[Résolu] rootkit.win32

Salut sosow0810


On va vérifier cela, télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.


@++  

Oh merci je vais faire sa dessuite

voila le rapports:
Logfile of random's system information tool 1.04 (written by random/random)
Run by ordono at 2008-11-18 16:40:18
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 92 GB (86%) free of 106 GB
Total RAM: 1919 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:40:34, on 18/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Atheros WLAN Adapter\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\SNDVOL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ordono\Bureau\RSIT.exe
C:\Program Files\trend micro\ordono.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros WLAN Adapter\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O11 - Options group: [java_sun] Java (Sun)
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (ijplmsvc) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 11247 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2006-11-17 2533376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497bb-d6f0-462c-b6eb-d4daf1d92d43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-11-09 2436160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2006-11-17 2533376]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-11-09 2436160]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-12 774233]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-24 7569408]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-24 86016]
"ACU"=C:\Program Files\Atheros WLAN Adapter\ACU.exe [2006-04-14 307200]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"DetectorApp"=C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [2005-10-20 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"EULA"=C:\APPS\PB_TB\EULALauncher.exe [2006-09-29 18944]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-11-30 98304]
"Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-11-26 90112]
"SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-11-30 26112]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2006-11-30 158720]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"OoPDFSettingsv6.exe"=C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe [2003-11-20 460800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-11-09 171448]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe

C:\Documents and Settings\ordono\Menu Démarrer\Programmes\Démarrage
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSjcxe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSjcxe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\AOL 9.0\aol.exe"="C:\Program Files\AOL 9.0\aol.exe:* isabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:* isabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:* isabled:Veoh Client"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{343b8d66-0644-11dd-b053-0018f3f04f39}]
shell\autorun\command - kk3.bat
shell\explore\command - kk3.bat
shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3506026b-76ad-11dd-b192-0018f3f04f39}]
shell\autorun\command - kk3.bat
shell\explore\command - kk3.bat
shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e687a40b-b49b-11dd-b256-0018f3f04f39}]
shell\autorun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe


======List of files/folders created in the last 1 months======

2008-11-18 16:40:19 ----D---- C:\Program Files\trend micro
2008-11-18 16:40:18 ----D---- C:\rsit
2008-11-18 15:07:01 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-18 15:07:00 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-18 15:07:00 ----A---- C:\WINDOWS\system32\java.exe
2008-11-17 07:22:51 ----D---- C:\WINDOWS\LastGood.Tmp
2008-11-12 22:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 22:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-12 19:19:07 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-12 17:44:37 ----SD---- C:\WINDOWS\system32\%SystemDrive%
2008-11-12 17:44:30 ----D---- C:\WINDOWS\Google Toolbar
2008-11-09 16:14:33 ----D---- C:\DVDVideoSoft
2008-11-09 16:14:07 ----D---- C:\Program Files\AskBarDis
2008-11-09 16:13:56 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2008-11-09 16:13:55 ----D---- C:\Program Files\DVDVideoSoft
2008-11-09 16:07:20 ----D---- C:\Documents and Settings\ordono\Application Data\Google
2008-11-09 15:47:56 ----A---- C:\WINDOWS\KeyTube.ini
2008-11-09 12:50:38 ----D---- C:\Documents and Settings\ordono\Application Data\Media Player Classic
2008-10-26 18:59:09 ----D---- C:\Program Files\Veoh Networks
2008-10-26 18:53:15 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-24 21:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

======List of files/folders modified in the last 1 months======

2008-11-18 16:40:26 ----D---- C:\WINDOWS\PREFETCH
2008-11-18 16:40:19 ----RD---- C:\Program Files
2008-11-18 16:18:52 ----D---- C:\Program Files\Mozilla Firefox
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-18 15:18:21 ----HD---- C:\WINDOWS\inf
2008-11-18 15:07:39 ----SHD---- C:\WINDOWS\Installer
2008-11-18 15:07:29 ----D---- C:\WINDOWS\temp
2008-11-18 15:07:02 ----AD---- C:\WINDOWS\system32
2008-11-18 15:06:56 ----D---- C:\Program Files\Java
2008-11-18 14:59:07 ----D---- C:\WINDOWS\Registration
2008-11-18 14:58:49 ----D---- C:\WINDOWS
2008-11-18 06:22:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-17 10:20:28 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-17 07:22:58 ----D---- C:\WINDOWS\Help
2008-11-14 21:35:04 ----D---- C:\Documents and Settings\ordono\Application Data\vmntoolbar
2008-11-12 22:06:02 ----A---- C:\WINDOWS\system32\MRT.INI
2008-11-12 22:04:46 ----D---- C:\WINDOWS\system32\drivers
2008-11-12 22:04:42 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 22:04:40 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 22:04:03 ----D---- C:\WINDOWS\WinSxS
2008-11-09 16:54:36 ----D---- C:\WINDOWS\system32\Macromed
2008-11-09 16:13:56 ----D---- C:\Program Files\Fichiers communs
2008-11-09 15:54:41 ----D---- C:\Program Files\Google
2008-11-09 15:54:38 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-11-09 15:53:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-08 20:56:36 ----D---- C:\Program Files\Messenger Plus! Live
2008-11-07 17:33:44 ----D---- C:\Program Files\PCFriendly
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-31 21:10:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-26 18:59:09 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\aavmker4.sys [2008-07-19 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2008-07-19 78416]
R1 aswtdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswtdi.sys [2008-07-19 42912]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-30 21275]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-11-30 8552]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswmon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswmon2.sys [2008-07-19 94416]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-10 88448]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-10 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-10 55936]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 aswrdr;aswRdr; C:\WINDOWS\system32\drivers\aswrdr.sys [2008-07-19 23152]
R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-03-27 569984]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-24 3661184]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-12 193056]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-04-09 471264]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-10 12672]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Service de configuration Atheros; C:\WINDOWS\system32\acs.exe [2006-03-28 36864]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 aswupdsv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [2007-09-25 65536]
R2 ijplmsvc;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-24 143427]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
R2 USBDeviceService;USBDeviceService; C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe [2005-10-20 90112]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 avast! mail scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! web scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-09 138168]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]

-----------------EOF-----------------

et voici infos txt dsl javais oublier
info.txt logfile of random's system information tool 1.04 2008-11-18 16:40:37

======Uninstall list======

-->"c:\apps\skype\phone\unins000.exe"
-->"C:\Program Files\Fichiers communs\aolshare\Coach\AolCInUn.exe" -lang="fr-fr"
-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c
-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe
-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x40c -removeonly
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.58 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Ask Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BisonCam, NB Pro-->Rundll32.exe BisonRem.dll,WinMainRmv
Browser Address Error Redirector-->regsvr32 /u /s "C:\APPS\BAE\BAE.dll"
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP210 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series /L0x000c
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint EX-->C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
Ciel Devis Factures 5.10-->MsiExec.exe /I{02B24542-309B-45AE-996E-F4050E9F90FE}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Correctif n° 2 pour Windows XP Édition Media Center 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB888795)-->"C:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB891593)-->"C:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB896256)-->"C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB899337)-->"C:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB899510)-->"C:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB902841)-->"C:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB910728)-->"C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB912024)-->"C:\WINDOWS\$NtUninstallKB912024$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB918005)-->"C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Correctif Windows XP - KB895961-->"C:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe"
DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DriveCleaner Free 1.0.82.0-->"C:\Program Files\DriveCleaner Free\unins000.exe"
Enregistrement utilisateur de Canon MP210 series-->C:\Program Files\Canon\IJEREG\MP210 series\UNINST.EXE
Free YouTube to Mp3 Converter version 3.1-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
ISSENDIS WebUpdate v6-->"C:\Program Files\ISSENDIS\ISSENDIS WebUpdate v6\unins000.exe"
J2SE Runtime Environment 5.0 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
livebox-->C:\Program Files\InstallShield Installation Information\{17342E3B-0818-4A6F-BFF8-99476605ADD6}\Setup.exe -runfromtemp -l0x040c -removeonly
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB930494)-->"C:\WINDOWS\$NtUninstallKB930494$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mise à jour de sécurité pour le Codeur Windows Media (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB911564)-->"C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901190)-->"C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929969)-->"C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931768)-->"C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933566)-->"C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937143)-->"C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB937894)-->"C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB939653)-->"C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941644)-->"C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941693)-->"C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB942615)-->"C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943485)-->"C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338)-->"C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944533)-->"C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB947864)-->"C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948590)-->"C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB948881)-->"C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB912945)-->"C:\WINDOWS\$NtUninstallKB912945$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB942840)-->"C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB946627)-->"C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navigateur Orange-->C:\Program Files\Orange\Uninstall\Browser\Shell.exe MainUninstall.shl
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OFFICE One 150 Modèles de documents-->"C:\Program Files\OFFICE ONE6.5\Modeles\unins000.exe"
OFFICE One 450 Fonts-->C:\WINDOWS\Fonts\unins000.exe
OFFICE One 6.5 Bureautique désinstallation complète 6.5-->"C:\Program Files\OFFICE One6.5\Uninstall All\SETUP\setup.exe" /u
OFFICE One 6.5-->c:\Program Files\OFFICE ONE6.5\program\setup.exe -deinstall
OFFICE One Clock 6.5-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Clock\SETUP\setup.exe" /u
OFFICE One Coffre Fort v6-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Coffre Fort v6\unins000.exe"
OFFICE One Color Picker 6.5-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Color Picker\SETUP\setup.exe" /u
OFFICE One Comptes Bancaires v6-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Comptes Bancaires v6\unins000.exe"
OFFICE One Guide 6.5-->"C:\Program Files\OFFICE ONE6.5\Guide\SETUP\setup.exe" /u
OFFICE One Notes 6.5-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Notes\SETUP\setup.exe" /u
OFFICE One PDF Manager 6.5-->"C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\SETUP\setup.exe" /u
OFFICE One Zip v6-->"C:\Program Files\OFFICE ONE6.5\OFFICE One Zip v6\unins000.exe"
Orange - Logiciels Internet-->C:\Program Files\Orange\installation\core\Installgui.exe -u
PCFriendly-->C:\Program Files\PCFriendly\inuninst.exe
Photodex Presenter-->C:\Program Files\Photodex Presenter\uninst.exe
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SmartSound Quicktracks Plugin-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x40c
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x40c
Uninstall 1.0.0.1-->"C:\Program Files\Fichiers communs\DVDVideoSoft\unins000.exe"
VMN Toolbar-->C:\Program Files\vmntoolbar\uninstall.exe
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081118-0]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4802
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\

-----------------EOF-----------------

Salut sosow0810


Télécharge Toolbar-S&D (de la Team IDN) sur ton Bureau.

http://eric.71.mespages.googlepages.com/ToolBarSD.exe


- Double clique sur l'icône ToolBarSD.exe sur le bureau
- La fenêtre d'installation se lance, accepte les conditions d'utilisations et clique sur le bouton Suivant pour passer à l'étape suivante.
- On vous demande si vous souhaitez créer le dossier d'installation, acceptez.
- Une fois la copie terminée, un message vous signale que l'installation est terminée, clique sur le bouton Suivant pour passer à l'étape suivante.
- Cliquez sur le bouton Quitter pour fermer le programme d'installation.

- Double clique sur la nouvelle icône ToolBar S&D sur le bureau
- Choisi F pour français et valide
- Au menu principal de ToolBar S&D choisi l’option 1 (Recherche)
- Le menu Démarrer et les icônes vont disparaîtrent, c'est normal
- La recherche s'effectue, cela peut prendre plusieurs minutes, ne touche à rien.
- Une fois l'analyse terminée, le rapport de recherche s'ouvre dans le Bloc-Note. (Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\TB.txt)

Poste ce rapport


@++  

Okai je fais sa encore merci

j'ai une page bleu qui s'affiche avec recherche suppression ou quitter je fais quoi?

-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Default System BIOS
USER : ordono ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081118-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:103 Go (Free:89 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 18/11/2008|17:04 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_dark.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_green.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_white.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_red.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_red2.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bgmeteo_results.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_close.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_minus.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_moreforecast.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab.zip
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab1_7.zip
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab1_7b.zip
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt11017015
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt11335015
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt164343
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2147265
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2172015
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2255062
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt3736687
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt3842015
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt42040656
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt4498187
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt52763015
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt5752140
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt5752187
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rssmenu1_6.zip
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\Sinfo.txt
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabdata.js
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\Thumbs.db
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\userbadsites.txt
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\yahoo.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\zoom.bmp
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll

-----------\\ Extensions

(ordono) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Search Bar"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=6..."


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 18/11/2008|17:05 - Option : [1]

-----------\\ Fin du rapport a 17:05:09,25

Salut sosow0810


- Double clique sur la nouvelle icône ToolBar S&D sur le bureau
- Choisi F pour français et valide
- Au menu principal de ToolBar S&D choisi l’option 2 (Suppression)
- Le menu démarrer et les icônes vont à nouveau disparaître.. c'est normal.
- Le nettoyage va prendre quelques minutes...
- Une fois l'opération terminée, le rapport de nettoyage s'ouvre

Avec ce rapport, poste-moi un nouveau rapport RSIT dans ta prochaine réponse.


@++  

-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Turion(tm) 64 X2 Mobile Technology TL-50 )
BIOS : Default System BIOS
USER : ordono ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 081118-0] 4.8.1229 (Activated)
C:\ (Local Disk) - NTFS - Total:103 Go (Free:89 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 18/11/2008|17:17 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\---Yahoo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\01net.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_dark.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_green.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\1px_white.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\a.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\amazon.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\an.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrowB.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrowT.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_down.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_red.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_red2.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\arrow_up.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\autofill.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\avstate.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\b.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\background2.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bgmeteo_results.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bg_pub.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bg_ttl.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\bn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_close.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_minus.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\btn_moreforecast.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\c.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\canalblog.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\cn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\d.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dictionary2.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\downfile
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\DownloadCOM.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\dropdown.css
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ErrorLog.txt
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\f.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_argentine.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_australia.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_brazil.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_canada.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_china.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_france.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_germany.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_greece.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_hongkong.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_india.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_indonesia.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_italy.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_japan.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_korea.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_mexico.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_netherlands.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_spain.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_sweeden.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_taiwan.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_uk.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\flag_usa.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\fn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\g.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gaming.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\gograph.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred0.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred0_5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred1.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred1_5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred2.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred2_5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred3.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred3_5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred4.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred4_5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\graphred5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\help.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\hideremove.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\highlight.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\hn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_aquarius.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_aries.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_cancer.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_capricorn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_gemini.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_leo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_libra.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_pisces.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_sagittarius.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_scorpio.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_taurus.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\h_virgo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\i.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab.zip
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab1_7.zip
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\IEtab1_7b.zip
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\in.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ipsearch.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\j.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\jn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\k.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\kn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\l.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\ln.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\loading.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\login.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\logo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\n.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt11017015
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt11335015
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt164343
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2147265
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2172015
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt2255062
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt3736687
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt3842015
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt42040656
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt4498187
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt52763015
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt5752140
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\New York_NY_weather.txt5752187
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\new02.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\NewCfg
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\news.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\news.html
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\nn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\o.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\on.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pestscanimg.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pixsy.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\pn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_off.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_on.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\popup_ona.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p_yahoo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\q.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\qn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\r.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\relatedlinks.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\report.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss.xsl
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rss1.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rsslib.js
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rssmenu1_6.zip
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\rssmenu1_6a.zip
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\s.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\security.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\Sinfo.txt
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\siteinfo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\slider.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\sn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\spacer.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red1.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red2.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red3.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red4.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\stars-red5.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\storage.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\t.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabdata.js
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tablib.js
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabwelcome_en.html
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tabwelcome_fr.html
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tab_icon.png
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\technorati.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\thes_search.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\Thumbs.db
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\tools.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\translate.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\u.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\un.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\userbadsites.txt
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\utf8.js
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\v.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vmlib.js
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vmntoolbartb1500.cfg
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\vn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\w.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\web.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\wikipedia.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\wn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\x.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\xp_close_small.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\yahoo.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\yahoo_search.gif
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\YouTube.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\z.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\zn.bmp
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar\zoom.bmp
Supprime! - C:\Program Files\VMNToolbar\install.ico
Supprime! - C:\Program Files\VMNToolbar\toolbar.ini
Supprime! - C:\Program Files\VMNToolbar\uninstall.exe
Supprime! - C:\Program Files\VMNToolbar\vmntoolbar.dll
Supprime! - C:\Program Files\AskBarDis
Supprime! - C:\DOCUME~1\ordono\APPLIC~1\VMNToolbar
Supprime! - C:\Program Files\VMNToolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(ordono) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\windows\\system32\\blank.htm"
"Search Page"="http://www.google.com"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Search Bar"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&..."
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iese..."
"Local Page"="C:\\windows\\system32\\blank.htm"
"Start Page"="http://www.msn.com/"
"CustomizeSearch"="http://dnl.crawler.com/support/sa_customize.aspx?TbId=6..."


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 18/11/2008|17:05 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 18/11/2008|17:22 - Option : [2]

-----------\\ Fin du rapport a 17:22:26,95

je fais quoi maintenant? c'est bon? j'attends tes autres conseil  

Salut sosow0810





@++  

Logfile of random's system information tool 1.04 (written by random/random)
Run by ordono at 2008-11-18 17:42:16
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 92 GB (86%) free of 106 GB
Total RAM: 1919 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:42:17, on 18/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Atheros WLAN Adapter\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\SNDVOL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ordono\Bureau\RSIT.exe
C:\Program Files\trend micro\ordono.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros WLAN Adapter\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O9 - Extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O11 - Options group: [java_sun] Java (Sun)
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (ijplmsvc) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 10707 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497bb-d6f0-462c-b6eb-d4daf1d92d43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-11-09 2436160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-09-29 67584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-12 774233]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-24 7569408]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-24 86016]
"ACU"=C:\Program Files\Atheros WLAN Adapter\ACU.exe [2006-04-14 307200]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"DetectorApp"=C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [2005-10-20 102400]
"ISUSPM Startup"=C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]
"ISUSScheduler"=C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"EULA"=C:\APPS\PB_TB\EULALauncher.exe [2006-09-29 18944]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-11-30 98304]
"Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-11-26 90112]
"SystrayORAHSS"=C:\Program Files\Orange\Systray\SystrayApp.exe [2007-09-25 94208]
"ORAHSSSessionManager"=C:\Program Files\Orange\SessionManager\SessionManager.exe [2007-09-25 102400]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-11-30 26112]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2006-11-30 158720]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"OoPDFSettingsv6.exe"=C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe [2003-11-20 460800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-11-17 975360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-11-09 171448]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
OFFICE One Clock v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
OFFICE One Notes v6.5.lnk - C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe

C:\Documents and Settings\ordono\Menu Démarrer\Programmes\Démarrage
OFFICE One 6.5.lnk - C:\Program Files\OFFICE One6.5\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSjcxe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDSSjcxe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled ANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Orange\Connectivity\ConnectivityManager.exe"="C:\Program Files\Orange\Connectivity\ConnectivityManager.exe:*:enabled:CSS"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\AOL 9.0\aol.exe"="C:\Program Files\AOL 9.0\aol.exe:* isabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:* isabled:AOL 9.0"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:* isabled:Veoh Client"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{343b8d66-0644-11dd-b053-0018f3f04f39}]
shell\autorun\command - kk3.bat
shell\explore\command - kk3.bat
shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3506026b-76ad-11dd-b192-0018f3f04f39}]
shell\autorun\command - kk3.bat
shell\explore\command - kk3.bat
shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e687a40b-b49b-11dd-b256-0018f3f04f39}]
shell\autorun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe


======List of files/folders created in the last 1 months======

2008-11-18 17:04:08 ----A---- C:\TB.txt
2008-11-18 17:01:23 ----D---- C:\ToolBar SD
2008-11-18 16:40:19 ----D---- C:\Program Files\trend micro
2008-11-18 16:40:18 ----D---- C:\rsit
2008-11-18 15:07:01 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-18 15:07:00 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-18 15:07:00 ----A---- C:\WINDOWS\system32\java.exe
2008-11-17 07:22:51 ----D---- C:\WINDOWS\LastGood.Tmp
2008-11-12 22:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-12 22:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-12 19:19:07 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-11-12 17:44:37 ----SD---- C:\WINDOWS\system32\%SystemDrive%
2008-11-12 17:44:30 ----D---- C:\WINDOWS\Google Toolbar
2008-11-09 16:14:33 ----D---- C:\DVDVideoSoft
2008-11-09 16:13:56 ----D---- C:\Program Files\Fichiers communs\DVDVideoSoft
2008-11-09 16:13:55 ----D---- C:\Program Files\DVDVideoSoft
2008-11-09 16:07:20 ----D---- C:\Documents and Settings\ordono\Application Data\Google
2008-11-09 15:47:56 ----A---- C:\WINDOWS\KeyTube.ini
2008-11-09 12:50:38 ----D---- C:\Documents and Settings\ordono\Application Data\Media Player Classic
2008-10-26 18:59:09 ----D---- C:\Program Files\Veoh Networks
2008-10-26 18:53:15 ----D---- C:\WINDOWS\Downloaded Installations
2008-10-24 21:31:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

======List of files/folders modified in the last 1 months======

2008-11-18 17:21:47 ----RD---- C:\Program Files
2008-11-18 17:21:23 ----D---- C:\Program Files\Mozilla Firefox
2008-11-18 17:17:28 ----D---- C:\WINDOWS\PREFETCH
2008-11-18 17:05:38 ----D---- C:\WINDOWS\temp
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-11-18 15:18:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-18 15:18:21 ----HD---- C:\WINDOWS\inf
2008-11-18 15:07:39 ----SHD---- C:\WINDOWS\Installer
2008-11-18 15:07:02 ----AD---- C:\WINDOWS\system32
2008-11-18 15:06:56 ----D---- C:\Program Files\Java
2008-11-18 14:59:07 ----D---- C:\WINDOWS\Registration
2008-11-18 14:58:49 ----D---- C:\WINDOWS
2008-11-18 06:22:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-17 10:20:28 ----RSHD---- C:\WINDOWS\system32\dllcache
2008-11-17 07:22:58 ----D---- C:\WINDOWS\Help
2008-11-12 22:06:02 ----A---- C:\WINDOWS\system32\MRT.INI
2008-11-12 22:04:46 ----D---- C:\WINDOWS\system32\drivers
2008-11-12 22:04:42 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-12 22:04:40 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 22:04:03 ----D---- C:\WINDOWS\WinSxS
2008-11-09 16:54:36 ----D---- C:\WINDOWS\system32\Macromed
2008-11-09 16:13:56 ----D---- C:\Program Files\Fichiers communs
2008-11-09 15:54:41 ----D---- C:\Program Files\Google
2008-11-09 15:54:38 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-11-09 15:53:35 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-08 20:56:36 ----D---- C:\Program Files\Messenger Plus! Live
2008-11-07 17:33:44 ----D---- C:\Program Files\PCFriendly
2008-11-04 01:10:25 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-31 21:10:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-26 18:59:09 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\aavmker4.sys [2008-07-19 26944]
R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2008-07-19 78416]
R1 aswtdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswtdi.sys [2008-07-19 42912]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-11-30 21275]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-11-30 8552]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswmon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswmon2.sys [2008-07-19 94416]
R2 NwlnkIpx;Protocole de transport compatible NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-10 88448]
R2 NwlnkNb;NetBIOS NWLink; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-10 63232]
R2 NwlnkSpx;Protocole NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-10 55936]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 aswrdr;aswRdr; C:\WINDOWS\system32\drivers\aswrdr.sys [2008-07-19 23152]
R3 Cam5603D;BisonCam, NB Pro; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-03-27 569984]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-24 3661184]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
R3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-12 193056]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-04-19 30080]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2006-04-19 17152]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-04-09 471264]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-10 12672]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Service de configuration Atheros; C:\WINDOWS\system32\acs.exe [2006-03-28 36864]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]
R2 aswupdsv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe [2007-09-25 65536]
R2 ijplmsvc;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-24 143427]
R2 NWCWorkstation;Service client pour NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
R2 USBDeviceService;USBDeviceService; C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe [2005-10-20 90112]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 avast! mail scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! web scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-09 138168]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]

-----------------EOF-----------------

Salut sosow0810


Je demande conseil sur un fichier et je te donne la suite plus tard


@++  

ok ok merci bcp pour toute ton aide a toute

Salut sosow0810


[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Renomme-le avant téléchargement en suivant cette procédure : pcastuces.com

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Si combofix t'invite à installer la console de récupération, accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer


@++  

Thanks je fais sa  

comment désactiver la proection résidente de avast? en mettant pause a charque bouclier?

Ah non c'est bon

Salut sosow0810


Voir ici :
http://forum.pcastuces.com/desactiver_les_protections_r...


@++  

dsl du retard jai eu quelques soucis

ComboFix 08-11-17.06 - ordono 2008-11-18 19:41:14.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1378 [GMT 1:00]
Lancé depuis: c:\documents and settings\ordono\Bureau\ComboFi.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files\rhcc54j0eja1

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-18 au 2008-11-18 ))))))))))))))))))))))))))))))))))))
.

2008-11-18 17:01 . 2008-11-18 17:22 <REP> d-------- C:\ToolBar SD
2008-11-18 16:40 . 2008-11-18 16:40 <REP> d-------- C:\rsit
2008-11-18 16:40 . 2008-11-18 17:42 <REP> d-------- c:\program files\trend micro
2008-11-18 15:07 . 2008-06-10 02:32 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-17 07:22 . 2008-11-17 10:25 <REP> d-------- c:\windows\LastGood.Tmp
2008-11-12 17:44 . 2008-11-12 17:44 <REP> d---s---- c:\windows\system32\%SystemDrive%
2008-11-12 17:44 . 2008-11-12 17:44 <REP> d-------- c:\windows\Google Toolbar
2008-11-09 16:14 . 2008-11-09 16:26 <REP> d-------- C:\DVDVideoSoft
2008-11-09 16:13 . 2008-11-09 18:07 <REP> d-------- c:\program files\Fichiers communs\DVDVideoSoft
2008-11-09 16:13 . 2008-11-09 16:13 <REP> d-------- c:\program files\DVDVideoSoft
2008-11-09 15:47 . 2008-11-09 16:05 267 --a------ c:\windows\KeyTube.ini
2008-11-09 12:50 . 2008-11-09 12:50 <REP> d-------- c:\documents and settings\ordono\Application Data\Media Player Classic
2008-10-26 18:59 . 2008-10-29 12:47 <REP> d-------- c:\program files\Veoh Networks
2008-10-26 18:53 . 2008-10-26 18:59 <REP> d-------- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-18 18:47 85,872 ----a-w c:\windows\system32\drivers\6d1824ce.sys
2008-11-18 14:06 --------- d-----w c:\program files\Java
2008-11-09 14:54 --------- d-----w c:\program files\Google
2008-11-08 19:56 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-07 16:33 --------- d-----w c:\program files\PCFriendly
2008-10-26 17:59 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-01 15:20 --------- d-----w c:\documents and settings\ordono\Application Data\Micro Application
2008-09-25 16:25 --------- d-----w c:\program files\Canon
2008-09-25 16:25 --------- d-----w c:\documents and settings\All Users\Application Data\CanonIJPLM
2008-09-25 16:00 --------- d-----w c:\documents and settings\ordono\Application Data\ScanSoft
2008-09-25 15:59 --------- d-----w c:\program files\ScanSoft
2008-09-25 15:59 --------- d-----w c:\program files\Fichiers communs\ScanSoft Shared
2008-09-25 15:59 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft
2008-09-25 15:57 --------- d-----w c:\program files\Fichiers communs\CANON
2008-09-25 15:55 --------- d--h--w c:\documents and settings\All Users\Application Data\CanonBJ
2008-09-25 15:54 --------- d--h--w c:\program files\CanonBJ
2008-09-22 21:11 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
.

((((((((((((((((((((((((((((( snapshot@2008-09-22_23.41.26.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-23 15:10:27 3,088,384 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:13:32 1,499,648 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:13:32 620,544 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:10:27 670,208 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:26:28 3,088,896 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:28 1,499,648 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:28 620,544 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:56:26 670,720 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB953838\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
+ 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll
+ 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll
+ 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
+ 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
+ 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll
+ 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll
+ 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 -c----w c:\windows\$NtUninstallKB953838$\browseui.dll
+ 2008-02-16 09:31:57 152,064 -c----w c:\windows\$NtUninstallKB953838$\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 -c----w c:\windows\$NtUninstallKB953838$\danim.dll
+ 2008-02-16 09:31:58 357,888 -c----w c:\windows\$NtUninstallKB953838$\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 -c----w c:\windows\$NtUninstallKB953838$\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 -c----w c:\windows\$NtUninstallKB953838$\extmgr.dll
+ 2008-02-15 09:07:53 18,432 -c----w c:\windows\$NtUninstallKB953838$\iedw.exe
+ 2008-02-16 09:31:58 251,904 -c----w c:\windows\$NtUninstallKB953838$\iepeers.dll
+ 2008-02-16 09:31:58 96,768 -c----w c:\windows\$NtUninstallKB953838$\inseng.dll
+ 2008-02-16 09:31:58 16,384 -c----w c:\windows\$NtUninstallKB953838$\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 -c----w c:\windows\$NtUninstallKB953838$\mshtml.dll
+ 2008-02-16 09:31:59 449,024 -c----w c:\windows\$NtUninstallKB953838$\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 -c----w c:\windows\$NtUninstallKB953838$\msrating.dll
+ 2008-02-16 09:31:59 532,480 -c----w c:\windows\$NtUninstallKB953838$\mstime.dll
+ 2008-02-16 09:31:59 39,424 -c----w c:\windows\$NtUninstallKB953838$\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 -c----w c:\windows\$NtUninstallKB953838$\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 -c----w c:\windows\$NtUninstallKB953838$\shlwapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB953838$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB953838$\spuninst\updspapi.dll
+ 2008-02-16 09:32:00 620,544 -c----w c:\windows\$NtUninstallKB953838$\urlmon.dll
+ 2008-02-16 09:32:00 670,208 -c----w c:\windows\$NtUninstallKB953838$\wininet.dll
+ 2008-02-15 23:03:14 370,176 -c----w c:\windows\$NtUninstallKB953838$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2008-06-23 16:15:33 1,024,512 -c----w c:\windows\$NtUninstallKB956390$\browseui.dll
+ 2008-06-23 16:15:34 152,064 -c----w c:\windows\$NtUninstallKB956390$\cdfview.dll
+ 2008-06-23 16:15:35 1,056,768 -c----w c:\windows\$NtUninstallKB956390$\danim.dll
+ 2008-06-23 16:15:35 357,888 -c----w c:\windows\$NtUninstallKB956390$\dxtmsft.dll
+ 2008-06-23 16:15:35 205,312 -c----w c:\windows\$NtUninstallKB956390$\dxtrans.dll
+ 2008-06-23 16:15:35 55,808 -c----w c:\windows\$NtUninstallKB956390$\extmgr.dll
+ 2008-06-23 09:53:58 18,432 -c----w c:\windows\$NtUninstallKB956390$\iedw.exe
+ 2008-06-23 16:15:36 251,904 -c----w c:\windows\$NtUninstallKB956390$\iepeers.dll
+ 2008-06-23 16:15:36 96,768 -c----w c:\windows\$NtUninstallKB956390$\inseng.dll
+ 2008-06-23 16:15:36 16,384 -c----w c:\windows\$NtUninstallKB956390$\jsproxy.dll
+ 2008-06-23 16:15:39 3,088,384 -c----w c:\windows\$NtUninstallKB956390$\mshtml.dll
+ 2008-06-23 16:15:40 449,024 -c----w c:\windows\$NtUninstallKB956390$\mshtmled.dll
+ 2008-06-23 16:15:40 146,432 -c----w c:\windows\$NtUninstallKB956390$\msrating.dll
+ 2008-06-23 16:15:41 532,480 -c----w c:\windows\$NtUninstallKB956390$\mstime.dll
+ 2008-06-23 16:15:41 39,424 -c----w c:\windows\$NtUninstallKB956390$\pngfilt.dll
+ 2008-06-23 16:15:42 1,499,648 -c----w c:\windows\$NtUninstallKB956390$\shdocvw.dll
+ 2008-06-23 16:15:43 474,624 -c----w c:\windows\$NtUninstallKB956390$\shlwapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956390$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956390$\spuninst\updspapi.dll
+ 2008-06-23 16:15:43 620,544 -c----w c:\windows\$NtUninstallKB956390$\urlmon.dll
+ 2008-06-23 16:15:44 671,232 -c----w c:\windows\$NtUninstallKB956390$\wininet.dll
+ 2008-07-03 09:42:35 370,176 -c----w c:\windows\$NtUninstallKB956390$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:40:35 406,392 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
- 2004-07-27 15:48:52 323,584 -c--a-w c:\windows\Downloaded Program Files\isusweb.dll
+ 2005-02-16 14:15:20 401,408 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
- 2006-05-05 09:41:45 453,120 -c--a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:08:15 2,139,648 -c--a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 -c--a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 -c--a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:08:21 2,184,192 -c--a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2008-11-12 21:04:03 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-09-25 15:59:59 7,406 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\ARPPRODUCTICON.exe
+ 2008-09-25 15:59:59 49,152 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\NewShortcut14_27BC537B086D42E19CB39D115FA043BF.exe
+ 2008-09-25 15:59:59 450,560 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\NewShortcut15_27BC537B086D42E19CB39D115FA043BF.exe
+ 2008-09-25 15:59:58 65,536 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 -c--a-w c:\windows\Nircmd.exe
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 -c--a-w c:\windows\swreg.exe
+ 2008-07-19 15:43:08 1,163,960 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-07-19 15:30:53 94,392 ----a-w c:\windows\system32\AvastSS.scr
- 2008-02-16 09:31:57 1,024,512 ----a-w c:\windows\system32\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\system32\browseui.dll
+ 2007-02-09 08:10:48 808,544 ----a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe
+ 2007-02-15 06:22:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstAR.dll
+ 2007-02-13 07:55:54 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstCN.dll
+ 2007-02-13 23:58:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstCZ.dll
+ 2007-02-13 23:58:50 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstDE.dll
+ 2007-02-13 23:58:52 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstDK.dll
+ 2007-02-13 23:58:54 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstES.dll
+ 2007-02-13 23:58:54 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstFI.dll
+ 2007-02-13 23:58:56 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstFR.dll
+ 2007-02-13 23:58:58 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstGR.dll
+ 2007-02-15 00:26:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstHU.dll
+ 2007-02-14 07:36:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstID.dll
+ 2007-02-13 23:59:02 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstIT.dll
+ 2007-02-08 05:27:08 45,056 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstJP.dll
+ 2007-02-13 09:10:24 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstKR.dll
+ 2007-02-13 23:59:04 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstNL.dll
+ 2007-02-13 23:59:04 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstNO.dll
+ 2007-02-13 23:59:06 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstPL.dll
+ 2007-02-13 23:59:08 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstPT.dll
+ 2007-02-13 23:59:10 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstRU.dll
+ 2007-02-13 23:59:12 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstSE.dll
+ 2007-02-13 08:20:58 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTH.dll
+ 2007-02-13 23:59:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTR.dll
+ 2007-02-13 08:05:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTW.dll
+ 2007-02-08 05:27:08 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstUS.dll
- 2008-02-16 09:31:57 152,064 ----a-w c:\windows\system32\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\system32\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
+ 2007-03-23 07:30:48 1,400,832 ----a-w c:\windows\system32\CNC210C.DLL
+ 2007-03-23 07:29:52 98,304 -c--a-w c:\windows\system32\CNC210I.DLL
+ 2007-03-19 01:16:12 200,704 ----a-w c:\windows\system32\CNC210L.DLL
+ 2007-03-15 05:12:00 188,416 -c--a-w c:\windows\system32\CNC210O.DLL
+ 2007-03-18 20:00:00 215,040 ----a-w c:\windows\system32\CNMLM8S.DLL
- 2008-02-16 09:31:58 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2004-08-10 13:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
- 2008-06-20 10:44:38 138,368 ------w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 ------w c:\windows\system32\dllcache\afd.sys
+ 2004-08-10 13:00:00 8,704 -c--a-w c:\windows\system32\dllcache\batt.dll
+ 2004-08-10 13:00:00 12,288 -c--a-w c:\windows\system32\dllcache\bootvid.dll
- 2008-02-16 09:31:57 1,024,512 ----a-w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\system32\dllcache\browseui.dll
+ 2004-08-10 13:00:00 20,992 -c--a-w c:\windows\system32\dllcache\bthci.dll
- 2008-02-16 09:31:57 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2004-08-10 13:00:00 80,896 -c--a-w c:\windows\system32\dllcache\charmap.exe
+ 2004-08-10 13:00:00 3,584 -c--a-w c:\windows\system32\dllcache\comcat.dll
+ 2004-08-10 13:00:00 27,097 -c--a-w c:\windows\system32\dllcache\country.sys
- 2008-02-16 09:31:58 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
+ 2004-08-10 13:00:00 54,080 -c--a-w c:\windows\system32\dllcache\dosx.exe
+ 2004-08-10 13:00:00 181,760 ----a-w c:\windows\system32\dllcache\dsdmo.dll
+ 2004-08-10 13:00:00 2,113,536 -c--a-w c:\windows\system32\dllcache\dxdiagn.dll
- 2008-02-16 09:31:58 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-02-16 09:31:58 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-02-16 09:31:58 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2005-10-17 21:21:08 80,896 -c--a-w c:\windows\system32\dllcache\fontsub.dll
+ 2005-05-26 23:22:01 10,752 -c--a-w c:\windows\system32\dllcache\hh.exe
+ 2004-08-10 13:00:00 4,912 ----a-w c:\windows\system32\dllcache\himem.sys
+ 2004-08-10 13:00:00 16,384 -c--a-w c:\windows\system32\dllcache\icfgnt5.dll
- 2008-02-15 09:07:53 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2008-08-19 09:38:57 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2004-08-10 13:00:00 81,920 ----a-w c:\windows\system32\dllcache\ieencode.dll
- 2008-02-16 09:31:58 251,904 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-10 13:00:00 282,624 -c--a-w c:\windows\system32\dllcache\inetcfg.dll
- 2008-02-16 09:31:58 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2005-05-27 02:08:06 155,136 ----a-w c:\windows\system32\dllcache\itircl.dll
- 2008-02-16 09:31:58 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 13:00:00 7,040 -c--a-w c:\windows\system32\dllcache\kdcom.dll
+ 2004-08-10 13:00:00 42,537 -c--a-w c:\windows\system32\dllcache\keyboard.sys
+ 2004-08-10 13:00:00 8,192 -c--a-w c:\windows\system32\dllcache\mag_hook.dll
+ 2004-08-10 13:00:00 73,216 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2004-08-10 13:00:00 120,320 -c--a-w c:\windows\system32\dllcache\mdminst.dll
+ 2004-08-10 13:00:00 362,496 ----a-w c:\windows\system32\dllcache\metal_ss.dll
+ 2004-08-10 13:00:00 144,384 -c--a-w c:\windows\system32\dllcache\mobsync.exe
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mpg4dmod.dll
- 2006-05-05 09:41:45 453,120 -c--a-w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-03-23 05:46:11 143,360 -c--a-w c:\windows\system32\dllcache\msadco.dll
+ 2006-03-01 19:43:50 426,496 ----a-w c:\windows\system32\dllcache\msdtcprx.dll
+ 2006-03-01 19:43:50 956,416 ----a-w c:\windows\system32\dllcache\msdtctm.dll
+ 2006-03-01 19:43:51 161,280 -c--a-w c:\windows\system32\dllcache\msdtcuiu.dll
- 2008-02-16 09:31:59 3,087,872 ----a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-02-16 09:31:59 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2005-05-04 13:45:36 884,736 ----a-w c:\windows\system32\dllcache\msimsg.dll
+ 2004-08-10 13:00:00 40,448 -c--a-w c:\windows\system32\dllcache\msinfo32.exe
+ 2004-08-10 13:00:00 65,536 -c--a-w c:\windows\system32\dllcache\msratelc.dll
- 2008-02-16 09:31:59 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-02-16 09:31:59 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 13:00:00 701,440 -c--a-w c:\windows\system32\dllcache\msxml2.dll
- 2007-06-26 06:09:14 1,104,896 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-10 13:00:00 30,720 -c--a-w c:\windows\system32\dllcache\msxmlr.dll
+ 2006-03-01 19:43:51 91,136 -c--a-w c:\windows\system32\dllcache\mtxoci.dll
- 2006-08-17 12:29:49 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-10 13:00:00 27,916 -c--a-w c:\windows\system32\dllcache\ntdos.sys
+ 2004-08-10 13:00:00 34,000 -c--a-w c:\windows\system32\dllcache\ntio.sys
- 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ------w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2004-08-10 13:00:00 40,960 -c--a-w c:\windows\system32\dllcache\ntmsapi.dll
- 2007-02-28 16:08:21 2,184,192 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2004-08-10 13:00:00 13,312 -c--a-w c:\windows\system32\dllcache\ntvdmd.dll
+ 2004-08-10 13:00:00 3,258 -c--a-w c:\windows\system32\dllcache\nw16.exe
+ 2004-08-10 13:00:00 17,408 -c--a-w c:\windows\system32\dllcache\nwapi16.dll
+ 2004-08-10 13:00:00 18,944 -c--a-w c:\windows\system32\dllcache\oleaccrc.dll
+ 2004-08-10 13:00:00 216,576 -c--a-w c:\windows\system32\dllcache\osk.exe
- 2008-02-16 09:31:59 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-10 13:00:00 48,640 -c--a-w c:\windows\system32\dllcache\pnrpnsp.dll
+ 2004-08-10 13:00:00 237,056 -c--a-w c:\windows\system32\dllcache\provthrd.dll
+ 2004-08-10 13:00:00 35,840 -c--a-w c:\windows\system32\dllcache\rcimlby.exe
+ 2004-08-10 13:00:00 3,352 -c--a-w c:\windows\system32\dllcache\redir.exe
+ 2004-08-10 13:00:00 29,184 -c--a-w c:\windows\system32\dllcache\sdhcinst.dll
- 2008-02-16 09:32:00 1,499,648 ----a-w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\system32\dllcache\shdocvw.dll
- 2008-02-16 09:32:00 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-10 13:00:00 133,120 -c--a-w c:\windows\system32\dllcache\sndrec32.exe
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
+ 2005-10-17 21:21:08 118,272 -c--a-w c:\windows\system32\dllcache\t2embed.dll
+ 2005-05-11 02:30:03 78,336 -c--a-w c:\windows\system32\dllcache\telnet.exe
+ 2004-08-10 13:00:00 36,864 -c--a-w c:\windows\system32\dllcache\umandlg.dll
- 2008-02-16 09:32:00 620,544 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-03 21:01:26 25,856 -c--a-w c:\windows\system32\dllcache\usbprint.sys
+ 2004-08-03 20:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys
+ 2004-08-10 13:00:00 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
+ 2004-08-10 13:00:00 19,456 -c--a-w c:\windows\system32\dllcache\vwipxspx.dll
- 2008-03-20 08:09:22 1,845,376 ------w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:39:16 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
+ 2004-08-10 13:00:00 288,256 ----a-w c:\windows\system32\dllcache\winhlp32.exe
- 2008-02-16 09:32:00 670,208 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-01 18:42:39 2,864 ----a-w c:\windows\system32\dllcache\winsock.dll
+ 2004-08-10 13:00:00 77,312 -c--a-w c:\windows\system32\dllcache\wmipicmp.dll
+ 2004-08-10 13:00:00 20,480 -c--a-w c:\windows\system32\dllcache\wmpui.dll
+ 2004-08-10 13:00:00 51,200 -c--a-w c:\windows\system32\dllcache\wstdecod.dll
- 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
+ 2004-08-10 13:00:00 32,256 -c--a-w c:\windows\system32\dllcache\wupdmgr.exe
- 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2004-08-10 13:00:00 50,176 ----a-w c:\windows\system32\dllcache\xmlprovi.dll
+ 2006-03-01 19:43:51 11,776 -c--a-w c:\windows\system32\dllcache\xolehlp.dll
+ 2008-07-19 15:32:15 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-07-19 15:37:42 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-01-17 17:34:01 93,264 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-07-19 15:37:21 94,416 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-07-19 15:33:42 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-07-19 15:35:18 78,416 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-07-19 15:32:36 42,912 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
+ 2004-08-03 21:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2004-08-03 20:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2008-02-16 09:31:58 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-02-16 09:31:58 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
- 2008-02-16 09:31:58 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\extmgr.dll
- 2008-06-05 17:05:02 570,280 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-10-16 14:54:47 573,464 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-16 09:31:58 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\iepeers.dll
- 2008-02-16 09:31:58 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\inseng.dll
- 2005-06-03 01:24:06 49,248 -c--a-w c:\windows\system32\java.exe
+ 2008-06-10 00:21:01 135,168 ----a-w c:\windows\system32\java.exe
- 2005-06-03 01:24:14 49,250 -c--a-w c:\windows\system32\javaw.exe
+ 2008-06-10 00:21:04 135,168 ----a-w c:\windows\system32\javaw.exe
- 2005-06-03 02:52:56 127,078 -c--a-w c:\windows\system32\javaws.exe
+ 2008-06-10 01:32:34 139,264 ----a-w c:\windows\system32\javaws.exe
- 2008-02-16 09:31:58 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2008-06-04 11:27:35 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-11-09 14:54:10 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-01-05 02:48:16 974,848 -c--a-w c:\windows\system32\mfc70.dll
+ 2002-01-05 02:36:38 964,608 -c--a-w c:\windows\system32\mfc70u.dll
+ 2003-03-18 18:44:36 40,960 -c--a-w c:\windows\system32\MFC71CHS.DLL
+ 2003-03-18 18:44:36 45,056 -c--a-w c:\windows\system32\MFC71CHT.DLL
+ 2003-03-18 18:44:34 65,536 -c--a-w c:\windows\system32\MFC71DEU.DLL
+ 2003-03-18 18:44:38 57,344 -c--a-w c:\windows\system32\MFC71ENU.DLL
+ 2003-03-18 18:44:36 61,440 -c--a-w c:\windows\system32\MFC71ESP.DLL
+ 2003-03-18 18:44:34 61,440 ----a-w c:\windows\system32\MFC71FRA.DLL
+ 2003-03-18 18:44:36 61,440 -c--a-w c:\windows\system32\MFC71ITA.DLL
+ 2003-03-18 18:44:34 49,152 -c--a-w c:\windows\system32\MFC71JPN.DLL
+ 2003-03-18 18:44:38 49,152 -c--a-w c:\windows\system32\MFC71KOR.DLL
- 2008-08-26 20:28:12 16,208,504 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
- 2008-02-16 09:31:59 3,087,872 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\mshtml.dll
- 2008-02-16 09:31:59 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\mshtmled.dll
- 2008-02-16 09:31:59 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\msrating.dll
- 2008-02-16 09:31:59 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2002-01-05 01:38:38 54,784 -c--a-w c:\windows\system32\msvci70.dll
+ 2002-01-05 01:40:20 487,424 -c--a-w c:\windows\system32\msvcp70.dll
+ 2002-01-05 01:37:28 344,064 ----a-w c:\windows\system32\msvcr70.dll
- 2007-06-26 06:09:14 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 13:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-07-18 20:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll
+ 2008-10-16 13:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll
- 2008-07-18 20:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
+ 2008-10-16 13:06:48 208,744 ----a-w c:\windows\system32\muweb.dll
- 2006-08-17 12:29:49 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-09-22 20:55:46 63,862 ----a-w c:\windows\system32\perfc009.dat
+ 2008-10-31 20:10:33 63,862 ----a-w c:\windows\system32\perfc009.dat
- 2008-09-22 20:55:46 77,476 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-10-31 20:10:33 77,476 ----a-w c:\windows\system32\perfc00C.dat
- 2008-09-22 20:55:46 406,662 ----a-w c:\windows\system32\perfh009.dat
+ 2008-10-31 20:10:33 406,662 ----a-w c:\windows\system32\perfh009.dat
- 2008-09-22 20:55:46 474,972 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-10-31 20:10:33 474,972 ----a-w c:\windows\system32\perfh00C.dat
- 2008-02-16 09:31:59 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\pngfilt.dll
- 2008-09-22 21:11:19 129,164 -c--a-w c:\windows\system32\Restore\rstrlog.dat
+ 2008-09-23 18:46:52 716,352 -c--a-w c:\windows\system32\Restore\rstrlog.dat
- 2008-02-16 09:32:00 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-02-16 09:32:00 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2007-07-27 08:41:40 16,760 ------w c:\windows\system32\spmsg.dll
+ 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBM8S.DLL
+ 2007-03-18 20:00:00 33,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBU8S.DLL
+ 2007-03-18 20:00:00 1,600,000 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMCB8S.DLL
+ 2007-03-18 20:10:00 97,280 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMCP8S.DLL
+ 2007-03-18 20:00:00 221,184 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMD58S.DLL
+ 2007-03-18 20:00:00 545,792 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMDR8S.DLL
+ 2007-03-18 20:00:00 10,240 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMFU8S.DLL
+ 2007-03-18 20:00:00 9,216 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMLH8S.DLL
+ 2007-03-18 20:00:00 145,408 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMLR8S.DLL
+ 2007-03-18 20:00:00 27,136 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMOP8S.DLL
+ 2000-12-12 02:10:04 23,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP08S.DAT
+ 2000-12-12 02:10:04 27,140 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP18S.DAT
+ 2000-12-12 08:09:20 30,320 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP28S.DAT
+ 2007-03-18 20:00:00 12,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMPI8S.DLL
+ 2007-03-18 20:00:00 102,400 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMPV8S.DLL
+ 2007-03-18 20:00:00 757,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSB8S.DLL
+ 2007-03-18 20:00:00 47,616 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSD8S.DLL
+ 2007-03-18 23:19:08 17,496 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSE8S.EXE
+ 2007-03-18 20:00:00 428,544 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSM8S.DLL
+ 2007-03-18 20:00:00 44,032 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSQ8S.DLL
+ 2007-03-18 20:00:00 76,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSR8S.DLL
+ 2007-03-18 20:00:00 310,272 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUB8S.DLL
+ 2007-03-18 20:00:00 1,907,200 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUI8S.DLL
+ 2007-03-18 20:00:00 361,472 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUR8S.DLL
+ 2007-03-18 20:00:00 13,824 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMVS8S.DLL
+ 2007-03-18 20:00:00 11,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMW38S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBM8S.DLL
+ 2007-03-18 20:00:00 33,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBU8S.DLL
+ 2007-03-18 20:00:00 1,600,000 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMCB8S.DLL
+ 2007-03-18 20:10:00 97,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMCP8S.DLL
+ 2007-03-18 20:00:00 221,184 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMD58S.DLL
+ 2007-03-18 20:00:00 545,792 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMDR8S.DLL
+ 2007-03-18 20:00:00 10,240 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMFU8S.DLL
+ 2007-03-18 20:00:00 9,216 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMLH8S.DLL
+ 2007-03-18 20:00:00 145,408 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMLR8S.DLL
+ 2007-03-18 20:00:00 27,136 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMOP8S.DLL
+ 2000-12-12 02:10:04 23,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP08S.DAT
+ 2000-12-12 02:10:04 27,140 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP18S.DAT
+ 2000-12-12 08:09:20 30,320 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP28S.DAT
+ 2007-03-18 20:00:00 12,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMPI8S.DLL
+ 2007-03-18 20:00:00 102,400 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMPV8S.DLL
+ 2007-03-18 20:00:00 757,248 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSB8S.DLL
+ 2007-03-18 20:00:00 47,616 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSD8S.DLL
+ 2007-03-18 23:19:08 17,496 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSE8S.EXE
+ 2007-03-18 20:00:00 428,544 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSM8S.DLL
+ 2007-03-18 20:00:00 44,032 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSQ8S.DLL
+ 2007-03-18 20:00:00 76,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSR8S.DLL
+ 2007-03-18 20:00:00 310,272 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUB8S.DLL
+ 2007-03-18 20:00:00 1,907,200 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUI8S.DLL
+ 2007-03-18 20:00:00 361,472 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUR8S.DLL
+ 2007-03-18 20:00:00 13,824 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMVS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMW38S.DLL
+ 2007-03-18 20:00:00 27,136 ----a-w c:\windows\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
+ 2007-03-18 20:00:00 69,632 ----a-w c:\windows\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
+ 2006-01-09 08:36:06 40,960 ----a-w c:\windows\system32\swsc.exe
- 2008-02-16 09:32:00 620,544 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\urlmon.dll
- 2008-03-20 08:09:22 1,845,376 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:39:16 1,846,144 ----a-w c:\windows\system32\win32k.sys
- 2008-02-16 09:32:00 670,208 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\wininet.dll
- 2004-08-10 13:00:00 2,864 ----a-w c:\windows\system32\winsock.dll
+ 2008-10-01 18:42:39 2,864 ----a-w c:\windows\system32\winsock.dll
- 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
- 2008-02-15 23:03:14 370,176 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-08-19 09:51:37 370,176 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-11-18 18:44:46 16,384 ----atw c:\windows\temp\Perflib_Perfdata_5ec.dat
+ 2006-11-29 05:39:54 73,728 -c--a-w c:\windows\twain_32\MP210 series\AG.DLL
+ 2005-04-15 06:34:36 57,344 -c--a-w c:\windows\twain_32\MP210 series\BaLCo.dll
+ 2007-02-02 08:31:24 86,016 -c--a-w c:\windows\twain_32\MP210 series\CAPS.DLL
+ 2005-08-24 06:51:00 126,976 -c--a-w c:\windows\twain_32\MP210 series\CFine2.dll
+ 2007-02-19 01:42:20 3,724,256 -c--a-w c:\windows\twain_32\MP210 series\CNC210.DAT
+ 2007-02-08 05:06:12 49,224 -c--a-w c:\windows\twain_32\MP210 series\CNC210P.DAT
+ 2007-03-19 05:06:36 143,360 -c--a-w c:\windows\twain_32\MP210 series\CUBS.DLL
+ 2006-04-13 06:43:30 53,248 -c--a-w c:\windows\twain_32\MP210 series\HSL.DLL
+ 2006-07-31 06:17:08 53,248 -c--a-w c:\windows\twain_32\MP210 series\IJFSHLIB.DLL
+ 2007-04-13 00:01:26 184,320 -c--a-w c:\windows\twain_32\MP210 series\IOP.DLL
+ 2007-01-19 06:16:06 39,154 -c--a-w c:\windows\twain_32\MP210 series\IPM.DAT
+ 2007-04-13 00:04:34 135,168 -c--a-w c:\windows\twain_32\MP210 series\IPM.DLL
+ 2004-08-26 08:07:00 114,688 -c--a-w c:\windows\twain_32\MP210 series\ITLIB32.DLL
+ 2004-06-07 03:58:04 290,816 -c--a-w c:\windows\twain_32\MP210 series\libBLC.dll
+ 2006-12-13 02:28:04 122,880 -c--a-w c:\windows\twain_32\MP210 series\MC2.DLL
+ 2006-01-12 05:22:00 73,728 -c--a-w c:\windows\twain_32\MP210 series\RSTCOL.DLL
+ 2007-04-13 00:01:10 147,456 -c--a-w c:\windows\twain_32\MP210 series\SCANINTF.DLL
+ 2005-02-02 09:34:44 118,784 -c--a-w c:\windows\twain_32\MP210 series\SCRPRMV.DLL
+ 2006-12-01 00:24:10 1,159,168 -c--a-w c:\windows\twain_32\MP210 series\SGCFLTR.DLL
+ 2007-04-23 05:36:34 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_AR.DLL
+ 2007-04-19 04:13:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_CN.DLL
+ 2007-04-17 02:55:38 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_CZ.DLL
+ 2007-04-23 05:36:56 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_DE.DLL
+ 2007-04-17 02:55:46 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_DK.DLL
+ 2007-04-23 05:37:26 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_ES.DLL
+ 2007-04-23 05:36:46 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_FI.DLL
+ 2007-04-23 05:36:52 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_FR.DLL
+ 2007-04-23 05:37:02 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_GR.DLL
+ 2007-04-17 02:56:24 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_HU.DLL
+ 2007-04-17 04:58:20 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_ID.DLL
+ 2007-04-17 02:56:32 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_IT.DLL
+ 2007-04-13 00:00:34 1,011,712 -c--a-w c:\windows\twain_32\MP210 series\SGRES_JP.DLL
+ 2007-04-17 02:35:08 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_KR.DLL
+ 2007-04-23 05:36:40 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_NL.DLL
+ 2007-04-17 02:56:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_NO.DLL
+ 2007-04-23 05:37:10 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_PL.DLL
+ 2007-04-23 05:37:16 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_PT.DLL
+ 2007-04-23 05:37:20 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_RU.DLL
+ 2007-04-23 05:37:32 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_SE.DLL
+ 2007-04-20 00:35:56 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TH.DLL
+ 2007-04-23 05:37:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TR.DLL
+ 2007-04-17 02:23:34 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TW.DLL
+ 2007-04-13 00:00:30 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_US.DLL
+ 2007-04-13 00:04:26 1,175,552 -c--a-w c:\windows\twain_32\MP210 series\SGUI.DLL
+ 2006-11-06 07:13:26 98,304 -c--a-w c:\windows\twain_32\MP210 series\softfare.dll
+ 2007-04-13 00:02:38 524,288 -c--a-w c:\windows\twain_32\MP210 series\TPM.DLL
+ 2007-04-23 05:36:34 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESAR.DLL
+ 2007-04-19 04:13:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESCN.DLL
+ 2007-04-17 02:55:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESCZ.DLL
+ 2007-04-23 05:36:56 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESDE.DLL
+ 2007-04-17 02:55:46 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESDK.DLL
+ 2007-04-23 05:37:26 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESES.DLL
+ 2007-04-23 05:36:46 5,120 -c--a-w c:\windows\twain_32\MP210 series\USDRESFI.DLL
+ 2007-04-23 05:36:52 4,608 ----a-w c:\windows\twain_32\MP210 series\USDRESFR.DLL
+ 2007-04-23 05:37:04 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESGR.DLL
+ 2007-04-17 02:56:24 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESHU.DLL
+ 2007-04-17 04:58:20 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESID.DLL
+ 2007-04-17 02:56:32 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESIT.DLL
+ 2007-01-26 06:44:36 4,096 -c--a-w c:\windows\twain_32\MP210 series\USDRESJP.DLL
+ 2007-04-17 02:35:06 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESKR.DLL
+ 2007-04-23 05:36:40 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESNL.DLL
+ 2007-04-17 02:56:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESNO.DLL
+ 2007-04-23 05:37:10 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESPL.DLL
+ 2007-04-23 05:37:16 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESPT.DLL
+ 2007-04-23 05:37:20 5,120 -c--a-w c:\windows\twain_32\MP210 series\USDRESRU.DLL
+ 2007-04-23 05:37:32 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESSE.DLL
+ 2007-04-20 00:35:56 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTH.DLL
+ 2007-04-23 05:37:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTR.DLL
+ 2007-04-17 02:23:34 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTW.DLL
+ 2007-01-26 06:44:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESUS.DLL
+ 2007-02-06 12:00:06 258,048 -c--a-w c:\windows\twain_32\MP210 series\USIP.DLL
+ 2008-09-25 15:59:55 1,230,336 -c--a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-11-09 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-24 7569408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-24 86016]
"ACU"="c:\program files\Atheros WLAN Adapter\ACU.exe" [2006-04-14 307200]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"EULA"="c:\apps\PB_TB\EULALauncher.exe" [2006-09-29 18944]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-11-30 98304]
"Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
"ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-30 26112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-11-30 158720]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"OoPDFSettingsv6.exe"="c:\program files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 460800]
"nwiz"="nwiz.exe" [2006-08-24 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\ordono\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - c:\program files\OFFICE One6.5\program\quickstart.exe [2004-03-08 36864]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One Clock v6.5.lnk - c:\program files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2006-12-26 257536]
OFFICE One Notes v6.5.lnk - c:\program files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2006-12-26 559104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AOL 9.0\\aol.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswsp.sys [2008-11-12 78416]
R2 aswfsblk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-12 20560]
R2 ijplmsvc;PIXMA Extended Survey Program;c:\program files\Canon\IJPLM\IJPLMSVC.EXE [2008-09-25 101528]
R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\ATK0100\ASNDIS5.SYS [2006-11-30 16269]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{343b8d66-0644-11dd-b053-0018f3f04f39}]
\shell\autorun\command - kk3.bat
\shell\explore\command - kk3.bat
\shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3506026b-76ad-11dd-b192-0018f3f04f39}]
\shell\autorun\command - kk3.bat
\shell\explore\command - kk3.bat
\shell\open\command - kk3.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e687a40b-b49b-11dd-b256-0018f3f04f39}]
\shell\autorun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NoLimit.exe
.
- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)


.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF -: plugin - c:\documents and settings\ordono\Application Data\Mozilla\plugins\npPxPlay.dll
FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - c:\program files\DivX\DivX Content Uploader\npUpload.dll
FF -: plugin - c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-18 19:45:35
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\6d1824ce]
"ImagePath"="\SystemRoot\System32\drivers\6d1824ce.sys"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: c:\windows\explorer.exe
-> c:\progra~1\Google\GOOGLE~1\GOA66E~1.DLL
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\acs.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\dllhost.exe
c:\program files\Orange\Launcher\Launcher.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\OFFICE One6.5\program\soffice.exe
c:\program files\Orange\Deskboard\Deskboard.exe
c:\program files\Orange\Connectivity\ConnectivityManager.exe
c:\program files\Orange\Connectivity\corecom\CoreCom.exe
c:\program files\Orange\Connectivity\corecom\OraConfigRecover.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
.
**************************************************************************
.
Heure de fin: 2008-11-18 19:51:01 - La machine a redémarré [ordono]
ComboFix-quarantined-files.txt 2008-11-18 18:50:57
ComboFix2.txt 2008-09-22 21:41:49

Avant-CF: 96,066,674,688 octets libres
Après-CF: 96,051,445,760 octets libres

780 --- E O F --- 2008-11-18 14:03:33

Voila dis moi si il y a autre chose a faire avant que ce méchant virus disparaisse^^

Salut sosow0810


Soit patient, j'attends confirmation  


@++

No problemo
merci pour ton aide précieuse

  Bonjour sosow0810,

Merci de patienter un peu.

Au pire, tu auras une réponse en fin de soirée ( minuit ).

N.B : Note bien que tu vas retrouver un PC tout propre  

 

Mais aucun souci je comprends bien qu'il n'y ai pas que moi sur ce super forum
en tout cas les premières manipulations m'ont beaucoup aidées car je n'ai plus aucun soucis de démarrage   Donc c'est déjà génial!

  sosow0810,

Je t'avais préparé la manip' hier soir mais j'ai oublié de la poster  

Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )



=> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colles y le texte (CTRL + V)
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer
- Quitte le Bloc Notes

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



* Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
* Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
* Poste un nouveau rapport hijackthis.

 

Rapport Combo fix

ComboFix 08-11-19.08 - ordono 2008-11-20 20:47:25.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1286 [GMT 1:00]
Lancé depuis: c:\documents and settings\ordono\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\ordono\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
c:\windows\system32\drivers\6d1824ce.sys
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\rhcc54j0eja1
c:\windows\system32\drivers\6d1824ce.sys

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_6d1824ce


((((((((((((((((((((((((((((( Fichiers créés du 2008-10-20 au 2008-11-20 ))))))))))))))))))))))))))))))))))))
.

2008-11-19 20:14 . 2008-11-19 20:18 <REP> d-------- c:\program files\PhotoFiltre
2008-11-18 23:07 . 2008-11-18 23:07 <REP> d-------- c:\program files\vmntoolbar
2008-11-18 23:07 . 2008-11-18 23:07 <REP> d-------- c:\program files\DVDVideoSoft
2008-11-18 23:07 . 2008-11-18 23:07 <REP> d-------- c:\program files\AskBarDis
2008-11-18 23:07 . 2008-11-19 13:34 <REP> d-------- c:\documents and settings\ordono\Application Data\vmntoolbar
2008-11-18 20:51 . 2008-11-18 23:07 <REP> d--hs---- C:\RECYCLER(2)
2008-11-18 17:01 . 2008-11-18 23:07 <REP> d-------- C:\ToolBar SD
2008-11-18 16:40 . 2008-11-18 16:40 <REP> d-------- C:\rsit
2008-11-18 16:40 . 2008-11-18 23:07 <REP> d-------- c:\program files\trend micro
2008-11-12 17:44 . 2008-11-12 17:44 <REP> d---s---- c:\windows\system32\%SystemDrive%
2008-11-12 17:44 . 2008-11-12 17:44 <REP> d-------- c:\windows\Google Toolbar
2008-11-09 16:14 . 2008-11-09 16:26 <REP> d-------- C:\DVDVideoSoft
2008-11-09 16:13 . 2008-11-18 20:50 <REP> d-------- c:\program files\Fichiers communs\DVDVideoSoft
2008-11-09 15:47 . 2008-11-09 16:05 267 --a------ c:\windows\KeyTube.ini
2008-11-09 12:50 . 2008-11-09 12:50 <REP> d-------- c:\documents and settings\ordono\Application Data\Media Player Classic
2008-10-26 18:59 . 2008-10-29 12:47 <REP> d-------- c:\program files\Veoh Networks
2008-10-26 18:53 . 2008-10-26 18:59 <REP> d-------- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-18 14:06 --------- d-----w c:\program files\Java
2008-11-09 14:54 --------- d-----w c:\program files\Google
2008-11-08 19:56 --------- d-----w c:\program files\Messenger Plus! Live
2008-11-07 16:33 --------- d-----w c:\program files\PCFriendly
2008-10-26 17:59 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-01 15:20 --------- d-----w c:\documents and settings\ordono\Application Data\Micro Application
2008-09-25 16:25 --------- d-----w c:\program files\Canon
2008-09-25 16:25 --------- d-----w c:\documents and settings\All Users\Application Data\CanonIJPLM
2008-09-25 16:00 --------- d-----w c:\documents and settings\ordono\Application Data\ScanSoft
2008-09-25 15:59 --------- d-----w c:\program files\ScanSoft
2008-09-25 15:59 --------- d-----w c:\program files\Fichiers communs\ScanSoft Shared
2008-09-25 15:59 --------- d-----w c:\documents and settings\All Users\Application Data\ScanSoft
2008-09-25 15:57 --------- d-----w c:\program files\Fichiers communs\CANON
2008-09-25 15:55 --------- d--h--w c:\documents and settings\All Users\Application Data\CanonBJ
2008-09-25 15:54 --------- d--h--w c:\program files\CanonBJ
2008-09-22 21:11 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\KeyTube.ini -- Not a PE file.
MD5: c7f295697febc57f69b881bc218317c6

---- Directory of c:\windows\system32\%SystemDrive% ----

2008-11-12 17:44 552 --a-s---- c:\windows\system32\%SystemDrive%\Documents and Settings\ordono\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
2008-11-12 17:44 132 --a-s---- c:\windows\system32\%SystemDrive%\Documents and Settings\ordono\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9


((((((((((((((((((((((((((((( snapshot@2008-09-22_23.41.26.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-23 15:10:27 3,088,384 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\mshtml.dll
+ 2008-06-26 08:13:32 1,499,648 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\shdocvw.dll
+ 2008-06-26 08:13:32 620,544 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\urlmon.dll
+ 2008-06-23 15:10:27 670,208 -c--a-w c:\windows\$hf_mig$\KB953838\SP3GDR\wininet.dll
+ 2008-06-25 04:26:28 3,088,896 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\mshtml.dll
+ 2008-06-26 08:00:28 1,499,648 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\shdocvw.dll
+ 2008-06-26 08:00:28 620,544 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\urlmon.dll
+ 2008-06-23 14:56:26 670,720 -c--a-w c:\windows\$hf_mig$\KB953838\SP3QFE\wininet.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB953838\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB953838\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB953838\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB953838\update\update.exe
+ 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB953838\update\updspapi.dll
+ 2008-09-15 15:14:42 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP2QFE\win32k.sys
+ 2008-09-15 15:26:07 1,846,528 ----a-w c:\windows\$hf_mig$\KB954211\SP3GDR\win32k.sys
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
+ 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll
+ 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll
+ 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
+ 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
+ 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll
+ 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll
+ 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 09:48:52 138,368 ----a-w c:\windows\$hf_mig$\KB956803\SP2QFE\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3GDR\afd.sys
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:23:44 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlmp.exe
+ 2008-08-14 13:23:49 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
+ 2008-08-14 13:23:44 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrpamp.exe
+ 2008-08-14 13:23:49 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 17:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 17:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-08-28 10:35:33 333,056 ----a-w c:\windows\$hf_mig$\KB957095\SP2QFE\srv.sys
+ 2008-09-08 10:41:42 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3GDR\srv.sys
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-02-16 09:31:57 1,024,512 -c----w c:\windows\$NtUninstallKB953838$\browseui.dll
+ 2008-02-16 09:31:57 152,064 -c----w c:\windows\$NtUninstallKB953838$\cdfview.dll
+ 2008-02-16 09:31:58 1,056,768 -c----w c:\windows\$NtUninstallKB953838$\danim.dll
+ 2008-02-16 09:31:58 357,888 -c----w c:\windows\$NtUninstallKB953838$\dxtmsft.dll
+ 2008-02-16 09:31:58 205,312 -c----w c:\windows\$NtUninstallKB953838$\dxtrans.dll
+ 2008-02-16 09:31:58 55,808 -c----w c:\windows\$NtUninstallKB953838$\extmgr.dll
+ 2008-02-15 09:07:53 18,432 -c----w c:\windows\$NtUninstallKB953838$\iedw.exe
+ 2008-02-16 09:31:58 251,904 -c----w c:\windows\$NtUninstallKB953838$\iepeers.dll
+ 2008-02-16 09:31:58 96,768 -c----w c:\windows\$NtUninstallKB953838$\inseng.dll
+ 2008-02-16 09:31:58 16,384 -c----w c:\windows\$NtUninstallKB953838$\jsproxy.dll
+ 2008-02-16 09:31:59 3,087,872 -c----w c:\windows\$NtUninstallKB953838$\mshtml.dll
+ 2008-02-16 09:31:59 449,024 -c----w c:\windows\$NtUninstallKB953838$\mshtmled.dll
+ 2008-02-16 09:31:59 146,432 -c----w c:\windows\$NtUninstallKB953838$\msrating.dll
+ 2008-02-16 09:31:59 532,480 -c----w c:\windows\$NtUninstallKB953838$\mstime.dll
+ 2008-02-16 09:31:59 39,424 -c----w c:\windows\$NtUninstallKB953838$\pngfilt.dll
+ 2008-02-16 09:32:00 1,499,648 -c----w c:\windows\$NtUninstallKB953838$\shdocvw.dll
+ 2008-02-16 09:32:00 474,624 -c----w c:\windows\$NtUninstallKB953838$\shlwapi.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB953838$\spuninst\spuninst.exe
+ 2007-11-30 12:39:29 406,392 -c----w c:\windows\$NtUninstallKB953838$\spuninst\updspapi.dll
+ 2008-02-16 09:32:00 620,544 -c----w c:\windows\$NtUninstallKB953838$\urlmon.dll
+ 2008-02-16 09:32:00 670,208 -c----w c:\windows\$NtUninstallKB953838$\wininet.dll
+ 2008-02-15 23:03:14 370,176 -c----w c:\windows\$NtUninstallKB953838$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB954211$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB954211$\spuninst\updspapi.dll
+ 2008-03-20 08:09:22 1,845,376 -c----w c:\windows\$NtUninstallKB954211$\win32k.sys
+ 2008-06-23 16:15:33 1,024,512 -c----w c:\windows\$NtUninstallKB956390$\browseui.dll
+ 2008-06-23 16:15:34 152,064 -c----w c:\windows\$NtUninstallKB956390$\cdfview.dll
+ 2008-06-23 16:15:35 1,056,768 -c----w c:\windows\$NtUninstallKB956390$\danim.dll
+ 2008-06-23 16:15:35 357,888 -c----w c:\windows\$NtUninstallKB956390$\dxtmsft.dll
+ 2008-06-23 16:15:35 205,312 -c----w c:\windows\$NtUninstallKB956390$\dxtrans.dll
+ 2008-06-23 16:15:35 55,808 -c----w c:\windows\$NtUninstallKB956390$\extmgr.dll
+ 2008-06-23 09:53:58 18,432 -c----w c:\windows\$NtUninstallKB956390$\iedw.exe
+ 2008-06-23 16:15:36 251,904 -c----w c:\windows\$NtUninstallKB956390$\iepeers.dll
+ 2008-06-23 16:15:36 96,768 -c----w c:\windows\$NtUninstallKB956390$\inseng.dll
+ 2008-06-23 16:15:36 16,384 -c----w c:\windows\$NtUninstallKB956390$\jsproxy.dll
+ 2008-06-23 16:15:39 3,088,384 -c----w c:\windows\$NtUninstallKB956390$\mshtml.dll
+ 2008-06-23 16:15:40 449,024 -c----w c:\windows\$NtUninstallKB956390$\mshtmled.dll
+ 2008-06-23 16:15:40 146,432 -c----w c:\windows\$NtUninstallKB956390$\msrating.dll
+ 2008-06-23 16:15:41 532,480 -c----w c:\windows\$NtUninstallKB956390$\mstime.dll
+ 2008-06-23 16:15:41 39,424 -c----w c:\windows\$NtUninstallKB956390$\pngfilt.dll
+ 2008-06-23 16:15:42 1,499,648 -c----w c:\windows\$NtUninstallKB956390$\shdocvw.dll
+ 2008-06-23 16:15:43 474,624 -c----w c:\windows\$NtUninstallKB956390$\shlwapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956390$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956390$\spuninst\updspapi.dll
+ 2008-06-23 16:15:43 620,544 -c----w c:\windows\$NtUninstallKB956390$\urlmon.dll
+ 2008-06-23 16:15:44 671,232 -c----w c:\windows\$NtUninstallKB956390$\wininet.dll
+ 2008-07-03 09:42:35 370,176 -c----w c:\windows\$NtUninstallKB956390$\xpsp3res.dll
+ 2007-11-30 12:39:29 234,872 -c----w c:\windows\$NtUninstallKB956391$\spuninst\spuninst.exe
+ 2007-11-30 12:39:31 406,392 -c----w c:\windows\$NtUninstallKB956391$\spuninst\updspapi.dll
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtUninstallKB956803$\afd.sys
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
+ 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlmp.exe
+ 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
+ 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\$NtUninstallKB956841$\ntkrpamp.exe
+ 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB956841$\spuninst\spuninst.exe
+ 2008-07-09 07:40:35 406,392 -c----w c:\windows\$NtUninstallKB956841$\spuninst\updspapi.dll
+ 2007-11-30 11:19:06 234,872 -c----w c:\windows\$NtUninstallKB957095$\spuninst\spuninst.exe
+ 2007-11-30 11:19:10 406,392 -c----w c:\windows\$NtUninstallKB957095$\spuninst\updspapi.dll
+ 2006-08-14 10:34:41 332,928 -c----w c:\windows\$NtUninstallKB957095$\srv.sys
- 2004-07-27 15:48:52 323,584 -c--a-w c:\windows\Downloaded Program Files\isusweb.dll
+ 2005-02-16 14:15:20 401,408 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
- 2006-05-05 09:41:45 453,120 -c--a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
- 2007-02-28 16:08:15 2,139,648 -c--a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 -c--a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ----a-w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 -c--a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:08:21 2,184,192 -c--a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ----a-w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-11-18 18:50:51 237,568 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000001(2)\NTUSER.DAT
+ 2008-11-18 18:50:52 8,192 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000002(2)\UsrClass.dat
+ 2008-11-18 18:50:52 237,568 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000003(2)\NTUSER.DAT
+ 2008-11-18 18:50:52 8,192 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000004(2)\UsrClass.dat
+ 2008-11-18 18:50:52 5,238,784 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000005(2)\NTUSER.DAT
+ 2008-11-18 18:50:52 163,840 ----a-w c:\windows\erdnt\Hiv-backup(2)\Users(2)\00000006(2)\UsrClass.dat
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\Hiv-backup\ERDNT.EXE
- 2005-10-20 18:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\erdnt\subs\ERDNT.EXE
+ 2008-11-12 21:04:03 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2008-09-25 15:59:59 7,406 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\ARPPRODUCTICON.exe
+ 2008-09-25 15:59:59 49,152 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\NewShortcut14_27BC537B086D42E19CB39D115FA043BF.exe
+ 2008-09-25 15:59:59 450,560 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\NewShortcut15_27BC537B086D42E19CB39D115FA043BF.exe
+ 2008-09-25 15:59:58 65,536 -c--a-r c:\windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
- 2000-08-31 06:00:00 28,672 ----a-w c:\windows\Nircmd.exe
+ 2000-08-31 07:00:00 28,672 -c--a-w c:\windows\Nircmd.exe
- 2000-08-31 06:00:00 161,792 ----a-w c:\windows\swreg.exe
+ 2000-08-31 07:00:00 161,792 -c--a-w c:\windows\swreg.exe
+ 2008-11-18 17:41:38 1,233,112 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-18 17:35:22 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-02-16 09:31:57 1,024,512 ----a-w c:\windows\system32\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\system32\browseui.dll
+ 2007-02-09 08:10:48 808,544 ----a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe
+ 2007-02-15 06:22:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstAR.dll
+ 2007-02-13 07:55:54 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstCN.dll
+ 2007-02-13 23:58:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstCZ.dll
+ 2007-02-13 23:58:50 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstDE.dll
+ 2007-02-13 23:58:52 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstDK.dll
+ 2007-02-13 23:58:54 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstES.dll
+ 2007-02-13 23:58:54 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstFI.dll
+ 2007-02-13 23:58:56 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstFR.dll
+ 2007-02-13 23:58:58 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstGR.dll
+ 2007-02-15 00:26:48 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstHU.dll
+ 2007-02-14 07:36:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstID.dll
+ 2007-02-13 23:59:02 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstIT.dll
+ 2007-02-08 05:27:08 45,056 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstJP.dll
+ 2007-02-13 09:10:24 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstKR.dll
+ 2007-02-13 23:59:04 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstNL.dll
+ 2007-02-13 23:59:04 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstNO.dll
+ 2007-02-13 23:59:06 61,440 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstPL.dll
+ 2007-02-13 23:59:08 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstPT.dll
+ 2007-02-13 23:59:10 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstRU.dll
+ 2007-02-13 23:59:12 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstSE.dll
+ 2007-02-13 08:20:58 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTH.dll
+ 2007-02-13 23:59:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTR.dll
+ 2007-02-13 08:05:14 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstTW.dll
+ 2007-02-08 05:27:08 57,344 -c--a-r c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\RES\DLL\IJInstUS.dll
- 2008-02-16 09:31:57 152,064 ----a-w c:\windows\system32\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\system32\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
+ 2007-03-23 07:30:48 1,400,832 ----a-w c:\windows\system32\CNC210C.DLL
+ 2007-03-23 07:29:52 98,304 -c--a-w c:\windows\system32\CNC210I.DLL
+ 2007-03-19 01:16:12 200,704 ----a-w c:\windows\system32\CNC210L.DLL
+ 2007-03-15 05:12:00 188,416 -c--a-w c:\windows\system32\CNC210O.DLL
+ 2007-03-18 20:00:00 215,040 ----a-w c:\windows\system32\CNMLM8S.DLL
- 2008-02-16 09:31:58 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2004-08-10 13:00:00 244,736 ----a-w c:\windows\system32\dllcache\acspecfc.dll
- 2008-06-20 10:44:38 138,368 ------w c:\windows\system32\dllcache\afd.sys
+ 2008-08-14 09:51:43 138,368 ------w c:\windows\system32\dllcache\afd.sys
+ 2004-08-10 13:00:00 8,704 -c--a-w c:\windows\system32\dllcache\batt.dll
+ 2004-08-10 13:00:00 12,288 -c--a-w c:\windows\system32\dllcache\bootvid.dll
- 2008-02-16 09:31:57 1,024,512 ----a-w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\system32\dllcache\browseui.dll
+ 2004-08-10 13:00:00 20,992 -c--a-w c:\windows\system32\dllcache\bthci.dll
- 2008-02-16 09:31:57 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\system32\dllcache\cdfview.dll
- 2008-07-18 20:10:48 94,920 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
+ 2004-08-10 13:00:00 80,896 -c--a-w c:\windows\system32\dllcache\charmap.exe
+ 2004-08-10 13:00:00 3,584 -c--a-w c:\windows\system32\dllcache\comcat.dll
+ 2004-08-10 13:00:00 27,097 -c--a-w c:\windows\system32\dllcache\country.sys
- 2008-02-16 09:31:58 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\system32\dllcache\danim.dll
+ 2004-08-10 13:00:00 54,080 -c--a-w c:\windows\system32\dllcache\dosx.exe
+ 2004-08-10 13:00:00 181,760 ----a-w c:\windows\system32\dllcache\dsdmo.dll
+ 2004-08-10 13:00:00 2,113,536 -c--a-w c:\windows\system32\dllcache\dxdiagn.dll
- 2008-02-16 09:31:58 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-02-16 09:31:58 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-02-16 09:31:58 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2005-10-17 21:21:08 80,896 -c--a-w c:\windows\system32\dllcache\fontsub.dll
+ 2005-05-26 23:22:01 10,752 -c--a-w c:\windows\system32\dllcache\hh.exe
+ 2004-08-10 13:00:00 4,912 ----a-w c:\windows\system32\dllcache\himem.sys
+ 2004-08-10 13:00:00 16,384 -c--a-w c:\windows\system32\dllcache\icfgnt5.dll
- 2008-02-15 09:07:53 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2008-08-19 09:38:57 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2004-08-10 13:00:00 81,920 ----a-w c:\windows\system32\dllcache\ieencode.dll
- 2008-02-16 09:31:58 251,904 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-10 13:00:00 282,624 -c--a-w c:\windows\system32\dllcache\inetcfg.dll
- 2008-02-16 09:31:58 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\dllcache\inseng.dll
+ 2005-05-27 02:08:06 155,136 ----a-w c:\windows\system32\dllcache\itircl.dll
- 2008-02-16 09:31:58 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 13:00:00 7,040 -c--a-w c:\windows\system32\dllcache\kdcom.dll
+ 2004-08-10 13:00:00 42,537 -c--a-w c:\windows\system32\dllcache\keyboard.sys
+ 2004-08-10 13:00:00 8,192 -c--a-w c:\windows\system32\dllcache\mag_hook.dll
+ 2004-08-10 13:00:00 73,216 -c--a-w c:\windows\system32\dllcache\magnify.exe
+ 2004-08-10 13:00:00 120,320 -c--a-w c:\windows\system32\dllcache\mdminst.dll
+ 2004-08-10 13:00:00 362,496 ----a-w c:\windows\system32\dllcache\metal_ss.dll
+ 2004-08-10 13:00:00 144,384 -c--a-w c:\windows\system32\dllcache\mobsync.exe
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mp43dmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mp4sdmod.dll
+ 2006-10-18 19:47:14 4,096 -c--a-w c:\windows\system32\dllcache\mpg4dmod.dll
- 2006-05-05 09:41:45 453,120 -c--a-w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
+ 2006-03-23 05:46:11 143,360 -c--a-w c:\windows\system32\dllcache\msadco.dll
+ 2006-03-01 19:43:50 426,496 ----a-w c:\windows\system32\dllcache\msdtcprx.dll
+ 2006-03-01 19:43:50 956,416 ----a-w c:\windows\system32\dllcache\msdtctm.dll
+ 2006-03-01 19:43:51 161,280 -c--a-w c:\windows\system32\dllcache\msdtcuiu.dll
- 2008-02-16 09:31:59 3,087,872 ----a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-02-16 09:31:59 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2005-05-04 13:45:36 884,736 ----a-w c:\windows\system32\dllcache\msimsg.dll
+ 2004-08-10 13:00:00 40,448 -c--a-w c:\windows\system32\dllcache\msinfo32.exe
+ 2004-08-10 13:00:00 65,536 -c--a-w c:\windows\system32\dllcache\msratelc.dll
- 2008-02-16 09:31:59 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-02-16 09:31:59 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2004-08-10 13:00:00 701,440 -c--a-w c:\windows\system32\dllcache\msxml2.dll
- 2007-06-26 06:09:14 1,104,896 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ------w c:\windows\system32\dllcache\msxml3.dll
+ 2004-08-10 13:00:00 30,720 -c--a-w c:\windows\system32\dllcache\msxmlr.dll
+ 2006-03-01 19:43:51 91,136 -c--a-w c:\windows\system32\dllcache\mtxoci.dll
- 2006-08-17 12:29:49 332,288 -c--a-w c:\windows\system32\dllcache\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-10 13:00:00 27,916 -c--a-w c:\windows\system32\dllcache\ntdos.sys
+ 2004-08-10 13:00:00 34,000 -c--a-w c:\windows\system32\dllcache\ntio.sys
- 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ------w c:\windows\system32\dllcache\ntkrpamp.exe
+ 2004-08-10 13:00:00 40,960 -c--a-w c:\windows\system32\dllcache\ntmsapi.dll
- 2007-02-28 16:08:21 2,184,192 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ------w c:\windows\system32\dllcache\ntoskrnl.exe
+ 2004-08-10 13:00:00 13,312 -c--a-w c:\windows\system32\dllcache\ntvdmd.dll
+ 2004-08-10 13:00:00 3,258 -c--a-w c:\windows\system32\dllcache\nw16.exe
+ 2004-08-10 13:00:00 17,408 -c--a-w c:\windows\system32\dllcache\nwapi16.dll
+ 2004-08-10 13:00:00 18,944 -c--a-w c:\windows\system32\dllcache\oleaccrc.dll
+ 2004-08-10 13:00:00 216,576 -c--a-w c:\windows\system32\dllcache\osk.exe
- 2008-02-16 09:31:59 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-10 13:00:00 48,640 -c--a-w c:\windows\system32\dllcache\pnrpnsp.dll
+ 2004-08-10 13:00:00 237,056 -c--a-w c:\windows\system32\dllcache\provthrd.dll
+ 2004-08-10 13:00:00 35,840 -c--a-w c:\windows\system32\dllcache\rcimlby.exe
+ 2004-08-10 13:00:00 3,352 -c--a-w c:\windows\system32\dllcache\redir.exe
+ 2004-08-10 13:00:00 29,184 -c--a-w c:\windows\system32\dllcache\sdhcinst.dll
- 2008-02-16 09:32:00 1,499,648 ----a-w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\system32\dllcache\shdocvw.dll
- 2008-02-16 09:32:00 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-10 13:00:00 133,120 -c--a-w c:\windows\system32\dllcache\sndrec32.exe
- 2006-08-14 10:34:41 332,928 -c--a-w c:\windows\system32\dllcache\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\dllcache\srv.sys
+ 2005-10-17 21:21:08 118,272 -c--a-w c:\windows\system32\dllcache\t2embed.dll
+ 2005-05-11 02:30:03 78,336 -c--a-w c:\windows\system32\dllcache\telnet.exe
+ 2004-08-10 13:00:00 36,864 -c--a-w c:\windows\system32\dllcache\umandlg.dll
- 2008-02-16 09:32:00 620,544 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-03 21:01:26 25,856 -c--a-w c:\windows\system32\dllcache\usbprint.sys
+ 2004-08-03 20:58:46 15,104 -c--a-w c:\windows\system32\dllcache\usbscan.sys
+ 2004-08-10 13:00:00 50,176 -c--a-w c:\windows\system32\dllcache\utilman.exe
+ 2004-08-10 13:00:00 19,456 -c--a-w c:\windows\system32\dllcache\vwipxspx.dll
- 2008-03-20 08:09:22 1,845,376 ------w c:\windows\system32\dllcache\win32k.sys
+ 2008-09-15 15:39:16 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
+ 2004-08-10 13:00:00 288,256 ----a-w c:\windows\system32\dllcache\winhlp32.exe
- 2008-02-16 09:32:00 670,208 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-01 18:42:39 2,864 ----a-w c:\windows\system32\dllcache\winsock.dll
+ 2004-08-10 13:00:00 77,312 -c--a-w c:\windows\system32\dllcache\wmipicmp.dll
+ 2004-08-10 13:00:00 20,480 -c--a-w c:\windows\system32\dllcache\wmpui.dll
+ 2004-08-10 13:00:00 51,200 -c--a-w c:\windows\system32\dllcache\wstdecod.dll
- 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
+ 2004-08-10 13:00:00 32,256 -c--a-w c:\windows\system32\dllcache\wupdmgr.exe
- 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
+ 2004-08-10 13:00:00 50,176 ----a-w c:\windows\system32\dllcache\xmlprovi.dll
+ 2006-03-01 19:43:51 11,776 -c--a-w c:\windows\system32\dllcache\xolehlp.dll
+ 2008-11-18 18:00:11 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-11-18 18:02:43 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-18 18:04:36 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-18 18:04:21 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-18 18:01:09 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-18 18:03:33 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-18 18:01:23 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
+ 2004-08-03 21:01:26 25,856 ----a-w c:\windows\system32\drivers\usbprint.sys
+ 2004-08-03 20:58:46 15,104 ----a-w c:\windows\system32\drivers\usbscan.sys
- 2008-02-16 09:31:58 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-02-16 09:31:58 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
- 2008-02-16 09:31:58 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\extmgr.dll
- 2008-06-05 17:05:02 570,280 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-10-16 14:54:47 573,464 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-02-16 09:31:58 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\iepeers.dll
- 2008-02-16 09:31:58 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\inseng.dll
- 2008-02-16 09:31:58 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
- 2008-06-04 11:27:35 74,649 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-11-09 14:54:10 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2002-01-05 02:48:16 974,848 -c--a-w c:\windows\system32\mfc70.dll
+ 2002-01-05 02:36:38 964,608 -c--a-w c:\windows\system32\mfc70u.dll
+ 2003-03-18 18:44:36 40,960 -c--a-w c:\windows\system32\MFC71CHS.DLL
+ 2003-03-18 18:44:36 45,056 -c--a-w c:\windows\system32\MFC71CHT.DLL
+ 2003-03-18 18:44:34 65,536 -c--a-w c:\windows\system32\MFC71DEU.DLL
+ 2003-03-18 18:44:38 57,344 -c--a-w c:\windows\system32\MFC71ENU.DLL
+ 2003-03-18 18:44:36 61,440 -c--a-w c:\windows\system32\MFC71ESP.DLL
+ 2003-03-18 18:44:34 61,440 ----a-w c:\windows\system32\MFC71FRA.DLL
+ 2003-03-18 18:44:36 61,440 -c--a-w c:\windows\system32\MFC71ITA.DLL
+ 2003-03-18 18:44:34 49,152 -c--a-w c:\windows\system32\MFC71JPN.DLL
+ 2003-03-18 18:44:38 49,152 -c--a-w c:\windows\system32\MFC71KOR.DLL
- 2008-08-26 20:28:12 16,208,504 ----a-w c:\windows\system32\MRT.exe
+ 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
- 2008-02-16 09:31:59 3,087,872 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\mshtml.dll
- 2008-02-16 09:31:59 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\mshtmled.dll
- 2008-02-16 09:31:59 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\msrating.dll
- 2008-02-16 09:31:59 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2002-01-05 01:38:38 54,784 -c--a-w c:\windows\system32\msvci70.dll
+ 2002-01-05 01:40:20 487,424 -c--a-w c:\windows\system32\msvcp70.dll
+ 2002-01-05 01:37:28 344,064 ----a-w c:\windows\system32\msvcr70.dll
- 2007-06-26 06:09:14 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:45:11 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 13:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-07-18 20:07:34 270,880 ----a-w c:\windows\system32\mucltui.dll
+ 2008-10-16 13:06:48 268,648 ----a-w c:\windows\system32\mucltui.dll
- 2008-07-18 20:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
+ 2008-10-16 13:06:48 208,744 ----a-w c:\windows\system32\muweb.dll
- 2006-08-17 12:29:49 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2007-02-28 16:08:11 2,019,328 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:39:03 2,022,912 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2007-02-28 16:08:15 2,139,648 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:39:07 2,144,768 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-09-22 20:55:46 63,862 ----a-w c:\windows\system32\perfc009.dat
+ 2008-10-31 20:10:33 63,862 ----a-w c:\windows\system32\perfc009.dat
- 2008-09-22 20:55:46 77,476 ----a-w c:\windows\system32\perfc00C.dat
+ 2008-10-31 20:10:33 77,476 ----a-w c:\windows\system32\perfc00C.dat
- 2008-09-22 20:55:46 406,662 ----a-w c:\windows\system32\perfh009.dat
+ 2008-10-31 20:10:33 406,662 ----a-w c:\windows\system32\perfh009.dat
- 2008-09-22 20:55:46 474,972 ----a-w c:\windows\system32\perfh00C.dat
+ 2008-10-31 20:10:33 474,972 ----a-w c:\windows\system32\perfh00C.dat
- 2008-02-16 09:31:59 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\pngfilt.dll
- 2008-09-22 21:11:19 129,164 -c--a-w c:\windows\system32\Restore\rstrlog.dat
+ 2008-11-18 22:08:38 1,246,336 -c--a-w c:\windows\system32\Restore\rstrlog.dat
- 2008-02-16 09:32:00 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-02-16 09:32:00 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2007-07-27 08:41:40 16,760 ------w c:\windows\system32\spmsg.dll
+ 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBM8S.DLL
+ 2007-03-18 20:00:00 33,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMBU8S.DLL
+ 2007-03-18 20:00:00 1,600,000 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMCB8S.DLL
+ 2007-03-18 20:10:00 97,280 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMCP8S.DLL
+ 2007-03-18 20:00:00 221,184 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMD58S.DLL
+ 2007-03-18 20:00:00 545,792 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMDR8S.DLL
+ 2007-03-18 20:00:00 10,240 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMFU8S.DLL
+ 2007-03-18 20:00:00 9,216 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMLH8S.DLL
+ 2007-03-18 20:00:00 145,408 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMLR8S.DLL
+ 2007-03-18 20:00:00 27,136 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMOP8S.DLL
+ 2000-12-12 02:10:04 23,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP08S.DAT
+ 2000-12-12 02:10:04 27,140 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP18S.DAT
+ 2000-12-12 08:09:20 30,320 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMP28S.DAT
+ 2007-03-18 20:00:00 12,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMPI8S.DLL
+ 2007-03-18 20:00:00 102,400 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMPV8S.DLL
+ 2007-03-18 20:00:00 757,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSB8S.DLL
+ 2007-03-18 20:00:00 47,616 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSD8S.DLL
+ 2007-03-18 23:19:08 17,496 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSE8S.EXE
+ 2007-03-18 20:00:00 428,544 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSM8S.DLL
+ 2007-03-18 20:00:00 44,032 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSQ8S.DLL
+ 2007-03-18 20:00:00 76,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMSR8S.DLL
+ 2007-03-18 20:00:00 310,272 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUB8S.DLL
+ 2007-03-18 20:00:00 1,907,200 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUI8S.DLL
+ 2007-03-18 20:00:00 361,472 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMUR8S.DLL
+ 2007-03-18 20:00:00 13,824 -c--a-w c:\windows\system32\spool\drivers\w32x86\3\CNMVS8S.DLL
+ 2007-03-18 20:00:00 11,264 ----a-w c:\windows\system32\spool\drivers\w32x86\3\CNMW38S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBM8S.DLL
+ 2007-03-18 20:00:00 33,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMBU8S.DLL
+ 2007-03-18 20:00:00 1,600,000 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMCB8S.DLL
+ 2007-03-18 20:10:00 97,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMCP8S.DLL
+ 2007-03-18 20:00:00 221,184 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMD58S.DLL
+ 2007-03-18 20:00:00 545,792 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMDR8S.DLL
+ 2007-03-18 20:00:00 10,240 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMFU8S.DLL
+ 2007-03-18 20:00:00 9,216 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMLH8S.DLL
+ 2007-03-18 20:00:00 145,408 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMLR8S.DLL
+ 2007-03-18 20:00:00 27,136 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMOP8S.DLL
+ 2000-12-12 02:10:04 23,280 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP08S.DAT
+ 2000-12-12 02:10:04 27,140 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP18S.DAT
+ 2000-12-12 08:09:20 30,320 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMP28S.DAT
+ 2007-03-18 20:00:00 12,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMPI8S.DLL
+ 2007-03-18 20:00:00 102,400 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMPV8S.DLL
+ 2007-03-18 20:00:00 757,248 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSB8S.DLL
+ 2007-03-18 20:00:00 47,616 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSD8S.DLL
+ 2007-03-18 23:19:08 17,496 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSE8S.EXE
+ 2007-03-18 20:00:00 428,544 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSM8S.DLL
+ 2007-03-18 20:00:00 44,032 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSQ8S.DLL
+ 2007-03-18 20:00:00 76,288 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMSR8S.DLL
+ 2007-03-18 20:00:00 310,272 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUB8S.DLL
+ 2007-03-18 20:00:00 1,907,200 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUI8S.DLL
+ 2007-03-18 20:00:00 361,472 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMUR8S.DLL
+ 2007-03-18 20:00:00 13,824 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMVS8S.DLL
+ 2007-03-18 20:00:00 11,264 -c--a-w c:\windows\system32\spool\drivers\w32x86\canonmp210_seriesb4ef\CNMW38S.DLL
+ 2007-03-18 20:00:00 27,136 ----a-w c:\windows\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
+ 2007-03-18 20:00:00 69,632 ----a-w c:\windows\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
+ 2006-01-09 08:36:06 40,960 ----a-w c:\windows\system32\swsc.exe
- 2008-02-16 09:32:00 620,544 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\urlmon.dll
- 2008-03-20 08:09:22 1,845,376 ----a-w c:\windows\system32\win32k.sys
+ 2008-09-15 15:39:16 1,846,144 ----a-w c:\windows\system32\win32k.sys
- 2008-02-16 09:32:00 670,208 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\wininet.dll
- 2004-08-10 13:00:00 2,864 ----a-w c:\windows\system32\winsock.dll
+ 2008-10-01 18:42:39 2,864 ----a-w c:\windows\system32\winsock.dll
- 2008-07-18 20:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-07-18 20:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-07-18 20:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-07-18 20:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2008-07-18 20:10:20 36,552 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2(2).dll
- 2008-07-18 20:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-07-18 20:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
- 2008-02-15 23:03:14 370,176 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-08-19 09:51:37 370,176 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-11-20 19:53:40 16,384 ----atw c:\windows\temp\Perflib_Perfdata_5ec.dat
+ 2006-11-29 05:39:54 73,728 -c--a-w c:\windows\twain_32\MP210 series\AG.DLL
+ 2005-04-15 06:34:36 57,344 -c--a-w c:\windows\twain_32\MP210 series\BaLCo.dll
+ 2007-02-02 08:31:24 86,016 -c--a-w c:\windows\twain_32\MP210 series\CAPS.DLL
+ 2005-08-24 06:51:00 126,976 -c--a-w c:\windows\twain_32\MP210 series\CFine2.dll
+ 2007-02-19 01:42:20 3,724,256 -c--a-w c:\windows\twain_32\MP210 series\CNC210.DAT
+ 2007-02-08 05:06:12 49,224 -c--a-w c:\windows\twain_32\MP210 series\CNC210P.DAT
+ 2007-03-19 05:06:36 143,360 -c--a-w c:\windows\twain_32\MP210 series\CUBS.DLL
+ 2006-04-13 06:43:30 53,248 -c--a-w c:\windows\twain_32\MP210 series\HSL.DLL
+ 2006-07-31 06:17:08 53,248 -c--a-w c:\windows\twain_32\MP210 series\IJFSHLIB.DLL
+ 2007-04-13 00:01:26 184,320 -c--a-w c:\windows\twain_32\MP210 series\IOP.DLL
+ 2007-01-19 06:16:06 39,154 -c--a-w c:\windows\twain_32\MP210 series\IPM.DAT
+ 2007-04-13 00:04:34 135,168 -c--a-w c:\windows\twain_32\MP210 series\IPM.DLL
+ 2004-08-26 08:07:00 114,688 -c--a-w c:\windows\twain_32\MP210 series\ITLIB32.DLL
+ 2004-06-07 03:58:04 290,816 -c--a-w c:\windows\twain_32\MP210 series\libBLC.dll
+ 2006-12-13 02:28:04 122,880 -c--a-w c:\windows\twain_32\MP210 series\MC2.DLL
+ 2006-01-12 05:22:00 73,728 -c--a-w c:\windows\twain_32\MP210 series\RSTCOL.DLL
+ 2007-04-13 00:01:10 147,456 -c--a-w c:\windows\twain_32\MP210 series\SCANINTF.DLL
+ 2005-02-02 09:34:44 118,784 -c--a-w c:\windows\twain_32\MP210 series\SCRPRMV.DLL
+ 2006-12-01 00:24:10 1,159,168 -c--a-w c:\windows\twain_32\MP210 series\SGCFLTR.DLL
+ 2007-04-23 05:36:34 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_AR.DLL
+ 2007-04-19 04:13:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_CN.DLL
+ 2007-04-17 02:55:38 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_CZ.DLL
+ 2007-04-23 05:36:56 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_DE.DLL
+ 2007-04-17 02:55:46 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_DK.DLL
+ 2007-04-23 05:37:26 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_ES.DLL
+ 2007-04-23 05:36:46 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_FI.DLL
+ 2007-04-23 05:36:52 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_FR.DLL
+ 2007-04-23 05:37:02 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_GR.DLL
+ 2007-04-17 02:56:24 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_HU.DLL
+ 2007-04-17 04:58:20 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_ID.DLL
+ 2007-04-17 02:56:32 1,056,768 -c--a-w c:\windows\twain_32\MP210 series\SGRES_IT.DLL
+ 2007-04-13 00:00:34 1,011,712 -c--a-w c:\windows\twain_32\MP210 series\SGRES_JP.DLL
+ 2007-04-17 02:35:08 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_KR.DLL
+ 2007-04-23 05:36:40 1,052,672 -c--a-w c:\windows\twain_32\MP210 series\SGRES_NL.DLL
+ 2007-04-17 02:56:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_NO.DLL
+ 2007-04-23 05:37:10 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_PL.DLL
+ 2007-04-23 05:37:16 1,048,576 -c--a-w c:\windows\twain_32\MP210 series\SGRES_PT.DLL
+ 2007-04-23 05:37:20 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_RU.DLL
+ 2007-04-23 05:37:32 1,044,480 -c--a-w c:\windows\twain_32\MP210 series\SGRES_SE.DLL
+ 2007-04-20 00:35:56 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TH.DLL
+ 2007-04-23 05:37:38 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TR.DLL
+ 2007-04-17 02:23:34 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_TW.DLL
+ 2007-04-13 00:00:30 1,040,384 -c--a-w c:\windows\twain_32\MP210 series\SGRES_US.DLL
+ 2007-04-13 00:04:26 1,175,552 -c--a-w c:\windows\twain_32\MP210 series\SGUI.DLL
+ 2006-11-06 07:13:26 98,304 -c--a-w c:\windows\twain_32\MP210 series\softfare.dll
+ 2007-04-13 00:02:38 524,288 -c--a-w c:\windows\twain_32\MP210 series\TPM.DLL
+ 2007-04-23 05:36:34 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESAR.DLL
+ 2007-04-19 04:13:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESCN.DLL
+ 2007-04-17 02:55:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESCZ.DLL
+ 2007-04-23 05:36:56 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESDE.DLL
+ 2007-04-17 02:55:46 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESDK.DLL
+ 2007-04-23 05:37:26 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESES.DLL
+ 2007-04-23 05:36:46 5,120 -c--a-w c:\windows\twain_32\MP210 series\USDRESFI.DLL
+ 2007-04-23 05:36:52 4,608 ----a-w c:\windows\twain_32\MP210 series\USDRESFR.DLL
+ 2007-04-23 05:37:04 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESGR.DLL
+ 2007-04-17 02:56:24 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESHU.DLL
+ 2007-04-17 04:58:20 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESID.DLL
+ 2007-04-17 02:56:32 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESIT.DLL
+ 2007-01-26 06:44:36 4,096 -c--a-w c:\windows\twain_32\MP210 series\USDRESJP.DLL
+ 2007-04-17 02:35:06 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESKR.DLL
+ 2007-04-23 05:36:40 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESNL.DLL
+ 2007-04-17 02:56:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESNO.DLL
+ 2007-04-23 05:37:10 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESPL.DLL
+ 2007-04-23 05:37:16 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESPT.DLL
+ 2007-04-23 05:37:20 5,120 -c--a-w c:\windows\twain_32\MP210 series\USDRESRU.DLL
+ 2007-04-23 05:37:32 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESSE.DLL
+ 2007-04-20 00:35:56 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTH.DLL
+ 2007-04-23 05:37:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTR.DLL
+ 2007-04-17 02:23:34 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESTW.DLL
+ 2007-01-26 06:44:38 4,608 -c--a-w c:\windows\twain_32\MP210 series\USDRESUS.DLL
+ 2007-02-06 12:00:06 258,048 -c--a-w c:\windows\twain_32\MP210 series\USIP.DLL
+ 2008-09-25 15:59:55 1,230,336 -c--a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.1.0.0_x-ww_b319d8da\msxml4.dll
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-08-26 10:32 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-11-17 975360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-11-09 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-12 774233]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-24 7569408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-24 86016]
"ACU"="c:\program files\Atheros WLAN Adapter\ACU.exe" [2006-04-14 307200]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_04\bin\jusched.exe" [2005-06-03 36975]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"EULA"="c:\apps\PB_TB\EULALauncher.exe" [2006-09-29 18944]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-11-30 98304]
"Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]
"SystrayORAHSS"="c:\program files\Orange\Systray\SystrayApp.exe" [2007-09-25 94208]
"ORAHSSSessionManager"="c:\program files\Orange\SessionManager\SessionManager.exe" [2007-09-25 102400]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-11-30 26112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-11-30 158720]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"OoPDFSettingsv6.exe"="c:\program files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe" [2003-11-20 460800]
"nwiz"="nwiz.exe" [2006-08-24 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

c:\documents and settings\ordono\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One 6.5.lnk - c:\program files\OFFICE One6.5\program\quickstart.exe [2004-03-08 36864]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
OFFICE One Clock v6.5.lnk - c:\program files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe [2006-12-26 257536]
OFFICE One Notes v6.5.lnk - c:\program files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe [2006-12-26 559104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%ProgramFiles%\\UBISOFT\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Orange\\Connectivity\\ConnectivityManager.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AOL 9.0\\aol.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=

R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswsp.sys [2008-11-19 110160]
R2 aswfsblk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-19 20560]
R2 ijplmsvc;PIXMA Extended Survey Program;c:\program files\Canon\IJPLM\IJPLMSVC.EXE [2008-09-25 101528]
R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\c:\windows\ATK0100\ASNDIS5.SYS [2006-11-30 16269]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-20 20:54:05
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

PROCESSUS: c:\windows\explorer.exe
-> c:\progra~1\Google\GOOGLE~1\GOA66E~1.DLL
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\acs.exe
c:\progra~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\rundll32.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Java\jre1.5.0_04\bin\jucheck.exe
c:\windows\system32\dllhost.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Orange\Launcher\Launcher.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\OFFICE One6.5\program\soffice.exe
c:\program files\Orange\Deskboard\Deskboard.exe
c:\program files\Orange\Connectivity\ConnectivityManager.exe
c:\program files\Orange\Connectivity\corecom\CoreCom.exe
c:\program files\Orange\Connectivity\corecom\OraConfigRecover.exe
c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
.
**************************************************************************
.
Heure de fin: 2008-11-20 20:59:34 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-20 19:59:29
ComboFix2.txt 2008-11-18 18:51:02
ComboFix3.txt 2008-09-22 21:41:49

Avant-CF: 95 769 436 160 octets libres
Après-CF: 95,743,975,424 octets libres

781 --- E O F --- 2008-11-19 05:26:37

je me suis jamais servis de hitjack je fais quoi?
Bisous

Bonsoir,

Je laisse dédétraqué prendre la suite.

 

Ok ok  

Salut sosow0810


Double clique sur le raccourci d'HijackThis sur ton Bureau
Et clique sur Do a system scan and save a logfile pour lancer le scan

Quand le rapport apparaît dans le bloc note, allez dans Edition, puis Sélectionner Tout, le texte est alors sélectionné, retourne dans Edition toujours en laissant le texte sélectionné, et cliquez sur copier.

Dans ta prochaine réponse, faire un clic droit et coller, je procéderai a son analyse.
Ferme le bloc note et la fenêtre de HJT


@++  

Coucouu voila le rapport


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:57, on 20/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Atheros WLAN Adapter\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Orange\Deskboard\deskboard.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ordono\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros WLAN Adapter\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (ijplmsvc) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 11405 bytes

et aussi j'ai une petite question il parait que combo fix est un programme dangeureux vrai? je peux le supprimer?

Salut sosow0810


Double clique sur le raccourci d'HijackThis sur ton Bureau, clique sur Do a scan system only coche la case devant la(les) ligne(s) suivante(s)

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)


- Ferme les fenêtres en cours sauf HijackThis, clique sur Fix checked

- Quitte HijackThis


-----


Refais moi un scan avec Hijackthis pour vérification après on va faire un ménage des outils téléchargés pour la désinfection.


@++  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:53:53, on 21/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Atheros WLAN Adapter\ACU.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
C:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\Orange\Systray\SystrayApp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\1\AlertModule.exe
C:\Program Files\Orange\Launcher\Launcher.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
C:\APPS\SMP\SmpSys.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
C:\Program Files\OFFICE One6.5\program\soffice.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Orange\connectivity\connectivitymanager.exe
C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\2\FTCOMModule.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ordono\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros WLAN Adapter\ACU.exe" -nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DetectorApp] C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [EULA] C:\APPS\PB_TB\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\Orange\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [OoPDFSettingsv6.exe] C:\Program Files\OFFICE One6.5\OFFICE One PDF Manager\OoPDFSettingsv6.exe
O4 - HKCU\..\Run: [SmpcSys] C:\APPS\SMP\SmpSys.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: OFFICE One Notes v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Notes\oonotesv65.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.orange.fr
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\1\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (ijplmsvc) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe

--
End of file - 10622 bytes

voilaa  

Salut sosow0810


On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

http://pc-system.fr/TC/ToolsCleaner2.exe


- Double clique sur ToolsCleaner2.exe sur le bureau
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


-----


On va vérifier si rien de caché :

Fais un scan en ligne ici http://webscanner.kaspersky.fr/ (A faire avec Internet Explorer)

- Désactive ton Antivirus avant le scan
- En bas à droite clique sur Démarrer Online-scanner dans la nouvelle fenêtre qui s'affiche clique sur J'accepte
- Accepte les Contrôle ActivX

- Choisis Poste de travail pour le scan. Celui-ci terminé clique sur Enregistrer rapport sous (Choisis fichier texte)
- Poste le rapport

- Pour t'aider à utiliser le scan en ligne http://www.infos-du-net.com/forum/267224-11-scan-ligne-...

- Si tu as un probléme pour l'installation du Contrôle ActivX lis ceci http://www.inoculer.com/activex.php3


NOTE : Si tu reçoit le message "La licence de Kaspersky On-line Scanner est périmée"
Via Ajout/Suppression de programmes supprime Kaspersky Online Scanner et refaire l’installation.


@++  

Voila le rapport Tools cleaner

[ Rapport ToolsCleaner version 2.2.6 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\TB.txt: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\ordono\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\ordono\Bureau\SmitFraudFix.exe: trouvé !
C:\Documents and Settings\ordono\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\ordono\Bureau\SmitfraudFix\SmitFraudfix: trouvé !
C:\Documents and Settings\ordono\Mes documents\OFFICE One Zip\HijackThis: trouvé !
C:\Documents and Settings\ordono\Mes documents\OFFICE One Zip\hijackthis\HijackThis.exe: trouvé !
C:\Documents and Settings\ordono\Recent\HijackThis.lnk: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\ordono\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\ordono\Bureau\SmitFraudFix.exe: supprimé !
C:\Documents and Settings\ordono\Mes documents\OFFICE One Zip\hijackthis\HijackThis.exe: supprimé !
C:\Documents and Settings\ordono\Recent\HijackThis.lnk: supprimé !
C:\Combofix.txt: supprimé !
C:\TB.txt: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Toolbar SD: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\ordono\Bureau\SmitFraudfix: supprimé !
C:\Documents and Settings\ordono\Mes documents\OFFICE One Zip\HijackThis: supprimé !

Je fait le scan avec Kapersky et je t'envoie rapport après
C'est un petit peu long

rapport kaspersky

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, November 22, 2008 11:30:18 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 22/11/2008
Enregistrements dans la base antivirus Kaspersky : 1258348
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
C:\
D:\

Statistiques de l'analyse:
Total d'objets analysés: 74393
Nombre de virus trouvés: 2
Nombre d'objets infectés: 8 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:20:41

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\content-prefs.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\cookies.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\downloads.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\formhistory.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\permissions.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\places.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\places.sqlite-journal L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Application Data\user60.rdb L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Application Data\Mozilla\Firefox\Profiles\1iev1ucu.default\urlclassifier3.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\etilqs_K5ZD7ufByzyChU4feM0W L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\fla1327.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\fla153C.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\~DF901E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\~DF97AD.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temp\~DFFABD.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\ordono\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP42\A0025097.exe/stream/Script Infecté : Trojan-Downloader.Win32.FraudLoad.vaxg ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP42\A0025097.exe/stream Infecté : Trojan-Downloader.Win32.FraudLoad.vaxg ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP42\A0025097.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\A0029671.exe/stream/Script Infecté : Trojan-Downloader.Win32.FraudLoad.vaxg ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\A0029671.exe/stream Infecté : Trojan-Downloader.Win32.FraudLoad.vaxg ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\A0029671.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\A0029832.exe/SmitfraudFix/IEDFix.C.exe Infecté : Hoax.Win32.Renos.etc ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\A0029832.exe RAR: infecté - 1 ignoré
C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP45\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{DA92EDBC-8BC9-4B8B-81B9-33D5080D07B0}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\temp\Perflib_Perfdata_5c0.dat L'objet est verrouillé ignoré
C:\WINDOWS\temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

Analyse terminée.

Salut sosow0810


Ton rapport est propre, seulement des points de restauration système infectés que l'on va purger :

Désactive la restauration système :

- Clique droit sur le Poste de travail sur le bureau, dans propriété tu cliques sur l'onglet Restauration système

- Coche la case désactiver la restauration et applique

Redémarre l’ordinateur et réactive la restauration système.

Tutoriel : http://www.libellules.ch/desactiver_restauration.php


-----


Je te conseille très vivement de désinstaller Avast! pour Antivir, voir ce lien :

~Avast! VS Antivir~

~Abandonner Avast! pour Antivir~


Mettre Windows à jour(catégories critique, Services Pack et Services Release) sur ce lien : http://www.windowsupdate.com/


Dis moi si tu as des soucis où questions


@++  

bon je vais faire sa  
Antivir est mieux qu'avast?

C'est bon j'ai fait ce que tu as dis
il y a autre chose à faire?
Merci pour tout

Salut sosow0810


Bien de rien, je te donne quelques consignes de sécurité :

- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..)
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php


------ Ton infection, tu la dénonces ? :

Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints

Ton(tes) infection(s) : Rootkit.

Si tu ne la trouves pas dans la liste, poste dans Autres infections.

Aide : Comment dénoncer mon infection sur Malware Complaints.

Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

- Sécurité/Prévention
- Conséquences de la multi-protection
- Toolbars : Inutilité et ralentissements


Si tu considères ton problème comme résolu, édites ton premier poste et ajoute [Résolu] dans le titre, cliques ensuite sur "Valider votre message"


Bonne soirée et bon surf


@++  

Coucouuuuuuuuuu Vraiment merci pour ton aide précieuse j'ai fais un scan avec avast et il semblerait que ces vilains rootkit aient disparus.
Par contre juste une petite question mon pc m'indique que des mises a jour de JAVA sont dispo j'accepte?
Merci pour toute ton aide

Salut sosow0810


Oui mettre à jour JAVA et supprime après les vieilles versions installées sur le PC.

Sinon ce petit programme va faire tout le boulot   :

Télécharge JavaRa (de Paul McLain et Fred de Vries) sur le bureau :

http://raproducts.org/click/click.php?id=1


- Décompresse le fichier sur ton bureau (clic droit > Extraire tout)
- Double-clique sur le répertoire JavaRa obtenu
- Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher)
- Sous Vista: clic droit/Exécuter en temps qu'administrateur Clique sur Search For Updates
- Sélectionne Update Using jucheck.exe puis clique sur Search
- Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
- Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions
- Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
- Un rapport va s'ouvrir, copie/colle le dans ta prochaine réponse. Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log (c:\JavaRa.log)
- Ferme l'application


@++  

Coucou
Je vais faire sa aussi pour terminer
Encore un grand merci de m'avoir suivis dans mes démarches et tout le reste
ce fofo est génial.
A+++++