Se connecter / S'enregistrer
Votre question

Virus Bagle ? Enfin je pense...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Novembre 2008 17:31:42

Bonjour !

Donc message : "....exe n'est pas une application win32 valide"

Antivirus inactif et pas possible de passer en mode sans échec.

J'ai réussi à avoir un rapport combofix :

ComboFix 08-11-12.02 - rv 2008-11-14 17:22:14.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.96 [GMT 1:00]
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\rv\Application Data\m
c:\documents and settings\rv\Application Data\m\data.oct
c:\documents and settings\rv\Application Data\m\flec006.exe
c:\documents and settings\rv\Application Data\m\list.oct
c:\documents and settings\rv\Application Data\m\shared\12Ghosts_JustAWindow_8.11_Crack.zip
c:\documents and settings\rv\Application Data\m\shared\310-011 - Solaris 8 System Administration I Practice Test Questions 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\3D Good Ole Summer Time 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\3nity_Music_CD_Burner_1.1_Cracked.zip
c:\documents and settings\rv\Application Data\m\shared\642-432 Practice Exam Testing Engine Software 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Acceleration_Startup_Manager_+_Release_RAM_Bundle_2.0.zip
c:\documents and settings\rv\Application Data\m\shared\ADingOD ParkFont 1.4.zip
c:\documents and settings\rv\Application Data\m\shared\Advanced_Access_Password_Recovery_2.5.zip
c:\documents and settings\rv\Application Data\m\shared\Adware_Removal_8.0.18.zip
c:\documents and settings\rv\Application Data\m\shared\AIM_Fix_1.6.815.1339.zip
c:\documents and settings\rv\Application Data\m\shared\Animals_Pack2_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\antivir workstation win en.zip
c:\documents and settings\rv\Application Data\m\shared\Apache Admin 2.5.zip
c:\documents and settings\rv\Application Data\m\shared\Audio Converter 8.20.zip
c:\documents and settings\rv\Application Data\m\shared\Automatic FTP Upload Software 7.0.zip
c:\documents and settings\rv\Application Data\m\shared\avast!.Home.Edition.4.6.763.Crack.WORKING.zip
c:\documents and settings\rv\Application Data\m\shared\AZ Paint Pro 7.8.0.zip
c:\documents and settings\rv\Application Data\m\shared\Backup_In_Time_2007_2.0.6_(Key).zip
c:\documents and settings\rv\Application Data\m\shared\Barcode4NET 2.0.zip
c:\documents and settings\rv\Application Data\m\shared\Basketball 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\BAT-Spooler_Standard_Edition_1.zip
c:\documents and settings\rv\Application Data\m\shared\BeatHarness 1.0 Beta 2.zip
c:\documents and settings\rv\Application Data\m\shared\BigTime 1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Bonrix_Simple_GroupMail_1.01_[Key].zip
c:\documents and settings\rv\Application Data\m\shared\Capitalor_Pivot_Calculator_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Cashflow_Plan_Micro_1.31_(Serial).zip
c:\documents and settings\rv\Application Data\m\shared\Catalogic 2.0 Build 302.zip
c:\documents and settings\rv\Application Data\m\shared\CD to WMA MP3 Ripper 1.60.zip
c:\documents and settings\rv\Application Data\m\shared\Celebrity_Solitaire_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Chris Dunn Lookup 7.2.9.zip
c:\documents and settings\rv\Application Data\m\shared\Code 93 Barcode Premium Package 1.1.zip
c:\documents and settings\rv\Application Data\m\shared\ColorSwap 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\ConsoXL_1.1.0.zip
c:\documents and settings\rv\Application Data\m\shared\CopyText_2.2.zip
c:\documents and settings\rv\Application Data\m\shared\Custom_Screensaver_Selection_7_1.zip
c:\documents and settings\rv\Application Data\m\shared\Data_Destroyer_8.27t.zip
c:\documents and settings\rv\Application Data\m\shared\Data_Tracker_for_Research_1.09_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\DBF_Doctor_1.68_Build_54_Patch.zip
c:\documents and settings\rv\Application Data\m\shared\dbManager_Plugin.zip
c:\documents and settings\rv\Application Data\m\shared\Depreciation_4562_Pro_1.5.zip
c:\documents and settings\rv\Application Data\m\shared\Desktop_Sticky_Note_2.3.zip
c:\documents and settings\rv\Application Data\m\shared\Disguise_1.30.zip
c:\documents and settings\rv\Application Data\m\shared\Dodge_That_Anvil_b7r4.zip
c:\documents and settings\rv\Application Data\m\shared\DP Multicrypt 1.6.zip
c:\documents and settings\rv\Application Data\m\shared\Eastsea System Cleaner 4.10 Serial.zip
c:\documents and settings\rv\Application Data\m\shared\EasyCalc_1.22.zip
c:\documents and settings\rv\Application Data\m\shared\es-Builder 1.9.zip
c:\documents and settings\rv\Application Data\m\shared\eXComboBox_LITE_3.1.0.2_Key.zip
c:\documents and settings\rv\Application Data\m\shared\Expression_Media_Encoder_Preview_Key.zip
c:\documents and settings\rv\Application Data\m\shared\ExTuber 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Falco_Icon_Studio_1.7.zip
c:\documents and settings\rv\Application Data\m\shared\Filmerit 3.0.8.zip
c:\documents and settings\rv\Application Data\m\shared\FireTuneUp_1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Floppy Image Creator 5.3.0.10.zip
c:\documents and settings\rv\Application Data\m\shared\FontExplorerL.M. 5.6.4.zip
c:\documents and settings\rv\Application Data\m\shared\FreeDiff_1.1.2.zip
c:\documents and settings\rv\Application Data\m\shared\FreeMem 2.00.zip
c:\documents and settings\rv\Application Data\m\shared\FXLib_3.01.zip
c:\documents and settings\rv\Application Data\m\shared\FXstyle Bulk Email Direct Sender 3.0.zip
c:\documents and settings\rv\Application Data\m\shared\Google Index Notification 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\History_Destroyer_3.1_Key+Serial.zip
c:\documents and settings\rv\Application Data\m\shared\i-netLock+_3.2.6.zip
c:\documents and settings\rv\Application Data\m\shared\Image Enhance 3.2.4.zip
c:\documents and settings\rv\Application Data\m\shared\iPod Movie Converter Suite 2.0.zip
c:\documents and settings\rv\Application Data\m\shared\Karmatic Revolution Font 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\KeepEmOut 1.3.0.0.zip
c:\documents and settings\rv\Application Data\m\shared\Macro Buddy 1.55.zip
c:\documents and settings\rv\Application Data\m\shared\MailZip Pro 1.zip
c:\documents and settings\rv\Application Data\m\shared\Mathwiz Financial Calculator 6.22.1008.zip
c:\documents and settings\rv\Application Data\m\shared\MegaEPG 1.0.2 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\Motocross Mania Demo.zip
c:\documents and settings\rv\Application Data\m\shared\MS_Word_Backup_File_Auto_Save_Software_7.0_[Key+Serial].zip
c:\documents and settings\rv\Application Data\m\shared\MSD_Collections_Multiuser_2.10_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\MSN7_Task_Monitor_1.21.zip
c:\documents and settings\rv\Application Data\m\shared\MultiGrabber 3.6.zip
c:\documents and settings\rv\Application Data\m\shared\NativeJ_4.8.3_Patch.zip
c:\documents and settings\rv\Application Data\m\shared\Neoava Guard 1.0 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\neoSearch 1.47.zip
c:\documents and settings\rv\Application Data\m\shared\Operation_Flashpoint_Resistance_M113_+_M163_Weapons_Pack.zip
c:\documents and settings\rv\Application Data\m\shared\OptimFROG 4.600ex.zip
c:\documents and settings\rv\Application Data\m\shared\Paper Valet 2.1.08.zip
c:\documents and settings\rv\Application Data\m\shared\Parallels Compressor 2.1.1670.zip
c:\documents and settings\rv\Application Data\m\shared\Pavtube Video Converter 1.0.1.59.zip
c:\documents and settings\rv\Application Data\m\shared\Perfect DVD Duplication 3.0.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\Piano_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Pic2Pic_Plus_1.4_Serial.zip
c:\documents and settings\rv\Application Data\m\shared\Picture_Show_2.5.77_Crack.zip
c:\documents and settings\rv\Application Data\m\shared\Pidro Challenge 2.1.zip
c:\documents and settings\rv\Application Data\m\shared\Power Audio CD Burner 1.01.zip
c:\documents and settings\rv\Application Data\m\shared\Project_Genie_Standard_Edition_1.0_(Crack).zip
c:\documents and settings\rv\Application Data\m\shared\ProPrompter Software 3.0 [Key].zip
c:\documents and settings\rv\Application Data\m\shared\Publish Query to HTML for SQL Server Pro 1.02.zip
c:\documents and settings\rv\Application Data\m\shared\Radius_Test_2.4.3.zip
c:\documents and settings\rv\Application Data\m\shared\Replay Media Splitter 1.2 (Crack).zip
c:\documents and settings\rv\Application Data\m\shared\RSS Replay 1.2.zip
c:\documents and settings\rv\Application Data\m\shared\Ruby Encryption Library 1.0 (Cracked).zip
c:\documents and settings\rv\Application Data\m\shared\Secret Messenger 2.1.zip
c:\documents and settings\rv\Application Data\m\shared\Serious_Sam_demo.zip
c:\documents and settings\rv\Application Data\m\shared\Shareaza_Turbo_Accelerator_2.5.5_(Key+Serial).zip
c:\documents and settings\rv\Application Data\m\shared\Simplexar Statsar 1.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\Snowflake_Flurry_Screensaver_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\SOFTWARE.-.Avast.Antivirus.Pro.Version.4.6.665.+.KeyGen.zip
c:\documents and settings\rv\Application Data\m\shared\SolSuite_Solitaire_2006_6.10.zip
c:\documents and settings\rv\Application Data\m\shared\SonicLite 1.0.0 BETA.zip
c:\documents and settings\rv\Application Data\m\shared\Speech_Master_3.0.zip
c:\documents and settings\rv\Application Data\m\shared\Sqirlz_Water_Reflections_2.2.zip
c:\documents and settings\rv\Application Data\m\shared\Squeaky Clean 1.0.1.zip
c:\documents and settings\rv\Application Data\m\shared\SurfTabs 1.8.70.zip
c:\documents and settings\rv\Application Data\m\shared\Symantec.Norton.SystemWorks.2005.+.Antivirus.2005.+.Internet.Security.2005.+.keygen.zip
c:\documents and settings\rv\Application Data\m\shared\Symantec.pcAnywhere.12.0.zip
c:\documents and settings\rv\Application Data\m\shared\TerraClient 1.3.3.zip
c:\documents and settings\rv\Application Data\m\shared\Text_Suite_Pro_with_M_Player_1.1_3.5.5530.zip
c:\documents and settings\rv\Application Data\m\shared\The Ozone Cow Brain Saver 1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Unreal_Tournament_2003_-_PA_Soldier_skin.zip
c:\documents and settings\rv\Application Data\m\shared\VersaSRS Help Desk 3.3.0.zip
c:\documents and settings\rv\Application Data\m\shared\VeryPDF_PDF_Editor_1.1.zip
c:\documents and settings\rv\Application Data\m\shared\Virtual_Library_1.0.zip
c:\documents and settings\rv\Application Data\m\shared\Vocalise TTS 1.0.1 [Key+Serial].zip
c:\documents and settings\rv\Application Data\m\shared\Warcraft_III_-_The_Beginning_map.zip
c:\documents and settings\rv\Application Data\m\shared\Web_TimeSheet_7.1.zip
c:\documents and settings\rv\Application Data\m\shared\WebInject 1.41.zip
c:\documents and settings\rv\Application Data\m\shared\Whois 1.01.zip
c:\documents and settings\rv\Application Data\m\shared\Windows & Internet Cleaner Pro 3.22.zip
c:\documents and settings\rv\Application Data\m\shared\Younicate 0.8 Beta.zip
c:\documents and settings\rv\Application Data\m\shared\Zinf_Audio_Player_2.2.1.zip
c:\documents and settings\rv\Application Data\m\shared\ZipWorx_Explorer_Wizard_2.5_[With_Crack].zip
c:\documents and settings\rv\Application Data\m\srvlist.oct
c:\documents and settings\rv\Local Settings\Application Data\eddzaq.dat
c:\documents and settings\rv\Local Settings\Application Data\eddzaq.exe
c:\documents and settings\rv\Local Settings\Application Data\eddzaq_nav.dat
c:\documents and settings\rv\Local Settings\Application Data\eddzaq_navps.dat
c:\documents and settings\rv\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
c:\program files\Internet Explorer\fxavx.ini
c:\program files\UberIcon\UberIcon Manager.exe
c:\windows\system32\ban_list.txt
c:\windows\system32\drivers\downld
c:\windows\system32\drivers\downld\101421.exe
c:\windows\system32\drivers\downld\101718.exe
c:\windows\system32\drivers\downld\102578.exe
c:\windows\system32\drivers\downld\102609.exe
c:\windows\system32\drivers\downld\104125.exe
c:\windows\system32\drivers\downld\104609.exe
c:\windows\system32\drivers\downld\104781.exe
c:\windows\system32\drivers\downld\105343.exe
c:\windows\system32\drivers\downld\105609.exe
c:\windows\system32\drivers\downld\108484.exe
c:\windows\system32\drivers\downld\109093.exe
c:\windows\system32\drivers\downld\112312.exe
c:\windows\system32\drivers\downld\112406.exe
c:\windows\system32\drivers\downld\115531.exe
c:\windows\system32\drivers\downld\117359.exe
c:\windows\system32\drivers\downld\118046.exe
c:\windows\system32\drivers\downld\119750.exe
c:\windows\system32\drivers\downld\120437.exe
c:\windows\system32\drivers\downld\120859.exe
c:\windows\system32\drivers\downld\120906.exe
c:\windows\system32\drivers\downld\125843.exe
c:\windows\system32\drivers\downld\126484.exe
c:\windows\system32\drivers\downld\129906.exe
c:\windows\system32\drivers\downld\131984.exe
c:\windows\system32\drivers\downld\133093.exe
c:\windows\system32\drivers\downld\134453.exe
c:\windows\system32\drivers\downld\137000.exe
c:\windows\system32\drivers\downld\145187.exe
c:\windows\system32\drivers\downld\14654656.exe
c:\windows\system32\drivers\downld\146593.exe
c:\windows\system32\drivers\downld\14710953.exe
c:\windows\system32\drivers\downld\14716718.exe
c:\windows\system32\drivers\downld\14769453.exe
c:\windows\system32\drivers\downld\14782718.exe
c:\windows\system32\drivers\downld\14800750.exe
c:\windows\system32\drivers\downld\14811578.exe
c:\windows\system32\drivers\downld\14863375.exe
c:\windows\system32\drivers\downld\15202812.exe
c:\windows\system32\drivers\downld\15264531.exe
c:\windows\system32\drivers\downld\154343.exe
c:\windows\system32\drivers\downld\166109.exe
c:\windows\system32\drivers\downld\177609.exe
c:\windows\system32\drivers\downld\185734.exe
c:\windows\system32\drivers\downld\213609.exe
c:\windows\system32\drivers\downld\220437.exe
c:\windows\system32\drivers\downld\224343.exe
c:\windows\system32\drivers\downld\226218.exe
c:\windows\system32\drivers\downld\229640.exe
c:\windows\system32\drivers\downld\231203.exe
c:\windows\system32\drivers\downld\231890.exe
c:\windows\system32\drivers\downld\238171.exe
c:\windows\system32\drivers\downld\241015.exe
c:\windows\system32\drivers\downld\241515.exe
c:\windows\system32\drivers\downld\241656.exe
c:\windows\system32\drivers\downld\246125.exe
c:\windows\system32\drivers\downld\249859.exe
c:\windows\system32\drivers\downld\249937.exe
c:\windows\system32\drivers\downld\252046.exe
c:\windows\system32\drivers\downld\252296.exe
c:\windows\system32\drivers\downld\253062.exe
c:\windows\system32\drivers\downld\254515.exe
c:\windows\system32\drivers\downld\258343.exe
c:\windows\system32\drivers\downld\266734.exe
c:\windows\system32\drivers\downld\289156.exe
c:\windows\system32\drivers\downld\292890.exe
c:\windows\system32\drivers\downld\303687.exe
c:\windows\system32\drivers\downld\306812.exe
c:\windows\system32\drivers\downld\47531.exe
c:\windows\system32\drivers\downld\49484.exe
c:\windows\system32\drivers\downld\50671.exe
c:\windows\system32\drivers\downld\51921.exe
c:\windows\system32\drivers\downld\54390.exe
c:\windows\system32\drivers\downld\57109.exe
c:\windows\system32\drivers\downld\58281.exe
c:\windows\system32\drivers\downld\59234.exe
c:\windows\system32\drivers\downld\60484.exe
c:\windows\system32\drivers\downld\61437.exe
c:\windows\system32\drivers\downld\62062.exe
c:\windows\system32\drivers\downld\62484.exe
c:\windows\system32\drivers\downld\66828.exe
c:\windows\system32\drivers\downld\67640.exe
c:\windows\system32\drivers\downld\68234.exe
c:\windows\system32\drivers\downld\69359.exe
c:\windows\system32\drivers\downld\72265.exe
c:\windows\system32\drivers\downld\73671.exe
c:\windows\system32\drivers\downld\76062.exe
c:\windows\system32\drivers\downld\77703.exe
c:\windows\system32\drivers\downld\78671.exe
c:\windows\system32\drivers\downld\83531.exe
c:\windows\system32\drivers\downld\83796.exe
c:\windows\system32\drivers\downld\84812.exe
c:\windows\system32\drivers\downld\84890.exe
c:\windows\system32\drivers\downld\89390.exe
c:\windows\system32\drivers\downld\89406.exe
c:\windows\system32\drivers\downld\90140.exe
c:\windows\system32\drivers\downld\90640.exe
c:\windows\system32\drivers\downld\93046.exe
c:\windows\system32\drivers\downld\97390.exe
c:\windows\system32\drivers\downld\97625.exe
c:\windows\system32\drivers\downld\99328.exe
c:\windows\system32\drivers\srosa.sys
c:\windows\system32\drivers\winfilse.exe
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers créés du 2008-10-14 au 2008-11-14 ))))))))))))))))))))))))))))))))))))
.

2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\report
2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Backup
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\VPTNFILE.653
2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\LPT$VPN.653
2008-11-14 13:09 . 2008-11-14 13:09 1,961,645 --a------ c:\windows\tsc.ptn
2008-11-14 13:09 . 2008-11-14 13:09 1,213,784 --a------ c:\windows\vsapi32.dll
2008-11-14 13:09 . 2008-11-14 13:09 348,229 --a------ c:\windows\tsc.exe
2008-11-14 13:09 . 2008-11-14 13:09 91,744 --a------ c:\windows\BPMNT.dll
2008-11-14 13:09 . 2008-11-14 13:09 71,749 --a------ c:\windows\hcextoutput.dll
2008-11-14 13:09 . 2008-11-14 17:15 803 --a------ c:\windows\tsc.ini
2008-11-14 13:08 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Temp
2008-11-14 13:08 . 2008-11-14 13:08 <REP> d-------- c:\windows\AU_Log
2008-11-14 13:08 . 2008-11-14 13:08 507,904 --a------ c:\windows\TMUPDATE.DLL
2008-11-14 13:08 . 2008-11-14 13:08 286,720 --a------ c:\windows\PATCH.EXE
2008-11-14 13:08 . 2008-11-14 13:08 69,689 --a------ c:\windows\UNZIP.DLL
2008-11-14 13:08 . 2008-11-14 13:08 170 --a------ c:\windows\GetServer.ini
2008-11-14 12:47 . 2008-11-14 12:54 <REP> d-------- c:\windows\avxoscan
2008-11-14 11:49 . 1996-08-20 20:37 15,840 --a------ c:\windows\system32\Machnm1.exe
2008-11-14 11:49 . 2005-09-25 16:37 5,632 --a------ c:\windows\system32\Machnm64.sys
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\system32\118290.54
2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\118294.78
2008-11-14 11:49 . 2003-08-13 00:27 2,304 --a------ c:\windows\system32\Machnm32.sys
2008-11-14 10:47 . 2008-11-14 10:47 <REP> d-------- c:\windows\Sun
2008-11-13 21:36 . 2008-11-13 21:35 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-13 21:36 . 2008-11-13 21:35 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-13 21:28 . 2008-11-14 10:47 <REP> d-------- c:\program files\Java
2008-11-13 21:27 . 2008-11-13 21:27 <REP> d-------- c:\program files\Fichiers communs\Java
2008-11-13 21:07 . 2008-11-14 10:47 <REP> d-------- c:\windows\BDOSCAN8
2008-11-13 20:31 . 2008-11-14 11:40 7,168 --a------ c:\windows\system32\drivers\srosa2.sys
2008-11-13 19:15 . 2008-11-14 15:01 <REP> d-------- c:\program files\eMule
2008-11-13 19:05 . 2008-11-13 19:57 <REP> d-------- c:\documents and settings\rv\Contacts
2008-11-13 19:03 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2008-11-13 19:01 . 2008-11-13 19:01 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-11-13 19:00 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Favorites
2008-11-13 18:59 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Toolbar
2008-11-13 18:56 . 2008-11-13 18:56 <REP> d----c--- c:\windows\system32\DRVSTORE
2008-11-13 18:48 . 2008-11-13 19:02 <REP> d-------- c:\program files\Windows Live
2008-11-13 18:48 . 2008-11-13 18:57 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
2008-11-13 18:48 . 2008-11-13 18:48 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
2008-11-13 18:18 . 2008-11-13 18:18 <REP> d-------- c:\documents and settings\rv\Application Data\Yahoo!
2008-11-13 18:18 . 2008-11-13 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\program files\Yahoo!
2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-13 18:11 . 2008-11-13 18:21 <REP> d-------- c:\program files\Google
2008-11-13 18:11 . 2008-11-13 19:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2008-11-13 13:39 . 2007-07-30 19:19 271,224 --a------ c:\windows\system32\mucltui.dll
2008-11-13 13:39 . 2007-07-30 19:18 30,072 --a------ c:\windows\system32\mucltui.dll.mui
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\MSBuild
2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\Microsoft Works
2008-11-13 13:32 . 2008-11-13 13:32 <REP> d-------- c:\program files\Microsoft.NET
2008-11-13 13:29 . 2008-11-13 13:33 <REP> d-------- c:\windows\SHELLNEW
2008-11-13 13:29 . 2008-11-13 13:29 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2008-11-13 13:28 . 2008-11-13 13:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2008-11-13 13:27 . 2008-11-13 13:27 <REP> dr-h----- C:\MSOCache
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- c:\program files\ArcSoft
2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- C:\My Documents
2008-11-13 13:18 . 1999-05-26 09:46 212,480 --a------ c:\windows\system32\pcdlib32.dll
2008-11-13 13:18 . 1996-07-01 00:00 77,312 --a------ c:\windows\system32\TWAIN_32.DLL
2008-11-13 13:18 . 2008-11-13 13:18 1,325 --a------ c:\windows\photoimpression.ini
2008-11-13 13:13 . 2008-11-13 13:17 <REP> d-------- c:\program files\EPSON
2008-11-13 13:13 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
2008-11-13 13:13 . 1999-06-15 11:31 96,768 --a------ c:\windows\SlantAdj.dll
2008-11-13 13:13 . 1999-12-07 02:03 73,216 --a------ c:\windows\ADE.DLL
2008-11-13 13:13 . 1999-04-27 00:17 3,136 --a------ c:\windows\Ade001.bin
2008-11-13 13:13 . 2001-03-18 15:16 1,571 --a------ c:\windows\Faxcpp1.ini
2008-11-13 13:13 . 2001-03-18 15:16 422 --a------ c:\windows\Faxcpp.ini
2008-11-13 13:13 . 1999-08-09 23:50 72 --a------ c:\windows\system32\epDPE.ini
2008-11-13 13:12 . 2008-11-14 11:48 <REP> d--h----- c:\program files\InstallShield Installation Information
2008-11-13 13:12 . 2008-11-14 12:39 <REP> d-------- c:\program files\Fichiers communs\InstallShield
2008-11-13 13:09 . 2008-11-13 13:09 <REP> d-------- c:\program files\Canon
2008-11-13 13:07 . 2004-08-03 22:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-13 13:06 . 2008-11-13 13:06 <REP> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2008-11-13 13:06 . 2006-07-10 19:00 139,776 --a------ c:\windows\system32\CNMLM74.DLL
2008-11-13 13:06 . 2005-03-08 08:17 90,112 -ra------ c:\windows\system32\CNMCP74.exe
2008-11-13 13:06 . 2006-07-10 19:00 8,704 --a------ c:\windows\system32\CNMVS74.DLL
2008-11-13 12:21 . 2008-11-13 12:25 <REP> d-------- c:\documents and settings\rv\Application Data\vlc
2008-11-13 12:14 . 2008-11-13 12:14 <REP> d-------- c:\program files\VideoLAN
2008-11-13 11:52 . 2008-11-13 20:33 <REP> d-------- c:\program files\Neuf
2008-11-13 11:24 . 2008-11-13 11:40 <REP> d-------- C:\TEMP
2008-11-13 11:22 . 2008-11-13 11:22 <REP> d-------- c:\program files\Alwil Software
2008-11-13 11:18 . 2008-11-13 11:18 <REP> d---s---- c:\documents and settings\rv\UserData
2008-11-12 23:06 . 2008-08-28 11:35 333,056 -----c--- c:\windows\system32\dllcache\srv.sys
2008-11-12 23:06 . 2008-06-14 18:59 272,768 --------- c:\windows\system32\drivers\bthport.sys
2008-11-12 23:06 . 2008-06-14 18:59 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-12 23:06 . 2008-08-14 10:51 138,368 -----c--- c:\windows\system32\dllcache\afd.sys
2008-11-12 23:05 . 2006-12-07 06:29 2,374,472 -----c--- c:\windows\system32\dllcache\wmvcore.dll
2008-11-12 23:05 . 2008-08-14 14:44 2,182,400 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,138,112 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,059,776 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-12 23:05 . 2008-08-14 14:44 2,017,792 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-12 23:05 . 2008-09-15 16:14 1,847,040 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-11-12 23:05 . 2008-10-24 12:25 455,936 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-12 23:05 . 2008-05-01 15:31 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2008-11-12 23:05 . 2008-05-08 13:28 202,752 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-11-12 23:04 . 2008-09-04 17:45 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 23:04 . 2008-04-11 19:40 683,520 -----c--- c:\windows\system32\dllcache\inetcomm.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-14 16:23 --------- d-----w c:\program files\UberIcon
2008-11-12 21:50 --------- d-----w c:\program files\JDoe Tools
2008-11-12 20:47 --------- d-----w c:\program files\microsoft frontpage
2008-11-12 20:45 --------- d-----w c:\program files\Real Alternative
2008-11-12 20:45 --------- d-----w c:\program files\Fichiers communs\Ahead
2008-11-12 20:45 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-11-12 20:44 --------- d-----w c:\program files\QuickTime Alternative
2008-11-12 20:44 --------- d-----w c:\program files\Media Player Classic
2008-11-12 20:42 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-12 20:40 --------- d-----w c:\program files\Services en ligne
2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-09-15 15:14 1,847,040 ----a-w c:\windows\system32\win32k.sys
2008-09-04 16:45 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-20 05:33 671,744 ----a-w c:\windows\system32\wininet.dll
2008-08-14 13:44 2,182,400 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,059,776 ----a-w c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
2008-07-28 11:46 160496 --a------ c:\program files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-11-05 4347120]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-22 7311360]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-22 86016]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-13 136600]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-14 81000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\eMule\\emule.exe"=

R1 sK9Ou0s;sK9Ou0s;c:\windows\system32\drivers\srosa2.sys [2008-11-14 7168]
R3 USBSTOR;Pilote de stockage de masse USB;c:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26368]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [ ]
S3 usbscan;Pilote de scanneur USB;c:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-11-14 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-UberIcon - c:\program files\UberIcon\UberIcon Manager.exe
HKCU-Run-eddzaq - c:\documents and settings\rv\local settings\application data\eddzaq.exe
HKLM-Run-nwiz - nwiz.exe
HKU-Default-Run-UberIcon - c:\program files\UberIcon\UberIcon Manager.exe


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://fr.yahoo.com
R0 -: HKLM-Main,Start Page = hxxp://fr.yahoo.com
R1 -: HKCU-SearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
O8 -: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
O8 -: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 -: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
O17 -: HKLM\CCS\Interface\{87F3B734-941B-437F-B281-E317F628EED0}: NameServer = 192.168.1.1

O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
c:\windows\bdoscandellang.ini
c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-14 17:24:02
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srosa]

.
Heure de fin: 2008-11-14 17:26:00
ComboFix-quarantined-files.txt 2008-11-14 16:25:58

Avant-CF: 73,373,966,336 octets libres
Après-CF: 73,340,260,352 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

465 --- E O F --- 2008-11-12 22:11:36






Merci d'avance à celui qui m'aidera :) 

Autres pages sur : virus bagle pense

a b 8 Sécurité
14 Novembre 2008 18:22:46

Bonjour,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    14 Novembre 2008 19:20:04

    Merci bien, voilà le rapport :


    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1398
    Windows 5.1.2600 Service Pack 2

    14/11/2008 19:15:48
    mbam-log-2008-11-14 (19-15-48).txt

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 71609
    Temps écoulé: 31 minute(s), 47 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\cmdow.exe (Malware.Tool) -> Quarantined and deleted successfully.
    C:\WINDOWS\Downloaded Program Files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
    Contenus similaires
    a b 8 Sécurité
    14 Novembre 2008 20:27:57

    Refais un scan Combofix.
    20 Novembre 2008 18:54:47

    Re,

    Voilà, désolé pour le temps d'attente mais je n'avais pas accès au PC, bon maintenant je ne peux plus ouvrir de page internet (avec iexplorer....)

    Voici le rapport :) 

    ComboFix 08-11-19.08 - rv 2008-11-20 18:35:02.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.47 [GMT 1:00]
    Lancé depuis: G:\killbaggle.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\drivers\srosa2.sys

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_SK9OU0S
    -------\Service_sK9Ou0s


    ((((((((((((((((((((((((((((( Fichiers créés du 2008-10-20 au 2008-11-20 ))))))))))))))))))))))))))))))))))))
    .

    2008-11-19 20:27 . 2008-11-19 20:27 69 --a------ c:\windows\NeroDigital.ini
    2008-11-19 20:23 . 2008-11-19 20:23 <REP> d--h----- c:\windows\msdownld.tmp
    2008-11-19 20:23 . 2008-11-19 20:23 759 --a------ c:\windows\system32\spupdsvc.inf
    2008-11-19 20:10 . 2008-09-19 22:57 120,056 --------- c:\windows\system32\pxcpyi64.exe
    2008-11-19 20:10 . 2008-09-19 22:57 118,520 --------- c:\windows\system32\pxinsi64.exe
    2008-11-19 20:09 . 2008-11-19 20:11 <REP> d-------- c:\program files\DivX
    2008-11-19 19:45 . 2008-11-19 19:45 <REP> d-------- c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP
    2008-11-19 19:45 . 2008-11-19 19:45 <REP> d-------- c:\program files\Fichiers communs\Wise Installation Wizard
    2008-11-19 14:52 . 2008-11-19 14:52 <REP> d-------- c:\windows\system32\fr-fr
    2008-11-19 14:41 . 2008-11-19 20:09 <REP> d-------- c:\documents and settings\rv\Application Data\DivX
    2008-11-19 12:59 . 2008-11-19 12:59 <REP> d-------- c:\documents and settings\rv\Application Data\Ahead
    2008-11-18 14:53 . 2008-11-18 14:53 <REP> d-------- c:\program files\SlySoft
    2008-11-18 14:47 . 2008-11-18 14:47 223,128 --a------ c:\windows\system32\drivers\vaxscsi.sys
    2008-11-18 14:46 . 2008-11-18 14:48 <REP> d-------- c:\program files\Alcohol Soft
    2008-11-18 14:43 . 2008-11-18 14:43 642,560 --a------ c:\windows\system32\drivers\sptd.sys
    2008-11-18 14:43 . 2008-11-18 14:43 96,384 --a------ c:\windows\system32\drivers\sptd1389.sys
    2008-11-17 17:56 . 2008-11-17 17:56 <REP> d-------- c:\program files\MSXML 4.0
    2008-11-16 14:15 . 2008-11-17 16:08 <REP> d-------- c:\program files\adslTV
    2008-11-16 14:00 . 2008-11-16 14:00 <REP> d-------- c:\documents and settings\rv\Application Data\Todae
    2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\program files\Winamp Toolbar
    2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\program files\Winamp Remote
    2008-11-16 13:52 . 2008-11-16 13:52 <REP> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar
    2008-11-16 13:52 . 2008-11-17 10:58 <REP> d-------- c:\documents and settings\All Users\Application Data\OrbNetworks
    2008-11-16 13:50 . 2008-11-16 13:53 <REP> d-------- c:\program files\Winamp
    2008-11-16 13:50 . 2008-11-16 13:56 <REP> d-------- c:\documents and settings\rv\Application Data\Winamp
    2008-11-16 10:03 . 2008-11-16 10:11 <REP> d-------- c:\documents and settings\rv\Application Data\dvdcss
    2008-11-15 20:14 . 2008-11-15 20:14 <REP> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
    2008-11-15 20:14 . 2008-11-15 20:16 4,212 ---h----- c:\windows\system32\zllictbl.dat
    2008-11-15 20:13 . 2008-11-15 20:13 75,932 --a------ c:\windows\system32\drivers\klick.dat
    2008-11-15 20:13 . 2008-11-15 20:13 74,396 --a------ c:\windows\system32\drivers\klin.dat
    2008-11-15 20:13 . 2008-11-15 20:45 67,616 --ahs---- c:\windows\system32\drivers\fidbox.dat
    2008-11-15 20:13 . 2007-06-21 21:55 54,672 --a------ c:\windows\system32\vsutil_loc040c.dll
    2008-11-15 20:13 . 2007-06-21 21:55 42,384 --a------ c:\windows\zllsputility_loc040c.dll
    2008-11-15 20:13 . 2007-06-21 21:55 21,904 --a------ c:\windows\system32\imsinstall_loc040c.dll
    2008-11-15 20:13 . 2007-06-21 21:55 17,808 --a------ c:\windows\system32\imslsp_install_loc040c.dll
    2008-11-15 20:13 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dll
    2008-11-15 20:13 . 2008-11-15 20:45 1,868 --ahs---- c:\windows\system32\drivers\fidbox.idx
    2008-11-15 20:12 . 2008-11-15 20:50 <REP> d-------- c:\windows\system32\ZoneLabs
    2008-11-15 20:12 . 2008-11-15 20:12 <REP> d-------- c:\program files\Zone Labs
    2008-11-15 20:12 . 2007-05-31 00:03 110,360 --a------ c:\windows\system32\drivers\kl1.sys
    2008-11-15 20:11 . 2008-11-15 20:51 <REP> d-------- c:\windows\Internet Logs
    2008-11-15 16:47 . 2008-11-19 19:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
    2008-11-15 16:00 . 2008-11-15 16:04 <REP> d-------- c:\program files\Spybot - Search & Destroy
    2008-11-15 16:00 . 2008-11-15 18:24 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2008-11-15 13:48 . 2008-11-15 13:48 <REP> d-------- c:\program files\splus
    2008-11-15 13:48 . 2005-10-17 18:13 447,488 --a------ c:\windows\system32\splus.cpl
    2008-11-15 11:51 . 2008-11-15 11:51 <REP> d-------- C:\fsaua.data
    2008-11-15 10:53 . 2008-11-15 15:30 <REP> d-------- c:\windows\system32\CatRoot_bak
    2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\documents and settings\rv\Application Data\Malwarebytes
    2008-11-14 18:27 . 2008-11-14 18:27 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
    2008-11-14 18:27 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
    2008-11-14 18:27 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
    2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\report
    2008-11-14 13:09 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Backup
    2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\VPTNFILE.653
    2008-11-14 13:09 . 2008-11-14 13:09 20,938,757 --a------ c:\windows\LPT$VPN.653
    2008-11-14 13:09 . 2008-11-14 13:09 1,961,645 --a------ c:\windows\tsc.ptn
    2008-11-14 13:09 . 2008-11-14 13:09 1,213,784 --a------ c:\windows\vsapi32.dll
    2008-11-14 13:09 . 2008-11-14 13:09 348,229 --a------ c:\windows\tsc.exe
    2008-11-14 13:09 . 2008-11-14 13:09 91,744 --a------ c:\windows\BPMNT.dll
    2008-11-14 13:09 . 2008-11-14 13:09 71,749 --a------ c:\windows\hcextoutput.dll
    2008-11-14 13:09 . 2008-11-14 17:15 803 --a------ c:\windows\tsc.ini
    2008-11-14 13:08 . 2008-11-14 13:09 <REP> d-------- c:\windows\AU_Temp
    2008-11-14 13:08 . 2008-11-14 13:08 <REP> d-------- c:\windows\AU_Log
    2008-11-14 13:08 . 2008-11-14 13:08 507,904 --a------ c:\windows\TMUPDATE.DLL
    2008-11-14 13:08 . 2008-11-14 13:08 286,720 --a------ c:\windows\PATCH.EXE
    2008-11-14 13:08 . 2008-11-14 13:08 69,689 --a------ c:\windows\UNZIP.DLL
    2008-11-14 13:08 . 2008-11-14 13:08 170 --a------ c:\windows\GetServer.ini
    2008-11-14 12:47 . 2008-11-14 12:54 <REP> d-------- c:\windows\avxoscan
    2008-11-14 11:49 . 1996-08-20 20:37 15,840 --a------ c:\windows\system32\Machnm1.exe
    2008-11-14 11:49 . 2005-09-25 16:37 5,632 --a------ c:\windows\system32\Machnm64.sys
    2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\system32\118290.54
    2008-11-14 11:49 . 2008-11-14 11:49 3,120 --a------ c:\windows\118294.78
    2008-11-14 11:49 . 2003-08-13 00:27 2,304 --a------ c:\windows\system32\Machnm32.sys
    2008-11-14 10:47 . 2008-11-14 10:47 <REP> d-------- c:\windows\Sun
    2008-11-13 21:36 . 2008-11-13 21:35 410,976 --a------ c:\windows\system32\deploytk.dll
    2008-11-13 21:36 . 2008-11-13 21:35 73,728 --a------ c:\windows\system32\javacpl.cpl
    2008-11-13 21:28 . 2008-11-14 10:47 <REP> d-------- c:\program files\Java
    2008-11-13 21:27 . 2008-11-13 21:27 <REP> d-------- c:\program files\Fichiers communs\Java
    2008-11-13 21:07 . 2008-11-14 10:47 <REP> d-------- c:\windows\BDOSCAN8
    2008-11-13 19:15 . 2008-11-20 12:46 <REP> d-------- c:\program files\eMule
    2008-11-13 19:05 . 2008-11-13 19:57 <REP> d-------- c:\documents and settings\rv\Contacts
    2008-11-13 19:03 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
    2008-11-13 19:01 . 2008-11-13 19:01 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
    2008-11-13 19:00 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Favorites
    2008-11-13 18:59 . 2008-11-13 19:00 <REP> d-------- c:\program files\Windows Live Toolbar
    2008-11-13 18:56 . 2008-11-13 18:56 <REP> d----c--- c:\windows\system32\DRVSTORE
    2008-11-13 18:48 . 2008-11-13 19:02 <REP> d-------- c:\program files\Windows Live
    2008-11-13 18:48 . 2008-11-13 18:57 <REP> d--hsc--- c:\program files\Fichiers communs\WindowsLiveInstaller
    2008-11-13 18:48 . 2008-11-13 18:48 <REP> d-------- c:\documents and settings\All Users\Application Data\WLInstaller
    2008-11-13 18:18 . 2008-11-13 18:18 <REP> d-------- c:\documents and settings\rv\Application Data\Yahoo!
    2008-11-13 18:18 . 2008-11-13 19:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
    2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\program files\Yahoo!
    2008-11-13 18:14 . 2008-11-13 18:43 <REP> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
    2008-11-13 18:11 . 2008-11-13 18:21 <REP> d-------- c:\program files\Google
    2008-11-13 18:11 . 2008-11-19 20:01 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater
    2008-11-13 13:39 . 2008-07-18 22:07 270,880 --a------ c:\windows\system32\mucltui.dll
    2008-11-13 13:39 . 2008-07-18 22:07 29,728 --a------ c:\windows\system32\mucltui.dll.mui
    2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\MSBuild
    2008-11-13 13:33 . 2008-11-13 13:33 <REP> d-------- c:\program files\Microsoft Works
    2008-11-13 13:32 . 2008-11-13 13:32 <REP> d-------- c:\program files\Microsoft.NET
    2008-11-13 13:29 . 2008-11-13 13:33 <REP> d-------- c:\windows\SHELLNEW
    2008-11-13 13:29 . 2008-11-13 13:29 <REP> d-------- c:\program files\Microsoft Visual Studio 8
    2008-11-13 13:28 . 2008-11-14 20:11 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
    2008-11-13 13:27 . 2008-11-13 13:27 <REP> dr-h----- C:\MSOCache
    2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- c:\program files\ArcSoft
    2008-11-13 13:18 . 2008-11-13 13:18 <REP> d-------- C:\My Documents
    2008-11-13 13:18 . 1999-05-26 09:46 212,480 --a------ c:\windows\system32\pcdlib32.dll
    2008-11-13 13:18 . 1996-07-01 00:00 77,312 --a------ c:\windows\system32\TWAIN_32.DLL
    2008-11-13 13:18 . 2008-11-13 13:18 1,325 --a------ c:\windows\photoimpression.ini
    2008-11-13 13:13 . 2008-11-13 13:17 <REP> d-------- c:\program files\EPSON
    2008-11-13 13:13 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
    2008-11-13 13:13 . 1999-06-15 11:31 96,768 --a------ c:\windows\SlantAdj.dll
    2008-11-13 13:13 . 1999-12-07 02:03 73,216 --a------ c:\windows\ADE.DLL
    2008-11-13 13:13 . 1999-04-27 00:17 3,136 --a------ c:\windows\Ade001.bin
    2008-11-13 13:13 . 2001-03-18 15:16 1,571 --a------ c:\windows\Faxcpp1.ini
    2008-11-13 13:13 . 2001-03-18 15:16 422 --a------ c:\windows\Faxcpp.ini
    2008-11-13 13:13 . 1999-08-09 23:50 72 --a------ c:\windows\system32\epDPE.ini
    2008-11-13 13:12 . 2008-11-14 11:48 <REP> d--h----- c:\program files\InstallShield Installation Information
    2008-11-13 13:12 . 2008-11-14 12:39 <REP> d-------- c:\program files\Fichiers communs\InstallShield
    2008-11-13 13:09 . 2008-11-13 13:09 <REP> d-------- c:\program files\Canon
    2008-11-13 13:07 . 2004-08-03 22:01 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
    2008-11-13 13:06 . 2008-11-13 13:06 <REP> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
    2008-11-13 13:06 . 2006-07-10 19:00 139,776 --a------ c:\windows\system32\CNMLM74.DLL

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-14 16:23 --------- d-----w c:\program files\UberIcon
    2008-11-12 21:50 --------- d-----w c:\program files\JDoe Tools
    2008-11-12 20:47 --------- d-----w c:\program files\microsoft frontpage
    2008-11-12 20:45 --------- d-----w c:\program files\Real Alternative
    2008-11-12 20:45 --------- d-----w c:\program files\Fichiers communs\Ahead
    2008-11-12 20:45 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
    2008-11-12 20:44 --------- d-----w c:\program files\QuickTime Alternative
    2008-11-12 20:44 --------- d-----w c:\program files\Media Player Classic
    2008-11-12 20:42 --------- d-----w c:\program files\Windows Media Connect 2
    2008-11-12 20:40 --------- d-----w c:\program files\Services en ligne
    2008-10-24 11:25 455,936 ----a-w c:\windows\system32\drivers\mrxsmb.sys
    2007-09-26 17:31 2,532,922 ----a-w c:\windows\inf\SET6B.tmp
    .

    ((((((((((((((((((((((((((((( snapshot@2008-11-14_17.25.20.76 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-11-13 12:32:55 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
    + 2008-11-14 19:08:10 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
    + 2008-02-27 14:59:28 290,816 ----a-w c:\windows\Downloaded Program Files\auc_lib.dll
    + 2008-02-27 14:59:28 495,616 ----a-w c:\windows\Downloaded Program Files\daas_s.dll
    + 2008-02-27 15:00:12 262,144 ----a-w c:\windows\Downloaded Program Files\fscax.dll
    + 2008-02-27 14:59:16 588,392 ----a-w c:\windows\Downloaded Program Files\gatelauncher.exe
    + 2008-11-18 13:54:12 37,376 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustCall64.dll
    + 2008-11-18 13:54:12 22,195 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustomCall.dll
    + 2008-11-18 13:54:12 73,728 ----a-w c:\windows\E31C348B63A94CBF8D7FD932ABB63244.TMP\WiseCustomCalla.dll
    + 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
    + 2004-08-03 23:54:22 61,440 -c----w c:\windows\ie7\admparse.dll
    + 2004-08-03 23:54:22 101,888 -c----w c:\windows\ie7\advpack.dll
    + 2004-08-03 23:54:24 35,328 -c----w c:\windows\ie7\corpol.dll
    + 2008-08-20 05:33:45 357,888 -c----w c:\windows\ie7\dxtmsft.dll
    + 2008-08-20 05:33:45 205,312 -c----w c:\windows\ie7\dxtrans.dll
    + 2008-08-20 05:33:45 55,808 -c----w c:\windows\ie7\extmgr.dll
    + 2004-08-03 23:54:28 38,912 -c----w c:\windows\ie7\hmmapi.dll
    + 2004-08-03 23:54:52 34,304 -c----w c:\windows\ie7\ie4uinit.exe
    + 2004-08-03 23:54:28 139,264 -c----w c:\windows\ie7\ieakeng.dll
    + 2005-11-11 22:17:47 1,345,536 -c----w c:\windows\ie7\ieaksie.dll
    + 2001-08-28 12:00:00 245,760 -c----w c:\windows\ie7\ieakui.dll
    + 2004-08-03 23:54:28 323,584 -c----w c:\windows\ie7\iedkcs32.dll
    + 2008-08-19 09:38:57 18,432 -c----w c:\windows\ie7\iedw.exe
    + 2004-08-03 23:54:28 81,920 -c----w c:\windows\ie7\ieencode.dll
    + 2008-08-20 05:33:45 251,904 -c----w c:\windows\ie7\iepeers.dll
    + 2004-08-03 23:54:28 49,152 -c----w c:\windows\ie7\iernonce.dll
    + 2004-08-03 23:54:28 63,488 -c----w c:\windows\ie7\iesetup.dll
    + 2006-05-23 10:09:46 2,981,888 -c----w c:\windows\ie7\iexplore.exe
    + 2004-08-03 23:54:30 35,840 -c----w c:\windows\ie7\imgutil.dll
    + 2008-08-20 05:33:45 96,768 -c----w c:\windows\ie7\inseng.dll
    + 2007-12-18 14:41:58 450,560 -c----w c:\windows\ie7\jscript.dll
    + 2008-08-20 05:33:46 16,384 -c----w c:\windows\ie7\jsproxy.dll
    + 2004-08-03 23:54:30 22,528 -c----w c:\windows\ie7\licmgr10.dll
    + 2004-08-03 23:54:58 29,184 -c----w c:\windows\ie7\mshta.exe
    + 2008-08-20 05:33:48 3,088,384 -c----w c:\windows\ie7\mshtml.dll
    + 2008-08-20 05:33:46 449,024 -c----w c:\windows\ie7\mshtmled.dll
    + 2004-08-03 23:53:16 57,344 -c----w c:\windows\ie7\mshtmler.dll
    + 2001-08-28 12:00:00 146,432 -c----w c:\windows\ie7\msls31.dll
    + 2008-08-20 05:33:45 146,432 -c----w c:\windows\ie7\msrating.dll
    + 2008-08-20 05:33:45 532,480 -c----w c:\windows\ie7\mstime.dll
    + 2005-11-12 21:02:04 377,344 -c----w c:\windows\ie7\occache.dll
    + 2008-08-20 05:33:45 39,424 -c----w c:\windows\ie7\pngfilt.dll
    + 2007-09-26 17:34:42 33,472 -c----w c:\windows\ie7\spuninst\iecustom.dll
    + 2007-09-26 17:32:30 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
    + 2006-09-06 16:43:28 216,800 -c----w c:\windows\ie7\spuninst\spuninst.exe
    + 2006-09-06 16:43:30 394,976 -c----w c:\windows\ie7\spuninst\updspapi.dll
    + 2005-11-13 14:53:42 663,040 -c----w c:\windows\ie7\url.dll
    + 2008-08-20 05:33:47 621,056 -c----w c:\windows\ie7\urlmon.dll
    + 2007-12-18 14:41:59 417,792 -c----w c:\windows\ie7\vbscript.dll
    + 2006-04-09 12:35:50 848,896 -c----w c:\windows\ie7\vgx.dll
    + 2006-03-16 19:44:09 1,295,360 -c----w c:\windows\ie7\webcheck.dll
    + 2008-08-20 05:33:46 671,744 -c----w c:\windows\ie7\wininet.dll
    + 2006-10-27 14:16:36 133,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CONTAB32.DLL
    + 2006-10-26 19:55:32 87,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\DLGSETP.DLL
    + 2006-10-27 14:07:36 17,891,112 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\EXCEL.EXE
    + 2006-10-26 19:55:48 340,248 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MIMEDIR.DLL
    + 2006-10-27 14:04:08 497,504 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL
    + 2006-10-27 14:26:40 16,870,712 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSO.DLL
    + 2006-10-27 14:04:10 9,581,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSPUB.EXE
    + 2006-10-26 19:42:36 8,423,224 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OARTCONV.DLL
    + 2006-10-27 14:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OGL.DLL
    + 2006-10-27 14:16:46 2,939,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OLMAPI32.DLL
    + 2006-10-26 19:34:12 660,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSMAIN.DLL
    + 2006-10-26 19:34:10 192,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OMSXP32.DLL
    + 2006-09-15 15:25:18 3,611,416 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLFLTR.DAT
    + 2006-10-27 14:16:44 594,256 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLMIME.DLL
    + 2006-10-27 14:16:48 12,813,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLOOK.EXE
    + 2006-10-27 14:16:40 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLPH.DLL
    + 2006-10-27 14:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\POWERPNT.EXE
    + 2006-10-27 14:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPCORE.DLL
    + 2008-11-13 12:32:55 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPTPIA.DLL
    + 2006-10-26 19:09:36 136,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL
    + 2006-10-26 19:55:54 413,472 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PSTPRX32.DLL
    + 2006-10-27 14:04:06 624,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL
    + 2006-10-26 19:09:44 590,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PUBCONV.DLL
    + 2006-10-26 19:55:44 263,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SCNPST32.DLL
    + 2006-10-26 19:55:44 272,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SCNPST64.DLL
    + 2006-10-27 14:23:04 347,432 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WINWORD.EXE
    + 2006-10-27 14:11:38 4,235,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WRD12CNV.DLL
    + 2006-10-27 14:11:36 21,264 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WRD12EXE.EXE
    + 2006-10-27 14:23:08 17,483,560 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WWLIB.DLL
    + 2006-10-26 20:13:08 14,674,216 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\XL12CNV.EXE
    + 2006-10-26 20:17:08 11,072 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\XLCALL32.DLL
    + 2008-11-17 16:56:05 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
    - 2008-11-13 12:34:34 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
    + 2008-11-14 19:11:23 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
    - 2008-11-13 12:34:35 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
    + 2008-11-14 19:11:24 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
    - 2008-11-13 12:34:35 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
    + 2008-11-14 19:11:23 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
    - 2008-11-13 12:34:35 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
    + 2008-11-14 19:11:24 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
    - 2008-11-13 12:34:35 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
    + 2008-11-14 19:11:24 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
    - 2008-11-13 12:34:35 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
    + 2008-11-14 19:11:24 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
    - 2008-11-13 12:34:35 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
    + 2008-11-14 19:11:23 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
    - 2008-11-13 12:34:35 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
    + 2008-11-14 19:11:24 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
    - 2008-11-13 12:34:35 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
    + 2008-11-14 19:11:24 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
    - 2008-11-13 12:34:35 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
    + 2008-11-14 19:11:24 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
    - 2008-11-13 12:34:35 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
    + 2008-11-14 19:11:23 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
    - 2008-11-12 20:41:11 8,738 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
    + 2008-11-14 17:31:16 8,972 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
    - 2008-11-12 20:41:08 86,331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
    + 2008-11-14 17:39:20 86,331 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
    - 2008-11-12 20:41:11 2,116 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
    + 2008-11-14 17:39:20 2,430 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
    - 2004-08-03 23:54:22 61,440 ----a-w c:\windows\system32\admparse.dll
    + 2007-08-13 17:39:20 71,680 ----a-w c:\windows\system32\admparse.dll
    - 2004-08-03 23:54:22 101,888 ----a-w c:\windows\system32\advpack.dll
    + 2007-08-13 17:39:00 123,904 ----a-w c:\windows\system32\advpack.dll
    + 2008-11-18 13:50:49 34,308 ----a-w c:\windows\system32\BASSMOD.dll
    - 2007-07-30 18:19:20 92,504 ----a-w c:\windows\system32\cdm.dll
    + 2008-10-16 13:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
    + 1998-07-12 22:00:00 32,768 ----a-w c:\windows\system32\CMDLGFR.DLL
    + 2008-11-18 14:13:59 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_2cc.dat
    + 2008-11-20 17:40:15 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_564.dat
    + 2008-11-20 17:17:29 16,384 ----atw c:\windows\system32\config\systemprofile\Local Settings\Temp\Perflib_Perfdata_690.dat
    - 2004-08-03 23:54:24 35,328 ----a-w c:\windows\system32\corpol.dll
    + 2007-08-13 17:42:54 17,408 ----a-w c:\windows\system32\corpol.dll
    + 2008-10-28 22:35:56 684,032 ----a-w c:\windows\system32\DivX.dll
    + 2008-10-28 22:36:00 823,296 ----a-w c:\windows\system32\divx_xx07.dll
    + 2008-10-28 22:35:58 815,104 ----a-w c:\windows\system32\divx_xx0a.dll
    + 2008-10-28 22:36:00 823,296 ----a-w c:\windows\system32\divx_xx0c.dll
    + 2008-10-28 22:35:58 802,816 ----a-w c:\windows\system32\divx_xx11.dll
    + 2008-09-25 08:03:18 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
    + 2008-09-25 08:03:44 524,288 ----a-w c:\windows\system32\DivXsm.exe
    + 2008-09-19 21:54:18 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
    + 2007-08-13 17:39:20 71,680 -c----w c:\windows\system32\dllcache\admparse.dll
    + 2007-08-13 17:39:00 123,904 -c----w c:\windows\system32\dllcache\advpack.dll
    + 2007-08-13 17:42:54 17,408 -c----w c:\windows\system32\dllcache\corpol.dll
    + 2007-08-13 17:54:10 33,792 -c----w c:\windows\system32\dllcache\custsat.dll
    - 2008-08-20 05:33:45 357,888 -c----w c:\windows\system32\dllcache\dxtmsft.dll
    + 2007-08-13 17:35:46 346,624 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
    - 2008-08-20 05:33:45 205,312 -c----w c:\windows\system32\dllcache\dxtrans.dll
    + 2007-08-13 17:35:38 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
    - 2008-08-20 05:33:45 55,808 -c----w c:\windows\system32\dllcache\extmgr.dll
    + 2007-08-13 17:54:10 131,584 -c--a-w c:\windows\system32\dllcache\extmgr.dll
    + 2007-08-13 17:18:02 60,416 -c----w c:\windows\system32\dllcache\hmmapi.dll
    + 2007-08-13 17:39:06 54,784 -c----w c:\windows\system32\dllcache\ie4uinit.exe
    + 2007-08-13 17:39:26 152,064 -c----w c:\windows\system32\dllcache\ieakeng.dll
    + 2007-08-13 17:39:54 229,376 -c----w c:\windows\system32\dllcache\ieaksie.dll
    + 2007-08-13 16:56:54 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll
    + 2007-08-13 17:39:50 382,976 -c----w c:\windows\system32\dllcache\iedkcs32.dll
    - 2008-08-19 09:38:57 18,432 -c----w c:\windows\system32\dllcache\iedw.exe
    + 2007-08-13 17:44:02 69,120 -c--a-w c:\windows\system32\dllcache\iedw.exe
    + 2007-08-13 17:45:18 78,336 -c----w c:\windows\system32\dllcache\ieencode.dll
    - 2008-08-20 05:33:45 251,904 -c----w c:\windows\system32\dllcache\iepeers.dll
    + 2007-08-13 17:54:10 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll
    + 2007-08-13 17:39:10 43,008 -c----w c:\windows\system32\dllcache\iernonce.dll
    + 2007-08-13 17:39:12 55,296 -c----w c:\windows\system32\dllcache\iesetup.dll
    + 2007-08-13 17:43:56 622,080 -c----w c:\windows\system32\dllcache\iexplore.exe
    + 2007-08-13 17:36:06 36,352 -c----w c:\windows\system32\dllcache\imgutil.dll
    - 2008-08-20 05:33:45 96,768 -c----w c:\windows\system32\dllcache\inseng.dll
    + 2007-08-13 17:39:02 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll
    - 2007-12-18 14:41:58 450,560 -c----w c:\windows\system32\dllcache\jscript.dll
    + 2007-08-13 17:38:04 491,520 -c--a-w c:\windows\system32\dllcache\jscript.dll
    - 2008-08-20 05:33:46 16,384 -c----w c:\windows\system32\dllcache\jsproxy.dll
    + 2007-08-13 17:54:10 27,136 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
    + 2007-08-13 17:44:18 40,960 -c----w c:\windows\system32\dllcache\licmgr10.dll
    + 2007-08-13 17:32:30 45,568 -c----w c:\windows\system32\dllcache\mshta.exe
    - 2008-08-20 05:33:48 3,088,384 -c----w c:\windows\system32\dllcache\mshtml.dll
    + 2007-08-13 17:54:12 3,578,368 -c--a-w c:\windows\system32\dllcache\mshtml.dll
    - 2008-08-20 05:33:46 449,024 -c----w c:\windows\system32\dllcache\mshtmled.dll
    + 2007-08-13 17:54:10 475,648 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
    + 2007-08-13 17:01:12 48,128 -c----w c:\windows\system32\dllcache\mshtmler.dll
    + 2007-08-13 17:54:10 156,160 -c----w c:\windows\system32\dllcache\msls31.dll
    - 2008-08-20 05:33:45 146,432 -c----w c:\windows\system32\dllcache\msrating.dll
    + 2007-08-13 17:44:26 192,000 -c--a-w c:\windows\system32\dllcache\msrating.dll
    - 2008-08-20 05:33:45 532,480 -c----w c:\windows\system32\dllcache\mstime.dll
    + 2007-08-13 17:54:10 670,720 -c--a-w c:\windows\system32\dllcache\mstime.dll
    + 2007-08-13 17:44:06 101,376 -c----w c:\windows\system32\dllcache\occache.dll
    - 2008-08-20 05:33:45 39,424 -c----w c:\windows\system32\dllcache\pngfilt.dll
    + 2007-08-13 17:36:12 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
    + 2007-08-13 17:44:30 105,984 -c----w c:\windows\system32\dllcache\url.dll
    - 2008-08-20 05:33:47 621,056 -c----w c:\windows\system32\dllcache\urlmon.dll
    + 2007-08-13 17:54:10 1,162,240 -c--a-w c:\windows\system32\dllcache\urlmon.dll
    - 2007-12-18 14:41:59 417,792 -c----w c:\windows\system32\dllcache\vbscript.dll
    + 2007-08-13 17:54:10 413,696 -c--a-w c:\windows\system32\dllcache\vbscript.dll
    + 2007-08-13 17:54:10 765,952 -c----w c:\windows\system32\dllcache\VGX.dll
    + 2007-08-13 17:54:10 231,424 -c----w c:\windows\system32\dllcache\webcheck.dll
    - 2008-08-20 05:33:46 671,744 -c----w c:\windows\system32\dllcache\wininet.dll
    + 2007-08-13 17:54:10 818,688 -c--a-w c:\windows\system32\dllcache\wininet.dll
    + 2008-09-25 08:03:38 81,920 ----a-w c:\windows\system32\dpl100.dll
    + 2008-09-25 08:03:30 294,912 ----a-w c:\windows\system32\dpu10.dll
    + 2008-09-25 08:03:30 294,912 ----a-w c:\windows\system32\dpu11.dll
    + 2008-09-25 08:03:34 53,248 ----a-w c:\windows\system32\dpuGUI10.dll
    + 2008-09-25 08:03:32 593,920 ----a-w c:\windows\system32\dpuGUI11.dll
    + 2008-09-25 08:03:32 344,064 ----a-w c:\windows\system32\dpus11.dll
    + 2008-09-25 08:03:32 57,344 ----a-w c:\windows\system32\dpv11.dll
    + 2008-11-12 16:51:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
    + 2008-11-12 16:53:27 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
    + 2008-11-12 16:54:19 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
    + 2008-11-12 16:52:28 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
    + 2008-11-12 16:53:38 110,160 ----a-w c:\windows\system32\drivers\aswSP.sys
    + 2008-11-12 16:52:37 50,656 ----a-w c:\windows\system32\drivers\aswTdi.sys
    + 2007-03-07 23:51:00 9,336 ------w c:\windows\system32\drivers\cdr4_xp.sys
    + 2007-03-07 23:51:00 9,464 ------w c:\windows\system32\drivers\cdralw2k.sys
    + 2005-05-03 15:34:02 27,392 ----a-w c:\windows\system32\drivers\ElbyCDFL.sys
    + 2005-04-21 11:40:36 10,624 ----a-w c:\windows\system32\drivers\ElbyCDIO.sys
    + 2007-05-30 23:03:50 119,576 ----a-w c:\windows\system32\drivers\klif.sys
    + 2007-03-07 23:51:00 43,528 ------w c:\windows\system32\drivers\PxHelp20.sys
    + 2008-09-25 08:03:38 196,608 ----a-w c:\windows\system32\dtu100.dll
    - 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
    + 2007-08-13 17:35:46 346,624 ----a-w c:\windows\system32\dxtmsft.dll
    - 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
    + 2007-08-13 17:35:38 214,528 ----a-w c:\windows\system32\dxtrans.dll
    + 2006-01-17 21:36:56 69,632 ----a-w c:\windows\system32\ElbyCDIO.dll
    - 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\extmgr.dll
    + 2007-08-13 17:54:10 131,584 ----a-w c:\windows\system32\extmgr.dll
    + 2007-08-13 17:36:26 61,952 ------w c:\windows\system32\icardie.dll
    + 2006-06-29 07:05:44 26,112 ------w c:\windows\system32\idndl.dll
    - 2004-08-03 23:54:52 34,304 ----a-w c:\windows\system32\ie4uinit.exe
    + 2007-08-13 17:39:06 54,784 ----a-w c:\windows\system32\ie4uinit.exe
    - 2004-08-03 23:54:28 139,264 ----a-w c:\windows\system32\ieakeng.dll
    + 2007-08-13 17:39:26 152,064 ----a-w c:\windows\system32\ieakeng.dll
    - 2005-11-11 22:17:47 1,345,536 ----a-w c:\windows\system32\ieaksie.dll
    + 2007-08-13 17:39:54 229,376 ----a-w c:\windows\system32\ieaksie.dll
    - 2001-08-28 12:00:00 245,760 ----a-w c:\windows\system32\ieakui.dll
    + 2007-08-13 16:56:54 161,792 ----a-w c:\windows\system32\ieakui.dll
    + 2007-02-12 15:10:12 2,451,312 ------w c:\windows\system32\ieapfltr.dat
    + 2007-07-11 11:27:48 383,488 ------w c:\windows\system32\ieapfltr.dll
    - 2004-08-03 23:54:28 323,584 ----a-w c:\windows\system32\iedkcs32.dll
    + 2007-08-13 17:39:50 382,976 ----a-w c:\windows\system32\iedkcs32.dll
    - 2004-08-03 23:54:28 81,920 ----a-w c:\windows\system32\ieencode.dll
    + 2007-08-13 17:45:18 78,336 ----a-w c:\windows\system32\ieencode.dll
    + 2007-08-13 17:54:10 6,049,280 ------w c:\windows\system32\ieframe.dll
    - 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\iepeers.dll
    + 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll
    - 2004-08-03 23:54:28 49,152 ----a-w c:\windows\system32\iernonce.dll
    + 2007-08-13 17:39:10 43,008 ----a-w c:\windows\system32\iernonce.dll
    + 2007-08-13 17:34:04 266,752 ------w c:\windows\system32\iertutil.dll
    - 2004-08-03 23:54:28 63,488 ----a-w c:\windows\system32\iesetup.dll
    + 2007-08-13 17:39:12 55,296 ----a-w c:\windows\system32\iesetup.dll
    + 2007-08-13 17:39:10 13,312 ----a-w c:\windows\system32\ieudinit.exe
    + 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll
    - 2004-08-03 23:54:30 35,840 ----a-w c:\windows\system32\imgutil.dll
    + 2007-08-13 17:36:06 36,352 ----a-w c:\windows\system32\imgutil.dll
    + 1998-07-12 22:00:00 15,360 ----a-w c:\windows\system32\INETFR.DLL
    - 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\inseng.dll
    + 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll
    - 2007-12-18 14:41:58 450,560 ----a-w c:\windows\system32\jscript.dll
    + 2007-08-13 17:38:04 491,520 ----a-w c:\windows\system32\jscript.dll
    - 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\jsproxy.dll
    + 2007-08-13 17:54:10 27,136 ----a-w c:\windows\system32\jsproxy.dll
    + 2008-09-19 21:55:58 1,044,480 ----a-w c:\windows\system32\libdivx.dll
    - 2004-08-03 23:54:30 22,528 ----a-w c:\windows\system32\licmgr10.dll
    + 2007-08-13 17:44:18 40,960 ----a-w c:\windows\system32\licmgr10.dll
    + 1998-07-12 22:00:00 59,904 ----a-w c:\windows\system32\MSCC2FR.DLL
    + 2007-08-13 17:54:10 458,752 ------w c:\windows\system32\msfeeds.dll
    + 2007-08-13 17:54:10 50,688 ------w c:\windows\system32\msfeedsbs.dll
    + 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe
    - 2004-08-03 23:54:58 29,184 ----a-w c:\windows\system32\mshta.exe
    + 2007-08-13 17:32:30 45,568 ----a-w c:\windows\system32\mshta.exe
    - 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\mshtml.dll
    + 2007-08-13 17:54:12 3,578,368 ----a-w c:\windows\system32\mshtml.dll
    - 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\mshtmled.dll
    + 2007-08-13 17:54:10 475,648 ----a-w c:\windows\system32\mshtmled.dll
    - 2004-08-03 23:53:16 57,344 ----a-w c:\windows\system32\mshtmler.dll
    + 2007-08-13 17:01:12 48,128 ----a-w c:\windows\system32\mshtmler.dll
    - 2001-08-28 12:00:00 146,432 ----a-w c:\windows\system32\msls31.dll
    + 2007-08-13 17:54:10 156,160 ----a-w c:\windows\system32\msls31.dll
    - 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\msrating.dll
    + 2007-08-13 17:44:26 192,000 ----a-w c:\windows\system32\msrating.dll
    - 2006-07-24 09:50:38 125,744 ----a-w c:\windows\system32\MSSTDFMT.DLL
    + 2004-02-22 22:00:00 119,808 ----a-w c:\windows\system32\MSSTDFMT.DLL
    - 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\mstime.dll
    + 2007-08-13 17:54:10 670,720 ----a-w c:\windows\system32\mstime.dll
    - 2004-02-23 19:42:40 1,386,496 ----a-w c:\windows\system32\MSVBVM60.DLL
    + 2004-02-23 18:42:40 1,386,496 ----a-w c:\windows\system32\msvbvm60.dll
    + 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
    + 2003-04-18 15:29:26 82,432 ----a-w c:\windows\system32\msxml4r.dll
    - 2007-07-30 18:19:04 207,736 ----a-w c:\windows\system32\muweb.dll
    + 2008-07-18 21:07:32 210,976 ----a-w c:\windows\system32\muweb.dll
    + 2006-06-28 16:59:26 24,576 ------w c:\windows\system32\nlsdl.dll
    + 2006-06-29 07:05:44 23,552 ------w c:\windows\system32\normaliz.dll
    - 2005-11-12 21:02:04 377,344 ----a-w c:\windows\system32\occache.dll
    + 2007-08-13 17:44:06 101,376 ----a-w c:\windows\system32\occache.dll
    + 1998-07-12 22:00:00 9,728 ----a-w c:\windows\system32\PCCLPFR.DLL
    - 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\pngfilt.dll
    + 2007-08-13 17:36:12 44,544 ----a-w c:\windows\system32\pngfilt.dll
    + 2008-09-19 21:57:30 551,672 ------w c:\windows\system32\px.dll
    + 2008-09-19 21:57:30 129,784 ------w c:\windows\system32\pxafs.dll
    + 2008-09-19 21:57:30 66,296 ------w c:\windows\system32\pxcpya64.exe
    + 2008-09-19 21:57:32 518,904 ------w c:\windows\system32\pxdrv.dll
    + 2008-09-19 21:57:32 72,440 ------w c:\windows\system32\pxhpinst.exe
    + 2008-09-19 21:57:30 64,760 ------w c:\windows\system32\pxinsa64.exe
    + 2008-09-19 21:57:32 187,128 ------w c:\windows\system32\pxmas.dll
    + 2008-09-19 21:57:32 1,628,920 ------w c:\windows\system32\pxsfs.dll
    + 2008-09-19 21:57:32 379,640 ------w c:\windows\system32\pxwave.dll
    + 2008-09-19 21:57:34 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
    - 2008-11-14 09:47:32 490,048 ----a-w c:\windows\system32\Restore\rstrlog.dat
    + 2008-11-19 18:46:21 651,028 ----a-w c:\windows\system32\Restore\rstrlog.dat
    + 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
    + 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
    + 2008-09-19 21:55:58 200,704 ----a-w c:\windows\system32\ssldivx.dll
    + 1998-07-12 22:00:00 6,656 ----a-w c:\windows\system32\STDFTFR.DLL
    - 2005-11-13 14:53:42 663,040 ----a-w c:\windows\system32\url.dll
    + 2007-08-13 17:44:30 105,984 ----a-w c:\windows\system32\url.dll
    - 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\urlmon.dll
    + 2007-08-13 17:54:10 1,162,240 ----a-w c:\windows\system32\urlmon.dll
    + 2000-10-02 07:40:18 119,568 ----a-w c:\windows\system32\VB6FR.DLL
    + 2000-07-14 22:00:00 101,888 ----a-w c:\windows\system32\VB6STKIT.DLL
    - 2007-12-18 14:41:59 417,792 ----a-w c:\windows\system32\vbscript.dll
    + 2007-08-13 17:54:10 413,696 ----a-w c:\windows\system32\vbscript.dll
    + 2008-09-19 21:57:30 88,824 ------w c:\windows\system32\vxblock.dll
    - 2006-03-16 19:44:09 1,295,360 ----a-w c:\windows\system32\webcheck.dll
    + 2007-08-13 17:54:10 231,424 ----a-w c:\windows\system32\webcheck.dll
    + 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe
    - 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\wininet.dll
    + 2007-08-13 17:54:10 818,688 ----a-w c:\windows\system32\wininet.dll
    - 2007-07-30 18:19:36 549,720 ----a-w c:\windows\system32\wuapi.dll
    + 2008-10-16 13:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
    - 2007-07-30 18:19:16 53,080 ----a-w c:\windows\system32\wuauclt.exe
    + 2008-10-16 13:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
    - 2007-07-30 18:19:42 1,712,984 ----a-w c:\windows\system32\wuaueng.dll
    + 2008-10-16 13:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
    - 2007-07-30 18:19:32 325,976 ----a-w c:\windows\system32\wucltui.dll
    + 2008-10-16 13:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
    - 2007-07-30 18:18:40 33,624 ----a-w c:\windows\system32\wups.dll
    + 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
    - 2007-07-30 18:19:12 43,352 ----a-w c:\windows\system32\wups2.dll
    + 2008-10-16 13:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
    - 2007-07-30 18:19:28 203,096 ----a-w c:\windows\system32\wuweb.dll
    + 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
    + 2006-07-14 15:51:51 121,856 ------w c:\windows\system32\xmllite.dll
    + 2007-06-21 20:55:26 26,000 ----a-w c:\windows\system32\ZoneLabs\av_loc040c.dll
    + 2007-05-30 23:03:30 65,248 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\aphish.dat
    + 2006-06-30 13:47:36 21,568 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\avcmhk4.dll
    + 2007-05-30 23:03:30 1,628 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\pdmkl.dat
    + 2007-05-30 23:03:16 77,824 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHComm.dll
    + 2007-05-30 23:03:16 110,592 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHrule.dll
    + 2007-05-30 23:03:16 331,776 ----a-w c:\windows\system32\ZoneLabs\avsys\CKAHUM.dll
    + 2007-05-30 23:03:16 38,400 ----a-w c:\windows\system32\ZoneLabs\avsys\FSSync.dll
    + 2006-09-19 22:12:14 208,960 ----a-w c:\windows\system32\ZoneLabs\avsys\inv.dll
    + 2007-05-30 23:03:16 258,048 ----a-w c:\windows\system32\ZoneLabs\avsys\kave.dll
    + 2006-12-19 17:13:52 1,093,632 ----a-w c:\windows\system32\ZoneLabs\avsys\libeay32.dll
    + 2007-05-30 23:03:20 548,864 ----a-w c:\windows\system32\ZoneLabs\avsys\msvcp80.dll
    + 2007-05-30 23:03:20 626,688 ----a-w c:\windows\system32\ZoneLabs\avsys\msvcr80.dll
    + 2007-05-30 23:03:18 184,320 ----a-w c:\windows\system32\ZoneLabs\avsys\prloader.dll
    + 2007-05-30 23:03:22 90,112 ----a-w c:\windows\system32\ZoneLabs\avsys\prremote.dll
    + 2007-05-30 23:03:18 118,784 ----a-w c:\windows\system32\ZoneLabs\avsys\ScanningProcess.exe
    + 2006-12-19 17:13:52 200,704 ----a-w c:\windows\system32\ZoneLabs\avsys\ssleay32.dll
    + 2007-06-21 20:55:26 17,808 ----a-w c:\windows\system32\ZoneLabs\camupd_loc040c.dll
    + 2007-06-21 20:55:28 26,000 ----a-w c:\windows\system32\ZoneLabs\imsecure_loc040c.dll
    + 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\scheduler_loc040c.dll
    + 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\vsdb_loc040c.dll
    + 2007-06-21 20:55:30 46,480 ----a-w c:\windows\system32\ZoneLabs\vsmon_loc040c.dll
    + 2007-06-21 20:55:30 198,032 ----a-w c:\windows\system32\ZoneLabs\vsruledb_loc040c.dll
    + 2007-06-21 20:55:30 17,808 ----a-w c:\windows\system32\ZoneLabs\vsvault_loc040c.dll
    + 2007-06-21 20:55:32 17,808 ----a-w c:\windows\system32\ZoneLabs\zlquarantine_loc040c.dll
    + 2007-06-21 20:55:32 21,904 ----a-w c:\windows\system32\ZoneLabs\zlsre_loc040c.dll
    + 2008-11-16 17:14:42 1,233,920 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
    + 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
    + 2008-11-16 17:14:41 82,432 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
    + 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
    .
    -- Instantané actualisé --
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
    2008-07-28 11:46 160496 --a------ c:\program files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
    "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-22 7311360]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-05-22 86016]
    "YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-07-11 223984]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-13 136600]
    "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352]
    "CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
    --a------ 2008-11-05 21:59 4347120 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
    --a------ 2008-07-11 18:06 223984 c:\program files\Yahoo!\Search Protection\SearchProtection.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "c:\\Program Files\\eMule\\emule.exe"=
    "c:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
    "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

    R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-15 110160]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-15 20560]
    .
    Contenu du dossier 'Tâches planifiées'

    2008-11-19 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.sfr.fr/kit/adsl/
    uSearchMigratedDefaultURL = hxxp://fr.search.yahoo.com/search?ei=UTF-8&fr=yie7c&p={searchTerms}
    uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
    c:\windows\Downloaded Program Files\live.ini
    c:\windows\Downloaded Program Files\scanoptions.tsi
    c:\windows\Downloaded Program Files\lang.ini
    c:\windows\Downloaded Program Files\ipsupd.dll
    c:\windows\Downloaded Program Files\bdupd.dll
    c:\windows\Downloaded Program Files\libfn.dll
    c:\windows\Downloaded Program Files\bdcore.dll
    c:\windows\Downloaded Program Files\oscan8.ocx
    O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
    hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    c:\windows\Downloaded Program Files\oscan8.inf
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-20 18:40:40
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    c:\windows\system32\fxssvc.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-11-20 18:47:08 - La machine a redémarré [rv]
    ComboFix-quarantined-files.txt 2008-11-20 17:46:48
    ComboFix2.txt 2008-11-14 16:26:01

    Avant-CF: 58 057 711 616 octets libres
    Après-CF: 59,718,864,896 octets libres

    621 --- E O F --- 2008-11-20 13:28:50
    a b 8 Sécurité
    20 Novembre 2008 19:48:08

    Tu peux poster un rapport Hijackthis ?
    20 Novembre 2008 20:39:56

    Pas de soucis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:26, on 20/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0013)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Winamp Remote\bin\OrbTray.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\QUAD Utilities\QUAD Registry Cleaner\QUAD Scheduler.exe
    C:\Documents and Settings\rv\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\a120_tb.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8700 bytes
    23 Novembre 2008 13:27:33

    Re,



    Avira AntiVir Personal
    Report file date: samedi 22 novembre 2008 20:09

    Scanning for 1045520 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Normally booted
    Username: SYSTEM
    Computer name: HERVE

    Version information:
    BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
    AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
    AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
    LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
    LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
    ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 18:42:54
    ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 09/11/2008 18:42:56
    ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 18:42:58
    ANTIVIR3.VDF : 7.1.0.122 154112 Bytes 21/11/2008 18:43:00
    Engineversion : 8.2.0.35
    AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
    AESCRIPT.DLL : 8.1.1.15 332156 Bytes 22/11/2008 18:43:16
    AESCN.DLL : 8.1.1.5 123251 Bytes 22/11/2008 18:43:14
    AERDL.DLL : 8.1.1.3 438645 Bytes 22/11/2008 18:43:13
    AEPACK.DLL : 8.1.3.4 393591 Bytes 22/11/2008 18:43:11
    AEOFFICE.DLL : 8.1.0.30 196986 Bytes 22/11/2008 18:43:10
    AEHEUR.DLL : 8.1.0.71 1487222 Bytes 22/11/2008 18:43:08
    AEHELP.DLL : 8.1.2.0 119159 Bytes 22/11/2008 18:43:04
    AEGEN.DLL : 8.1.1.5 323956 Bytes 22/11/2008 18:43:03
    AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
    AECORE.DLL : 8.1.5.1 172406 Bytes 22/11/2008 18:43:02
    AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
    AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 09:40:05
    AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
    AVREP.DLL : 8.0.0.2 98344 Bytes 22/11/2008 18:43:01
    AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 12:26:40
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
    AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
    SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
    RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
    RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: All files
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: samedi 22 novembre 2008 20:09

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'emule.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
    Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'AnyDVD.exe' - '1' Module(s) have been scanned
    Scan process 'zlclient.exe' - '0' Module(s) have been scanned
    Scan process 'jusched.exe' - '1' Module(s) have been scanned
    Scan process 'SearchProtection.exe' - '1' Module(s) have been scanned
    Scan process 'rundll32.exe' - '1' Module(s) have been scanned
    Scan process 'alg.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'StarWindService.exe' - '1' Module(s) have been scanned
    Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
    Scan process 'jqs.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
    Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'vsmon.exe' - '0' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    31 processes with 31 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '52' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\rv\Bureau\QUAD_RegistryCleaner_v.1.5.43.exe
    [0] Archive type: NSIS
    --> Settings/QUAD Registry Cleaner.exe
    [DETECTION] Is the TR/Fraud.RegClean Trojan
    --> Settings/QUAD Scheduler.exe
    [DETECTION] Is the TR/Fraud.RegClean.A Trojan
    --> Settings/vista.exe
    [DETECTION] Is the TR/Fraud.RegClean.B Trojan
    [NOTE] The file was deleted!
    C:\Documents and Settings\rv\Local Settings\Application Data\Mozilla\Firefox\Profiles\y1v54d92.default\Cache\3CFA01BDd01
    [0] Archive type: NSIS
    --> Settings/QUAD Registry Cleaner.exe
    [DETECTION] Is the TR/Fraud.RegClean Trojan
    --> Settings/QUAD Scheduler.exe
    [DETECTION] Is the TR/Fraud.RegClean.A Trojan
    --> Settings/vista.exe
    [DETECTION] Is the TR/Fraud.RegClean.B Trojan
    [NOTE] The file was moved to '496e6a2b.qua'!
    C:\Program Files\eMule\Incoming\Avast Antivirus Pro v4.8.1282 Fr Incl-Keygen Rar.rar
    [0] Archive type: RAR
    --> Keygen\keygen.exe
    [DETECTION] Contains a recognition pattern of the (harmful) BDS/Bot.14549 back-door program
    [NOTE] The file was moved to '49896fa3.qua'!
    C:\Program Files\EPSON\Smart Panel\File.exe
    [DETECTION] Is the TR/Agent.agi.13 Trojan
    [NOTE] The file was moved to '49946fe3.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\112312.exe.vir
    [DETECTION] Is the TR/Bagle.Gen.B Trojan
    [NOTE] The file was moved to '495a712b.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\112406.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495a712d.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\118046.exe.vir
    [DETECTION] Is the TR/Bagle.Gen.B Trojan
    [NOTE] The file was moved to '4960712e.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\14654656.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495e7132.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\47531.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495d7138.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\49484.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495c713a.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\50671.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '4829ad1b.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\51921.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49617133.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\60484.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495c7133.qua'!
    C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\downld\97390.exe.vir
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '495b713b.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP11\A0003248.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '49587169.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003287.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '4958716a.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003625.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49587173.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003651.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '49587174.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003767.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '49587179.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003784.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '4958717a.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP12\A0003891.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '4958717c.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004079.exe
    [DETECTION] Is the TR/Bagle.Gen.B Trojan
    [NOTE] The file was moved to '49587184.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004080.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49587185.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004083.exe
    [DETECTION] Is the TR/Bagle.Gen.B Trojan
    [NOTE] The file was moved to '482bcc2e.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004096.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49587186.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004135.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49587188.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004136.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '482bcc21.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004137.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '49587189.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004138.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '482bcc22.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004143.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '4958718a.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP16\A0004165.exe
    [DETECTION] Contains recognition pattern of the WORM/Bagle.Gen worm
    [NOTE] The file was moved to '482bcc23.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP36\A0008297.exe
    [DETECTION] Is the TR/Fraud.RegClean Trojan
    [NOTE] The file was moved to '4958722a.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP36\A0008298.exe
    [DETECTION] Is the TR/Fraud.RegClean.A Trojan
    [NOTE] The file was moved to '4958722c.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP36\A0008300.exe
    [DETECTION] Is the TR/Fraud.RegClean.B Trojan
    [NOTE] The file was moved to '4958722d.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP40\A0008566.exe
    [0] Archive type: NSIS
    --> Settings/QUAD Registry Cleaner.exe
    [DETECTION] Is the TR/Fraud.RegClean Trojan
    --> Settings/QUAD Scheduler.exe
    [DETECTION] Is the TR/Fraud.RegClean.A Trojan
    --> Settings/vista.exe
    [DETECTION] Is the TR/Fraud.RegClean.B Trojan
    [NOTE] The file was moved to '49587238.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP40\A0008567.exe
    [DETECTION] Is the TR/Vaklik.cnd Trojan
    [NOTE] The file was moved to '49587239.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP40\A0008568.exe
    [DETECTION] Is the TR/Agent.agi.13 Trojan
    [NOTE] The file was moved to '482bcf92.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP9\A0002990.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '4958724c.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP9\A0003118.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '49587254.qua'!
    C:\System Volume Information\_restore{1AD96F14-6E30-4B81-9D62-6E67B2ED9BC0}\RP9\A0003134.sys
    [DETECTION] Is the TR/Rootkit.Gen Trojan
    [NOTE] The file was moved to '482bcffd.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd1389.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\vaxscsi.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\'


    End of the scan: samedi 22 novembre 2008 22:08
    Used time: 1:58:32 Hour(s)

    The scan has been done completely.

    4523 Scanning directories
    266220 Files were scanned
    46 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    1 files were deleted
    0 files were repaired
    39 files were moved to quarantine
    0 files were renamed
    5 Files cannot be scanned
    266169 Files not concerned
    3598 Archives were scanned
    5 Warnings
    40 Notes

    a b 8 Sécurité
    23 Novembre 2008 16:02:21

    Reposte un rapport Hijackthis.
    23 Novembre 2008 21:49:49

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:47, on 23/11/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Hamachi\hamachi.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\rv\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr/kit/adsl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - C:\PROGRA~1\ALCOHO~1\ALCOHO~2\a120_tb.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 7877 bytes
    a b 8 Sécurité
    24 Novembre 2008 18:34:53

    D'autres soucis ?
    24 Novembre 2008 22:49:17

    Je n'en vois pas d'autre, je vais y jeter un œil cette semaine, et si jamais j'ai d'autre soucis, je te redis quoi !

    Un gros merci !
    a b 8 Sécurité
    25 Novembre 2008 12:54:10

    Ok :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS