Norton security 2009 problème d'installation

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

merci pour ta réponse rapide mais je n'ai plus accès à IE

Tu n'as pas un autre PC ou le logiciel Firefox ?

j'ai mis mon DD dans un PC sous win98
la finalité étant d'acceder par le boot menu à win98 où j'ai pas mal de logiciels
ou à XP pour quelques logiciels qui ne sont plus compatibles
Pour le moment je teste avec une ancienne version de norton sous win98 pour essayer de voir le spyware

Tu peux analyser ton DD avec Malwarebytes' Anti-Malware (MBAM).

merci je vais essayer
Pour le moment l'analyse norton se continue.

Mais sais tu pourquoi il m'a planté, c'est à dire pourquoi pour installer le 2009 j'ai besoin d'installer avant SP3 ?

Norton 2009 a besoin du SP2 minimum pour fonctionner.

merci beaucoup
Je vais essayer tout ça

j'ai utlisé malwarebytes
donc un grand merci

j'ai nettoyé ie6 et je l'ai reinstallé
j'ai telechargé sp2 mais après installation j'ai eu un accès refusé
donc desinstallation automatique de sp2 et toujours pas d'installation de norton

d'autre part impossibilité d'installer activix car c'est aussi demandé

http://www.microsoft.com/downloads/details.aspx?FamilyI...

c'est ce que j'ai fait
mais il ne veut pas l'installer

Ton XP est légal ?

oui, j'ai un numero de licence

Tu es sur ton XP actuellement ?

oui

http://www.infos-du-net.com/forum/287156-11-norton-secu...

j'ai le fichier log mais il est très gros et info

C'est normal.

je te les envoie ?

Oui.

VOILA POUR INFO

info.txt logfile of random's system information tool 1.06 2009-05-06 02:08:44

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 8-->MsiExec.exe /I{DD54C6DE-B787-406D-A5A7-A49E0471E45B}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class ISPLAY -clean
Favorit-->"c:\documents and settings\gerard\local settings\application data\kcqic.exe" -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
IncrediMail Xe-->C:\PROGRA~1\INCRED~1\bin\imsetup.exe /remove /addon:IncrediMail /log:IncMail.log
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Internet Explorer 6 SP1-->rundll32 C:\WINDOWS\System32\setupwbv.dll,IE6Maintenance C:\WINDOWS\IE Uninstall\W2KEXCP.EXE /u
Portrait Professional 8.1 Trial-->"C:\Program Files\Portrait Professional 8 Trial\unins000.exe"
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\Setup.exe" -l0x9
Windows Commander (Remove or Repair)-->c:\wincmd\wcuninst.exe

======System event log======

Computer Name: GG-L057UFMRN259
Event Code: 1005
Message: Votre ordinateur a détecté que l'adresse IP 192.168.1.2 pour la carte
avec l'adresse réseau 0008544FB172 est déjà utilisée sur le réseau.
Votre ordinateur va automatiquement essayer d'obtenir une nouvelle adresse.

Record Number: 5
Source Name: Dhcp
Time Written: 20070624143153.000000+120
Event Type: Avertissement
User:

Computer Name: GG-L057UFMRN259
Event Code: 6011
Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers GG-L057UFMRN259.

Record Number: 4
Source Name: EventLog
Time Written: 20070624143121.000000+120
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.

Record Number: 3
Source Name: EventLog
Time Written: 20070624134652.000000+120
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 1 Uniprocessor Free.

Record Number: 2
Source Name: EventLog
Time Written: 20070624134652.000000+120
Event Type: Informations
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Pendant la validation de \Device\Serial0 en tant que port série, une FIFO a été détectée. La FIFO sera utilisée.

Record Number: 1
Source Name: Serial
Time Written: 20070624134714.000000+120
Event Type: Informations
User:

=====Application event log=====

Computer Name: GG-L057UFMRN259
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur GG-L057UFMRN259\gerard alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.


Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.

Record Number: 92
Source Name: Userenv
Time Written: 20090414160040.000000+120
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: GG-L057UFMRN259
Event Code: 105
Message: The service was started.

Record Number: 91
Source Name: ATI Smart
Time Written: 20090414153534.000000+120
Event Type: Informations
User:

Computer Name: GG-L057UFMRN259
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2800.1106, module défaillant ntdll.dll, version 5.1.2600.1106, adresse de défaillance 0x0000234c.

Record Number: 90
Source Name: Application Error
Time Written: 20090414001807.000000+120
Event Type: erreur
User:

Computer Name: GG-L057UFMRN259
Event Code: 4097
Message: L'application, C:\Program Files\Internet Explorer\IEXPLORE.EXE, a généré une erreur d'application
L'erreur s'est produite le 04/14/2009 à 00:16:42.015
L'exception générée était c0000005 à l'adresse 77F4234C (ntdll!stricmp)

Record Number: 89
Source Name: DrWatson
Time Written: 20090414001642.000000+120
Event Type: Informations
User:

Computer Name: GG-L057UFMRN259
Event Code: 1000
Message: Application défaillante iexplore.exe, version 6.0.2800.1106, module défaillant ntdll.dll, version 5.1.2600.1106, adresse de défaillance 0x0000234c.

Record Number: 88
Source Name: Application Error
Time Written: 20090414001639.000000+120
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 7 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0701
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

VOILA POUR LOG

Logfile of random's system information tool 1.06 (written by random/random)
Run by gerard at 2009-05-06 02:08:26
Microsoft Windows XP Professionnel Service Pack 1
System drive C: has 33 GB (86%) free of 38 GB
Total RAM: 1023 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:08:34, on 06/05/2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\gerard\Bureau\RSIT.exe
C:\Program Files\trend micro\gerard.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://images.malwareremoval.com/random/RSIT.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: (no name) - {c2ba40a1-74f3-42bd-f434-12345a2c8953} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [] C:\WINDOWS\TEMP\gnlnldmc.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [uidenhiufgsduiazghs] C:\WINDOWS\TEMP\gnlnldmc.exe (User 'Default user')
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O11 - Options group: [accessibility] Accessibilité
O11 - Options group: [browse] Navigation
O11 - Options group: [crypto] Sécurité
O11 - Options group: [http] Paramètres HTTP 1.1
O11 - Options group: [multimedia] Multimédia
O11 - Options group: [print] Impression en cours
O11 - Options group: [searching] Rechercher à partir de la barre d'adresses
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mises à jour automatiques (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 3812 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-05 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-06 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2ba40a1-74f3-42bd-f434-12345a2c8953}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c84d72fe-e17d-4195-bb24-76c02e2e7c4e}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-05 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-05 259696]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\system32\msdxm.ocx [2002-08-29 846364]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ulead AutoDetector v2"=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2004-11-26 90112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2002-08-29 13312]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-13 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-13 118784]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSetActiveDesktop"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5cdc9dd-224f-11dc-8224-806d6172696f}]
shell\autorun\command - D:\CDStart.exe
shell\install\command - D:\Setup.exe


======List of files/folders created in the last 1 months======

2009-05-06 02:08:27 ----D---- C:\Program Files\trend micro
2009-05-06 02:08:26 ----D---- C:\rsit
2009-05-06 02:05:09 ----D---- C:\Program Files\NortonInstaller
2009-05-06 01:43:09 ----D---- C:\WINDOWS\pss
2009-05-06 01:29:38 ----D---- C:\WINDOWS\Prefetch
2009-05-06 01:21:06 ----A---- C:\WINDOWS\SET641.tmp
2009-05-06 01:21:04 ----A---- C:\WINDOWS\System32\SET613.tmp
2009-05-06 01:21:04 ----A---- C:\WINDOWS\System32\SET611.tmp
2009-05-06 01:21:04 ----A---- C:\WINDOWS\System32\SET60E.tmp
2009-05-06 01:21:04 ----A---- C:\WINDOWS\System32\SET606.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET600.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5FC.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5FB.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5F7.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5F1.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5F0.tmp
2009-05-06 01:21:03 ----A---- C:\WINDOWS\System32\SET5EB.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5E9.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5E6.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5E2.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5DE.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5D8.tmp
2009-05-06 01:21:02 ----A---- C:\WINDOWS\System32\SET5D0.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5CF.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5CC.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5CB.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C9.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C7.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C6.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C4.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C1.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5C0.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5BF.tmp
2009-05-06 01:21:01 ----A---- C:\WINDOWS\System32\SET5BD.tmp
2009-05-06 01:21:00 ----A---- C:\WINDOWS\System32\SET5BC.tmp
2009-05-06 01:21:00 ----A---- C:\WINDOWS\System32\SET5BB.tmp
2009-05-06 01:21:00 ----A---- C:\WINDOWS\System32\SET5B5.tmp
2009-05-06 01:20:59 ----A---- C:\WINDOWS\System32\SET5A0.tmp
2009-05-06 01:20:59 ----A---- C:\WINDOWS\System32\SET593.tmp
2009-05-06 01:20:59 ----A---- C:\WINDOWS\System32\SET58E.tmp
2009-05-06 01:20:59 ----A---- C:\WINDOWS\System32\SET58D.tmp
2009-05-06 01:20:58 ----A---- C:\WINDOWS\System32\SET579.tmp
2009-05-06 01:20:58 ----A---- C:\WINDOWS\System32\SET56F.tmp
2009-05-06 01:20:57 ----A---- C:\WINDOWS\System32\SET561.tmp
2009-05-06 01:20:57 ----A---- C:\WINDOWS\System32\SET560.tmp
2009-05-06 01:20:57 ----A---- C:\WINDOWS\System32\SET55F.tmp
2009-05-06 01:20:57 ----A---- C:\WINDOWS\System32\SET55D.tmp
2009-05-06 01:20:57 ----A---- C:\WINDOWS\System32\SET559.tmp
2009-05-06 01:20:56 ----A---- C:\WINDOWS\System32\SET552.tmp
2009-05-06 01:20:56 ----A---- C:\WINDOWS\System32\SET547.tmp
2009-05-06 01:20:56 ----A---- C:\WINDOWS\System32\SET542.tmp
2009-05-06 01:20:56 ----A---- C:\WINDOWS\System32\SET53F.tmp
2009-05-06 01:20:55 ----A---- C:\WINDOWS\System32\SET52C.tmp
2009-05-06 01:20:55 ----A---- C:\WINDOWS\System32\SET526.tmp
2009-05-06 01:20:54 ----A---- C:\WINDOWS\System32\SET519.tmp
2009-05-06 01:20:54 ----A---- C:\WINDOWS\System32\SET515.tmp
2009-05-06 01:20:54 ----A---- C:\WINDOWS\System32\SET4FC.tmp
2009-05-06 01:20:53 ----A---- C:\WINDOWS\System32\SET4F0.tmp
2009-05-06 01:20:53 ----A---- C:\WINDOWS\System32\SET4E5.tmp
2009-05-06 01:20:53 ----A---- C:\WINDOWS\System32\SET4D5.tmp
2009-05-06 01:20:53 ----A---- C:\WINDOWS\System32\SET4CD.tmp
2009-05-06 01:20:53 ----A---- C:\WINDOWS\System32\SET4CB.tmp
2009-05-06 01:20:52 ----A---- C:\WINDOWS\System32\SET4C7.tmp
2009-05-06 01:20:52 ----A---- C:\WINDOWS\System32\SET4BA.tmp
2009-05-06 01:20:52 ----A---- C:\WINDOWS\System32\SET4B5.tmp
2009-05-06 01:20:52 ----A---- C:\WINDOWS\System32\SET4B4.tmp
2009-05-06 01:20:51 ----A---- C:\WINDOWS\System32\SET4AE.tmp
2009-05-06 01:20:51 ----A---- C:\WINDOWS\System32\SET4AA.tmp
2009-05-06 01:20:51 ----A---- C:\WINDOWS\System32\SET4A9.tmp
2009-05-06 01:20:51 ----A---- C:\WINDOWS\System32\SET4A8.tmp
2009-05-06 01:20:51 ----A---- C:\WINDOWS\System32\SET4A5.tmp
2009-05-06 01:20:50 ----A---- C:\WINDOWS\System32\SET497.tmp
2009-05-06 01:20:50 ----A---- C:\WINDOWS\System32\SET493.tmp
2009-05-06 01:20:49 ----N---- C:\WINDOWS\System32\SET48D.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET48F.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET48A.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET489.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET488.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET487.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET485.tmp
2009-05-06 01:20:49 ----A---- C:\WINDOWS\System32\SET478.tmp
2009-05-06 01:20:48 ----A---- C:\WINDOWS\System32\SET477.tmp
2009-05-06 01:20:48 ----A---- C:\WINDOWS\System32\SET46F.tmp
2009-05-06 01:20:48 ----A---- C:\WINDOWS\System32\SET45B.tmp
2009-05-06 01:20:48 ----A---- C:\WINDOWS\System32\SET457.tmp
2009-05-06 01:20:47 ----A---- C:\WINDOWS\System32\SET451.tmp
2009-05-06 01:20:47 ----A---- C:\WINDOWS\System32\SET450.tmp
2009-05-06 01:20:47 ----A---- C:\WINDOWS\System32\SET43F.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET438.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET436.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET435.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET431.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET430.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET427.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET421.tmp
2009-05-06 01:20:46 ----A---- C:\WINDOWS\System32\SET420.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET41C.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET414.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET40A.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET409.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET408.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET401.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET3F8.tmp
2009-05-06 01:20:45 ----A---- C:\WINDOWS\System32\SET3F6.tmp
2009-05-06 01:20:44 ----N---- C:\WINDOWS\System32\SET3E9.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3F1.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3EF.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3EB.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3EA.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E8.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E7.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E6.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E3.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E2.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E1.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3E0.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3DF.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3DA.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3D6.tmp
2009-05-06 01:20:44 ----A---- C:\WINDOWS\System32\SET3CD.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET3B8.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET3A6.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET3A4.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET39F.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET39E.tmp
2009-05-06 01:20:43 ----A---- C:\WINDOWS\System32\SET39C.tmp
2009-05-06 01:20:42 ----N---- C:\WINDOWS\System32\SET381.tmp
2009-05-06 01:20:42 ----N---- C:\WINDOWS\System32\SET37C.tmp
2009-05-06 01:20:42 ----A---- C:\WINDOWS\System32\SET382.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET368.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET367.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET362.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET35C.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET35A.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET357.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET352.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET344.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET340.tmp
2009-05-06 01:20:41 ----A---- C:\WINDOWS\System32\SET33E.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET332.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET330.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET325.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET323.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET31E.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET31D.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET319.tmp
2009-05-06 01:20:40 ----A---- C:\WINDOWS\System32\SET317.tmp
2009-05-06 01:20:39 ----A---- C:\WINDOWS\System32\SET316.tmp
2009-05-06 01:20:39 ----A---- C:\WINDOWS\System32\SET30F.tmp
2009-05-06 01:20:39 ----A---- C:\WINDOWS\System32\SET300.tmp
2009-05-06 01:20:39 ----A---- C:\WINDOWS\System32\SET2F3.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2D9.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2D6.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2D5.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2D4.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2D3.tmp
2009-05-06 01:20:38 ----A---- C:\WINDOWS\System32\SET2CE.tmp
2009-05-06 01:20:37 ----A---- C:\WINDOWS\System32\SET2AC.tmp
2009-05-06 01:20:37 ----A---- C:\WINDOWS\System32\SET2AB.tmp
2009-05-06 01:20:36 ----A---- C:\WINDOWS\System32\SET29D.tmp
2009-05-06 01:20:36 ----A---- C:\WINDOWS\System32\SET294.tmp
2009-05-06 01:20:36 ----A---- C:\WINDOWS\System32\SET28C.tmp
2009-05-06 01:20:36 ----A---- C:\WINDOWS\System32\SET288.tmp
2009-05-06 01:20:36 ----A---- C:\WINDOWS\System32\SET27F.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET26A.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET269.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET263.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET262.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET25A.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET257.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET256.tmp
2009-05-06 01:20:35 ----A---- C:\WINDOWS\System32\SET24F.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET247.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET241.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET238.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET237.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET234.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET232.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET230.tmp
2009-05-06 01:20:34 ----A---- C:\WINDOWS\System32\SET22F.tmp
2009-05-06 01:20:33 ----A---- C:\WINDOWS\System32\SET214.tmp
2009-05-06 01:20:33 ----A---- C:\WINDOWS\System32\SET213.tmp
2009-05-06 01:20:33 ----A---- C:\WINDOWS\System32\SET212.tmp
2009-05-06 01:20:33 ----A---- C:\WINDOWS\System32\SET211.tmp
2009-05-06 01:20:32 ----N---- C:\WINDOWS\System32\SET1FC.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET20C.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET20B.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET209.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET205.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET200.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET1F8.tmp
2009-05-06 01:20:32 ----A---- C:\WINDOWS\System32\SET1EC.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1CD.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1C0.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1BE.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1AF.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1AA.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1A8.tmp
2009-05-06 01:20:30 ----A---- C:\WINDOWS\System32\SET1A0.tmp
2009-05-06 01:19:44 ----A---- C:\WINDOWS\002193_.tmp
2009-05-06 01:18:58 ----A---- C:\WINDOWS\System32\spiisupd.exe
2009-05-06 01:18:58 ----A---- C:\WINDOWS\System32\asr_pfu.exe
2009-05-06 01:18:57 ----A---- C:\WINDOWS\System32\hccoin.dll
2009-05-06 01:18:57 ----A---- C:\WINDOWS\System32\encapi.dll
2009-05-06 01:18:57 ----A---- C:\WINDOWS\System32\dsprpres.dll
2009-05-06 01:18:56 ----A---- C:\WINDOWS\System32\xpsp1res.dll
2009-05-06 01:18:48 ----A---- C:\WINDOWS\System32\pidgen.dll
2009-05-06 01:18:47 ----A---- C:\WINDOWS\System32\secedit.exe
2009-05-06 01:18:47 ----A---- C:\WINDOWS\System32\encdec.dll
2009-05-06 01:18:47 ----A---- C:\WINDOWS\System32\dpcdll.dll
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\wuauclt.exe
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\sbeio.dll
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\sbe.dll
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\mssap.dll
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\msftedit.dll
2009-05-06 01:18:46 ----A---- C:\WINDOWS\System32\iuengine.dll
2009-05-06 01:18:45 ----A---- C:\WINDOWS\System32\wuaueng.dll
2009-05-06 01:18:45 ----A---- C:\WINDOWS\System32\winhttp.dll
2009-05-06 01:18:45 ----A---- C:\WINDOWS\System32\winbrand.dll
2009-05-06 01:18:45 ----A---- C:\WINDOWS\System32\qmgr.dll
2009-05-06 01:18:44 ----A---- C:\WINDOWS\System32\wuauserv.dll
2009-05-06 01:18:44 ----A---- C:\WINDOWS\System32\cdm.dll
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\schtasks.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\openfiles.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\gpresult.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\gpedit.dll
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\fdeploy.dll
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\eventcreate.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\efsadu.dll
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\cipher.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\asr_fmt.exe
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\appmgr.dll
2009-05-06 01:18:43 ----A---- C:\WINDOWS\System32\appmgmts.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqsec.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqrtdep.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqrt.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqqm.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqoa.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqlogmgr.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqise.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqdscli.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqbkup.exe
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\mqad.dll
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\logman.exe
2009-05-06 01:18:42 ----A---- C:\WINDOWS\System32\gptext.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\tlntsvrp.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\tlntsvr.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\tlntsess.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\tlntadmn.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\rsnotify.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\proxycfg.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\nwwks.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\ntbackup.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqutil.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqupgrd.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqtrig.dll
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqtgsvc.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqsvc.exe
2009-05-06 01:18:41 ----A---- C:\WINDOWS\System32\mqsnap.dll
2009-05-06 01:18:40 ----A---- C:\WINDOWS\System32\wsecedit.dll
2009-05-06 01:18:40 ----A---- C:\WINDOWS\System32\tracerpt.exe
2009-05-06 01:18:18 ----A---- C:\WINDOWS\winhlp32.exe
2009-05-06 01:18:18 ----A---- C:\WINDOWS\twain_32.dll
2009-05-06 01:18:18 ----A---- C:\WINDOWS\regedit.exe
2009-05-06 01:18:18 ----A---- C:\WINDOWS\hh.exe
2009-05-06 01:18:18 ----A---- C:\WINDOWS\explorer.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\cdfview.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\catsrvut.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\catsrvps.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\catsrv.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\camocx.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\cabview.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\cabinet.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\browsewm.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\browseui.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\browser.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\browselc.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\blackbox.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\bidispl.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\batt.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\batmeter.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\basesrv.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\avifil32.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\autolfn.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\autofmt.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\authz.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\audiosrv.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\atmlib.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\atmfd.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\atmadm.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\atl.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\at.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\asycfilt.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\asferror.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\apphelp.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\amstream.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\alrsvc.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\alg.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\ahui.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\advpack.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\adsnt.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\adsmsext.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\adsldpc.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\adsldp.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\admparse.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\actxprxy.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\actmovie.exe
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\activeds.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\aclui.dll
2009-05-06 01:18:15 ----A---- C:\WINDOWS\System32\6to4svc.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dmcompos.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dmband.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dmadmin.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dllhost.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\diskpart.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dinput8.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dinput.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\digest.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\diantz.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dgnet.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dfsshlex.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dfrgui.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dfrgsnap.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dfrgntfs.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dfrgfat.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\devmgr.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\devenum.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\defrag.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\ddrawex.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\ddraw.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\ddeshare.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dciman32.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dbnmpntw.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dbnetlib.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dbmsrpcn.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dbghelp.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\davclnt.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\dataclen.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\danim.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\d3dim700.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\d3d8thk.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\d3d8.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\ctfmon.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\csrss.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cscui.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cscript.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cscdll.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptui.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptsvc.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptnet.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptext.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptdll.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cryptdlg.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\crypt32.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\credui.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\corpol.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\conime.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\comuid.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\comsvcs.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\comres.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\compstui.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\compatUI.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\colbact.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cnbjmon.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmutil.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmstp.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmprops.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmmon32.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmdl32.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmdial32.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cmcfg32.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\clusapi.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\clipsrv.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cliconfg.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cliconfg.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cleanmgr.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\clbcatq.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\clbcatex.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cisvc.exe
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\ciodm.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cfgmgr32.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cfgbkend.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cewmdm.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\certmgr.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\certcli.dll
2009-05-06 01:18:14 ----A---- C:\WINDOWS\System32\cdosys.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\inetcomm.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\inetcfg.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\imm32.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\imgutil.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\imeshare.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\imapi.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ils.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\igmpagnt.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ifmon.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iexpress.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iesetup.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iernonce.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iepeers.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iedkcs32.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ieaksie.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ieakeng.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ie4uinit.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\idq.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\icwphbk.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\icwdial.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\icmp.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\icm32.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iccvid.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\icaapi.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\iasrad.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\htui.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\hotplug.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\hnetwiz.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\hnetcfg.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\hid.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\hhsetup.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\h323msp.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\grpconv.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\gpkrsrc.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\glu32.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\gdi32.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\framebuf.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\fontview.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\fontext.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\fldrclnr.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\findstr.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\filemgmt.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\feclient.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\faultrep.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\extrac32.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\expsrv.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\eventlog.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\eudcedit.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\esent.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\es.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ersvc.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\els.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dxtrans.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dxtmsft.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dxmasf.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dxdiag.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dx8vb.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dx7vb.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dwwin.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dvdupgrd.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\duser.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dumprep.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dswave.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsuiext.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dssenh.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dssec.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsquery.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsprop.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsound3d.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsound.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dskquota.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsdmoprp.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dsdmo.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\ds32gt.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\drprov.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\drmv2clt.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\drmstor.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\drmclien.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpwsockx.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpvvox.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpvsetup.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpvoice.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpvacm.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnsvr.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnlobby.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnhupnp.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnhpast.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnet.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpnaddr.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dpmodemx.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dplayx.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dplaysvr.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dosx.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\docprop2.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dnsrslvr.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dnsapi.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmutil.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmusic.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmsynth.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmstyle.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmserver.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmscript.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmremote.exe
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmloader.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmime.dll
2009-05-06 01:18:13 ----A---- C:\WINDOWS\System32\dmdskmgr.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mmcbase.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mmc.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mlang.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\miglibnt.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\midimap.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mfcsubs.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mfc42u.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mfc42.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mf3216.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mdminst.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mciwave.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mciseq.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mciqtz32.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mciavi32.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\mcastmib.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\makecab.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\magnify.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\lsass.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\lprhelp.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\lpk.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\logonui.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\logagent.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\localui.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\localsec.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\loadperf.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\lmrt.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\linkinfo.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\licwmi.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\licmgr10.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\licdll.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\laprxy.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\krnl386.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\keymgr.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\kerberos.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\kd1394.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\jsproxy.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\jscript.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\iyuv_32.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ixsso.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\itss.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\itircl.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\isrdbg32.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\isign32.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipxroute.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipv6mon.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipv6.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipsmsnap.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipsecsvc.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipsecsnp.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ippromon.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipnathlp.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\iphlpapi.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\ipconfig.exe
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\inseng.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\input.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\initpki.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\inetres.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\inetppui.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\inetpp.dll
2009-05-06 01:18:12 ----A---- C:\WINDOWS\System32\inetmib1.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msrating.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msprivs.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mspmsp.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mspbde40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mspatcha.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msorcl32.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msorc32r.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msoert2.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msoeacct.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msnsspc.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msnetobj.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msltus40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mslbui.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msjtes40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msjter40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msjint40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msjetoledb40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msjet40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msisip.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msimtf.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msimsg.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msimg32.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msihnd.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msiexec.exe
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msieftp.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msidle.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msident.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msi.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mshtmler.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mshtmled.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mshtml.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mshta.exe
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msgina.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msexcl40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msexch40.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdxmlc.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdtcuiu.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdtctm.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdtcprx.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdtclog.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdtc.exe
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdmo.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msdart.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msctfp.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msctf.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mscpxl32.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mscpx32r.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msconf.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mscms.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msasn1.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msapsspc.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msafd.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\msacm32.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mprapi.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mpr.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mpg4dmod.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\moricons.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\modemui.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mobsync.exe
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mobsync.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mnmsrvc.exe
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mnmdd.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mmsystem.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mmfutil.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mmcshext.dll
2009-05-06 01:18:11 ----A---- C:\WINDOWS\System32\mmcndmgr.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msw3prt.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvidctl.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvfw32.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvcrt40.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvcrt.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvcp60.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvcirt.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msvbvm60.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msutb.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstscax.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstsc.exe
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstlsapi.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstinit.exe
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstime.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstext40.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\mstask.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msscp.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msrle32.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msrepl40.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msrd3x40.dll
2009-05-06 01:18:10 ----A---- C:\WINDOWS\System32\msrd2x40.dll
2009-05-06 01:18:09 ----N---- C:\WINDOWS\System32\odbcad32.exe
2009-05-06 01:18:09 ----N---- C:\WINDOWS\System32\netcfgx.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\oddbse32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbctrac.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcp32r.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcjt32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcji32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcint.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbccu32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbccr32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbccp32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcconf.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcconf.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbcbcp.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbc32gt.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\odbc32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\occache.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\objsel.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\oakley.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntshrui.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntmssvc.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntmsmgr.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntmsdba.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntmsapi.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntmarta.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntlanman.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ntdsapi.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\npptools.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\notepad.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\nmmkcert.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\nlhtml.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\newdev.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netui1.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netui0.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netstat.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netshell.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netsh.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netsetup.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netrap.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netplwiz.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netman.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netlogon.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netid.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netdde.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\netapi32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\net1.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\net.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\nddenb32.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\nddeapir.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\nddeapi.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\ncobjapi.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\narrator.exe
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mydocs.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mtxoci.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mtxclu.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\msyuv.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\msxml3.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\msxml2.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\msxml.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\msxbde40.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mswstr10.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mswsock.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mswmdm.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mswebdvd.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\System32\mswdat10.dll
2009-05-06 01:18:09 ----A---- C:\WINDOWS\notepad.exe
2009-05-06 01:18:08 ----N---- C:\WINDOWS\System32\rastls.dll
2009-05-06 01:18:08 ----N---- C:\WINDOWS\System32\raschap.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\shdoclc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sfcfiles.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sfc_os.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sfc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\setup.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sethc.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\servdeps.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sensapi.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sens.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sendmail.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sendcmsg.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\security.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\secur32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\seclogon.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sdbinst.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\scrrun.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\scrobj.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sclgntfy.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\schedsvc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\scesrv.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\scecli.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\sccsccp.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\scarddlg.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\safrslv.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\safrdm.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\safrcdlg.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\runonce.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rundll32.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rtutils.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rtipxmib.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rtcshare.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rsmps.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rsh.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rsaenh.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rpcss.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rpcrt4.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\riched20.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rexec.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\resutils.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\remotepg.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\regwizc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\regsvr32.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\regsvc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\regapi.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\reg.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\redir.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdshost.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdsaddin.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdpwsx.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdpsnd.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdpdd.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdpclip.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rdchost.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rcp.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rcimlby.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rcbdyctl.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rassapi.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rasppp.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rasphone.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rasmans.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\rasadhlp.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\racpldlg.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\query.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\quartz.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qprocess.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qmgrprxy.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qedwipes.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qedit.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qdvd.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qdv.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qcap.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\qasf.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pstorsvc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pstorec.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\psbase.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\psapi.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\proquota.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\progman.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\profmap.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\powrprof.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\polstore.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pngfilt.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pjlmon.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\ping.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pid.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\photowiz.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\perfproc.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\perfos.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\perfmon.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\perfdisk.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pdh.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\pautoenr.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\packager.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\osuninst.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\osk.exe
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\opengl32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\olepro32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\oleprn.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\ole32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\offfilt.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\odtext32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\odpdx32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\odfox32.dll
2009-05-06 01:18:08 ----A---- C:\WINDOWS\System32\odexl32.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\taskmgr.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\tapisrv.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\tapi32.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\tapi3.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\t2embed.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sysocmgr.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\syncui.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\synceng.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sxs.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\svchost.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\strmdll.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\storprop.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\stobject.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\stimon.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sti_ci.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sti.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\ssdpsrv.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\ssdpapi.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\srsvc.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\srrstr.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\srclient.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sqlunirl.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sqlsrv32.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\spoolsv.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\spoolss.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\snmpsnap.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\snmpapi.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\smlogsvc.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\smlogcfg.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\slbiop.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\slbcsp.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\slayerxp.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\skeys.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sigverif.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\sigtab.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shutdown.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shsvcs.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shscrap.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shrpubw.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shmgrate.exe
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shmedia.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shlwapi.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shimgvw.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shimeng.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shgina.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shfolder.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shell32.dll
2009-05-06 01:18:07 ----A---- C:\WINDOWS\System32\shdocvw.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmvdmod.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmvcore.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmstream.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmsdmoe.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmsdmod.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmpui.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmpshell.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmploc.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmpcore.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmpcd.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmnetmgr.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmi.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmdmps.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmdmlog.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmasf.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmadmoe.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wmadmod.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wlnotify.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wldap32.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winver.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wintrust.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winsta.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winsrv.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winscard.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winrnr.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winntbbu.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winmm.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winlogon.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\winipsec.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wininet.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiavideo.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiashext.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiaservc.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiascr.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiadss.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiadefui.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wiaacmgr.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wextract.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\webvw.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\webclnt.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\webcheck.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\wdigest.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\w32time.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vssvc.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vssapi.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\version.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vdmredir.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vdmdbg.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vbscript.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\vbajet32.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\uxtheme.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\utilman.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\usp10.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\userenv.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\user32.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\usbui.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\usbmon.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\urlmon.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\url.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\ups.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\upnpui.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\upnphost.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\upnpcont.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\upnp.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\uniplat.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\unimdmat.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\umpnpmgr.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\umandlg.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\udhisapi.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\txflog.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\tsddd.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\tscupgrd.exe
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\tscfgwmi.dll
2009-05-06 01:18:06 ----A---- C:\WINDOWS\System32\trkwks.dll
2009-05-06 01:18:06 ----A--

Le rapport log ne passe pas entièrement, peux-tu me l'envoyer par mail ? (Clique sur mon pseudo pour l'avoir)

c'est parti

Tu es bien infecté.

[#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Il va te demander d'installer la console de récupération : accepte.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

après un nettoyage, j'ai relancé SP2, c'est toujours refusé...........

Tu as le rapport de ComboFix ?

je te l'ai envoyé par email

ComboFix 09-05-05.03 - gerard 06/05/2009 2:46.1 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.33.1036.18.1023.850 [GMT 2:00]
Lancé depuis: c:\documents and settings\gerard\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\_003490_.tmp.dll
c:\windows\system32\_003632_.tmp.dll
c:\windows\system32\_003633_.tmp.dll
c:\windows\system32\_003634_.tmp.dll
c:\windows\system32\_003635_.tmp.dll
c:\windows\system32\_003642_.tmp.dll
c:\windows\system32\_003643_.tmp.dll
c:\windows\system32\_003644_.tmp.dll
c:\windows\system32\_003646_.tmp.dll
c:\windows\system32\_003647_.tmp.dll
c:\windows\system32\_003650_.tmp.dll
c:\windows\system32\_003651_.tmp.dll
c:\windows\system32\_003654_.tmp.dll
c:\windows\system32\_003657_.tmp.dll
c:\windows\system32\_003660_.tmp.dll
c:\windows\system32\_003665_.tmp.dll
c:\windows\system32\_003667_.tmp.dll
c:\windows\system32\_003668_.tmp.dll
c:\windows\system32\_003670_.tmp.dll
c:\windows\system32\_003672_.tmp.dll
c:\windows\system32\_003673_.tmp.dll
c:\windows\system32\_003674_.tmp.dll
c:\windows\system32\_003675_.tmp.dll
c:\windows\system32\_003677_.tmp.dll
c:\windows\system32\_003679_.tmp.dll
c:\windows\system32\_003680_.tmp.dll
c:\windows\system32\_003681_.tmp.dll
c:\windows\system32\_003685_.tmp.dll
c:\windows\system32\_003688_.tmp.dll
c:\windows\system32\_003893_.tmp.dll
c:\windows\system32\_004047_.tmp.dll
c:\windows\system32\_004048_.tmp.dll
c:\windows\system32\_004049_.tmp.dll
c:\windows\system32\_004050_.tmp.dll
c:\windows\system32\_004057_.tmp.dll
c:\windows\system32\_004058_.tmp.dll
c:\windows\system32\_004059_.tmp.dll
c:\windows\system32\_004060_.tmp.dll
c:\windows\system32\_004062_.tmp.dll
c:\windows\system32\_004063_.tmp.dll
c:\windows\system32\_004066_.tmp.dll
c:\windows\system32\_004067_.tmp.dll
c:\windows\system32\_004070_.tmp.dll
c:\windows\system32\_004071_.tmp.dll
c:\windows\system32\_004073_.tmp.dll
c:\windows\system32\_004074_.tmp.dll
c:\windows\system32\_004076_.tmp.dll
c:\windows\system32\_004077_.tmp.dll
c:\windows\system32\_004082_.tmp.dll
c:\windows\system32\_004084_.tmp.dll
c:\windows\system32\_004085_.tmp.dll
c:\windows\system32\_004087_.tmp.dll
c:\windows\system32\_004089_.tmp.dll
c:\windows\system32\_004090_.tmp.dll
c:\windows\system32\_004091_.tmp.dll
c:\windows\system32\_004092_.tmp.dll
c:\windows\system32\_004093_.tmp.dll
c:\windows\system32\_004096_.tmp.dll
c:\windows\system32\_004097_.tmp.dll
c:\windows\system32\_004098_.tmp.dll
c:\windows\system32\_004099_.tmp.dll
c:\windows\system32\_004100_.tmp.dll
c:\windows\system32\_004105_.tmp.dll
c:\windows\system32\ak1.exe
c:\windows\system32\drivers\ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm.sys
c:\windows\system32\ovfsthcecwikarfyfqqagexlnbmsdxmycotuol.dat
c:\windows\system32\ovfsthfnpqsppvnvpeoypxjxqguioufywdcpju.dat
c:\windows\system32\ovfsthimotfqppkesoxpaerxmqhwndqkqjwbhw.dll
c:\windows\system32\ovfsththkdibilanxrimtnhjxogiikfsbangno.dll
c:\windows\system32\ovfsthwgamvvrclfpftctdihcloteieycwyrte.dll
c:\windows\system32\uniq.tll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ovfsthfwbxxtkipcxngfvmyrblxrmmametkyav


((((((((((((((((((((((((((((( Fichiers créés du 2009-04-06 au 2009-05-06 ))))))))))))))))))))))))))))))))))))
.

2009-05-06 00:08 . 2009-05-06 00:08 -------- d-----w c:\program files\trend micro
2009-05-06 00:08 . 2009-05-06 00:08 -------- d-----w C:\rsit
2009-05-06 00:05 . 2009-05-06 00:05 -------- d-----w c:\program files\NortonInstaller
2009-05-05 23:17 . 2002-08-29 07:44 107520 ------w c:\windows\system32\dllcache\acxtrnal.dll
2009-05-05 23:17 . 2002-08-29 07:44 255488 ------w c:\windows\system32\dllcache\acverfyr.dll
2009-05-05 23:17 . 2002-08-29 07:44 406528 ------w c:\windows\system32\dllcache\aclayers.dll
2009-05-05 23:17 . 2002-08-29 07:44 125440 ------w c:\windows\system32\dllcache\aclua.dll
2009-05-05 23:17 . 2002-08-29 07:44 219136 ------w c:\windows\system32\dllcache\acspecfc.dll
2009-05-05 23:17 . 2002-08-29 08:44 1818624 ------w c:\windows\system32\dllcache\acgenral.dll
2009-05-05 21:53 . 2009-05-05 21:53 -------- d-----w c:\windows\IE Uninstall
2009-05-05 21:46 . 2009-05-05 21:46 -------- d-----w c:\windows\Application Data
2009-05-05 21:29 . 2009-05-05 21:29 -------- d-----w c:\windows\Fichiers d'installation de Windows Update
2009-05-05 21:08 . 2009-05-05 21:08 -------- d--h--w c:\windows\msdownld.tmp
2009-05-05 21:07 . 2009-05-05 21:07 -------- d-----w c:\windows\Windows Update Setup Files
2009-05-05 20:03 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-05 20:02 . 2009-05-05 20:02 -------- d-----w c:\documents and settings\gerard\Application Data\Malwarebytes
2009-05-05 20:02 . 2009-05-05 20:02 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-05 20:02 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-05 20:02 . 2009-05-05 20:02 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-05 16:42 . 2009-05-05 16:42 -------- d-----w C:\Google
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\system32\fr-fr
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\provisioning
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\l2schemas
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\system32\fr
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\system32\bits
2009-05-05 16:37 . 2009-05-05 16:37 -------- d-----w c:\windows\peernet
2009-05-05 16:33 . 2007-08-10 06:18 26488 ----a-w c:\windows\system32\spupdsvc.exe
2009-05-05 16:31 . 2001-10-04 09:54 19456 ----a-w c:\windows\system32\dllcache\cacls.exe
2009-05-05 16:28 . 2009-05-05 16:28 -------- d-----w c:\windows\system32\CatRoot_bak
2009-05-05 16:03 . 2009-05-05 16:03 -------- d-----w c:\documents and settings\All Users\Application Data\NortonInstaller
2009-04-15 15:26 . 1999-10-15 10:50 1056768 ------w c:\windows\system32\ROBOEX32.DLL
2009-04-15 15:26 . 2006-07-22 17:37 49152 ------w c:\windows\system32\INETWH32.dll
2009-04-15 15:26 . 2009-04-15 15:26 -------- d-----w c:\program files\Fichiers communs\Ulead Systems
2009-04-15 15:26 . 2009-04-15 15:26 -------- d-----w c:\program files\Ulead Systems
2009-04-15 15:26 . 2009-04-15 15:26 -------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-04-15 15:25 . 2009-04-15 15:25 -------- d-----w c:\windows\installers
2009-04-15 15:15 . 2008-05-01 16:23 12357751 ----a-w c:\program files\Portable Portrait Professional Max 6.3.5.exe
2009-04-15 15:04 . 2009-04-15 15:04 -------- d-----w c:\documents and settings\gerard\Application Data\Thinstall
2009-04-14 23:47 . 2009-04-14 23:47 -------- d---a-w C:\Adobe(R) Photoshop(R) CS2
2009-04-13 22:36 . 2009-04-13 22:36 0 ----a-w c:\windows\nsreg.dat
2009-04-13 22:36 . 2009-04-13 22:36 -------- d-----w c:\documents and settings\gerard\Local Settings\Application Data\Mozilla
2009-04-13 22:11 . 2002-11-14 08:19 36864 ----a-r c:\windows\system32\deluidrv.exe
2009-04-13 22:11 . 2002-11-14 08:19 32768 ----a-r c:\windows\system32\delentry.exe
2009-04-13 22:11 . 2003-02-20 17:02 57344 ----a-r c:\windows\system32\usbmonit.exe
2009-04-13 22:11 . 2002-12-03 15:24 22260 ----a-r c:\windows\system32\drivers\geneuide.sys
2009-04-13 22:11 . 2009-04-13 22:11 -------- d-----w C:\driver
2009-04-13 21:50 . 2009-04-13 21:50 155 ----a-w c:\windows\system32\SelfDel.bat
2009-04-13 17:18 . 2009-05-06 00:50 109010 ----a-w c:\windows\system32\drivers\5bd63567.sys
2009-04-13 15:43 . 2009-04-13 15:43 -------- d-sh--w C:\FOUND.000
2009-04-12 12:59 . 2009-04-12 12:59 -------- d-----w c:\program files\Portrait Professional 8 Trial
2009-04-12 12:39 . 2009-04-12 12:39 -------- d-----w c:\program files\Fichiers communs\Adobe
2009-04-12 12:30 . 2009-04-12 12:30 -------- d-----w c:\documents and settings\gerard\Local Settings\Application Data\Adobe
2009-04-12 12:22 . 2009-04-12 12:22 -------- d-----w c:\program files\Fichiers communs\Vbox

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-05 21:33 . 2001-10-04 09:56 367658 ----a-w c:\windows\system32\perfh00C.dat
2009-05-05 21:33 . 2001-10-04 09:56 48616 ----a-w c:\windows\system32\perfc00C.dat
2009-05-05 16:31 . 2009-05-05 16:31 23040 ----a-w c:\windows\system32\loader49.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\ctfmon.exe" [2002-08-29 13312]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-13 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ulead AutoDetector v2"="c:\program files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 90112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-08-29 13312]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

S3 aida32driver;AIDA32Driver;c:\program files\AIDA32 - Personal System Information\aida32.sys [23/02/2004 04:07 3584]
S3 mbamswissarmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [05/05/2009 22:03 38496]

--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - alg
*NewlyCreated* - ipnat
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{c2ba40a1-74f3-42bd-f434-12345a2c8953} - (no file)
HKU-Default-Run-uidenhiufgsduiazghs - c:\windows\TEMP\gnlnldmc.exe
Notify-dimsntfy - (no file)


.
------- Examen supplémentaire -------
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.fr/
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://download.bleepingcomputer.com/sUBs/ComboFix.exe
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-06 02:50
Windows 5.1.2600 Service Pack 1 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567]
"ImagePath"="\SystemRoot\System32\drivers\5bd63567.sys"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\System32\ODBC32.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(764)
c:\windows\System32\dssenh.dll

- - - - - - - > 'explorer.exe'(236)
c:\windows\System32\msi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\SYSTEM32\ATI2EVXX.EXE
c:\windows\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2009-05-06 2:51 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-06 00:51

Avant-CF: 34 478 817 280 octets libres
Après-CF: 34 447 360 000 octets libres

winxpsp1_fr_pro_bf.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect

220

Tu n'as pas pu installer le SP2 après le passage de ComboFix ?

non, il a fait pareil
j'ai récuperé mon lecteur de cartes et des icones

Et le SP3 ?

j'ai pas essayé

Je vais dormir, essaie le SP2 et SP3 après cette manip' :

/!\ Seul gleyne peut suivre cette procédure /!\

Désactive toute protection résidente (Antivirus...) !

---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :



---> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.

---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :

Cela va relancer Combofix : au message qui apparaît, accepte.

Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.

Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

 

ok, merci
je vois ça

Bonne nuit

j'ai fait ta manip
mais ni sp2 ni sp3 ne s'installe  
donc pas de norton et pas d'antivirus.....

Installe Antivir et mets-le à jour.

Double-clique sur l'icône d'Antivir (Parapluie) dans la barre des tâches.

Dans Antivir, choisis Outils puis Configuration.

Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages.

Fais un scan complet et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

ça scanne !
il y a encore du monde à l'interieur !!

VOILA LE RAPPORT



Avira AntiVir Personal
Report file date: mercredi 6 mai 2009 14:27

Scanning for 1380976 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 1) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : GG-L057UFMRN259

Version information:
BUILD.DAT : 9.0.0.394 17962 Bytes 17/04/2009 11:20:00
AVSCAN.EXE : 9.0.3.5 466689 Bytes 06/05/2009 12:23:44
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 08:58:26
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 09:35:50
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 08:58:54
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:30:38
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/02/2009 18:33:28
ANTIVIR2.VDF : 7.1.3.137 1810944 Bytes 30/04/2009 12:23:42
ANTIVIR3.VDF : 7.1.3.161 119808 Bytes 06/05/2009 12:23:42
Engineversion : 8.2.0.160
AEVDF.DLL : 8.1.1.1 106868 Bytes 06/05/2009 12:23:42
AESCRIPT.DLL : 8.1.1.79 385403 Bytes 06/05/2009 12:23:42
AESCN.DLL : 8.1.1.10 127348 Bytes 06/05/2009 12:23:42
AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 16:24:42
AEPACK.DLL : 8.1.3.14 397685 Bytes 06/05/2009 12:23:42
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26/02/2009 18:01:58
AEHEUR.DLL : 8.1.0.122 1737080 Bytes 06/05/2009 12:23:42
AEHELP.DLL : 8.1.2.2 119158 Bytes 26/02/2009 18:01:58
AEGEN.DLL : 8.1.1.39 348532 Bytes 06/05/2009 12:23:42
AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 12:32:40
AECORE.DLL : 8.1.6.9 176500 Bytes 06/05/2009 12:23:42
AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 12:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 06:48:00
AVPREF.DLL : 9.0.0.1 43777 Bytes 05/12/2008 08:32:16
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 12:34:30
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 08:32:10
AVARKT.DLL : 9.0.0.3 292609 Bytes 06/05/2009 12:23:42
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 08:37:10
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 13:03:50
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 06:21:34
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 08:32:12
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 09/02/2009 09:45:46
RCTEXT.DLL : 9.0.37.0 86785 Bytes 06/05/2009 12:23:42

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:, F:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: mercredi 6 mai 2009 14:27

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\imagepath
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\type
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\start
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\errorcontrol
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\extparamd
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\5bd63567\f96zk6npb
[INFO] The registry entry is invisible.
'18744' objects were checked, '6' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
22 processes with 22 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '44' files ).


Starting the file scan:

Begin scan in 'C:\' <BOOT-XP>
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\WINDOWS\system32\drivers\5bd63567.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004393.sys
[DETECTION] Contains recognition pattern of the RKIT/Agent.iuc root kit
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004394.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004395.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004396.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthimotfqppkesoxpaerxmqhwndqkqjwbhw.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsththkdibilanxrimtnhjxogiikfsbangno.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthwgamvvrclfpftctdihcloteieycwyrte.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm_.sys.zip
[0] Archive type: ZIP
--> ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm.sys
[DETECTION] Contains recognition pattern of the RKIT/Agent.iuc root kit
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm.sys.vir
[DETECTION] Contains recognition pattern of the RKIT/Agent.iuc root kit
Begin scan in 'E:\' <PHOTO>
E:\aaa-SITES\a-site-gerardleyne\SOIREES\soiree-05-06-04\TN_IMG_0191.JPG
[DETECTION] Is the TR/Dropper.Gen Trojan
E:\TRANSFERT\PhotoFiltre.Studio.v9.0.Incl.Keymaker-CORE.zip
[0] Archive type: ZIP
--> PhotoFiltre.Studio.v9.0.Incl.Keymaker-CORE/keygen.exe
[DETECTION] Is the TR/Delf.114688 Trojan
E:\TRANSFERT\Adobe Photoshop CS2 9[1].0.2.rar
[0] Archive type: RAR
--> keygen.exe
[DETECTION] Is the TR/Drop.Agent.bowl Trojan
E:\TRANSFERT\Nero-7.0.1.2_fra.exe
[0] Archive type: RAR SFX (self extracting)
--> Cab\1B05D29F.cab
[1] Archive type: CAB (Microsoft)
--> AMCDOM656B2935.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
E:\TRANSFERT\ADOBE-CS\Adobe_CS2_KeyGen.zip
[0] Archive type: ZIP
--> Keygen Photoshop CS2 Fr.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
E:\TRANSFERT\ADOBE-CS\Adobe_Photoshop_CS2_keygen-PARADOX.rar
[0] Archive type: RAR
--> keygen.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
E:\TRANSFERT\TRANSPORT\Adobe Photoshop CS2\keygen\Keygen Photoshop CS2 Fr.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
Begin scan in 'F:\' <DISQUE-3>
F:\WINDOWS\INF\ALCHEM.INF
[DETECTION] Is the TR/Dldr.Alchemic.B Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\55CB51EB.exe
[0] Archive type: HIDDEN
--> FIL\\\?\F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\55CB51EB.exe
[DETECTION] Is the TR/Killav.DT.1 Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\293D1B4A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1BD2145A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3135179A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\781D4345.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD13F0A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD46907.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\54E8331F.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\08C74127.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2FCB1159.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\61062B3B.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\610C7F33.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39577B92.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14BC532B.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14BF7D27.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C22723.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C65120.exe
[0] Archive type: HIDDEN
--> FIL\\\?\F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C65120.exe
[DETECTION] Is the TR/Obfuscated.IO Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15D66297.exe
[DETECTION] Is the TR/Vundo.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C97B1C.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\354D39FC.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356B33DC.dll
[0] Archive type: HIDDEN
--> FIL\\\?\F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356B33DC.dll
[DETECTION] Contains recognition pattern of the DIAL/302188 dialer
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356E5DD8.exe
[0] Archive type: HIDDEN
--> FIL\\\?\F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356E5DD8.exe
[DETECTION] Contains recognition pattern of the DIAL/000181 dialer
--> dialer.exe
[DETECTION] Contains recognition pattern of the DIAL/94208.A.25 dialer
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\60262AD9.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4E981395.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\56915490.exe
[0] Archive type: HIDDEN
--> FIL\\\?\F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\56915490.exe
[DETECTION] Is the TR/Dldr.Zlob.mop Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5DAE2F79.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3EE1593B.exe
[DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
F:\Program Files\ddm\6926\SaveInstCmS.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> SaveUninst.exe
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.AF adware or spyware
--> Object
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.1 adware or spyware
--> Sync.exe
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.V adware or spyware
--> Uninst.exe
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.V.1 adware or spyware
--> Object
[1] Archive type: CAB (Microsoft)
--> Search.exe
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.L adware or spyware
--> Uninst.exe
[DETECTION] Contains recognition pattern of the ADSPY/SaveNow.F adware or spyware
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
F:\Program Files\Zero Popup\Crack.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
F:\Program Files\Serials 2000 7.1 Plus\Add-on\UnSEU2.exe
[DETECTION] Is the TR/Agent.92640.A Trojan

Beginning disinfection:
C:\WINDOWS\system32\drivers\5bd63567.sys
[DETECTION] Is the TR/Rootkit.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[NOTE] The file was moved to '4a65ae5b.qua'!
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004393.sys
[DETECTION] Contains recognition pattern of the RKIT/Agent.iuc root kit
[NOTE] The file was moved to '4a31ae2c.qua'!
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004394.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4f2e95bd.qua'!
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004395.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '49a0f245.qua'!
C:\System Volume Information\_restore{757891E3-A338-4D08-8DB1-C9DFE84BB846}\RP18\A0004396.dll
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4f2a8a1d.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthimotfqppkesoxpaerxmqhwndqkqjwbhw.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4a67ae72.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsththkdibilanxrimtnhjxogiikfsbangno.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4f402c03.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\ovfsthwgamvvrclfpftctdihcloteieycwyrte.dll.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to '4e8cd11b.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm_.sys.zip
[NOTE] The file was moved to '4a77ae6b.qua'!
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\ovfsthbrnrxubrdlxoeuwswvjbnoekvdylbibm.sys.vir
[DETECTION] Contains recognition pattern of the RKIT/Agent.iuc root kit
[NOTE] The file was moved to '4e950053.qua'!
E:\aaa-SITES\a-site-gerardleyne\SOIREES\soiree-05-06-04\TN_IMG_0191.JPG
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a60ae4a.qua'!
E:\TRANSFERT\PhotoFiltre.Studio.v9.0.Incl.Keymaker-CORE.zip
[NOTE] The file was moved to '4a70ae64.qua'!
E:\TRANSFERT\Adobe Photoshop CS2 9[1].0.2.rar
[NOTE] The file was moved to '4a70ae60.qua'!
E:\TRANSFERT\ADOBE-CS\Adobe_CS2_KeyGen.zip
[NOTE] The file was moved to '4e99c1b9.qua'!
E:\TRANSFERT\ADOBE-CS\Adobe_Photoshop_CS2_keygen-PARADOX.rar
[NOTE] The file was moved to '4e9f38a9.qua'!
E:\TRANSFERT\TRANSPORT\Adobe Photoshop CS2\keygen\Keygen Photoshop CS2 Fr.exe
[DETECTION] Contains recognition pattern of the WORM/Autorun.cxl worm
[NOTE] The file was moved to '4a7aae62.qua'!
F:\WINDOWS\INF\ALCHEM.INF
[DETECTION] Is the TR/Dldr.Alchemic.B Trojan
[NOTE] The file was moved to '4a44ae49.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\55CB51EB.exe
[NOTE] The file was moved to '4a44ae32.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\293D1B4A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a34ae36.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\1BD2145A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a45ae3f.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3135179A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a34ae2e.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\781D4345.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a32ae35.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD13F0A.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a45ae40.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD46907.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4f4787f9.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\54E8331F.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a46ae31.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\08C74127.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a44ae35.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\2FCB1159.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a44ae43.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\61062B3B.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a31ae2e.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\610C7F33.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4f39fe9f.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\39577B92.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a36ae36.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14BC532B.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a43ae31.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14BF7D27.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4f48c63a.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C22723.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a44ae31.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C65120.exe
[NOTE] The file was moved to '4f49d9aa.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\15D66297.exe
[DETECTION] Is the TR/Vundo.Gen Trojan
[NOTE] The file was moved to '4a45ae32.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\14C97B1C.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4f4b291b.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\354D39FC.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a35ae33.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356B33DC.dll
[NOTE] The file was moved to '4a37ae33.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\356E5DD8.exe
[NOTE] The file was moved to '4f2530b4.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\60262AD9.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a33ae2e.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\4E981395.exe
[DETECTION] Is the TR/Dldr.Swizzor.Gen Trojan
[NOTE] The file was moved to '4a3aae43.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\56915490.exe
[NOTE] The file was moved to '4a3aae34.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\5DAE2F79.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4a42ae42.qua'!
F:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\3EE1593B.exe
[DETECTION] Is the TR/Crypt.PEPM.Gen Trojan
[NOTE] The file was moved to '4a46ae43.qua'!
F:\Program Files\ddm\6926\SaveInstCmS.exe
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[NOTE] The file was moved to '4a77ae5f.qua'!
F:\Program Files\Zero Popup\Crack.exe
[DETECTION] Is the TR/Crypt.ULPM.Gen Trojan
[NOTE] The file was moved to '4a62ae70.qua'!
F:\Program Files\Serials 2000 7.1 Plus\Add-on\UnSEU2.exe
[DETECTION] Is the TR/Agent.92640.A Trojan
[NOTE] The file was moved to '4a54ae6c.qua'!


End of the scan: mercredi 6 mai 2009 17:34
Used time: 2:50:54 Hour(s)

The scan has been done completely.

21005 Scanned directories
595312 Files were scanned
54 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
47 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
595256 Files not concerned
2913 Archives were scanned
4 Warnings
48 Notes
18744 Objects were scanned with rootkit scan
6 Hidden objects were found

Tu peux essayer un Service Pack.

je viens de rebooter comme demandé et j'essaie
il a passé quelques minutes ......
j'y vais

refus de sp2
j'essaie sp3

refus de sp3  

Je pense qu'il faudrait formater et réinstaller Windows en pensant à sauvegarder tous les documents que tu souhaites garder.

je vais voir ça
Pour le moment j'ai oublié mon CD chez mon père.
j'y retourne en juin

en tout cas merci beaucoup pour ton aide
je te tiendrai au courant
Amicalement

Ok, pas de problème.

Bonjour,
voilà j'ai récupéré le CD de Windows XP
J'ai reformaté mon DD en FAT32
XP n'a pas voulu s'installé alors qu'il l'avait fait la première fois
Donc formatage en NTFS et installation
Puis installation de SP3 sans problème et enfin de norton2009 puisque c'était pour lui

Le but étant de travailler soit en WIN98SE soit en XP, mon DD XP n'est plus visible sous 98 !!

Autre problème le defilement vertical des pages se fait sous forme de vagues !
C'est peut-être un réglage ?

En tout cas merci