((((((((((((((((((((((( snapshot@2008-11-14_17.25.20.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-13 12:32:55 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-14 19:08:10 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-02-27 14:59:28 290,816 ----a-w c:\windows\Downloaded Program Files\auc_lib.dll
+ 2008-02-27 14:59:28 495,616 ----a-w c:\windows\Downloaded Program Files\daas_s.dll
+ 2008-02-27 15:00:12 262,144 ----a-w c:\windows\Downloaded Program Files\fscax.dll
+ 2008-02-27 14:59:16 588,392 ----a-w c:\windows\Downloaded Program Files\gatelauncher.exe
+ 2008-11-18 13:54:12 37,376 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustCall64.dll
+ 2008-11-18 13:54:12 22,195 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustomCall.dll
+ 2008-11-18 13:54:12 73,728 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustomCalla.dll
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2004-08-03 23:54:22 61,440 -c----w c:\windows\ie7\admparse.dll
+ 2004-08-03 23:54:22 101,888 -c----w c:\windows\ie7\advpack.dll
+ 2004-08-03 23:54:24 35,328 -c----w c:\windows\ie7\corpol.dll
+ 2008-08-20 05:33:45 357,888 -c----w c:\windows\ie7\dxtmsft.dll
+ 2008-08-20 05:33:45 205,312 -c----w c:\windows\ie7\dxtrans.dll
+ 2008-08-20 05:33:45 55,808 -c----w c:\windows\ie7\extmgr.dll
+ 2004-08-03 23:54:28 38,912 -c----w c:\windows\ie7\hmmapi.dll
+ 2004-08-03 23:54:52 34,304 -c----w c:\windows\ie7\ie4uinit.exe
+ 2004-08-03 23:54:28 139,264 -c----w c:\windows\ie7\ieakeng.dll
+ 2005-11-11 22:17:47 1,345,536 -c----w c:\windows\ie7\ieaksie.dll
+ 2001-08-28 12:00:00 245,760 -c----w c:\windows\ie7\ieakui.dll
+ 2004-08-03 23:54:28 323,584 -c----w c:\windows\ie7\iedkcs32.dll
+ 2008-08-19 09:38:57 18,432 -c----w c:\windows\ie7\iedw.exe
+ 2004-08-03 23:54:28 81,920 -c----w c:\windows\ie7\ieencode.dll
+ 2008-08-20 05:33:45 251,904 -c----w c:\windows\ie7\iepeers.dll
+ 2004-08-03 23:54:28 49,152 -c----w c:\windows\ie7\iernonce.dll
+ 2004-08-03 23:54:28 63,488 -c----w c:\windows\ie7\iesetup.dll
+ 2006-05-23 10:09:46 2,981,888 -c----w c:\windows\ie7\iexplore.exe
+ 2004-08-03 23:54:30 35,840 -c----w c:\windows\ie7\imgutil.dll
+ 2008-08-20 05:33:45 96,768 -c----w c:\windows\ie7\inseng.dll
+ 2007-12-18 14:41:58 450,560 -c----w c:\windows\ie7\jscript.dll
+ 2008-08-20 05:33:46 16,384 -c----w c:\windows\ie7\jsproxy.dll
+ 2004-08-03 23:54:30 22,528 -c----w c:\windows\ie7\licmgr10.dll
+ 2004-08-03 23:54:58 29,184 -c----w c:\windows\ie7\mshta.exe
+ 2008-08-20 05:33:48 3,088,384 -c----w c:\windows\ie7\mshtml.dll
+ 2008-08-20 05:33:46 449,024 -c----w c:\windows\ie7\mshtmled.dll
+ 2004-08-03 23:53:16 57,344 -c----w c:\windows\ie7\mshtmler.dll
+ 2001-08-28 12:00:00 146,432 -c----w c:\windows\ie7\msls31.dll
+ 2008-08-20 05:33:45 146,432 -c----w c:\windows\ie7\msrating.dll
+ 2008-08-20 05:33:45 532,480 -c----w c:\windows\ie7\mstime.dll
+ 2005-11-12 21:02:04 377,344 -c----w c:\windows\ie7\occache.dll
+ 2008-08-20 05:33:45 39,424 -c----w c:\windows\ie7\pngfilt.dll
+ 2007-09-26 17:34:42 33,472 -c----w c:\windows\ie7\spuninst\iecustom.dll
+ 2007-09-26 17:32:30 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:28 216,800 -c----w c:\windows\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:30 394,976 -c----w c:\windows\ie7\spuninst\updspapi.dll
+ 2005-11-13 14:53:42 663,040 -c----w c:\windows\ie7\url.dll
+ 2008-08-20 05:33:47 621,056 -c----w c:\windows\ie7\urlmon.dll
+ 2007-12-18 14:41:59 417,792 -c----w c:\windows\ie7\vbscript.dll
+ 2006-04-09 12:35:50 848,896 -c----w c:\windows\ie7\vgx.dll
+ 2006-03-16 19:44:09 1,295,360 -c----w c:\windows\ie7\webcheck.dll
+ 2008-08-20 05:33:46 671,744 -c----w c:\windows\ie7\wininet.dll
+ 2006-10-27 14:16:36 133,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CONTAB32.DLL
+ 2006-10-26 19:55:32 87,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\DLGSETP.DLL
+ 2006-10-27 14:07:36 17,891,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\EXCEL.EXE
+ 2006-10-26 19:55:48 340,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
+ 2006-10-27 14:04:08 497,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL
+ 2006-10-27 14:26:40 16,870,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 14:04:10 9,581,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSPUB.EXE
+ 2006-10-26 19:42:36 8,423,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OARTCONV.DLL
+ 2006-10-27 14:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-27 14:16:46 2,939,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
+ 2006-10-26 19:34:12 660,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
+ 2006-10-26 19:34:10 192,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSXP32.DLL
+ 2006-09-15 15:25:18 3,611,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
+ 2006-10-27 14:16:44 594,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
+ 2006-10-27 14:16:48 12,813,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
+ 2006-10-27 14:16:40 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLPH.DLL
+ 2006-10-27 14:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 14:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-11-13 12:32:55 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 19:09:36 136,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL
+ 2006-10-26 19:55:54 413,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
+ 2006-10-27 14:04:06 624,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL
+ 2006-10-26 19:09:44 590,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PUBCONV.DLL
+ 2006-10-26 19:55:44 263,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SCNPST32.DLL
+ 2006-10-26 19:55:44 272,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SCNPST64.DLL
+ 2006-10-27 14:23:04 347,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WINWORD.EXE
+ 2006-10-27 14:11:38 4,235,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
+ 2006-10-27 14:11:36 21,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
+ 2006-10-27 14:23:08 17,483,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WWLIB.DLL
+ 2006-10-26 20:13:08 14,674,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\XL12CNV.EXE
+ 2006-10-26 20:17:08 11,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\XLCALL32.DLL
+ 2008-11-17 16:56:05 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-11-13 12:34:34 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-14 19:11:23 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2008-11-13 12:34:35 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-14 19:11:24 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-11-13 12:34:35 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-14 19:11:23 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2008-11-13 12:34:35 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-14 19:11:24 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
- 2008-11-13 12:34:35 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-14 19:11:24 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-11-13 12:34:35 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-11-14 19:11:24 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-11-13 12:34:35 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-14 19:11:23 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2008-11-13 12:34:35 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-11-14 19:11:24 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2008-11-13 12:34:35 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-14 19:11:24 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2008-11-13 12:34:35 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-14 19:11:24 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-11-13 12:34:35 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-14 19:11:23 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-11-12 20:41:11 8,738 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
+ 2008-11-14 17:31:16 8,972 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
- 2008-11-12 20:41:08 86,331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
+ 2008-11-14 17:39:20 86,331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
- 2008-11-12 20:41:11 2,116 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
+ 2008-11-14 17:39:20 2,430 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
- 2004-08-03 23:54:22 61,440 ----a-w c:\windows\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
- 2004-08-03 23:54:22 101,888 ----a-w c:\windows\system32\advpack.dll
+ 2007-08-13 17:39:00 123,904 ----a-w c:\windows\system32\advpack.dll
+ 2008-11-18 13:50:49 34,308 ----a-w c:\windows\system32\BASSMOD.dll
- 2007-07-30 18:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
+ 1998-07-12 22:00:00 32,768 ----a-w c:\windows\system32\CMDLGFR.DLL
+ 2008-11-18 14:13:59 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_2cc.dat
+ 2008-11-20 17:40:15 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_564.dat
+ 2008-11-20 17:17:29 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_690.dat
- 2004-08-03 23:54:24 35,328 ----a-w c:\windows\system32\corpol.dll
+ 2007-08-13 17:42:54 17,408 ----a-w c:\windows\system32\corpol.dll
+ 2008-10-28 22:35:56 684,032 ----a-w c:\windows\system32\DivX.dll
+ 2008-10-28 22:36:00 823,296 ----a-w c:\windows\system32\divx_xx07.dll
+ 2008-10-28 22:35:58 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
+ 2008-10-28 22:36:00 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
+ 2008-10-28 22:35:58 802,816 ----a-w c:\windows\system32\divx_xx11.dll
+ 2008-09-25 08:03:18 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
+ 2008-09-25 08:03:44 524,288 ----a-w c:\windows\system32\DivXsm.exe
+ 2008-09-19 21:54:18 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
+ 2007-08-13 17:39:20 71,680 -c----w c:\windows\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:00 123,904 -c----w c:\windows\system32\dllcache\advpack.dll
+ 2007-08-13 17:42:54 17,408 -c----w c:\windows\system32\dllcache\corpol.dll
+ 2007-08-13 17:54:10 33,792 -c----w c:\windows\system32\dllcache\custsat.dll
- 2008-08-20 05:33:45 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-20 05:33:45 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll
+ 2007-08-13 17:35:38 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-20 05:33:45 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 17:54:10 131,584 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 17:18:02 60,416 -c----w c:\windows\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:39:06 54,784 -c----w c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-13 17:39:50 382,976 -c----w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-08-19 09:38:57 18,432 -c----w c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 17:45:18 78,336 -c----w c:\windows\system32\dllcache\ieencode.dll
- 2008-08-20 05:33:45 251,904 -c----w c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 17:39:10 43,008 -c----w c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-13 17:39:12 55,296 -c----w c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 17:43:56 622,080 -c----w c:\windows\system32\dllcache\iexplore.exe
+ 2007-08-13 17:36:06 36,352 -c----w c:\windows\system32\dllcache\imgutil.dll
- 2008-08-20 05:33:45 96,768 -c----w c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
- 2007-12-18 14:41:58 450,560 -c----w c:\windows\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll
- 2008-08-20 05:33:46 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 17:54:10 27,136 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 17:44:18 40,960 -c----w c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:32:30 45,568 -c----w c:\windows\system32\dllcache\mshta.exe
- 2008-08-20 05:33:48 3,088,384 -c----w c:\windows\system32\dllcache\mshtml.dll
+ 2007-08-13 17:54:12 3,578,368 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-20 05:33:46 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-13 17:54:10 475,648 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-13 17:01:12 48,128 -c----w c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:54:10 156,160 -c----w c:\windows\system32\dllcache\msls31.dll
- 2008-08-20 05:33:45 146,432 -c----w c:\windows\system32\dllcache\msrating.dll
+ 2007-08-13 17:44:26 192,000 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-20 05:33:45 532,480 -c----w c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 17:54:10 670,720 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w c:\windows\system32\dllcache\occache.dll
- 2008-08-20 05:33:45 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2007-08-13 17:44:30 105,984 -c----w c:\windows\system32\dllcache\url.dll
- 2008-08-20 05:33:47 621,056 -c----w c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 17:54:10 1,162,240 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2007-12-18 14:41:59 417,792 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w c:\windows\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 765,952 -c----w c:\windows\system32\dllcache\VGX.dll
+ 2007-08-13 17:54:10 231,424 -c----w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-20 05:33:46 671,744 -c----w c:\windows\system32\dllcache\wininet.dll
+ 2007-08-13 17:54:10 818,688 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-09-25 08:03:38 81,920 ----a-w c:\windows\system32\dpl100.dll
+ 2008-09-25 08:03:30 294,912 ----a-w c:\windows\system32\dpu10.dll
+ 2008-09-25 08:03:30 294,912 ----a-w c:\windows\system32\dpu11.dll
+ 2008-09-25 08:03:34 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
+ 2008-09-25 08:03:32 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
+ 2008-09-25 08:03:32 344,064 ----a-w c:\windows\system32\dpus11.dll
+ 2008-09-25 08:03:32 57,344 ----a-w c:\windows\system32\dpv11.dll
+ 2008-11-12 16:51:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-12 16:53:27 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-12 16:54:19 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-12 16:52:28 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-12 16:53:38 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-12 16:52:37 50,656 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2007-03-07 23:51:00 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
+ 2007-03-07 23:51:00 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
+ 2005-05-03 15:34:02 27,392 ----a-w c:\windows\system32\drivers\ElbyCDFL.sys
+ 2005-04-21 11:40:36 10,624 ----a-w c:\windows\system32\drivers\ElbyCDIO.sys
+ 2007-05-30 23:03:50 119,576 ----a-w c:\windows\system32\drivers\klif.sys
+ 2007-03-07 23:51:00 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys
+ 2008-09-25 08:03:38 196,608 ----a-w c:\windows\system32\dtu100.dll
- 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2007-08-13 17:35:38 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2006-01-17 21:36:56 69,632 ----a-w c:\windows\system32\ElbyCDIO.dll
- 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2007-08-13 17:54:10 131,584 ----a-w c:\windows\system32\extmgr.dll
+ 2007-08-13 17:36:26 61,952 ------w c:\windows\system32\icardie.dll
+ 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
- 2004-08-03 23:54:52 34,304 ----a-w c:\windows\system32\ie4uinit.exe
+ 2007-08-13 17:39:06 54,784 ----a-w c:\windows\system32\ie4uinit.exe
- 2004-08-03 23:54:28 139,264 ----a-w c:\windows\system32\ieakeng.dll
+ 2007-08-13 17:39:26 152,064 ----a-w c:\windows\system32\ieakeng.dll
- 2005-11-11 22:17:47 1,345,536 ----a-w c:\windows\system32\ieaksie.dll
+ 2007-08-13 17:39:54 229,376 ----a-w c:\windows\system32\ieaksie.dll
- 2001-08-28 12:00:00 245,760 ----a-w c:\windows\system32\ieakui.dll
+ 2007-08-13 16:56:54 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 ------w c:\windows\system32\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 ------w c:\windows\system32\ieapfltr.dll
- 2004-08-03 23:54:28 323,584 ----a-w c:\windows\system32\iedkcs32.dll
+ 2007-08-13 17:39:50 382,976 ----a-w c:\windows\system32\iedkcs32.dll
- 2004-08-03 23:54:28 81,920 ----a-w c:\windows\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w c:\windows\system32\ieencode.dll
+ 2007-08-13 17:54:10 6,049,280 ------w c:\windows\system32\ieframe.dll
- 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
- 2004-08-03 23:54:28 49,152 ----a-w c:\windows\system32\iernonce.dll
+ 2007-08-13 17:39:10 43,008 ----a-w c:\windows\system32\iernonce.dll
+ 2007-08-13 17:34:04 266,752 ------w c:\windows\system32\iertutil.dll
- 2004-08-03 23:54:28 63,488 ----a-w c:\windows\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
+ 2007-08-13 17:39:10 13,312 ----a-w c:\windows\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll
- 2004-08-03 23:54:30 35,840 ----a-w c:\windows\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
+ 1998-07-12 22:00:00 15,360 ----a-w c:\windows\system32\INETFR.DLL
- 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
- 2007-12-18 14:41:58 450,560 ----a-w c:\windows\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w c:\windows\system32\jscript.dll
- 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2007-08-13 17:54:10 27,136 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-09-19 21:55:58 1,044,480 ----a-w c:\windows\system32\libdivx.dll
- 2004-08-03 23:54:30 22,528 ----a-w c:\windows\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
+ 1998-07-12 22:00:00 59,904 ----a-w c:\windows\system32\MSCC2FR.DLL
+ 2007-08-13 17:54:10 458,752 ------w c:\windows\system32\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 ------w c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
- 2004-08-03 23:54:58 29,184 ----a-w c:\windows\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
- 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\mshtml.dll
+ 2007-08-13 17:54:12 3,578,368 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2007-08-13 17:54:10 475,648 ----a-w c:\windows\system32\mshtmled.dll
- 2004-08-03 23:53:16 57,344 ----a-w c:\windows\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
- 2001-08-28 12:00:00 146,432 ----a-w c:\windows\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
- 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2007-08-13 17:44:26 192,000 ----a-w c:\windows\system32\msrating.dll
- 2006-07-24 09:50:38 125,744 ----a-w c:\windows\system32\MSSTDFMT.DLL
+ 2004-02-22 22:00:00 119,808 ----a-w c:\windows\system32\MSSTDFMT.DLL
- 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2007-08-13 17:54:10 670,720 ----a-w c:\windows\system32\mstime.dll
- 2004-02-23 19:42:40 1,386,496 ----a-w c:\windows\system32\MSVBVM60.DLL
+ 2004-02-23 18:42:40 1,386,496 ----a-w c:\windows\system32\msvbvm60.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
+ 2003-04-18 15:29:26 82,432 ----a-w c:\windows\system32\msxml4r.dll
- 2007-07-30 18:19:04 207,736 ----a-w c:\windows\system32\muweb.dll
+ 2008-07-18 21:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
+ 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
+ 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll
- 2005-11-12 21:02:04 377,344 ----a-w c:\windows\system32\occache.dll
+ 2007-08-13 17:44:06 101,376 ----a-w c:\windows\system32\occache.dll
+ 1998-07-12 22:00:00 9,728 ----a-w c:\windows\system32\PCCLPFR.DLL
- 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-09-19 21:57:30 551,672 ------w c:\windows\system32\px.dll
+ 2008-09-19 21:57:30 129,784 ------w c:\windows\system32\pxafs.dll
+ 2008-09-19 21:57:30 66,296 ------w c:\windows\system32\pxcpya64.exe
+ 2008-09-19 21:57:32 518,904 ------w c:\windows\system32\pxdrv.dll
+ 2008-09-19 21:57:32 72,440 ------w c:\windows\system32\pxhpinst.exe
+ 2008-09-19 21:57:30 64,760 ------w c:\windows\system32\pxinsa64.exe
+ 2008-09-19 21:57:32 187,128 ------w c:\windows\system32\pxmas.dll
+ 2008-09-19 21:57:32 1,628,920 ------w c:\windows\system32\pxsfs.dll
+ 2008-09-19 21:57:32 379,640 ------w c:\windows\system32\pxwave.dll
+ 2008-09-19 21:57:34 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
- 2008-11-14 09:47:32 490,048 ----a-w c:\windows\system32\Restore\rstrlog.dat
+ 2008-11-19 18:46:21 651,028 ----a-w c:\windows\system32\Restore\rstrlog.dat
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
+ 2008-09-19 21:55:58 200,704 ----a-w c:\windows\system32\ssldivx.dll
+ 1998-07-12 22:00:00 6,656 ----a-w c:\windows\system32\STDFTFR.DLL
- 2005-11-13 14:53:42 663,040 ----a-w c:\windows\system32\url.dll
+ 2007-08-13 17:44:30 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\urlmon.dll
+ 2007-08-13 17:54:10 1,162,240 ----a-w c:\windows\system32\urlmon.dll
+ 2000-10-02 07:40:18 119,568 ----a-w c:\windows\system32\VB6FR.DLL
+ 2000-07-14 22:00:00 101,888 ----a-w c:\windows\system32\VB6STKIT.DLL
- 2007-12-18 14:41:59 417,792 ----a-w c:\windows\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w c:\windows\system32\vbscript.dll
+ 2008-09-19 21:57:30 88,824 ------w c:\windows\system32\vxblock.dll
- 2006-03-16 19:44:09 1,295,360 ----a-w c:\windows\system32\webcheck.dll
+ 2007-08-13 17:54:10 231,424 ----a-w c:\windows\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
- 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\wininet.dll
+ 2007-08-13 17:54:10 818,688 ----a-w c:\windows\system32\wininet.dll
- 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2007-07-30 18:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2007-07-30 18:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2007-07-30 18:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2007-07-30 18:19:28 203,096 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2006-07-14 15:51:51 121,856 ------w c:\windows\system32\xmllite.dll
+ 2007-06-21 20:55:26 26,000 ----a-w c:\windows\system32\ZoneLabs\av_loc040c.dll
+ 2007-05-30 23:03:30 65,248 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2006-06-30 13:47:36 21,568 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2007-05-30 23:03:30 1,628 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\pdmkl.dat
+ 2007-05-30 23:03:16 77,824 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-30 23:03:16 110,592 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-30 23:03:16 331,776 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-30 23:03:16 38,400 ----a-w c:\windows\system32\ZoneLabs\avsys\FSSync.dll
+ 2006-09-19 22:12:14 208,960 ----a-w c:\windows\system32\ZoneLabs\avsys\inv.dll
+ 2007-05-30 23:03:16 258,048 ----a-w c:\windows\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 17:13:52 1,093,632 ----a-w c:\windows\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-30 23:03:20 548,864 ----a-w c:\windows\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-30 23:03:20 626,688 ----a-w c:\windows\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-30 23:03:18 184,320 ----a-w c:\windows\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-30 23:03:22 90,112 ----a-w c:\windows\system32\ZoneLabs\avsys\prremote.dll
+ 2007-05-30 23:03:18 118,784 ----a-w c:\windows\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2006-12-19 17:13:52 200,704 ----a-w c:\windows\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-06-21 20:55:26 17,808 ----a-w c:\windows\system32\ZoneLabs\camupd_loc040c.dll
+ 2007-06-21 20:55:28 26,000 ----a-w c:\windows\system32\ZoneLabs\imsecure_loc040c.dll
+ 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\scheduler_loc040c.dll
+ 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\vsdb_loc040c.dll
+ 2007-06-21 20:55:30 46,480 ----a-w c:\windows\system32\ZoneLabs\vsmon_loc040c.dll
+ 2007-06-21 20:55:30 198,032 ----a-w c:\windows\system32\ZoneLabs\vsruledb_loc040c.dll
+ 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\vsvault_loc040c.dll
+ 2007-06-21 20:55:32 17,808 ----a-w c:\windows\system32\ZoneLabs\zlquarantine_loc040c.dll
+ 2007-06-21 20:55:32 21,904 ----a-w c:\windows\system32\ZoneLabs\zlsre_loc040c.dll
+ 2008-11-16 17:14:42 1,233,920 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-11-16 17:14:41 82,432 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 11:46 160496 --a------ c:\program files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-22 7311360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-22 86016]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-13 136600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
--a------ 2008-11-05 21:59 4347120 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
--a------ 2008-07-11 18:06 223984 c:\program files\Yahoo!\Search Protection\SearchProtection.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-15 110160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-15 20560]
.
Contenu du dossier 'Tâches planifiées'
2008-11-19 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.sfr.fr/kit/adsl/
uSearchMigratedDefaultURL = hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-20 18:40:40
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\fxssvc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Heure de fin: 2008-11-20 18:47:08 - La machine a redémarré [rv]
ComboFix-quarantined-files.txt 2008-11-20 17:46:48
ComboFix2.txt 2008-11-14 16:26:01
Avant-CF: 58 057 711 616 octets libres
Après-CF: 59,718,864,896 octets libres
621 --- E O F --- 2008-11-20 13:28:50
Message édité par simdu80 le 20-11-2008 à 19:35:21
Ok
Répondre à Angeldark
