Votre question

Virus Win32/adobe test

Tags :
  • Adobe
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Décembre 2009 14:12:55

Bonjour! Voila mon problème, j'ai reçu un pop-up de mon firewall (zone alarm) comme quoi Adobe voulait me demandait l'accès a internet pour faire une mise à jour, j'ai donc accepté. (grosse erreur de ma part...)
Quelque second après il me redemande la même chose pour AWM, j'ai accepté pensant que ça faisais parti d'adobe...
Et encore après il me demande pour un certain TEST... la j'ai tilté et j'ai refusé! Seulement le mal était déjà fait

Mon pc m'affichait de fausse icône Windows en bas à gauche à côté de l'horloge (Les célèbres virus qui se prennent pour des antivirus -_-)

Puis soudain ma souris reste bloqué... mon clavier de même, je redémarre le pc et la mon antivirus et firewall ne se lance pas au démarrage (je pense que le virus à du les bloquer) je suis passé en mode sans échec et j'ai scanné mon pc, l ma trouvé un virus du nom de Win32 dans le dossier Temp.
Je l'ai supprimé, seulement juste a côté j'ai un autre fichié qui s'appèle test.reg (j'ai pas souvenir qu'il y ai se genre de fiché la dedans...) je l'ai scanné avec Nob32, avec Ad-aware et rien, j'ai essayé de le supprimer (même avec Unlocker) est c'est impossible il revient a chaque demarage.

J'ai fouillé dans le regedit et j'ai trouvé tout un dossier avec des Win32, test, adobe que j'ai supprimé mais rien a faire!

Me voila donc avec un autre pc pour essayé de réparer le mien... j'ai dl HiJackThis et j'ai fais un scan en mode sans échec (seul mode ou le pc plante pas)

il m'affiche cela:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:41:50, on 30/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\regedit.exe
C:\Program Files\Internet Explorer\Iexplore.exe
E:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4531 bytes

Autres pages sur : virus win32 adobe test

31 Décembre 2009 15:17:14

Bonjour Matt48,

*Télécharge RSIT (merci random/random) sur le Bureau : Ici
Double-clique sur RSIT.exe, il ne nécessite pas d' installation.
Clique Continue à l' écran Disclaimer si tu acceptes les conditions.
-Si HijackThis est non détecté sur ton Pc, il le téléchargera (autorise l' accès dans ton pare-feu si demandé et accepte la licence).
Lorsque l' analyse sera terminée, deux fichiers texte s' ouvriront.
Poste le contenu de log.txt (celui qui s' ouvre) ainsi que info.txt qui est dans la Barre des Tâches
Tuto : http://forum.pcastuces.com/randoms_system_information_t...

NB : Ces rapports sont enregistrés dans le dossier C:\rsit

A+
1 Janvier 2010 18:23:46

Merci pour ton aide! Voila les deux rapport:

Pour information, j'ai effectué se scan de Rsit par mode dans échec, je ne sais pas si cela va modifier quelque chose!

(P.S: si tu vois Avast, c'est normale, je l'ai télécharger pour voir si lui me trouvait un truc mais non, toujours pareil)

Log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lisou81 at 2010-01-01 18:14:13
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 26 GB (35%) free of 76 GB
Total RAM: 2046 MB (88% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:25, on 1/01/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\Lisou81\Bureau\RSIT.exe
E:\Lisou81.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.fr/spbasic.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = ?
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 5065 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2008-09-17 86016]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-27 16208384]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"GBB36X Configure"=C:\WINDOWS\System32\JMRaidTool.exe [2006-06-02 385024]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-10-12 921600]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-06-16 555816]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-06-16 568096]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2006-09-07 15872]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-12-29 788880]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"CursorXP"=C:\themeGold55\CursorXP\CursorXP.exe [2001-12-13 100864]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]

C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
"NoLowDiskSpaceCheck"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\messenger\msmsgs.exe"="C:\Program Files\messenger\msmsgs.exe:*:Enabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\setupSNK.exe


======List of files/folders created in the last 1 months======

2010-01-01 18:14:13 ----D---- C:\rsit
2009-12-31 01:49:15 ----A---- C:\WINDOWS\system32\MFC71.dll
2009-12-31 01:49:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2009-12-31 01:49:03 ----D---- C:\Program Files\Alwil Software
2009-12-30 13:41:10 ----A---- C:\Program Files\HiJackThis.exe
2009-12-30 12:08:13 ----D---- C:\WINDOWS\CSC
2009-12-30 03:05:08 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-30 02:31:39 ----D---- C:\Program Files\Malware Defense
2009-12-30 02:18:03 ----A---- C:\WINDOWS\system32\krl32mainweq.dll
2009-12-30 02:16:05 ----A---- C:\Documents and Settings\All Users.WINDOWS\Application Data\sysReserve.ini
2009-12-28 17:05:37 ----D---- C:\Program Files\CamStudio
2009-12-13 14:52:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-13 14:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-13 14:52:05 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-13 14:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-13 14:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-13 14:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-06 22:46:16 ----D---- C:\Documents and Settings\Lisou81\Application Data\ACAMPREF
2009-12-06 22:43:25 ----D---- C:\Myriad Plugin
2009-12-06 22:40:16 ----A---- C:\WINDOWS\wacam.TMP
2009-12-06 22:40:16 ----A---- C:\WINDOWS\wacam.ini
2009-12-06 22:40:16 ----A---- C:\WINDOWS\system32\MMPlugHostCtrl.dll
2009-12-06 18:16:22 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe

======List of files/folders modified in the last 1 months======

2010-01-01 15:10:23 ----D---- C:\WINDOWS\Internet Logs
2010-01-01 15:07:46 ----D---- C:\WINDOWS\system32\config
2010-01-01 15:07:46 ----D---- C:\WINDOWS\system32\config
2009-12-31 01:49:42 ----D---- C:\WINDOWS\system32
2009-12-31 01:49:42 ----D---- C:\WINDOWS\system32
2009-12-31 01:49:03 ----RD---- C:\Program Files
2009-12-30 12:35:37 ----D---- C:\Program Files\Mozilla Firefox
2009-12-30 12:19:43 ----D---- C:\WINDOWS\Temp
2009-12-30 12:16:05 ----SHD---- C:\RECYCLER
2009-12-30 12:14:55 ----SD---- C:\WINDOWS\Tasks
2009-12-30 12:08:13 ----D---- C:\WINDOWS
2009-12-30 12:04:47 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-30 03:38:57 ----D---- C:\WINDOWS\Debug
2009-12-30 03:28:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-30 02:16:58 ----D---- C:\WINDOWS\system32\drivers
2009-12-30 02:16:58 ----D---- C:\WINDOWS\system32\drivers
2009-12-29 17:19:40 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-29 01:36:37 ----A---- C:\WINDOWS\win.ini
2009-12-28 12:48:10 ----D---- C:\WINDOWS\inf
2009-12-13 14:52:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-13 14:52:11 ----D---- C:\Program Files\Internet Explorer
2009-12-13 14:51:57 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-07 12:12:21 ----HD---- C:\Config.Msi
2009-12-06 22:40:16 ----RSD---- C:\WINDOWS\Fonts
2009-12-06 18:16:39 ----D---- C:\Documents and Settings\Lisou81\Application Data\AdobeUM
2009-12-06 18:16:35 ----SHD---- C:\WINDOWS\Installer
2009-12-06 00:33:50 ----D---- C:\Documents and Settings\Lisou81\Application Data\dvdcss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-19 14848]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-28 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\System32\DRIVERS\point32.sys [2006-06-02 21760]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
S1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-19 40320]
S1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
S1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032]
S2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2009-10-13 21035]
S2 AMON;AMON; \??\C:\WINDOWS\System32\drivers\amon.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
S2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\System32\DRIVERS\EAPPkt.sys [2005-04-01 66048]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-26 4279296]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\wg111v2.sys [2007-12-26 272128]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2006-03-15 244608]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Pilote de filtre de restauration système; C:\WINDOWS\System32\DRIVERS\sr.sys [2004-08-19 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-10-12 507904]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2008-09-17 163908]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-11 38912]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-19 14336]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-29 1181328]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]

-----------------EOF-----------------
Contenus similaires
1 Janvier 2010 18:24:31

info.txt

info.txt logfile of random's system information tool 1.06 2010-01-01 18:14:28

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Anti-Rootkit Free-->C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\Uninstall.exe
CamStudio-->C:\Program Files\CamStudio\uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows XP (KB935448)-->"C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
CursorXP-->C:\themeGold55\CursorXP\CurXPUtil.exe -u
eMule-->"F:\eMule\Uninstall.exe"
Free M4a to MP3 Converter 5.9-->"F:\Free M4a to MP3 Converter\unins000.exe"
Gigabyte Raid Configurer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x40c -removeonly
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXP$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"E:\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Logiciel d'archivage WinRAR-->F:\WinRAR\uninstall.exe
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938127)-->"C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943055)-->"C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB945553)-->"C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946026)-->"C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Morrowind-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Jeu\Morrowind\MWUninstall\Setup.exe" -l0x40c
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Essentials-->MsiExec.exe /X{7BAA9BA8-0761-42EF-842A-23FAA5321036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NETGEAR WG111v2 wireless USB 2.0 adapter-->C:\Program Files\InstallShield Installation Information\{4102037D-E8E0-48E0-B203-E521D194FB71}\setup.exe -runfromtemp -l0x0009 -removeonly
NOD32 Antivirus System-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX-->"C:\Program Files\Eset\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\System32\nvuninst.exe UninstallGUI
OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"F:\PhotoFiltre\Uninst.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Songbird 1.2.0 (Build 1146)-->"F:\Songbird\Songbird-Uninstall.exe"
TES Construction Set-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "F:\Jeu\Morrowind\CSUninstall\Setup.exe" -l0x40c
Unlocker 1.8.5-->C:\Program Files\Unlocker\uninst.exe
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\System32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VLC media player 0.9.9-->F:\VLC\uninstall.exe
WG111v2 Configuration Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E0F252A6-DE85-4E93-A93B-DFC3537B3965}\setup.exe" -l0x9 REMOVE -removeonly
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

======Security center information======

AV: NOD32 Antivirus System 2.51
FW: ZoneAlarm Firewall

======System event log======

Computer Name: TEST
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 1142
Source Name: Tcpip
Time Written: 20091102194522.000000+060
Event Type: warning
User:

Computer Name: TEST
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 1027
Source Name: Tcpip
Time Written: 20091027193918.000000+060
Event Type: warning
User:

Computer Name: TEST
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 1026
Source Name: Tcpip
Time Written: 20091027175627.000000+060
Event Type: warning
User:

Computer Name: TEST
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 1025
Source Name: Tcpip
Time Written: 20091027172953.000000+060
Event Type: warning
User:

Computer Name: TEST
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.

Record Number: 871
Source Name: Tcpip
Time Written: 20091020191508.000000+120
Event Type: warning
User:

=====Application event log=====

Computer Name: TEST
Event Code: 0
Message:
Record Number: 80
Source Name: Lavasoft Ad-Aware Service
Time Written: 20091014175027.000000+120
Event Type: error
User:

Computer Name: TEST
Event Code: 0
Message:
Record Number: 79
Source Name: Lavasoft Ad-Aware Service
Time Written: 20091014174914.000000+120
Event Type: error
User:

Computer Name: TEST
Event Code: 1015
Message: Le délai d'exécution de la fonction "PerfProc" de collecte de données de
performance dans la bibliothèque "C:\WINDOWS\system32\perfproc.dll" a expiré. Il y a peut-être un
problème pour ce compteur extensible ou le service dont il tire ses
informations, ou le système était peut-être très occupé au moment où
l'appel a été tenté.

Record Number: 78
Source Name: Perflib
Time Written: 20091014004838.000000+120
Event Type: error
User:

Computer Name: TEST
Event Code: 2002
Message: La procédure d'ouverture du service "WmiApRpl" dans la bibliothèque "C:\WINDOWS\System32\wbem\wmiaprpl.dll" a
pris plus longtemps que le délai imparti pour cette opération. Il y a
peut-être un problème pour ce compteur extensible ou le service dont il
tire ses informations, ou le système était peut-être très occupé au moment
où l'appel a été tenté.

Record Number: 77
Source Name: Perflib
Time Written: 20091014004819.000000+120
Event Type: error
User:

Computer Name: TEST
Event Code: 4362
Message: Le système d'événements de COM+ a détecté un objet IEventSubscription endommagé. Il a supprimé l'ID d'objet {A82BC338-7D38-419B-9E36-CB7E2BC17519}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. L'abonné ne pourra plus être informé lorsque l'événement se produit.
Record Number: 61
Source Name: EventSystem
Time Written: 20091013184347.000000+120
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;"C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier"
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"FP_NO_HOST_CHECK"=NO
"SAFEBOOT_OPTION"=MINIMAL

-----------------EOF-----------------
1 Janvier 2010 20:38:17

Bonjour Matt48,

les manip' suivantes sont à faire en mode normal...

Télécharge load_tdsskiller de Loup Blanc sur ton Bureau en cliquant sur ce lien : Ici
Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.
* Lance load_tdsskiller en double-cliquant dessus : l'outil va se connecter au Net pour télécharger une copie à jour de TDSSKiller, puis va lancer le scan
* A la fin du scan, appuie sur une touche pour continuer, comme l'indique le message dans la fenêtre noire d'invite de commande
* Le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (le fichier est également présent ici : C:\tdsskiller\report.txt)
* Fais redémarrer ton PC

A+
Ps : Merci oGu
1 Janvier 2010 21:43:49

Justement le problème est que je ne peu rien faire en mode normale! au bout de 5mn après le démarrage tout se bloque! A part mon bouton reboot...
2 Janvier 2010 00:42:09

Matt48 a dit :
> au bout de 5mn après le démarrage tout se bloque!


Bonsoir Matt48,

essaye quand même, le scan est court...

A+
2 Janvier 2010 16:11:16

15:55:42:468 1160 TDSSKiller 2.1.1 Dec 20 2009 02:40:02
15:55:42:468 1160 ================================================================================
15:55:42:468 1160 SystemInfo:

15:55:42:468 1160 OS Version: 5.1.2600 ServicePack: 2.0
15:55:42:468 1160 Product type: Workstation
15:55:42:468 1160 ComputerName: TEST
15:55:42:468 1160 UserName: Lisou81
15:55:42:468 1160 Windows directory: C:\WINDOWS
15:55:42:468 1160 Processor architecture: Intel x86
15:55:42:468 1160 Number of processors: 2
15:55:42:468 1160 Page size: 0x1000
15:55:42:468 1160 Boot type: Normal boot
15:55:42:468 1160 ================================================================================
15:55:42:468 1160 ForceUnloadDriver: NtUnloadDriver error 2
15:55:42:468 1160 ForceUnloadDriver: NtUnloadDriver error 2
15:55:42:468 1160 ForceUnloadDriver: NtUnloadDriver error 2
15:55:42:484 1160 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0
15:55:42:484 1160 main: Driver KLMD successfully dropped
15:55:42:484 1160 main: Driver KLMD successfully loaded
15:55:42:484 1160
Scanning Registry ...
15:55:42:515 1160 ScanServices: Searching service UACd.sys
15:55:42:515 1160 ScanServices: Open/Create key error 2
15:55:42:515 1160 ScanServices: Searching service TDSSserv.sys
15:55:42:515 1160 ScanServices: Open/Create key error 2
15:55:42:515 1160 ScanServices: Searching service gaopdxserv.sys
15:55:42:515 1160 ScanServices: Open/Create key error 2
15:55:42:515 1160 ScanServices: Searching service gxvxcserv.sys
15:55:42:515 1160 ScanServices: Open/Create key error 2
15:55:42:515 1160 ScanServices: Searching service MSIVXserv.sys
15:55:42:515 1160 ScanServices: Open/Create key error 2
15:55:42:515 1160 UnhookRegistry: Kernel module file name: C:\windows\system32\ntkrnlpa.exe, base addr: 804D7000
15:55:42:515 1160 UnhookRegistry: Kernel local addr: B40000
15:55:42:531 1160 UnhookRegistry: KeServiceDescriptorTable addr: BC46E0
15:55:42:593 1160 UnhookRegistry: KiServiceTable addr: B6C960
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey service number (local): 47
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey local addr: C8B970
15:55:42:593 1160 KLMD_OpenDevice: Trying to open KLMD device
15:55:42:593 1160 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey
15:55:42:593 1160 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey
15:55:42:593 1160 KLMD_ReadMem: Trying to ReadMemory 0x804FF801[0x4]
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey service number (kernel): 47
15:55:42:593 1160 KLMD_ReadMem: Trying to ReadMemory 0x80503A7C[0x4]
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey real addr: 80622970
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey calc addr: 80622970
15:55:42:593 1160 UnhookRegistry: No SDT hooks found on NtEnumerateKey
15:55:42:593 1160 KLMD_ReadMem: Trying to ReadMemory 0x80622970[0xA]
15:55:42:593 1160 UnhookRegistry: Splicing found on NtEnumerateKey
15:55:42:593 1160 KLMD_WriteMem: Trying to WriteMemory 0x80622970[0xA]
15:55:42:593 1160 UnhookRegistry: NtEnumerateKey (Splicing) unhooked successfully
15:55:42:593 1160
Hidden service detected: H8SRTd.sys
Type "delete" (without quotes) to delete it:
2 Janvier 2010 16:23:23

Bonjour Matt48,

le rapport est incomplet...

A+
2 Janvier 2010 17:01:10

J'essaye de faire mieux mais j'ai pas le temps il me bloque! je passe toute la journée la pour essayer de le faire!
2 Janvier 2010 17:22:09

Re,

as-tu fais le scan?
Si oui, nous passons à la suite.
2 Janvier 2010 21:55:44

j'ai reussi à faire le scan... enfin je pense mon pc, déjà c'est redémarré de suite, mais il a passé presque 3h à remettre l'id de sécurité à tout mes fichiers erroné par l'id de sécurité par défaut!

Après cela! le point positif est que maintenant mon pc ne plante plus... mais windows m'a l'air bien mal en point... plus de corbeille, ma barre de lancement rapide n'affiche plus les fenêtres ouvertes, il me manque la moitié des icônes à côtés de l'heure, je n'ai même pas l'icône wifi de windows, impossible de déplacer les fichiers sur le bureau...

Je pense que je vais stocker les fichiers musique/video et autre sur mon second DD et réparer le windows avec mon cd...

J'ai essayé de relancer tdsskiller et il m'affiche cela:

http://img214.imageshack.us/img214/2060/bureaubw.jpg

si j'appuie sur une touche, il ferme tout est c'est tout!

(Je suis en dualscreen, pour ça qu'il y à 2 fois mon bureau)
3 Janvier 2010 01:56:12

Matt48 a dit :
> Je pense que je vais stocker les fichiers musique/video et autre sur mon second DD et réparer le windows avec mon cd...


Bonsoir Matt48,

> Ok, mais si tu veux quand même tenter le coup;) :

Fais la manip' de ComboFix (merci sUBs) et poste le rapport : Ici

A+
3 Janvier 2010 13:22:09

Voila le rapport!

ComboFix 09-11-07.02 - Lisou81 03/01/2010 13:13.1.2 - NTFSx86
Lancé depuis: c:\documents and settings\Lisou81\Mes documents\Téléchargements\ComboFix.exe
* Un antivirus résident est actif


AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.
- Mode FONCTIONNALITES REDUITES -
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-12-03 au 2010-01-03 ))))))))))))))))))))))))))))))))))))
.

2010-01-02 17:23 . 2010-01-02 17:23 -------- d-----w- C:\tdsskiller
2010-01-01 17:14 . 2010-01-01 17:14 -------- d-----w- C:\rsit
2009-12-31 00:49 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-12-31 00:49 . 2009-12-31 00:49 -------- d-----w- c:\program files\Alwil Software
2009-12-30 12:41 . 2009-12-30 12:40 401720 ----a-w- c:\program files\HiJackThis.exe
2009-12-30 01:31 . 2009-12-30 01:31 -------- d-----w- c:\program files\Malware Defense
2009-12-30 01:18 . 2009-12-30 01:18 675 ----a-w- c:\windows\system32\krl32mainweq.dll
2009-12-30 01:17 . 2009-12-30 01:17 36864 ----a-w- c:\windows\system32\H8SRTvonkjmoelx.dll
2009-12-30 01:16 . 2009-12-30 01:38 199 ----a-w- c:\windows\system32\srcr.dat
2009-12-30 01:16 . 2009-12-30 01:16 23040 ----a-w- c:\windows\system32\H8SRTpmxgoaypek.dll
2009-12-30 01:16 . 2009-12-30 01:16 201 ----a-w- c:\windows\system32\H8SRTxxytkoonsa.dat
2009-12-28 16:05 . 2009-12-28 16:05 -------- d-----w- c:\program files\CamStudio
2009-12-06 21:46 . 2009-12-06 21:46 -------- d-----w- c:\documents and settings\Lisou81\Application Data\ACAMPREF
2009-12-06 21:43 . 2009-12-06 21:44 -------- d-----w- C:\Myriad Plugin
2009-12-06 21:40 . 2005-04-13 10:55 106496 ----a-w- c:\windows\system32\MMPlugHostCtrl.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 11:59 . 2010-01-02 21:35 2314933 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-01-03 11:50 . 2009-10-13 16:26 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-01-03 11:50 . 2009-10-13 16:25 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2010-01-02 17:30 . 2010-01-02 17:32 3187712 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-02 15:03 . 2010-01-02 15:29 1687040 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2009-12-30 02:28 . 2001-08-28 16:00 46070 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-30 02:28 . 2001-08-28 16:00 361470 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-28 14:43 . 2009-10-13 17:21 18256 ----a-w- c:\documents and settings\Lisou81\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-06 21:43 . 2009-12-06 21:40 724 ----a-w- c:\windows\wacam.TMP
2009-12-06 21:40 . 2009-12-06 21:40 1409 ----a-w- c:\windows\Fonts\SToccata.fot
2009-12-06 17:16 . 2009-10-21 16:29 -------- d-----w- c:\documents and settings\Lisou81\Application Data\AdobeUM
2009-12-05 23:33 . 2009-10-16 11:42 -------- d-----w- c:\documents and settings\Lisou81\Application Data\dvdcss
2009-11-23 17:58 . 2009-09-12 10:13 -------- d-----w- c:\program files\Java
2009-11-21 18:27 . 2009-11-21 18:27 -------- d-----w- c:\documents and settings\Lisou81\Application Data\Songbird2
2009-11-21 18:22 . 2009-10-17 11:58 -------- d-----w- c:\program files\Oberon Media
2009-11-08 21:04 . 2009-11-08 21:04 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-08 21:04 . 2009-11-08 20:46 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-08 20:54 . 2009-11-08 20:54 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-08 20:36 . 2009-11-08 20:32 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-11-08 20:32 . 2009-11-08 20:32 -------- d-----w- c:\program files\Lavasoft
2009-11-08 14:51 . 2009-11-08 14:51 -------- d-----w- c:\program files\CCleaner
2009-10-29 05:46 . 2002-08-29 13:45 666112 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2009-10-14 16:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2009-10-14 16:52 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2009-10-14 16:52 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-14 16:55 . 2009-10-12 17:49 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-10-13 17:01 . 2009-10-12 19:20 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-10-13 16:55 . 2009-10-13 16:55 0 ----a-w- c:\windows\nsreg.dat
2009-10-13 16:32 . 2009-10-13 16:32 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-10-13 10:52 . 2002-08-29 13:44 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 19:13 . 2009-10-12 19:15 502368 ----a-w- c:\windows\system32\drivers\amon.sys
2009-10-12 19:13 . 2009-10-12 19:15 274432 ----a-w- c:\windows\system32\imon.dll
2009-10-12 18:19 . 2009-10-12 18:19 2232 ----a-w- c:\windows\java\Packages\Data\L3HF79FJ.DAT
2009-10-12 18:19 . 2009-10-12 18:19 155995 ----a-w- c:\windows\java\Packages\UVJB5B7V.ZIP
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\I3BLV3BF.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\YEJ9Z9NL.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\U2TJXJP7.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\R7F17BDN.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\DV3X7575.DAT
2009-10-12 18:17 . 2009-02-04 21:01 5920 ----a-w- C:\plus.reg
2009-10-12 17:47 . 2009-10-12 17:47 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-12 13:52 . 2002-08-29 13:44 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:52 . 2002-08-29 13:44 113152 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2009-10-13 22:19 411368 ----a-w- c:\windows\system32\deploytk.dll
.

------- Sigcheck -------

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2002-08-29 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2001-08-28 . 03F403B07A884FC2AA54A0916C410931 . 13568 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2004-08-19 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2004-08-19 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2002-08-29 . 9BB4976AACD2C9DF788AFCC53ABB790C . 24064 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[-] 2002-08-29 . 9BB4976AACD2C9DF788AFCC53ABB790C . 24064 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\kbdclass.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
[-] 2003-10-04 . D999CE17681D7D074D534FC5BC662E0A . 168192 . . [5.1.2600.1254] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2002-08-29 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2qfe\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2gdr\tcpip.sys
[-] 2006-04-20 . B8158E2A6112C0A5CA67BC158FC70218 . 340480 . . [5.1.2600.1831] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp1qfe\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2002-08-29 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

[-] 2004-08-19 . 75AC49029966BFFEA09F96C1C194F684 . 77312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2004-08-19 . 75AC49029966BFFEA09F96C1C194F684 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2002-08-29 . B19784FAD2AE469FBDE72D26F4C0FA1F . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2004-08-19 . 259AF82A0932EEA4F316F92DB94707B6 . 13312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-19 . 259AF82A0932EEA4F316F92DB94707B6 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2002-08-29 . B7B1C150AFF59455DB4DF082815F88F5 . 11776 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll
[-] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2002-08-29 . 0F18EEA4B1020FA064577A9654EFFFC6 . 154112 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2004-08-19 . 659F7B6C502051BFA37910614B225548 . 382464 . . [6.6.2600.2180] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2004-08-19 . 659F7B6C502051BFA37910614B225548 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2004-07-01 . C3F35AA3E4E791EA8425B5DBAE01E283 . 360960 . . [6.6.2600.1569] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2004-07-01 . C3F35AA3E4E791EA8425B5DBAE01E283 . 360960 . . [6.6.2600.1569] . . c:\windows\system32\bits\qmgr.dll
[-] 2002-08-29 . E1BDBEC55DF596AC4DC9FDCF6CB12832 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll

[-] 2009-02-09 . F83B964469D230F445613C44DF9FE25D . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 5620353B93DD08016674E4FEE280190B . 399360 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 5620353B93DD08016674E4FEE280190B . 399360 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . BA1EF616F55210820F6462D033088497 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2005-07-26 . CB7D37602638369A516757E994CBB31D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2005-07-26 . CB7D37602638369A516757E994CBB31D . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2gdr\rpcss.dll
[-] 2005-07-26 . 882114A101D4313E2736F4662EAAAA4E . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp1qfe\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2qfe\rpcss.dll
[-] 2005-04-28 . FD292BFE003558F4C39AA3D44F420AC7 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . D0F724BDF4A0647F1A52985FD629EFCE . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . 05E8F98BC17FCCE18D7DB332A81B8DDE . 395776 . . [5.1.2600.2595] . . c:\windows\SoftwareDistribution\Download\480cc6474822c4d3bda7c05b0f4fe218\sp2qfe\rpcss.dll
[-] 2004-08-19 . C6FE0B727A5D13419D480150631ADC09 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2004-08-19 . C6FE0B727A5D13419D480150631ADC09 . 395776 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2003-08-26 . 33D586E1C8E832BD50F69EE69117F8DC . 260608 . . [5.1.2600.1263] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 9D6BF82FE50D55F20F8E10E0F6653886 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9D6BF82FE50D55F20F8E10E0F6653886 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 51A24094F076961A7FF73E5F7E991D68 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2004-08-19 . 63DCDE1A0D86EEB8924D6738FF616EAD . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2004-08-19 . 63DCDE1A0D86EEB8924D6738FF616EAD . 108544 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2001-08-28 . FC0691097471EE374907E1024EDCBD43 . 101888 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
[-] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2001-08-28 . B1CE5287F096895D9BE26EB86F4D5FAF . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

[-] 2004-08-19 . 123EEA158F74D0F67A51DCDF065D1091 . 506368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-19 . 123EEA158F74D0F67A51DCDF065D1091 . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2002-08-29 . 71820BC9EE6653C8748922459DFC384D . 520704 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2006-07-13 . 6E1F6582179FB6C0531599DD03EF380A . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\58ef93a94d01d24242f4e233677924c2\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-19 . 7D3AA1F0E765054CB5F30114F2DB6888 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-19 . 7D3AA1F0E765054CB5F30114F2DB6888 . 611328 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2002-08-29 . 676445DF1322A8DC49E99D2D3688D230 . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

[-] 2004-08-19 . CD73133EB24C572019944001FAD1B8D9 . 60416 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2004-08-19 . CD73133EB24C572019944001FAD1B8D9 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2003-03-26 . A4178BE55244FD0447DC3E0F086B790F . 53760 . . [5.1.2600.1190] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:18 . 74ECF4DDC685BD3249CAB323405FCC49 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2gdr\es.dll
[-] 2005-07-26 04:38 . 4CB61A86683DFD6B3C41BAE2CF81FA94 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp1qfe\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2qfe\es.dll
[-] 2004-08-19 14:09 . FDE7FBE9CC9DD9484DF3E0241737C091 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
[-] 2004-08-19 14:09 . FDE7FBE9CC9DD9484DF3E0241737C091 . 243200 . . [2001.12.4414.258] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2002-08-29 13:44 . 82F375C821B8C2A37452419169081DA7 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll

[-] 2004-08-19 . E55DAFA1A354BD5CB69151563DC9748A . 110080 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2004-08-19 . E55DAFA1A354BD5CB69151563DC9748A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2002-08-29 . ACCB54C9FC11EF14EDAA21E475E9C8FA . 103936 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 534040750B9E70B156A98F5D0E8F6D2A . 1051136 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 534040750B9E70B156A98F5D0E8F6D2A . 1051136 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 2087E2764822A8D93A4CA7FA0FED35E8 . 1054208 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2006-07-05 . FB85EF2A6713E3A58A497E093626B93C . 1050112 . . [5.1.2600.2945] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp2qfe\kernel32.dll
[-] 2006-07-05 . CE4AF1FA47A29ADF97CB107775CE395C . 1049088 . . [5.1.2600.2945] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp2gdr\kernel32.dll
[-] 2006-07-05 . CEF8CE8CA1644779955860EDDA3D85A6 . 993792 . . [5.1.2600.1869] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp1qfe\kernel32.dll
[-] 2004-08-19 . C88F74591579DBDE273C61312B2D3886 . 1048576 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2004-08-19 . C88F74591579DBDE273C61312B2D3886 . 1048576 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2002-08-29 . 3F846A5513E8CC7DB6259585E60CB14D . 995328 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
[-] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2001-08-28 . 9AC497097204AABA6430E90E9DB6C901 . 15360 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2004-08-19 . 3236A6A1650E6C055FD5E87D7C4A05AD . 22016 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2004-08-19 . 3236A6A1650E6C055FD5E87D7C4A05AD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2001-08-28 . 4B938017DF43AFB8C1C4784CC0ADA90D . 18944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2009-10-29 . BD80B64DCB52FFA71CF5ACF8EDD3475F . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll
[-] 2009-10-29 . FDB4D9CCA68161CBD8AA216460707855 . 3084288 . . [6.00.2900.3640] . . c:\windows\system32\mshtml.dll
[-] 2009-10-29 . FDB4D9CCA68161CBD8AA216460707855 . 3084288 . . [6.00.2900.3640] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-10-29 . 68A29F2A4EA35F40339FC89549F388CE . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
[-] 2009-10-29 . E184AA9779789DC4EE9DBFDE54074BA3 . 3091968 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\mshtml.dll
[-] 2009-10-20 . 203DA99D50B81E36A1A4E4ED57249F02 . 3084288 . . [6.00.2900.3636] . . c:\windows\$NtUninstallKB976325$\mshtml.dll
[-] 2009-10-20 . 914F42631ACE8544F76BF9E529309B19 . 3091968 . . [6.00.2900.3636] . . c:\windows\$hf_mig$\KB976749\SP2QFE\mshtml.dll
[-] 2009-10-19 . D64D8B11BA4A50E497C8A0342DC5BF2B . 3091968 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3GDR\mshtml.dll
[-] 2009-10-19 . 96A5441C54E16340477D1B051AF5BEED . 3093504 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3QFE\mshtml.dll
[-] 2009-09-25 . C49AEDFDA7DFA06C8460B6641FB795CB . 3084288 . . [6.00.2900.3627] . . c:\windows\$NtUninstallKB976749$\mshtml.dll
[-] 2009-09-25 . 1EB78FBCE3D44AE3070356268DD60A9C . 3091968 . . [6.00.2900.3627] . . c:\windows\$hf_mig$\KB974455\SP2QFE\mshtml.dll
[-] 2009-09-25 . DCE11719021491A5F8E226E31A2074C3 . 3091968 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\mshtml.dll
[-] 2009-09-25 . CA9EE77EACF0021761764C28C2063D9A . 3093504 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll
[-] 2006-06-30 17:38 . 35F17B9FA9C913DC47754D4C555DBECB . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
[-] 2006-06-30 08:52 . F39A94D526A4D0CDC212E68610776ACB . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
[-] 2004-08-19 . 7CA9E0D2C4DCA6B710FD57F40E597337 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB974455$\mshtml.dll
[-] 2004-08-19 . 7CA9E0D2C4DCA6B710FD57F40E597337 . 3003392 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2003-10-16 11:34 . 477F8245E97E7ED77C91FD8185EBE918 . 2799104 . . [6.00.2800.1276] . . c:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2004-08-19 . B89F48FDFD6C3312B92D5D633C23F075 . 343040 . . [7.0.2600.2180] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2004-08-19 . B89F48FDFD6C3312B92D5D633C23F075 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2002-08-29 . B0272E9D0F64B4B31439D65B13F46E4B . 323072 . . [7.0.2600.1106] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll

[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 4138FBDEDBC6FEAD215BB4C4B102F7DE . 247808 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2004-08-19 . 6FA2DDF70DC9B762EBF8920F89B6BEA3 . 247808 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2004-08-19 . 6FA2DDF70DC9B762EBF8920F89B6BEA3 . 247808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2001-08-28 . 461B467CAE39D0A2765C876B46E78A7C . 230912 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2004-08-19 . D4CFAC76926C24E32B7F25A35C31BC6E . 407040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2004-08-19 . D4CFAC76926C24E32B7F25A35C31BC6E . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[-] 2002-08-29 . B05A56408A75A75345D399986751DDB7 . 399360 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2009-08-04 . 263FA3A73C588A26306D3B403A45F5A9 . 2191232 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 63864AF70CAC631077A6C1223617336B . 2191360 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . E23599BE2D89A295771CAD1212C7772A . 2188032 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . F478622DCBA4AF125885D62765C319EB . 2182400 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-08-04 . F478622DCBA4AF125885D62765C319EB . 2182400 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-08-04 . 61E8309F7009536A2FE483132404C5D4 . 2138112 . . [5.1.2600.3610] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-10 . BEF458B8424553279E95E250D1E0CE7E . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . B55AA66BC9269BC5257B915FFDAA790B . 2188160 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . AB896577F35CF5FED7A9F87D3C3205ED . 2191104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2005-03-02 . 3E2A0A4A0C0B19FC113618A9562A3B2A . 2181632 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . E75F7AA5A33479F29C636FD0890F5762 . 2137600 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2004-08-19 . 7D38CE4398E6AA6339B4644FEADCC0D8 . 2183040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2004-08-19 . 36F32A5A83DF734E022734D93860A9A4 . 2150400 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2003-04-24 . B9FBC0FD7934EA3CEC4877B654B1E5BB . 1896448 . . [5.1.2600.1151] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2004-08-19 . 29D5E58FB089C41898A81BD4C8970F22 . 17408 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2004-08-19 . 29D5E58FB089C41898A81BD4C8970F22 . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2001-08-28 . 8B6172B8C969658F4FE47968F08CFF48 . 14848 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2004-08-19 . 58D439F6EF73A2D9288B204E819F4BBD . 186368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2004-08-19 . 58D439F6EF73A2D9288B204E819F4BBD . 186368 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2002-08-29 . 11F7656C69DA4CFB022CEC5445A647E8 . 180736 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2004-08-19 . BB695F18354B38CFF693E67EE7A30C22 . 5120 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2004-08-19 . BB695F18354B38CFF693E67EE7A30C22 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2001-08-28 . A8418B5FE185B405FE34D2703B54E97F . 4096 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2004-08-19 . 2979B03D5382A602623C0535B16AB9C0 . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-19 . 2979B03D5382A602623C0535B16AB9C0 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2001-08-28 . 333A4DB8410D8E24DB06D6AEBECDC7C2 . 12800 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
[-] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2002-08-29 . 2718541CC10BCDDC3196A732CA8D0F3A . 233984 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[-] 2005-03-02 . 6EEF91AD23C3474C934174D11C6DA321 . 562176 . . [5.1.2600.1634] . . c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 0DF75FB73F705B011630159A43D7C354 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2003-09-25 . 78524A7AF390EA5071B400936C73E4FF . 561152 . . [5.1.2600.1255] . . c:\windows\$NtServicePackUninstall$\user32.dll

[-] 2004-08-19 . 84717891F0734C611721F56C60B5FBC3 . 25088 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2004-08-19 . 84717891F0734C611721F56C60B5FBC3 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2002-08-29 . F4127A2A00825C69A870035DA1264AE0 . 22528 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2009-10-29 . 07FD90B96C6A1E1FAE1E0658A25C039E . 666112 . . [6.00.2900.3640] . . c:\windows\system32\wininet.dll
[-] 2009-10-29 . 07FD90B96C6A1E1FAE1E0658A25C039E . 666112 . . [6.00.2900.3640] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-10-29 . D89926AF5796E322D229B1C2E4FC8D1D . 671232 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll
[-] 2009-10-29 . 1DF357F4537A7F5D77F46D9C4F36DDF0 . 672768 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
[-] 2009-10-29 . 26A2F945BB0E60D5590B61D650162E1B . 672768 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll
[-] 2009-09-25 . CFB3271742D2E2801021287973FEFB32 . 666112 . . [6.00.2900.3627] . . c:\windows\$NtUninstallKB976325$\wininet.dll
[-] 2009-09-25 . 442959D8A81262A1EFAC539AB5551FAE . 672768 . . [6.00.2900.3627] . . c:\windows\$hf_mig$\KB974455\SP2QFE\wininet.dll
[-] 2009-09-25 . 52725B1CDF5C27A19BB316BE4C7CFDCE . 671232 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\wininet.dll
[-] 2009-09-25 . 529081B5F266D9E18F85A2EF7725F21A . 672768 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll
[-] 2006-06-23 19:46 . 38A54870ECED4C83F227A5C4BE236709 . 593408 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
[-] 2006-06-23 11:28 . 1F063BDBD1AFEF9AC0ABD02384D40376 . 581120 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
[-] 2004-08-19 . 4E958B97EFC3D801F49283D1820F48B7 . 660480 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB974455$\wininet.dll
[-] 2004-08-19 . 4E958B97EFC3D801F49283D1820F48B7 . 660480 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2002-08-29 . CBC50D46257C4A75644230507B488050 . 603136 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2006-08-16 . 7279695B154A49550F675A985265B00A . 70656 . . [5.1.2600.1886] . . c:\windows\SoftwareDistribution\Download\b3d62539e3338b3e6aca7b80247f201f\sp1qfe\ws2_32.dll
[-] 2004-08-19 . EED74B969B2CA1ACC558FF60FB420E28 . 82944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2004-08-19 . EED74B969B2CA1ACC558FF60FB420E28 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2003-07-10 . 96870F48299155E046F7960E3F421714 . 70656 . . [5.1.2600.1240] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-08-29 . 82FE0D400CB1AC937234467B927B867A . 1008128 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2004-08-19 . CE978404558CE2D82896AC2032F06DBF . 171008 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2004-08-19 . CE978404558CE2D82896AC2032F06DBF . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2002-08-29 . 5BCBC26D816911D1FAED26448ACAA6FC . 159232 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2004-08-19 . 49B1376885340BF9EA0D99F71557B59A . 55808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2004-08-19 . 49B1376885340BF9EA0D99F71557B59A . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2002-08-29 . B1F4DD70AD2DF7B98C8323394D370B2A . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2004-08-19 . 6D8F3AC555E3F8A569AA9B2A817698C1 . 1548288 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2004-08-19 . 6D8F3AC555E3F8A569AA9B2A817698C1 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2002-08-29 . 2E280A2E44246CEB438C9C2FD8A3E9B5 . 1145856 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2004-08-19 . 64E41E8FEE655B03E3F19DED21BA5118 . 15360 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-19 . 64E41E8FEE655B03E3F19DED21BA5118 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2002-08-29 . 2C856908EE61424238772508E9FBCBC8 . 13312 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
[-] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2002-08-29 . E826404A74063B0AA553184ADCAD101B . 116736 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2004-08-19 . B6F76CE10953A141545A0D01F1776885 . 59904 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2004-08-19 . B6F76CE10953A141545A0D01F1776885 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2001-08-28 . 403245F119FAB18B49608C01A4BF1E02 . 51712 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2004-08-19 . A65E74CC5831CED5762AA16033ED20EE . 193024 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2004-08-19 . A65E74CC5831CED5762AA16033ED20EE . 193024 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2002-08-29 . 1287A7BB6342194D37F964B1569D466B . 161280 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2004-08-19 . DCB185C829538971E47AFFE77BA138C3 . 71680 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2004-08-19 . DCB185C829538971E47AFFE77BA138C3 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2002-08-29 . 6E625661367254FF74FD1C569273740C . 43008 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2004-08-19 . 78F90C3E230AD122BCB116ABAD5FEFE9 . 297984 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2004-08-19 . 78F90C3E230AD122BCB116ABAD5FEFE9 . 297984 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[-] 2002-08-29 . CD31EA24BC9A1B9F3DFE3B54EEF4D1D0 . 202752 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-19 . 7E9D138DC991BCCE6E6026CD74E69CC4 . 176640 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2004-08-19 . 7E9D138DC991BCCE6E6026CD74E69CC4 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[-] 2002-08-29 . A0EE5C06390357FEE7B7949DBCA156D3 . 165376 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll

[-] 2001-08-28 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2002-08-28 21:16 . FF773FEDA15E8BD97FD54FE87A0ACDBE . 142208 . . [5.1.2601.1095 built by: xpsp1] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\agp440.sys

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2003-06-30 . EDDCA9C72F1E7F2E2E2AB6AD7106C4A5 . 29952 . . [5.1.2600.1240] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2006-11-01 19:18 . FCD58951B3B2392007E0EE34D2CF944F . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2006-11-01 19:18 . FCD58951B3B2392007E0EE34D2CF944F . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2001-08-28 16:00 . E1A34560BF6CE7C703BB67EC4FA70F43 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2004-08-19 . DE71362123E81D268088E78543752576 . 33792 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2004-08-19 . DE71362123E81D268088E78543752576 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2003-10-21 . C5C3230C0E156C5A8B638CDCA82BCAE6 . 32256 . . [5.1.2600.1309] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2004-08-19 14:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
[-] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\system32\MsPMSNSv.dll

[-] 2009-08-04 . FE0C9C9035E3FDC193255C646BAC2C3D . 2068224 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 6472BC2A0D37D13D9D177CCC11F9726B . 2068096 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 4DD301E924F866170FEF3B6AB15A3FF9 . 2065024 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 46C4C1C73B1DC56D19D2DCD9CBE4953E . 2059776 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-08-04 . 46C4C1C73B1DC56D19D2DCD9CBE4953E . 2059776 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-08-04 . 2F61264797B873AC883D951E172EA142 . 2017792 . . [5.1.2600.3610] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-10 . F751E041E682F53EAF34F7FAEA78994D . 2068096 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 0150FE5C1E07F8AE422FEC6C8E8A0C98 . 2065024 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . ED5E20AE4AC5A63A4FF43FFE704A5153 . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2005-03-02 . 5311776074B6C13F983DC75BAEAC9C0C . 2059008 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 50B3A210B6FA8D3089A36A32E7D8B21F . 2017280 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2004-08-19 . 35567C8C50986C2BC5C3EFD79CB045E4 . 2017280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2004-08-19 . F252FAE094C54572ECE38A039F2103C4 . 2058880 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2003-04-24 . 5B9628B7ADBC6585E07906803D22DDC2 . 1925120 . . [5.1.2600.1151] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe

[-] 2004-08-19 14:09 . 951543FFB84012D13F4CB09DA2EACE96 . 438272 . . [5.1.2400.2180] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2004-08-19 14:09 . 951543FFB84012D13F4CB09DA2EACE96 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2002-08-29 13:44 . 33EB65FB1C4B611C11EEDD3647CD7DFB . 395776 . . [5.1.2400.1106] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2007-02-05 . 385DB2591BF11955F26E0A97728B1B31 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 96B3C690ED82E36E04C130F916E3AE91 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 96B3C690ED82E36E04C130F916E3AE91 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2004-08-19 . 0B6A726C2DE9BBB80A48459F0C318F44 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
[-] 2004-08-19 . 0B6A726C2DE9BBB80A48459F0C318F44 . 185344 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2002-08-29 . 5D0607C98280493BC1ED0A2F2B11772A . 164864 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"CursorXP"="c:\themegold55\CursorXP\CursorXP.exe" [2001-12-13 100864]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2008-09-17 86016]
"GBB36X Configure"="c:\windows\System32\JMRaidTool.exe" [2006-06-02 385024]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-10-12 921600]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-06-16 555816]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-06-16 568096]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-12-29 788880]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-27 16208384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceCheck"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoLowDiskSpaceCheck"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\messenger\\msmsgs.exe"=

R3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe [2004-08-19 14336]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-29 1181328]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2005-04-01 66048]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 272128]


--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6204be22-b766-11de-a90a-806d6172696f}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
Contenu du dossier 'Tâches planifiées'

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]
.
.
------- Examen supplémentaire -------
.
LSP: c:\windows\System32\imon.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lisou81\Application Data\Mozilla\Firefox\Profiles\sx1ldx2q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\documents and settings\Lisou81\Application Data\Mozilla\Firefox\Profiles\sx1ldx2q.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMyrMus.dll
FF - plugin: f:\vlc\npvlc.dll

---- PARAMETRES FIREFOX ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
.
------- Associations de fichier -------
.
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 13:13
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1268)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
.
Heure de fin: 2010-01-03 13:14
ComboFix-quarantined-files.txt 2010-01-03 12:14
ComboFix2.txt 2010-01-03 11:52

Avant-CF: 28.380.889.088 octets libres
Après-CF: 28.371.234.816 octets libres

- - End Of File - - F920B44F1964428FF3A4A764E1FB376F
3 Janvier 2010 14:04:15

Bonjour Matt48,

ta machine est gravement infecté, ce n' est pas gagné:( .

Supprime TDSSKiller...

Télécharge Rkill (merci Grinler) sur ton Bureau : Ici
/!\ Désactive tes protections résidentes : http://forum.pcastuces.com/desactiver_les_protections_r...
* Double-clique sur le fichier rkill afin de lancer l' outil (pour les utilisateurs de Vista/7, faire un clic-droit dessus puis choisir Exécuter en tant qu' Administrateur)
* Une fenêtre à fond noir va apparaître brièvement, puis disparaître
* Si rien ne se passe ou si l' outil ne se lance pas, télécharge-le depuis un des 3 autres liens ci-dessous et fais une nouvelle tentative

Lien 1
Lien 2
Lien 3

NB : Si aucun des quatre ne semble fonctionner, ne continue pas et préviens-moi dans ton prochain message.

Télécharge load_tdsskiller de Loup Blanc sur ton Bureau en cliquant sur ce lien : Ici
Cet outil est conçu pour automatiser différentes tâches proposées par TDSSKiller, un fix de Kaspersky.
* Lance load_tdsskiller en double-cliquant dessus : l'outil va se connecter au Net pour télécharger une copie à jour de TDSSKiller, puis va lancer le scan
* A la fin du scan, appuie sur une touche pour continuer, comme l'indique le message dans la fenêtre noire d'invite de commande
* Le rapport s'affichera automatiquement : copie-colle son contenu dans ta prochaine réponse (le fichier est également présent ici : C:\tdsskiller\report.txt)
* Fais redémarrer ton PC

A+
Edit : Mep
3 Janvier 2010 20:25:54

20:13:22:437 1548 TDSSKiller 2.1.1 Dec 20 2009 02:40:02
20:13:22:437 1548 ================================================================================
20:13:22:437 1548 SystemInfo:

20:13:22:437 1548 OS Version: 5.1.2600 ServicePack: 2.0
20:13:22:437 1548 Product type: Workstation
20:13:22:437 1548 ComputerName: TEST
20:13:22:437 1548 UserName: Lisou81
20:13:22:437 1548 Windows directory: C:\WINDOWS
20:13:22:437 1548 Processor architecture: Intel x86
20:13:22:437 1548 Number of processors: 2
20:13:22:437 1548 Page size: 0x1000
20:13:22:437 1548 Boot type: Normal boot
20:13:22:437 1548 ================================================================================
20:13:22:453 1548 ForceUnloadDriver: NtUnloadDriver error 2
20:13:22:453 1548 ForceUnloadDriver: NtUnloadDriver error 2
20:13:22:453 1548 ForceUnloadDriver: NtUnloadDriver error 2
20:13:22:453 1548 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0
20:13:22:484 1548 main: Driver KLMD successfully dropped
20:13:22:484 1548 main: Driver KLMD successfully loaded
20:13:22:484 1548
Scanning Registry ...
20:13:22:515 1548 ScanServices: Searching service UACd.sys
20:13:22:515 1548 ScanServices: Open/Create key error 2
20:13:22:515 1548 ScanServices: Searching service TDSSserv.sys
20:13:22:515 1548 ScanServices: Open/Create key error 2
20:13:22:515 1548 ScanServices: Searching service gaopdxserv.sys
20:13:22:515 1548 ScanServices: Open/Create key error 2
20:13:22:515 1548 ScanServices: Searching service gxvxcserv.sys
20:13:22:515 1548 ScanServices: Open/Create key error 2
20:13:22:515 1548 ScanServices: Searching service MSIVXserv.sys
20:13:22:515 1548 ScanServices: Open/Create key error 2
20:13:22:515 1548 UnhookRegistry: Kernel module file name: C:\windows\system32\ntkrnlpa.exe, base addr: 804D7000
20:13:22:531 1548 UnhookRegistry: Kernel local addr: A10000
20:13:22:531 1548 UnhookRegistry: KeServiceDescriptorTable addr: A946E0
20:13:22:609 1548 UnhookRegistry: KiServiceTable addr: A3C960
20:13:22:625 1548 UnhookRegistry: NtEnumerateKey service number (local): 47
20:13:22:625 1548 UnhookRegistry: NtEnumerateKey local addr: B5B970
20:13:22:625 1548 KLMD_OpenDevice: Trying to open KLMD device
20:13:22:625 1548 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey
20:13:22:625 1548 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x804FF801[0x4]
20:13:22:625 1548 UnhookRegistry: NtEnumerateKey service number (kernel): 47
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x80503A7C[0x4]
20:13:22:625 1548 UnhookRegistry: NtEnumerateKey real addr: 80622970
20:13:22:625 1548 UnhookRegistry: NtEnumerateKey calc addr: 80622970
20:13:22:625 1548 UnhookRegistry: No SDT hooks found on NtEnumerateKey
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x80622970[0xA]
20:13:22:625 1548 UnhookRegistry: No splicing found on NtEnumerateKey
20:13:22:625 1548
Scanning Kernel memory ...
20:13:22:625 1548 KLMD_OpenDevice: Trying to open KLMD device
20:13:22:625 1548 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk
20:13:22:625 1548 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk
20:13:22:625 1548 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 8A3BDE20
20:13:22:625 1548 DetectCureTDL3: KLMD_GetDeviceObjectList returned 6 DevObjects
20:13:22:625 1548 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 8A3B7030
20:13:22:625 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3B7030
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3B7030[0x38]
20:13:22:625 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3BDE20
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BDE20[0xA8]
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0xE161E360[0x208]
20:13:22:625 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
20:13:22:625 1548 DetectCureTDL3: IrpHandler (0) addr: BA8FEC30
20:13:22:625 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (2) addr: BA8FEC30
20:13:22:625 1548 DetectCureTDL3: IrpHandler (3) addr: BA8F8D9B
20:13:22:625 1548 DetectCureTDL3: IrpHandler (4) addr: BA8F8D9B
20:13:22:625 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (9) addr: BA8F9366
20:13:22:625 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (14) addr: BA8F944D
20:13:22:625 1548 DetectCureTDL3: IrpHandler (15) addr: BA8FCFC3
20:13:22:625 1548 DetectCureTDL3: IrpHandler (16) addr: BA8F9366
20:13:22:625 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (22) addr: BA8FAEF3
20:13:22:625 1548 DetectCureTDL3: IrpHandler (23) addr: BA8FFA24
20:13:22:625 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:625 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:625 1548 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
20:13:22:625 1548 KLMD_ReadMem: DeviceIoControl error 1
20:13:22:625 1548 TDL3_StartIoHookDetect: Unable to get StartIo handler code
20:13:22:625 1548 TDL3_FileDetect: Processing driver: Disk
20:13:22:625 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
20:13:22:625 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
20:13:22:625 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
20:13:22:640 1548 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 8A3262D0
20:13:22:640 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3262D0
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3262D0[0x38]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3BDE20
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BDE20[0xA8]
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0xE161E360[0x208]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
20:13:22:640 1548 DetectCureTDL3: IrpHandler (0) addr: BA8FEC30
20:13:22:640 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (2) addr: BA8FEC30
20:13:22:640 1548 DetectCureTDL3: IrpHandler (3) addr: BA8F8D9B
20:13:22:640 1548 DetectCureTDL3: IrpHandler (4) addr: BA8F8D9B
20:13:22:640 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (9) addr: BA8F9366
20:13:22:640 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (14) addr: BA8F944D
20:13:22:640 1548 DetectCureTDL3: IrpHandler (15) addr: BA8FCFC3
20:13:22:640 1548 DetectCureTDL3: IrpHandler (16) addr: BA8F9366
20:13:22:640 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (22) addr: BA8FAEF3
20:13:22:640 1548 DetectCureTDL3: IrpHandler (23) addr: BA8FFA24
20:13:22:640 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
20:13:22:640 1548 KLMD_ReadMem: DeviceIoControl error 1
20:13:22:640 1548 TDL3_StartIoHookDetect: Unable to get StartIo handler code
20:13:22:640 1548 TDL3_FileDetect: Processing driver: Disk
20:13:22:640 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
20:13:22:640 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
20:13:22:640 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
20:13:22:640 1548 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 8A3B9C68
20:13:22:640 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3B9C68
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3B9C68[0x38]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3BDE20
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BDE20[0xA8]
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0xE161E360[0x208]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
20:13:22:640 1548 DetectCureTDL3: IrpHandler (0) addr: BA8FEC30
20:13:22:640 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (2) addr: BA8FEC30
20:13:22:640 1548 DetectCureTDL3: IrpHandler (3) addr: BA8F8D9B
20:13:22:640 1548 DetectCureTDL3: IrpHandler (4) addr: BA8F8D9B
20:13:22:640 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (9) addr: BA8F9366
20:13:22:640 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (14) addr: BA8F944D
20:13:22:640 1548 DetectCureTDL3: IrpHandler (15) addr: BA8FCFC3
20:13:22:640 1548 DetectCureTDL3: IrpHandler (16) addr: BA8F9366
20:13:22:640 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (22) addr: BA8FAEF3
20:13:22:640 1548 DetectCureTDL3: IrpHandler (23) addr: BA8FFA24
20:13:22:640 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:640 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
20:13:22:640 1548 KLMD_ReadMem: DeviceIoControl error 1
20:13:22:640 1548 TDL3_StartIoHookDetect: Unable to get StartIo handler code
20:13:22:640 1548 TDL3_FileDetect: Processing driver: Disk
20:13:22:640 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
20:13:22:640 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
20:13:22:640 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
20:13:22:640 1548 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A3BAC68
20:13:22:640 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3BAC68
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BAC68[0x38]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3BDE20
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BDE20[0xA8]
20:13:22:640 1548 KLMD_ReadMem: Trying to ReadMemory 0xE161E360[0x208]
20:13:22:640 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
20:13:22:640 1548 DetectCureTDL3: IrpHandler (0) addr: BA8FEC30
20:13:22:656 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (2) addr: BA8FEC30
20:13:22:656 1548 DetectCureTDL3: IrpHandler (3) addr: BA8F8D9B
20:13:22:656 1548 DetectCureTDL3: IrpHandler (4) addr: BA8F8D9B
20:13:22:656 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (9) addr: BA8F9366
20:13:22:656 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (14) addr: BA8F944D
20:13:22:656 1548 DetectCureTDL3: IrpHandler (15) addr: BA8FCFC3
20:13:22:656 1548 DetectCureTDL3: IrpHandler (16) addr: BA8F9366
20:13:22:656 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (22) addr: BA8FAEF3
20:13:22:656 1548 DetectCureTDL3: IrpHandler (23) addr: BA8FFA24
20:13:22:656 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:656 1548 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
20:13:22:656 1548 KLMD_ReadMem: DeviceIoControl error 1
20:13:22:656 1548 TDL3_StartIoHookDetect: Unable to get StartIo handler code
20:13:22:656 1548 TDL3_FileDetect: Processing driver: Disk
20:13:22:656 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
20:13:22:656 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
20:13:22:656 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
20:13:22:656 1548 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 8A321AB8
20:13:22:656 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A321AB8
20:13:22:656 1548 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 8A41C180
20:13:22:656 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A41C180
20:13:22:656 1548 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 8A3F5110
20:13:22:656 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3F5110
20:13:22:656 1548 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 8A3BBA38
20:13:22:656 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3BBA38
20:13:22:656 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3BBA38[0x38]
20:13:22:656 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3B7A08
20:13:22:656 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3B7A08[0xA8]
20:13:22:656 1548 KLMD_ReadMem: Trying to ReadMemory 0xE1611840[0x208]
20:13:22:656 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\JRAID, Driver Name: JRAID
20:13:22:656 1548 DetectCureTDL3: IrpHandler (0) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (2) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (3) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (4) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (9) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (14) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (15) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (16) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (22) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (23) addr: BA6F244C
20:13:22:656 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:656 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:656 1548 KLMD_ReadMem: Trying to ReadMemory 0xBA6F540E[0x400]
20:13:22:656 1548 TDL3_StartIoHookDetect: CheckParameters: 1, BA6F917C, 618, 0
20:13:22:656 1548 TDL3_FileDetect: Processing driver: JRAID
20:13:22:656 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\jraid.sys, C:\WINDOWS\system32\Drivers\jraid.tsk, SYSTEM\CurrentControlSet\Services\JRAID, system32\Drivers\jraid.tsk
20:13:22:656 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\jraid.sys
20:13:22:656 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\jraid.sys
20:13:22:671 1548 DetectCureTDL3: 5 Curr stack PDEVICE_OBJECT: 8A324AB8
20:13:22:671 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A324AB8
20:13:22:671 1548 DetectCureTDL3: 5 Curr stack PDEVICE_OBJECT: 8A3BA9E8
20:13:22:671 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3BA9E8
20:13:22:671 1548 DetectCureTDL3: 5 Curr stack PDEVICE_OBJECT: 8A3B6D98
20:13:22:671 1548 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3B6D98
20:13:22:671 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3B6D98[0x38]
20:13:22:671 1548 DetectCureTDL3: DRIVER_OBJECT addr: 8A3C69C8
20:13:22:671 1548 KLMD_ReadMem: Trying to ReadMemory 0x8A3C69C8[0xA8]
20:13:22:671 1548 KLMD_ReadMem: Trying to ReadMemory 0xE15F1900[0x208]
20:13:22:671 1548 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi
20:13:22:671 1548 DetectCureTDL3: IrpHandler (0) addr: BA714572
20:13:22:671 1548 DetectCureTDL3: IrpHandler (1) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (2) addr: BA714572
20:13:22:671 1548 DetectCureTDL3: IrpHandler (3) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (4) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (5) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (6) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (7) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (8) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (9) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (10) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (11) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (12) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (13) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (14) addr: BA714592
20:13:22:671 1548 DetectCureTDL3: IrpHandler (15) addr: BA7107B4
20:13:22:671 1548 DetectCureTDL3: IrpHandler (16) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (17) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (18) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (19) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (20) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (21) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (22) addr: BA7145BC
20:13:22:671 1548 DetectCureTDL3: IrpHandler (23) addr: BA71B164
20:13:22:671 1548 DetectCureTDL3: IrpHandler (24) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (25) addr: 804F4476
20:13:22:671 1548 DetectCureTDL3: IrpHandler (26) addr: 804F4476
20:13:22:671 1548 KLMD_ReadMem: Trying to ReadMemory 0xBA7117C6[0x400]
20:13:22:671 1548 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 229, 0
20:13:22:671 1548 TDL3_FileDetect: Processing driver: atapi
20:13:22:671 1548 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\atapi.sys, C:\WINDOWS\system32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk
20:13:22:671 1548 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\atapi.sys
20:13:22:687 1548 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\atapi.sys
20:13:22:703 1548
Completed

Results:
20:13:22:703 1548 Infected objects in memory: 0
20:13:22:703 1548 Cured objects in memory: 0
20:13:22:703 1548 Infected objects on disk: 0
20:13:22:703 1548 Objects on disk cured on reboot: 0
20:13:22:703 1548 Objects on disk deleted on reboot: 0
20:13:22:703 1548 Registry nodes deleted on reboot: 0
20:13:22:703 1548
3 Janvier 2010 20:38:26

Re,

refais scrupuleusement la manip' de ComboFix.

Edit : Ortho
3 Janvier 2010 21:59:32

Lancé depuis: c:\documents and settings\Lisou81\Mes documents\Téléchargements\ComboFix.exe
* Un antivirus résident est actif

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Malware Defense
c:\windows\system32\H8SRTpmxgoaypek.dll
c:\windows\system32\H8SRTvonkjmoelx.dll
c:\windows\system32\H8SRTxxytkoonsa.dat
c:\windows\system32\krl32mainweq.dll
c:\windows\system32\srcr.dat

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_npf


((((((((((((((((((((((((((((( Fichiers créés du 2009-12-03 au 2010-01-03 ))))))))))))))))))))))))))))))))))))
.

2010-01-03 17:36 . 2010-01-03 19:27 -------- d-----w- C:\tdsskiller
2010-01-01 17:14 . 2010-01-01 17:14 -------- d-----w- C:\rsit
2009-12-31 00:49 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-12-31 00:49 . 2009-12-31 00:49 -------- d-----w- c:\program files\Alwil Software
2009-12-30 12:41 . 2009-12-30 12:40 401720 ----a-w- c:\program files\HiJackThis.exe
2009-12-28 16:05 . 2009-12-28 16:05 -------- d-----w- c:\program files\CamStudio
2009-12-06 21:46 . 2009-12-06 21:46 -------- d-----w- c:\documents and settings\Lisou81\Application Data\ACAMPREF
2009-12-06 21:43 . 2009-12-06 21:44 -------- d-----w- C:\Myriad Plugin
2009-12-06 21:40 . 2005-04-13 10:55 106496 ----a-w- c:\windows\system32\MMPlugHostCtrl.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 20:51 . 2010-01-02 21:35 4083422 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-01-03 11:50 . 2009-10-13 16:26 -------- d-----w- c:\program files\Microsoft IntelliPoint
2010-01-03 11:50 . 2009-10-13 16:25 -------- d-----w- c:\program files\Microsoft IntelliType Pro
2010-01-02 17:30 . 2010-01-02 17:32 3187712 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-02 15:03 . 2010-01-02 15:29 1687040 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2009-12-30 02:28 . 2001-08-28 16:00 46070 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-30 02:28 . 2001-08-28 16:00 361470 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-28 14:43 . 2009-10-13 17:21 18256 ----a-w- c:\documents and settings\Lisou81\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-06 21:43 . 2009-12-06 21:40 724 ----a-w- c:\windows\wacam.TMP
2009-12-06 21:40 . 2009-12-06 21:40 1409 ----a-w- c:\windows\Fonts\SToccata.fot
2009-12-06 17:16 . 2009-10-21 16:29 -------- d-----w- c:\documents and settings\Lisou81\Application Data\AdobeUM
2009-12-05 23:33 . 2009-10-16 11:42 -------- d-----w- c:\documents and settings\Lisou81\Application Data\dvdcss
2009-11-23 17:58 . 2009-09-12 10:13 -------- d-----w- c:\program files\Java
2009-11-21 18:27 . 2009-11-21 18:27 -------- d-----w- c:\documents and settings\Lisou81\Application Data\Songbird2
2009-11-21 18:22 . 2009-10-17 11:58 -------- d-----w- c:\program files\Oberon Media
2009-11-08 21:04 . 2009-11-08 21:04 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-08 21:04 . 2009-11-08 20:46 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-08 20:54 . 2009-11-08 20:54 -------- dc-h--w- c:\documents and settings\All Users.WINDOWS\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-08 20:36 . 2009-11-08 20:32 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Lavasoft
2009-11-08 20:32 . 2009-11-08 20:32 -------- d-----w- c:\program files\Lavasoft
2009-11-08 14:51 . 2009-11-08 14:51 -------- d-----w- c:\program files\CCleaner
2009-10-29 05:46 . 2002-08-29 13:45 666112 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2009-10-14 16:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2009-10-14 16:52 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2009-10-14 16:52 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-14 16:55 . 2009-10-12 17:49 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-10-13 17:01 . 2009-10-12 19:20 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-10-13 16:55 . 2009-10-13 16:55 0 ----a-w- c:\windows\nsreg.dat
2009-10-13 16:32 . 2009-10-13 16:32 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2009-10-13 10:52 . 2002-08-29 13:44 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 19:13 . 2009-10-12 19:15 502368 ----a-w- c:\windows\system32\drivers\amon.sys
2009-10-12 19:13 . 2009-10-12 19:15 274432 ----a-w- c:\windows\system32\imon.dll
2009-10-12 18:19 . 2009-10-12 18:19 2232 ----a-w- c:\windows\java\Packages\Data\L3HF79FJ.DAT
2009-10-12 18:19 . 2009-10-12 18:19 155995 ----a-w- c:\windows\java\Packages\UVJB5B7V.ZIP
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\I3BLV3BF.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\YEJ9Z9NL.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\U2TJXJP7.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\R7F17BDN.DAT
2009-10-12 18:18 . 2009-10-12 18:18 2678 ----a-w- c:\windows\java\Packages\Data\DV3X7575.DAT
2009-10-12 18:17 . 2009-02-04 21:01 5920 ----a-w- C:\plus.reg
2009-10-12 17:47 . 2009-10-12 17:47 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-12 13:52 . 2002-08-29 13:44 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:52 . 2002-08-29 13:44 113152 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2009-10-13 22:19 411368 ----a-w- c:\windows\system32\deploytk.dll
.

------- Sigcheck -------

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2002-08-29 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2002-08-28 . 95B858761A00E1D4F81F79A0DA019ACA . 86912 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2001-08-28 . 03F403B07A884FC2AA54A0916C410931 . 13568 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-08-28 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2004-08-19 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-19 . E798705E8DC7FAB596EF6BFDF167E007 . 25216 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2002-08-29 . 9BB4976AACD2C9DF788AFCC53ABB790C . 24064 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
[-] 2002-08-29 . 9BB4976AACD2C9DF788AFCC53ABB790C . 24064 . . [5.1.2600.1106] . . c:\windows\system32\ReinstallBackups\0017\DriverFiles\i386\kbdclass.sys

[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
[-] 2003-10-04 . D999CE17681D7D074D534FC5BC662E0A . 168192 . . [5.1.2600.1254] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2002-08-29 . E3AE9C79498210A5F39FE5A9AD62BC55 . 561920 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-08-28 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2qfe\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp2gdr\tcpip.sys
[-] 2006-04-20 . B8158E2A6112C0A5CA67BC158FC70218 . 340480 . . [5.1.2600.1831] . . c:\windows\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\sp1qfe\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2002-08-29 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

[-] 2004-08-19 . 75AC49029966BFFEA09F96C1C194F684 . 77312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2004-08-19 . 75AC49029966BFFEA09F96C1C194F684 . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2002-08-29 . B19784FAD2AE469FBDE72D26F4C0FA1F . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2004-08-19 . 259AF82A0932EEA4F316F92DB94707B6 . 13312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-19 . 259AF82A0932EEA4F316F92DB94707B6 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2002-08-29 . B7B1C150AFF59455DB4DF082815F88F5 . 11776 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2005-08-22 . 0D55724D88488BBFC53BC2EA219240F3 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 31748843AD5811351B115CC52CEA8D77 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll
[-] 2004-08-19 . 237F77C91B70469E3AF9F7FD0A524954 . 198144 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2002-08-29 . 0F18EEA4B1020FA064577A9654EFFFC6 . 154112 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2004-08-19 . 659F7B6C502051BFA37910614B225548 . 382464 . . [6.6.2600.2180] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2004-08-19 . 659F7B6C502051BFA37910614B225548 . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2004-07-01 . C3F35AA3E4E791EA8425B5DBAE01E283 . 360960 . . [6.6.2600.1569] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2004-07-01 . C3F35AA3E4E791EA8425B5DBAE01E283 . 360960 . . [6.6.2600.1569] . . c:\windows\system32\bits\qmgr.dll
[-] 2002-08-29 . E1BDBEC55DF596AC4DC9FDCF6CB12832 . 223232 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll

[-] 2009-02-09 . F83B964469D230F445613C44DF9FE25D . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 0203B1AAD358F206CB0A3C1F93CCE17A . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . 5620353B93DD08016674E4FEE280190B . 399360 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 5620353B93DD08016674E4FEE280190B . 399360 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . BA1EF616F55210820F6462D033088497 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2005-07-26 . CB7D37602638369A516757E994CBB31D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2005-07-26 . CB7D37602638369A516757E994CBB31D . 397824 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2gdr\rpcss.dll
[-] 2005-07-26 . 882114A101D4313E2736F4662EAAAA4E . 276992 . . [5.1.2600.1720] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp1qfe\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-07-26 . B38D431ACE730452CD1FEE4FB7ECD6E2 . 398336 . . [5.1.2600.2726] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2qfe\rpcss.dll
[-] 2005-04-28 . FD292BFE003558F4C39AA3D44F420AC7 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . D0F724BDF4A0647F1A52985FD629EFCE . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . 05E8F98BC17FCCE18D7DB332A81B8DDE . 395776 . . [5.1.2600.2595] . . c:\windows\SoftwareDistribution\Download\480cc6474822c4d3bda7c05b0f4fe218\sp2qfe\rpcss.dll
[-] 2004-08-19 . C6FE0B727A5D13419D480150631ADC09 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2004-08-19 . C6FE0B727A5D13419D480150631ADC09 . 395776 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2003-08-26 . 33D586E1C8E832BD50F69EE69117F8DC . 260608 . . [5.1.2600.1263] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

[-] 2009-02-09 . C3FB1D70CB88722267949694BA51759E . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . 62789101F9C2401ED598AA2CDE7450C0 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 9D6BF82FE50D55F20F8E10E0F6653886 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9D6BF82FE50D55F20F8E10E0F6653886 . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 51A24094F076961A7FF73E5F7E991D68 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2004-08-19 . 63DCDE1A0D86EEB8924D6738FF616EAD . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2004-08-19 . 63DCDE1A0D86EEB8924D6738FF616EAD . 108544 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2001-08-28 . FC0691097471EE374907E1024EDCBD43 . 101888 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
[-] 2004-08-19 . DF9FC62AD51CB082B0AE371919A232CB . 57856 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2001-08-28 . B1CE5287F096895D9BE26EB86F4D5FAF . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

[-] 2004-08-19 . 123EEA158F74D0F67A51DCDF065D1091 . 506368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-19 . 123EEA158F74D0F67A51DCDF065D1091 . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2002-08-29 . 71820BC9EE6653C8748922459DFC384D . 520704 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . 5BBCD65CFD7610F36BCA96B72BBAED4B . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2006-07-13 . 6E1F6582179FB6C0531599DD03EF380A . 925184 . . [6.0] . . c:\windows\SoftwareDistribution\Download\58ef93a94d01d24242f4e233677924c2\sp1qfe\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-19 . 7D3AA1F0E765054CB5F30114F2DB6888 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-19 . 7D3AA1F0E765054CB5F30114F2DB6888 . 611328 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2002-08-29 . 676445DF1322A8DC49E99D2D3688D230 . 557056 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

[-] 2004-08-19 . CD73133EB24C572019944001FAD1B8D9 . 60416 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2004-08-19 . CD73133EB24C572019944001FAD1B8D9 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2003-03-26 . A4178BE55244FD0447DC3E0F086B790F . 53760 . . [5.1.2600.1190] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:31 . A5B1B7C76134329AA7547F6E6DA35410 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:28 . EC16AE9B37EACF871629227A3F3913FD . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:24 . 157F9C595FD0D10502497DC4C1348D17 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:18 . 74ECF4DDC685BD3249CAB323405FCC49 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:39 . D9CDB9380E0EFC9E97CC589B5F484B94 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2gdr\es.dll
[-] 2005-07-26 04:38 . 4CB61A86683DFD6B3C41BAE2CF81FA94 . 227328 . . [2001.12.4414.62] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp1qfe\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2005-07-26 04:29 . B56B69129181FF63BAED5EDE65DCC9B1 . 243200 . . [2001.12.4414.308] . . c:\windows\SoftwareDistribution\Download\3188777c1d0f0fe2d51bfb880967bbb8\sp2qfe\es.dll
[-] 2004-08-19 14:09 . FDE7FBE9CC9DD9484DF3E0241737C091 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
[-] 2004-08-19 14:09 . FDE7FBE9CC9DD9484DF3E0241737C091 . 243200 . . [2001.12.4414.258] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2002-08-29 13:44 . 82F375C821B8C2A37452419169081DA7 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtServicePackUninstall$\es.dll

[-] 2004-08-19 . E55DAFA1A354BD5CB69151563DC9748A . 110080 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2004-08-19 . E55DAFA1A354BD5CB69151563DC9748A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2002-08-29 . ACCB54C9FC11EF14EDAA21E475E9C8FA . 103936 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 534040750B9E70B156A98F5D0E8F6D2A . 1051136 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 534040750B9E70B156A98F5D0E8F6D2A . 1051136 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 98F08549604D090B6B2514AF845F329F . 1054720 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . C3AF0EEE26B59484E674673E3016AAB7 . 1056768 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 2087E2764822A8D93A4CA7FA0FED35E8 . 1054208 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2006-07-05 . FB85EF2A6713E3A58A497E093626B93C . 1050112 . . [5.1.2600.2945] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp2qfe\kernel32.dll
[-] 2006-07-05 . CE4AF1FA47A29ADF97CB107775CE395C . 1049088 . . [5.1.2600.2945] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp2gdr\kernel32.dll
[-] 2006-07-05 . CEF8CE8CA1644779955860EDDA3D85A6 . 993792 . . [5.1.2600.1869] . . c:\windows\SoftwareDistribution\Download\2c61126e1b5afef4a119b36d8404bf1f\sp1qfe\kernel32.dll
[-] 2004-08-19 . C88F74591579DBDE273C61312B2D3886 . 1048576 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2004-08-19 . C88F74591579DBDE273C61312B2D3886 . 1048576 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2002-08-29 . 3F846A5513E8CC7DB6259585E60CB14D . 995328 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

[-] 2005-09-01 . D9BD4CCA0533401B6609E47FF74F40DC . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 8D9A075C065DFE1228688D10155D6624 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
[-] 2004-08-19 . 6C411ABBEEF0CA1D991F8A8F449D2B5F . 18944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2001-08-28 . 9AC497097204AABA6430E90E9DB6C901 . 15360 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2004-08-19 . 3236A6A1650E6C055FD5E87D7C4A05AD . 22016 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2004-08-19 . 3236A6A1650E6C055FD5E87D7C4A05AD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2001-08-28 . 4B938017DF43AFB8C1C4784CC0ADA90D . 18944 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2009-10-29 . BD80B64DCB52FFA71CF5ACF8EDD3475F . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll
[-] 2009-10-29 . FDB4D9CCA68161CBD8AA216460707855 . 3084288 . . [6.00.2900.3640] . . c:\windows\system32\mshtml.dll
[-] 2009-10-29 . FDB4D9CCA68161CBD8AA216460707855 . 3084288 . . [6.00.2900.3640] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-10-29 . 68A29F2A4EA35F40339FC89549F388CE . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
[-] 2009-10-29 . E184AA9779789DC4EE9DBFDE54074BA3 . 3091968 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\mshtml.dll
[-] 2009-10-20 . 203DA99D50B81E36A1A4E4ED57249F02 . 3084288 . . [6.00.2900.3636] . . c:\windows\$NtUninstallKB976325$\mshtml.dll
[-] 2009-10-20 . 914F42631ACE8544F76BF9E529309B19 . 3091968 . . [6.00.2900.3636] . . c:\windows\$hf_mig$\KB976749\SP2QFE\mshtml.dll
[-] 2009-10-19 . D64D8B11BA4A50E497C8A0342DC5BF2B . 3091968 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3GDR\mshtml.dll
[-] 2009-10-19 . 96A5441C54E16340477D1B051AF5BEED . 3093504 . . [6.00.2900.5890] . . c:\windows\$hf_mig$\KB976749\SP3QFE\mshtml.dll
[-] 2009-09-25 . C49AEDFDA7DFA06C8460B6641FB795CB . 3084288 . . [6.00.2900.3627] . . c:\windows\$NtUninstallKB976749$\mshtml.dll
[-] 2009-09-25 . 1EB78FBCE3D44AE3070356268DD60A9C . 3091968 . . [6.00.2900.3627] . . c:\windows\$hf_mig$\KB974455\SP2QFE\mshtml.dll
[-] 2009-09-25 . DCE11719021491A5F8E226E31A2074C3 . 3091968 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\mshtml.dll
[-] 2009-09-25 . CA9EE77EACF0021761764C28C2063D9A . 3093504 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\mshtml.dll
[-] 2006-06-30 17:38 . 35F17B9FA9C913DC47754D4C555DBECB . 2710528 . . [6.00.2800.1562] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
[-] 2006-06-30 08:52 . F39A94D526A4D0CDC212E68610776ACB . 2703872 . . [6.00.2800.1561] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
[-] 2004-08-19 . 7CA9E0D2C4DCA6B710FD57F40E597337 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB974455$\mshtml.dll
[-] 2004-08-19 . 7CA9E0D2C4DCA6B710FD57F40E597337 . 3003392 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2003-10-16 11:34 . 477F8245E97E7ED77C91FD8185EBE918 . 2799104 . . [6.00.2800.1276] . . c:\windows\$NtServicePackUninstall$\mshtml.dll

[-] 2004-08-19 . B89F48FDFD6C3312B92D5D633C23F075 . 343040 . . [7.0.2600.2180] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2004-08-19 . B89F48FDFD6C3312B92D5D633C23F075 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2002-08-29 . B0272E9D0F64B4B31439D65B13F46E4B . 323072 . . [7.0.2600.1106] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll

[-] 2008-06-20 . 58AF8498C62E1E1DAB5AE59C6E08C180 . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . C759B3790D3BA760C52E218EF4886DAC . 247808 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 8A52DE10680A40ECD04FA2C0FBC34190 . 247808 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . 4138FBDEDBC6FEAD215BB4C4B102F7DE . 247808 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2004-08-19 . 6FA2DDF70DC9B762EBF8920F89B6BEA3 . 247808 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2004-08-19 . 6FA2DDF70DC9B762EBF8920F89B6BEA3 . 247808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2001-08-28 . 461B467CAE39D0A2765C876B46E78A7C . 230912 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . ECD7791E0E9246CA5F218A19F3911EB9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2004-08-19 . D4CFAC76926C24E32B7F25A35C31BC6E . 407040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2004-08-19 . D4CFAC76926C24E32B7F25A35C31BC6E . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[-] 2002-08-29 . B05A56408A75A75345D399986751DDB7 . 399360 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2009-08-04 . 263FA3A73C588A26306D3B403A45F5A9 . 2191232 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 63864AF70CAC631077A6C1223617336B . 2191360 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . E23599BE2D89A295771CAD1212C7772A . 2188032 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . F478622DCBA4AF125885D62765C319EB . 2182400 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-08-04 . F478622DCBA4AF125885D62765C319EB . 2182400 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-08-04 . 61E8309F7009536A2FE483132404C5D4 . 2138112 . . [5.1.2600.3610] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-10 . BEF458B8424553279E95E250D1E0CE7E . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . B55AA66BC9269BC5257B915FFDAA790B . 2188160 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . AB896577F35CF5FED7A9F87D3C3205ED . 2191104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2005-03-02 . 3E2A0A4A0C0B19FC113618A9562A3B2A . 2181632 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . E75F7AA5A33479F29C636FD0890F5762 . 2137600 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2004-08-19 . 7D38CE4398E6AA6339B4644FEADCC0D8 . 2183040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2004-08-19 . 36F32A5A83DF734E022734D93860A9A4 . 2150400 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2003-04-24 . B9FBC0FD7934EA3CEC4877B654B1E5BB . 1896448 . . [5.1.2600.1151] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2004-08-19 . 29D5E58FB089C41898A81BD4C8970F22 . 17408 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2004-08-19 . 29D5E58FB089C41898A81BD4C8970F22 . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2001-08-28 . 8B6172B8C969658F4FE47968F08CFF48 . 14848 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2004-08-19 . 58D439F6EF73A2D9288B204E819F4BBD . 186368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2004-08-19 . 58D439F6EF73A2D9288B204E819F4BBD . 186368 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2002-08-29 . 11F7656C69DA4CFB022CEC5445A647E8 . 180736 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2004-08-19 . BB695F18354B38CFF693E67EE7A30C22 . 5120 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2004-08-19 . BB695F18354B38CFF693E67EE7A30C22 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2001-08-28 . A8418B5FE185B405FE34D2703B54E97F . 4096 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2004-08-19 . 2979B03D5382A602623C0535B16AB9C0 . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-19 . 2979B03D5382A602623C0535B16AB9C0 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2001-08-28 . 333A4DB8410D8E24DB06D6AEBECDC7C2 . 12800 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2005-07-08 . C9FA05D271A0066764FE75BE38E24D69 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 720DA0C9DB8996AD9B7F5164B2242DAA . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
[-] 2004-08-19 . 5CC2A233DAC03CAF99D20B87598675CD . 246272 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2002-08-29 . 2718541CC10BCDDC3196A732CA8D0F3A . 233984 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2007-03-08 . 4D88AAF39ADABFE45958EA1384E2C4FF . 579072 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 753354F594809A9B96F73999B435A533 . 578560 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[-] 2005-03-02 . 6EEF91AD23C3474C934174D11C6DA321 . 562176 . . [5.1.2600.1634] . . c:\windows\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
[-] 2005-03-02 . C34920EB988CE98910BD6B0417F334EB . 578048 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 0DF75FB73F705B011630159A43D7C354 . 578048 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2004-08-19 . 61C8C283AD063BB697AE61A155C64A5A . 578048 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2003-09-25 . 78524A7AF390EA5071B400936C73E4FF . 561152 . . [5.1.2600.1255] . . c:\windows\$NtServicePackUninstall$\user32.dll

[-] 2004-08-19 . 84717891F0734C611721F56C60B5FBC3 . 25088 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2004-08-19 . 84717891F0734C611721F56C60B5FBC3 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2002-08-29 . F4127A2A00825C69A870035DA1264AE0 . 22528 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\userinit.exe

[-] 2009-10-29 . 07FD90B96C6A1E1FAE1E0658A25C039E . 666112 . . [6.00.2900.3640] . . c:\windows\system32\wininet.dll
[-] 2009-10-29 . 07FD90B96C6A1E1FAE1E0658A25C039E . 666112 . . [6.00.2900.3640] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-10-29 . D89926AF5796E322D229B1C2E4FC8D1D . 671232 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll
[-] 2009-10-29 . 1DF357F4537A7F5D77F46D9C4F36DDF0 . 672768 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
[-] 2009-10-29 . 26A2F945BB0E60D5590B61D650162E1B . 672768 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll
[-] 2009-09-25 . CFB3271742D2E2801021287973FEFB32 . 666112 . . [6.00.2900.3627] . . c:\windows\$NtUninstallKB976325$\wininet.dll
[-] 2009-09-25 . 442959D8A81262A1EFAC539AB5551FAE . 672768 . . [6.00.2900.3627] . . c:\windows\$hf_mig$\KB974455\SP2QFE\wininet.dll
[-] 2009-09-25 . 52725B1CDF5C27A19BB316BE4C7CFDCE . 671232 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3GDR\wininet.dll
[-] 2009-09-25 . 529081B5F266D9E18F85A2EF7725F21A . 672768 . . [6.00.2900.5880] . . c:\windows\$hf_mig$\KB974455\SP3QFE\wininet.dll
[-] 2006-06-23 19:46 . 38A54870ECED4C83F227A5C4BE236709 . 593408 . . [6.00.2800.1560] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
[-] 2006-06-23 11:28 . 1F063BDBD1AFEF9AC0ABD02384D40376 . 581120 . . [6.00.2800.1559] . . c:\windows\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
[-] 2004-08-19 . 4E958B97EFC3D801F49283D1820F48B7 . 660480 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB974455$\wininet.dll
[-] 2004-08-19 . 4E958B97EFC3D801F49283D1820F48B7 . 660480 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2002-08-29 . CBC50D46257C4A75644230507B488050 . 603136 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\wininet.dll

[-] 2006-08-16 . 7279695B154A49550F675A985265B00A . 70656 . . [5.1.2600.1886] . . c:\windows\SoftwareDistribution\Download\b3d62539e3338b3e6aca7b80247f201f\sp1qfe\ws2_32.dll
[-] 2004-08-19 . EED74B969B2CA1ACC558FF60FB420E28 . 82944 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2004-08-19 . EED74B969B2CA1ACC558FF60FB420E28 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2003-07-10 . 96870F48299155E046F7960E3F421714 . 70656 . . [5.1.2600.1240] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . D0288319660EDCFED07C7E74C4EA38A5 . 1037312 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe
[-] 2007-06-13 . B795475444D6D57A572C14B9E1A29839 . 1037312 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2004-08-19 . 2A7BD330924252A2FD80344FC949BB72 . 1036288 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-08-29 . 82FE0D400CB1AC937234467B927B867A . 1008128 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[-] 2004-08-19 . CE978404558CE2D82896AC2032F06DBF . 171008 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2004-08-19 . CE978404558CE2D82896AC2032F06DBF . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2002-08-29 . 5BCBC26D816911D1FAED26448ACAA6FC . 159232 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

[-] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2004-08-19 . 8558905BA81F6EFAAF9667139BB117DD . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2004-08-19 . 912591E2055E26566D1CB54092A7E8B0 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2004-08-19 . 49B1376885340BF9EA0D99F71557B59A . 55808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2004-08-19 . 49B1376885340BF9EA0D99F71557B59A . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2002-08-29 . B1F4DD70AD2DF7B98C8323394D370B2A . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

[-] 2004-08-19 . 6D8F3AC555E3F8A569AA9B2A817698C1 . 1548288 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2004-08-19 . 6D8F3AC555E3F8A569AA9B2A817698C1 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2002-08-29 . 2E280A2E44246CEB438C9C2FD8A3E9B5 . 1145856 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

[-] 2004-08-19 . 64E41E8FEE655B03E3F19DED21BA5118 . 15360 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-19 . 64E41E8FEE655B03E3F19DED21BA5118 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2002-08-29 . 2C856908EE61424238772508E9FBCBC8 . 13312 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\shsvcs.dll
[-] 2006-12-19 . D7DFBD1EFA149EC158363B974DAE0C6B . 135168 . . [6.00.2900.3051] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2006-12-19 . 1839CDF416A5AA8BF2EFE377F57452CC . 135680 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
[-] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll
[-] 2004-08-19 . ABA25E49F6589FD73F1143FDC39A6B46 . 135168 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2002-08-29 . E826404A74063B0AA553184ADCAD101B . 116736 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2004-08-19 . B6F76CE10953A141545A0D01F1776885 . 59904 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2004-08-19 . B6F76CE10953A141545A0D01F1776885 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2001-08-28 . 403245F119FAB18B49608C01A4BF1E02 . 51712 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2004-08-19 . A65E74CC5831CED5762AA16033ED20EE . 193024 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2004-08-19 . A65E74CC5831CED5762AA16033ED20EE . 193024 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2002-08-29 . 1287A7BB6342194D37F964B1569D466B . 161280 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2004-08-19 . DCB185C829538971E47AFFE77BA138C3 . 71680 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2004-08-19 . DCB185C829538971E47AFFE77BA138C3 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2002-08-29 . 6E625661367254FF74FD1C569273740C . 43008 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2004-08-19 . 78F90C3E230AD122BCB116ABAD5FEFE9 . 297984 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2004-08-19 . 78F90C3E230AD122BCB116ABAD5FEFE9 . 297984 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
[-] 2002-08-29 . CD31EA24BC9A1B9F3DFE3B54EEF4D1D0 . 202752 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2004-08-19 . 7E9D138DC991BCCE6E6026CD74E69CC4 . 176640 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2004-08-19 . 7E9D138DC991BCCE6E6026CD74E69CC4 . 176640 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[-] 2002-08-29 . A0EE5C06390357FEE7B7949DBCA156D3 . 165376 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll

[-] 2001-08-28 . E4ABC1212B70BB03D35E60681C447210 . 12032 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2002-08-28 21:16 . FF773FEDA15E8BD97FD54FE87A0ACDBE . 142208 . . [5.1.2601.1095 built by: xpsp1] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\agp440.sys

[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2003-06-30 . EDDCA9C72F1E7F2E2E2AB6AD7106C4A5 . 29952 . . [5.1.2600.1240] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2006-11-01 19:18 . FCD58951B3B2392007E0EE34D2CF944F . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2006-11-01 19:18 . FCD58951B3B2392007E0EE34D2CF944F . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2001-08-28 16:00 . E1A34560BF6CE7C703BB67EC4FA70F43 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

[-] 2004-08-19 . DE71362123E81D268088E78543752576 . 33792 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2004-08-19 . DE71362123E81D268088E78543752576 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2003-10-21 . C5C3230C0E156C5A8B638CDCA82BCAE6 . 32256 . . [5.1.2600.1309] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2004-08-19 14:09 . 535D54D2AF721A3497F058CAA2C63447 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
[-] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-08-10 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\system32\MsPMSNSv.dll

[-] 2009-08-04 . FE0C9C9035E3FDC193255C646BAC2C3D . 2068224 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 6472BC2A0D37D13D9D177CCC11F9726B . 2068096 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . 4DD301E924F866170FEF3B6AB15A3FF9 . 2065024 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 46C4C1C73B1DC56D19D2DCD9CBE4953E . 2059776 . . [5.1.2600.3610] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-08-04 . 46C4C1C73B1DC56D19D2DCD9CBE4953E . 2059776 . . [5.1.2600.3610] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-08-04 . 2F61264797B873AC883D951E172EA142 . 2017792 . . [5.1.2600.3610] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-10 . F751E041E682F53EAF34F7FAEA78994D . 2068096 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 0150FE5C1E07F8AE422FEC6C8E8A0C98 . 2065024 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . ED5E20AE4AC5A63A4FF43FFE704A5153 . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2005-03-02 . 5311776074B6C13F983DC75BAEAC9C0C . 2059008 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2005-03-02 . 50B3A210B6FA8D3089A36A32E7D8B21F . 2017280 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2004-08-19 . 35567C8C50986C2BC5C3EFD79CB045E4 . 2017280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2004-08-19 . F252FAE094C54572ECE38A039F2103C4 . 2058880 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2003-04-24 . 5B9628B7ADBC6585E07906803D22DDC2 . 1925120 . . [5.1.2600.1151] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe

[-] 2004-08-19 14:09 . 951543FFB84012D13F4CB09DA2EACE96 . 438272 . . [5.1.2400.2180] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2004-08-19 14:09 . 951543FFB84012D13F4CB09DA2EACE96 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2002-08-29 13:44 . 33EB65FB1C4B611C11EEDD3647CD7DFB . 395776 . . [5.1.2400.1106] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2007-02-05 . 385DB2591BF11955F26E0A97728B1B31 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 96B3C690ED82E36E04C130F916E3AE91 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 96B3C690ED82E36E04C130F916E3AE91 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2004-08-19 . 0B6A726C2DE9BBB80A48459F0C318F44 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
[-] 2004-08-19 . 0B6A726C2DE9BBB80A48459F0C318F44 . 185344 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2002-08-29 . 5D0607C98280493BC1ED0A2F2B11772A . 164864 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"CursorXP"="c:\themegold55\CursorXP\CursorXP.exe" [2001-12-13 100864]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2008-09-17 13574144]
"nwiz"="nwiz.exe" [2008-09-17 1657376]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2008-09-17 86016]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"GBB36X Configure"="c:\windows\System32\JMRaidTool.exe" [2006-06-02 385024]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-10-12 921600]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-06-16 555816]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-06-16 568096]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-12-29 788880]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceCheck"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoLowDiskSpaceCheck"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\messenger\\msmsgs.exe"=

R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-29 1181328]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-09-23 64288]
S2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\DRIVERS\EAPPkt.sys [2005-04-01 66048]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\DRIVERS\wg111v2.sys [2007-12-26 272128]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contenu du dossier 'Tâches planifiées'

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]

2009-12-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 12:52]
.
.
------- Examen supplémentaire -------
.
LSP: c:\windows\System32\imon.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Lisou81\Application Data\Mozilla\Firefox\Profiles\sx1ldx2q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - plugin: c:\documents and settings\Lisou81\Application Data\Mozilla\Firefox\Profiles\sx1ldx2q.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMyrMus.dll
FF - plugin: f:\vlc\npvlc.dll
.
.
------- Associations de fichier -------
.
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
.
- - - - ORPHELINS SUPPRIMES - - - -

AddRemove-HijackThis - E:\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 21:50
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(332)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
c:\program files\Unlocker\UnlockerHook.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
c:\program files\NETGEAR\WG111v2\WG111v2.exe
.
**************************************************************************
.
Heure de fin: 2010-01-03 21:53:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-03 20:53
ComboFix2.txt 2010-01-03 12:14
ComboFix3.txt 2010-01-03 11:52

Avant-CF: 28.341.370.880 octets libres
Après-CF: 28.308.672.512 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

- - End Of File - - 987443831950F86129BC837B9D9C580E
4 Janvier 2010 09:32:05

Bonjour Matt48,

1) Télécharge :
CCleaner - Slim : http://www.ccleaner.com/download/builds.aspx
Lance-le puis clique sur Options>Avancé et décoche Effacer uniquement les fichiers Temp de Windows datant de+ de 24 heures. Laisse-le avec ses réglages par défaut et ferme le programme pour l' instant.

Malwarebytes' Anti-Malware : Ici
Lance-le et une fois l' exécutable téléchargé, double-clique sur mbam-setup.exe, l' installation commence. Laisse-toi guider par l' assistant : Choix de la langue, acceptation de la licence, dossier par défaut... Pense à cocher la case Créer une icône sur le Bureau. Tu arrives à présent à la fin de l' installation, ferme le programme pour l' instant.

2) Lance CCleaner :
Dans le menu Nettoyeur, clique sur Analyse (laisse-le travailler, cela peut durer longtemps).
Puis clique sur le bouton Lancer le nettoyage.
Fais cela plusieurs fois et ferme CCleaner

3) Lance Malwarebytes' Anti-Malware :
Tuto : http://forum.pcastuces.com/malwarebytes_anti_malware___...

4) Poste le rapport Malwarebytes' Anti-Malware.

A+
9 Janvier 2010 11:13:23

Bonjour Frederix,

Excuse moi pour se long silence, je ne dispose pas d'internet la semaine !

J'avais déjà CCleaner sur mon pc donc je ne l'ai pas téléchargé!

J'ai décoché la case et fermé le programme, ensuite j'ai installé Malwarebytes' Anti-Malware, cependant il ma marqué des messages d'erreurs farfelus!

J'ai donc fait abstraction et j'ai lancé CCleaner. Cela fait, j'ai lancé Malwarebytes' Anti-Malware mais je n'ai comme réponse que cela, puis plus rien:

http://img96.imageshack.us/img96/7981/mbmf.jpg


Pour information, il y a 1an, j'avais perdu le contenu de mon disque dur (mauvaise manip. de ma part, il faut dire que l'informatique, je l'apprend en faisant des erreurs...), j'ai en faite un second disque dur avec 2 partitions, dont une comprenant un autre OS de windows XP.
Je pense que je peux démarrer sur cette partition (de façon à remettre un peu d'ordre) et formater mon DD actuel! Après ce serai en dernier recours si la réparation serait trop difficile ou complexe à faire! Les logiciels se réinstallent...même si ça prend du temps!
9 Janvier 2010 13:21:48

En faite je vais opter pour la dernière solution! Je vais le formater et réinstaller mon windows, j'ai besoin de mon pc rapidement et dans un bon état, et je vais donc passer l'aprem à tout réinstaller!

Je te remercie pour l'aide et le temps que tu ma consacré! J'ai appris certaines choses, je vois les choses positivement ^^

Merci, bonne année et meilleur vœux pour cette année 2010!
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS