Se connecter / S'enregistrer
Votre question

Infection par logoneui.exe

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Octobre 2008 19:45:50

Bonjour à tous !

Je vous vous demander de l'aide pour désinfecter mon PC, suite à la bonne idée de quelqu'un de ma famille d'insérer une clé usb infecté sur mon PC -___-.
J'ai donc été infecté et un message au démarage de windows me signale qu'il n'arrive pas à trouver un fichier "logoneui".
Antivir l'a detécté comme un virus mais pas moyen de le supprimer, il revient toujours (j'ai aussi essayer de le supprimer en mode sans échec).
Je ne peut pas ouvrir le gestionnaire de tache.

Voici le rapport HijackThis :

Citation :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:39:13, on 16/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe logoneui.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - (no file)
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
O3 - Toolbar: (no name) - {70F241F6-52AB-4D45-993E-C1C09920095B} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 11593 bytes



J'espère que vous pourrez m'aider, merci d'avance ^^" !

Autres pages sur : infection logoneui exe

a b 8 Sécurité
16 Octobre 2008 20:28:49

Bonjour,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    17 Octobre 2008 18:19:21

    Tout d'abord, merci beaucoup de m'aider !

    Voici le Rapport de MalwareByte's Anti-Malwa :

    Citation :
    Malwarebytes' Anti-Malware 1.28
    Database version: 1276
    Windows 5.1.2600 Service Pack 3

    17/10/2008 18:01:14
    mbam-log-2008-10-17 (18-01-14).txt

    Scan type: Full Scan (C:\|D:\|E:\|)
    Objects scanned: 282065
    Time elapsed: 3 hour(s), 7 minute(s), 5 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 1
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)




    Et voici un nouveau rapport d'Hijakthis :

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:16:46, on 17/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe logoneui.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - (no file)
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
    O3 - Toolbar: (no name) - {70F241F6-52AB-4D45-993E-C1C09920095B} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
    O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 11604 bytes



    Apparement le virus est encore là..
    Contenus similaires
    a b 8 Sécurité
    17 Octobre 2008 18:23:54

    Re,

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe logoneui.exe
    O2 - BHO: (no name) - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - (no file)
    O3 - Toolbar: (no name) - {70F241F6-52AB-4D45-993E-C1C09920095B} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)


    &

    Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :files
    C:\WINDOWS\system32\logoneui.exe


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    17 Octobre 2008 22:51:19

    Ahah il joue à cache cache le coquin xD :

    Citation :
    ========== FILES ==========
    File/Folder C:\WINDOWS\system32\logoneui.exe not found.

    OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10172008_224925
    a b 8 Sécurité
    18 Octobre 2008 13:25:59

    Reposte un rapport Hijackthis.
    18 Octobre 2008 20:31:59

    Ah tiens il reste une seule ligne faisant référence à logoneui :

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:29:42, on 18/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
    O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 11077 bytes
    a b 8 Sécurité
    19 Octobre 2008 12:50:17

    Fix cette ligne, elle revient ?
    19 Octobre 2008 13:02:52

    Ouaip elle ne revient pas !
    Je peut a nouveau ouvrir mon gestionnaire de tache et le message de fichier introuvable ne s'affiche plus au démarage, mission réussi !
    Un grand merci à toi !!


    Par contre, cette ligne persiste :

    Citation :
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)



    C'est grave docteur ?
    a b 8 Sécurité
    19 Octobre 2008 13:21:46

    On va s'en charger en faisant une dernière vérif.

    Télécharge Random's System Information Tool (RSIT) par (random/random[/#f]) et sauvegarde-le sur le Bureau.

  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt [#ff0000](affiché)

  • ainsi que de info.txt (réduit dans la Barre des Tâches).
  • Veille bien à poster l'intégralité des rapports. Vérifie qu'ils soient complets une fois que tu les as postés.

    NB : Les rapports sont sauvegardés dans le dossier C:\rsit
    19 Octobre 2008 14:29:08

    Voici le rapport log.txt :

    Citation :
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Propriétaire at 2008-10-19 14:25:54
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 22 GB (30%) free of 72 GB
    Total RAM: 1279 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:26:14, on 19/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\Propriétaire\Bureau\Pour Desynfecter\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Propriétaire.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
    O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 10298 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\MP Scheduled Quick Scan.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-01-13 370296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    Click-to-Call BHO - C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 75272]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 401968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-12-04 2436160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-12-04 654832]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFEF0-5B30-21D4-945D-000000000000}]
    C:\PROGRA~1\STARDO~1\SDIEInt.dll [2006-02-26 135680]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-12-04 2436160]
    {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - MEDIADICO Familial - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll [2007-06-09 811008]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"=c:\windows\system\hpsysdrv.exe [1998-05-08 52736]
    "HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2003-04-07 114688]
    "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-14 212992]
    "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-05-03 4640768]
    "ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-07-19 335872]
    "KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
    "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
    "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2002-08-28 59392]
    "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
    "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2002-08-28 455168]
    "!AVG Anti-Spyware"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [2007-06-11 6731312]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-06-13 98304]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-08-01 266497]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
    "ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
    "Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-12-11 20992]
    "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2008-01-13 185896]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "NVIEW"=C:\WINDOWS\system32\nview.dll [2003-05-03 835654]
    "Configuration de la C-BOX"=C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe [2004-12-21 395264]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-05-06 202088]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2008-09-09 3513344]
    "MSMSGS"=C:\Program Files\Messenger\MSMSGS.EXE [2008-04-14 1695232]

    C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage
    Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2003-04-07 315392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\qomlkjj]
    qomlkjj.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"=C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [2007-05-30 79408]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoSMBalloonTip"=0
    "NofolderOptions"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
    "C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
    "C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
    "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
    "C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe"="C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon"
    "C:\Program Files\aMSN\bin\wish.exe"="C:\Program Files\aMSN\bin\wish.exe:*:Enabled:Wish Application"
    "C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe"="C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
    "C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3ad40200-9527-11dd-af50-0011672f14eb}]
    shell\AutoRun\command - H:\panel.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78f23042-923d-11dd-af49-0011672f14eb}]
    shell\AutoRun\command - H:\logoneui.exe
    shell\Open\command - H:\logoneui.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0c83720-b428-11db-ab78-00604ceaa426}]
    shell\AutoRun\command - H:\InstallTomTomHOME.exe


    ======List of files/folders created in the last 1 months======

    2008-10-19 14:25:54 ----D---- C:\rsit
    2008-10-17 22:48:55 ----D---- C:\_OTMoveIt
    2008-10-16 20:33:31 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-10-16 20:33:23 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-16 20:33:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-16 19:38:39 ----D---- C:\Program Files\Trend Micro
    2008-10-15 22:35:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-15 22:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-15 22:34:56 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-15 22:34:05 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-15 22:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-14 21:36:28 ----D---- C:\WINDOWS\pss
    2008-10-14 16:01:16 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-10-14 15:38:23 ----D---- C:\WINDOWS\Prefetch
    2008-10-14 14:01:39 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-10-14 08:59:29 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-10-14 08:59:17 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-10-14 08:59:16 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-10-14 08:59:00 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-10-14 08:58:55 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-10-14 08:58:53 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-10-14 08:58:52 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-10-14 08:58:51 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-10-14 08:58:50 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-10-14 08:58:50 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-10-14 08:58:45 ----N---- C:\WINDOWS\system32\onex.dll
    2008-10-14 08:58:38 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-10-14 08:58:38 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-10-14 08:58:37 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-10-14 08:58:36 ----N---- C:\WINDOWS\system32\msxml6r.dll
    2008-10-14 08:58:36 ----N---- C:\WINDOWS\system32\msxml6.dll
    2008-10-14 08:58:34 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-10-14 08:58:34 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-10-14 08:58:25 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-10-14 08:58:25 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-10-14 08:58:25 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-10-14 08:58:24 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-10-14 08:58:17 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-10-14 08:58:17 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-10-14 08:58:16 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-10-14 08:58:16 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-10-14 08:58:16 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-10-14 08:58:16 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-10-14 08:58:09 ----A---- C:\WINDOWS\003280_.tmp
    2008-10-14 08:58:08 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-10-14 08:58:07 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-10-14 08:58:06 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-10-14 08:58:05 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-10-14 08:58:05 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-10-14 08:58:04 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-10-14 08:58:03 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-10-14 08:58:00 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-10-14 08:58:00 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-10-14 08:57:53 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-10-08 14:50:09 ----D---- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools
    2008-10-08 12:58:08 ----A---- C:\WINDOWS\system32\LMRTREND.dll
    2008-10-08 12:58:06 ----A---- C:\WINDOWS\system32\dxtmsft3.dll
    2008-10-08 12:58:00 ----A---- C:\WINDOWS\system32\unam4ie.exe
    2008-10-08 12:57:56 ----A---- C:\WINDOWS\system32\vidx16.dll
    2008-10-08 12:57:55 ----A---- C:\WINDOWS\system32\qcut.dll
    2008-10-08 12:57:54 ----A---- C:\WINDOWS\system32\w95inf32.dll
    2008-10-08 12:57:54 ----A---- C:\WINDOWS\system32\w95inf16.dll
    2008-10-05 12:28:05 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-05 12:28:05 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-10-04 19:55:19 ----D---- C:\WINDOWS\system32\boote
    2008-10-04 19:55:19 ----A---- C:\info.bat
    2008-09-30 15:36:03 ----A---- C:\WINDOWS\posteriza.INI
    2008-09-30 15:10:48 ----A---- C:\WINDOWS\cadkasdeinst01f.exe
    2008-09-21 15:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-09-20 11:50:06 ----D---- C:\WINDOWS\system32\fr
    2008-09-20 11:50:06 ----D---- C:\WINDOWS\l2schemas
    2008-09-20 11:40:33 ----A---- C:\WINDOWS\system32\qmgr.dll
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\comctl32.dll
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\cmd.exe
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\cacls.exe
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\autoconv.exe
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\autochk.exe
    2008-09-20 11:39:29 ----A---- C:\WINDOWS\system32\advapi32.dll
    2008-09-20 11:39:28 ----N---- C:\WINDOWS\system32\oleaut32.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\rasauto.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\printui.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\ntprint.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\ntdll.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\nslookup.exe
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\locator.exe
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\localspl.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\kernel32.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\ftp.exe
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\format.com
    2008-09-20 11:39:28 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\smss.exe
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\setupapi.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\services.exe
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\schannel.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\savedump.exe
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\samsrv.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\samlib.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\rshx32.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\rastapi.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\rasman.dll
    2008-09-20 11:39:27 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\win32spl.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\userinit.exe
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\untfs.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\ulib.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2008-09-20 11:39:26 ----A---- C:\WINDOWS\system32\syssetup.dll
    2008-09-20 11:39:22 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2008-09-20 11:39:22 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2008-09-20 11:39:22 ----A---- C:\WINDOWS\system32\HAL.DLL

    ======List of files/folders modified in the last 1 months======

    2008-10-19 11:48:19 ----AD---- C:\WINDOWS
    2008-10-19 11:42:54 ----AD---- C:\WINDOWS\system32\CatRoot2
    2008-10-19 11:42:47 ----AD---- C:\WINDOWS\Temp
    2008-10-19 11:41:31 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-19 11:40:33 ----N---- C:\WINDOWS\SchedLgU.Txt
    2008-10-19 11:35:46 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-19 11:25:35 ----AD---- C:\WINDOWS\system32
    2008-10-19 11:21:52 ----AD---- C:\WINDOWS\Debug
    2008-10-18 10:50:48 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-18 08:43:59 ----HD---- C:\WINDOWS\inf
    2008-10-17 18:02:02 ----RASH---- C:\boot.ini
    2008-10-17 18:02:02 ----A---- C:\WINDOWS\win.ini
    2008-10-17 18:02:02 ----A---- C:\WINDOWS\system.ini
    2008-10-16 20:33:26 ----AD---- C:\WINDOWS\system32\drivers
    2008-10-16 20:33:22 ----AD---- C:\Program Files
    2008-10-15 22:35:17 ----ADC---- C:\WINDOWS\system32\dllcache
    2008-10-15 22:35:12 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-15 22:34:38 ----AD---- C:\Program Files\Internet Explorer
    2008-10-15 22:34:26 ----D---- C:\WINDOWS\ie7updates
    2008-10-15 22:33:59 ----SHD---- C:\WINDOWS\Installer
    2008-10-15 22:33:59 ----HD---- C:\Config.Msi
    2008-10-15 22:30:33 ----AD---- C:\WINDOWS\system32\FxsTmp
    2008-10-15 18:21:38 ----RD---- C:\WINDOWS\Web
    2008-10-14 17:04:41 ----AD---- C:\WINDOWS\system32\CatRoot
    2008-10-14 17:04:12 ----AD---- C:\Program Files\Messenger
    2008-10-14 16:07:57 ----AD---- C:\WINDOWS\Cursors
    2008-10-14 16:07:56 ----RSD---- C:\WINDOWS\Fonts
    2008-10-14 16:07:56 ----AD---- C:\WINDOWS\Media
    2008-10-14 16:07:56 ----AD---- C:\Program Files\Outlook Express
    2008-10-14 16:07:56 ----AD---- C:\Program Files\Movie Maker
    2008-10-14 16:07:53 ----AD---- C:\WINDOWS\system32\usmt
    2008-10-14 16:06:29 ----A---- C:\WINDOWS\system32\uxtheme.dll
    2008-10-14 16:06:29 ----A---- C:\WINDOWS\BricoPackUninst.txt
    2008-10-14 16:06:29 ----A---- C:\WINDOWS\BricoPackUninst.cmd
    2008-10-14 16:00:00 ----D---- C:\WINDOWS\BricoPacks
    2008-10-14 15:43:11 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-10-14 15:37:41 ----AD---- C:\WINDOWS\system32\Setup
    2008-10-14 15:37:41 ----AD---- C:\WINDOWS\AppPatch
    2008-10-14 15:37:40 ----AD---- C:\WINDOWS\system32\wbem
    2008-10-14 14:17:21 ----AD---- C:\WINDOWS\security
    2008-10-14 14:13:41 ----AD---- C:\WINDOWS\WinSxS
    2008-10-14 14:13:34 ----D---- C:\WINDOWS\ServicePackFiles
    2008-10-14 14:13:32 ----D---- C:\WINDOWS\network diagnostic
    2008-10-14 14:13:32 ----AD---- C:\WINDOWS\ime
    2008-10-14 14:13:31 ----AD---- C:\WINDOWS\Help
    2008-10-14 14:13:15 ----D---- C:\WINDOWS\system32\fr-fr
    2008-10-14 14:13:12 ----D---- C:\WINDOWS\system32\bits
    2008-10-14 14:13:12 ----D---- C:\WINDOWS\peernet
    2008-10-14 14:10:10 ----AD---- C:\WINDOWS\system32\Restore
    2008-10-14 14:10:09 ----AD---- C:\WINDOWS\system32\npp
    2008-10-14 14:10:07 ----AD---- C:\WINDOWS\msagent
    2008-10-14 14:10:06 ----AD---- C:\WINDOWS\srchasst
    2008-10-14 14:10:03 ----AD---- C:\Program Files\NetMeeting
    2008-10-14 14:10:01 ----AD---- C:\WINDOWS\system32\Com
    2008-10-14 14:09:58 ----AD---- C:\Program Files\Windows NT
    2008-10-14 14:09:58 ----AD---- C:\Program Files\Windows Media Player
    2008-10-14 14:09:54 ----AD---- C:\Program Files\Fichiers communs\System
    2008-10-14 14:09:33 ----AD---- C:\WINDOWS\system32\oobe
    2008-10-14 14:09:30 ----AD---- C:\WINDOWS\system
    2008-10-14 14:05:58 ----AD---- C:\WINDOWS\system32\ReinstallBackups
    2008-10-14 14:01:37 ----D---- C:\WINDOWS\EHome
    2008-10-13 19:10:27 ----AD---- C:\WINDOWS\Tasks
    2008-10-08 12:56:14 ----D---- C:\Games
    2008-10-07 21:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-06 11:11:42 ----D---- C:\Program Files\Ixquick Toolbar
    2008-10-05 10:34:46 ----D---- C:\FFWS2.0
    2008-10-03 19:12:27 ----A---- C:\WINDOWS\system32\ieframe.dll
    2008-09-30 19:49:57 ----D---- C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
    2008-09-28 16:38:01 ----D---- C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-09-22 18:01:09 ----D---- C:\Program Files\Yahoo!

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
    R1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys [2007-05-30 10872]
    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-08-01 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40576]
    R1 SiSkp;SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [2003-04-11 10624]
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-10 11043]
    R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-10-26 4124352]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2004-10-19 20096]
    R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-09-21 10804]
    R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-01-13 12500]
    R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-05-22 1063040]
    R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2003-05-22 196352]
    R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630]
    R3 LHidUsb;Logitech USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [2003-12-11 37916]
    R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-12-11 70894]
    R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288]
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 Ps2;PS2; C:\WINDOWS\System32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-08-02 5888]
    R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
    R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
    R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
    R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-11-05 82148]
    R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-05-22 631296]
    S1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41856]
    S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-16 113504]
    S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-16 78752]
    S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-01-17 23000]
    S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
    S3 catchme;catchme; \??\C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\catchme.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 EL90XBC;Pilote de la carte EtherLink XL 90XB/C 3Com; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-18 66591]
    S3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-16 90907]
    S3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-12-11 51582]
    S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
    S3 PAC207;Trust WB-1200p Mini Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
    S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2002-10-05 46976]
    S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
    S3 SiS315;SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [2003-05-06 394752]
    S3 slabbus;INFORAD USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys [2004-10-29 51040]
    S3 slabser;INFORAD USB to UART Bridge Controller Drivers; C:\WINDOWS\system32\DRIVERS\slabser.sys [2004-10-29 82768]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2008-04-13 12800]
    S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
    S3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-06-08 258944]
    S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver; C:\WINDOWS\system32\DRIVERS\WlanUIG.sys [2004-09-03 379456]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-08-01 68865]
    R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-17 149761]
    R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
    R2 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe [2007-05-30 312880]
    R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2004-12-24 106496]
    R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
    R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
    S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
    S2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-05-03 69632]
    S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-02-03 72704]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-02-10 654848]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-04 138680]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

    -----------------EOF-----------------





    Et voici le rapport info.txt :



    Citation :
    info.txt logfile of random's system information tool 1.04 2008-10-19 14:26:20

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
    -->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
    -->c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    3dsmax ancillary install-->MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
    Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
    Adobe Acrobat 5.0-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Fichiers communs\Adobe\Acrobat 5.0\NT\Uninst.dll"
    Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5101}
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-119F-4D52-B551-6739B2B22101}
    Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-040C-2E257A25E34D}
    Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
    Adobe Stock Photos 1.0-->MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
    aMSN 0.97-->C:\Program Files\aMSN\uninstall.exe
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Archlord Episode 3-->"C:\Program Files\Codemasters\Archlord\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
    ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->MsiExec.exe /I{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}
    ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
    ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:D ISPLAY -clean
    Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
    AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    BlueSoleil-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\Setup.exe" -l0x40c
    CamStudio-->C:\Program Files\CamStudio\uninstall.exe
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
    Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}
    DivX Content Uploader-->C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    FFWorld Script v2.0-->C:\FFWS2.0\UNWISE.EXE C:\FFWS2.0\INSTALL.LOG
    FMOD Programmers API Win32-->"C:\Program Files\FMOD SoundSystem\FMOD Programmers API Win32\uninstall.exe"
    Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
    HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    Imagesynth-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E6398DE8-6DD0-4566-AE68-D1AA69212512}\setup.exe" -l0x9 -removeonly
    INFORAD MANAGER 3.2-->"C:\Program Files\INFORAD\unins000.exe"
    INFORAD USB to UART Bridge Controller-->C:\WINDOWS\system32\ifdmun2k.exe C:\WINDOWS\system32\ifdmun.u2k
    Installation de la C-BOX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6B7E3A6-0BA7-478D-A5AB-8DED8FC62D80}\setup.exe" -l0x40c -usb
    Intel(R) Extreme Graphics Driver-->RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
    InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
    Ixquick Toolbar-->regsvr32 /u /s "C:\Program Files\Ixquick Toolbar\ix_quick.dll"
    Java 2 Runtime Environment, SE v1.4.1_02-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
    Java Web Start-->"C:\Program Files\Java Web Start\uninst-javaws.exe"
    La Toolbar MEDIADICO-->MsiExec.exe /I{67E131AE-6F62-4091-9567-55DE59130825}
    Language pack for Ad-Aware SE-->C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
    Lara Croft Tomb Raider : L’Ange des Ténèbres-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{93656878-FF8B-4935-99BB-F3F260037C57}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Little Fighter 2 v1.9-->C:\Program Files\LittleFighter2\LF2_v1.9\Uninstal.exe
    LiveReg (Symantec Corporation)-->C:\Program Files\Fichiers communs\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
    Logitech MouseWare 9.80 -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\Setup.exe" -l0x40c -l040c UNINSTALL
    Ma-Config.com plugin-->MsiExec.exe /I{6F06A42D-525C-49ED-8622-E16790956CD8}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
    Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
    Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Windows Application Compatibility Database-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"
    Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
    Microsoft Works 7.0-->MsiExec.exe /I{64D114CE-4234-45C2-B60A-2B07D5A48F72}
    Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Morrowind-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Bethesda Softworks\Morrowind\MWUninstall\Setup.exe" -l0x40c
    Mozilla Firefox (3.0)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
    Navilog1 3.3.6-->"C:\Program Files\Navilog1\unins000.exe"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Gart Driver-->C:\WINDOWS\System32\nvugart.exe Uninstall C:\WINDOWS\System32\Nvgart.nvu,NVIDIA Gart Driver
    NVIDIA Windows 2000/XP Display Drivers-->rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf
    OpenOffice.org 2.2-->MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}
    Pack Vista Inspirat 2 1.0-->C:\WINDOWS\BricoPacks\Vista Inspirat 2\Remove.exe
    Pilotes SAGEM F@st 3302-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64B10603-B45D-48F4-BF7E-B5D20A1E436F}\Setup.exe" -l0x40c
    Poster-Atelier d'impression 4-->C:\WINDOWS\cadkasdeinst01f.exe "C:\Program Files\Poster-Atelier d'impression 4\"
    PS2-->C:\WINDOWS\system32\ps2.exe uninstall
    Python 2.2 combined Win32 extensions-->C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
    Python 2.2.1-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
    QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
    RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
    REALTEK GbE & FE Ethernet PCI NIC Driver-->C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe -runfromtemp -l0x040c -removeonly
    RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
    Regressi-->MsiExec.exe /I{E2E164AB-1367-488F-8F1F-BA312DB2FF18}
    RGSS de RMXP version 1.0.1-->"C:\Program Files\Bodom-Child - RaBBi\RGSS\unins000.exe"
    RM2K Mp3 Patch v1.1-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{37A58B85-C98F-11D5-B694-00E07D72A995}\Setup.exe"
    RM2K Update 2.01e-->C:\Program Files\ASCII\RPG2000\Uninstal.exe
    RMXP version 1.0.0.1-->"C:\Program Files\Bodom-Child - RaBBi\RMXP\unins000.exe"
    RPG Maker 2003-->C:\Program Files\RPG Maker 2003\Désinstaller.exe
    RPG Maker VX 1.02-->"C:\Program Files\RPG Maker VX\unins000.exe"
    RPGƒcƒN[ƒ‹2003 - Aurion-->C:\WINDOWS\gamedelete.exe "C:\Program Files\RPG Maker 2003\AURION\RPG_RT.ind"
    RPGƒcƒN[ƒ‹VX ‘ÌŒ±”Å-->"C:\Program Files\Enterbrain\RPGVX-Trial\unins000.exe"
    RPGƒcƒN[ƒ‹VX RTP-->"C:\Program Files\Fichiers communs\Enterbrain\RGSS2\RPGVX\unins000.exe"
    S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'
    S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'
    S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'
    S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'
    Samsung Master-->C:\Program Files\InstallShield Installation Information\{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}\Setup.exe -runfromtemp -l0x040c -removeonly
    Samsung USB Driver-->"C:\Program Files\InstallShield Installation Information\{86D6A20D-3910-4441-A3E5-EB6977251C86}\Setup.exe" -runfromtemp -l0x040c anything -removeonly
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
    Shogo Editing Tools-->C:\WINDOWS\uninst.exe -fc:\games\shogo-tools\DeIsL1.isu
    Shogo-->C:\WINDOWS\unin040c.exe -fC:\Games\Shogo\DeIsL2.isu
    SmartFTP Client 2.0 Setup Files (remove only)-->"C:\Program Files\SmartFTP Client 2.0 Setup Files\uninst-sftp.exe"
    SmartFTP Client 2.0-->MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
    Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
    Star Downloader Free-->C:\PROGRA~1\STARDO~1\UNWISE.EXE C:\PROGRA~1\STARDO~1\INSTALL.LOG
    System Shock2-->C:\WINDOWS\IsUninst.exe -fC:\games\Sshock2\SShocku.log
    TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
    TES Construction Set-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Bethesda Softworks\Morrowind\CSUninstall\Setup.exe" -l0x40c
    TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
    Trust WB-1200p Mini Webcam-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{C4EE60C6-515F-4BAE-AB76-2D54DBC0875D} /l1036
    TV sur PC-->C:\Program Files\Neuf\TV_PC\uninstall.exe
    vanBasco's Karaoke Player-->C:\Program Files\vanBasco's Karaoke Player\uninst.exe
    VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
    Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
    Windows Live Bêta (tous les programmes)-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Windows Live Bêta (tous les programmes)-->MsiExec.exe /I{9C4AB6FB-43CD-4ADF-8B59-6C52A6B74324}
    Windows Live Call-->MsiExec.exe /I{868EC13B-52DA-43B9-8C05-50CD897674DF}
    Windows Live Messenger-->MsiExec.exe /X{F72F8316-91E8-4C80-9E39-EBE933E1EDFB}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"

    =====HijackThis Backups=====

    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O2 - BHO: (no name) - {C5CAA6CD-8EE4-40a3-92E0-385561406C50} - (no file)
    O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: Shell=Explorer.exe logoneui.exe
    O3 - Toolbar: (no name) - {70F241F6-52AB-4D45-993E-C1C09920095B} - (no file)
    O4 - HKCU\..\Run: [firewall 2008] C:\WINDOWS\system32\logoneui.exe
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Avira AntiVir PersonalEdition

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Fichiers communs\Adobe\AGL;C:\Program Files\Fichiers communs\Autodesk Shared
    "windir"=%SystemRoot%
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=15
    "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
    "PROCESSOR_REVISION"=0209
    "NUMBER_OF_PROCESSORS"=1
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "FP_NO_HOST_CHECK"=NO

    -----------------EOF-----------------
    a b 8 Sécurité
    19 Octobre 2008 15:18:37

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\qomlkjj]
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78f23042-923d-11dd-af49-0011672f14eb}]


    Double clique sur OTMoveIt3.exe afin de le lancer.
    Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
    Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log
    19 Octobre 2008 15:37:40

    Voici le rapport demandé :

    Citation :
    ========== REGISTRY ==========
    Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\qomlkjj\\ .
    Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78f23042-923d-11dd-af49-0011672f14eb}\\ deleted successfully.

    OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10192008_153241



    Et voila le rapport Hijackthis, apparement le fichier est toujours présent :

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:34:33, on 19/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
    O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 10223 bytes
    a b 8 Sécurité
    19 Octobre 2008 17:07:24

    Re,

    [#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    20 Octobre 2008 19:08:08

    Voici le Rapport Combo Fix :

    ComboFix 08-10-19.04 - Propriétaire 2008-10-20 17:53:53.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.814 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Propriétaire\Bureau\Pour Desynfecter\ComboFix.exe
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Autorun.inf
    C:\info.bat
    C:\WINDOWS\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
    C:\WINDOWS\system32\boote
    C:\WINDOWS\system32\boote\boot.ini
    C:\WINDOWS\system32\MSINET.oca
    D:\Autorun.inf
    E:\Autorun.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-20 au 2008-10-20 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-19 14:25 . 2008-10-19 14:26 <REP> d-------- C:\rsit
    2008-10-17 22:48 . 2008-10-17 22:48 <REP> d-------- C:\_OTMoveIt
    2008-10-16 20:39 . 2008-10-16 20:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
    2008-10-16 20:33 . 2008-10-16 20:33 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-16 20:33 . 2008-10-16 20:33 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Malwarebytes
    2008-10-16 20:33 . 2008-10-16 20:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-16 20:33 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-16 20:33 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-16 19:38 . 2008-10-16 19:38 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-15 22:13 . 2008-10-15 22:13 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Template
    2008-10-15 14:12 . 2008-09-08 12:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-15 14:11 . 2008-08-14 15:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-15 14:11 . 2008-08-14 15:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-15 14:11 . 2008-08-14 15:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-15 14:11 . 2008-08-14 15:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-15 14:11 . 2008-09-15 17:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-14 16:01 . 2008-10-14 16:06 5,376 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-10-14 15:43 . 2008-04-11 21:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
    2008-10-14 15:43 . 2008-06-14 19:33 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-10-14 15:43 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
    2008-10-14 14:19 . 2008-06-20 13:51 361,600 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
    2008-10-14 14:19 . 2008-06-14 19:33 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-10-14 14:19 . 2008-06-20 13:08 225,856 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
    2008-10-14 14:19 . 2008-08-14 12:04 138,496 --a------ C:\WINDOWS\system32\drivers\afd.sys
    2008-10-14 14:18 . 2008-05-08 16:02 203,136 --a------ C:\WINDOWS\system32\drivers\rmcast.sys
    2008-10-14 08:59 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll
    2008-10-14 08:59 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll
    2008-10-14 08:59 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll
    2008-10-14 08:59 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe
    2008-10-14 08:59 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys
    2008-10-14 08:57 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll
    2008-10-08 14:50 . 2008-10-08 14:50 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\DAEMON Tools
    2008-10-08 12:58 . 1998-08-27 06:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
    2008-10-08 12:58 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
    2008-10-08 12:58 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
    2008-10-08 12:58 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
    2008-10-08 12:58 . 2008-10-08 12:58 285 --a------ C:\WINDOWS\EReg072.dat
    2008-10-08 12:57 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
    2008-10-08 12:57 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
    2008-10-08 12:57 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
    2008-10-08 12:57 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
    2008-10-08 12:57 . 2008-10-08 12:57 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
    2008-10-08 12:57 . 2008-10-08 12:57 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
    2008-10-05 15:55 . 2008-10-05 15:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-10-05 15:55 . 2008-10-05 15:55 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-10-05 12:28 . 2008-10-05 12:28 <REP> d-------- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-10-05 12:28 . 2008-10-05 12:28 <REP> d-------- C:\Program Files\SDHelper (Spybot - Search & Destroy)
    2008-09-30 15:36 . 2008-09-30 15:36 997 --a------ C:\WINDOWS\posteriza.INI
    2008-09-30 15:26 . 2008-09-30 15:33 1,873 --a------ C:\WINDOWS\New poster
    2008-09-30 15:10 . 2008-09-30 15:10 73,216 --a------ C:\WINDOWS\cadkasdeinst01f.exe
    2008-09-20 11:50 . 2008-10-14 14:13 <REP> d-------- C:\WINDOWS\system32\fr
    2008-09-20 11:50 . 2008-10-14 14:13 <REP> d-------- C:\WINDOWS\l2schemas
    2008-09-20 11:39 . 2008-08-14 15:23 2,191,232 --a------ C:\WINDOWS\system32\ntoskrnl.exe

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-19 09:41 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-10-19 09:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-10-14 14:06 72,074 ----a-w C:\WINDOWS\BricoPackUninst.cmd
    2008-10-14 14:06 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-10-06 09:11 --------- d-----w C:\Program Files\Ixquick Toolbar
    2008-09-30 17:49 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\OpenOffice.org2
    2008-09-28 14:38 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Azureus
    2008-09-22 16:01 --------- d-----w C:\Program Files\Yahoo!
    2008-09-19 16:40 --------- d-----w C:\Program Files\Microsoft
    2008-09-19 16:39 --------- d-----w C:\Program Files\Windows Live
    2008-09-19 16:36 --------- d-----w C:\Program Files\Fichiers communs\Windows Live
    2008-09-19 12:37 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-09-14 11:24 --------- d-----w C:\Program Files\MessengerDiscovery
    2008-09-08 22:03 51,712 ----a-w C:\WINDOWS\system32\sirenacm.dll
    2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-09-06 21:06 --------- d-----w C:\Program Files\Codemasters
    2008-09-05 18:21 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-08-29 17:45 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\eMule
    2008-08-29 17:42 --------- d-----w C:\Program Files\eMule
    2008-08-26 08:11 817,152 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    .

    ------- Sigcheck -------

    2006-10-23 17:34 668672 efa0c2870cba1747809a13e09f35bf82 C:\WINDOWS\$hf_mig$\KB925454\SP2QFE\wininet.dll
    2007-03-23 11:29 823296 375b58a68a016546535a84060092325c C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
    2007-04-25 10:26 823808 47ddad237f60729dea2b9e0e2382b58f C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
    2007-06-27 16:14 824320 7201d19b81883b57d5ffe8ebb5a83e8b C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
    2007-08-20 11:49 825344 2dd1b0f579c80562edcb8848ff7ea9f6 C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
    2007-10-11 01:22 825344 871ae10d6ae8877e9636ae5017953d52 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    2007-12-07 03:42 825344 f4fd487241d3ac291046a22cebd2cf71 C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    2008-03-01 14:34 827392 5a0093f59b505c008ed0cee615563c72 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    2008-04-23 09:19 827392 78d3d2b0be6ad3e6d82ccb115cf74310 C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    2008-06-23 17:40 827904 52589bae67dd9859724287372668690b C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    2008-08-26 11:10 827904 4b0e70d44297877a313045bd059770e1 C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
    2006-10-23 17:34 668672 efa0c2870cba1747809a13e09f35bf82 C:\WINDOWS\ie7\wininet.dll
    2007-02-27 15:26 822784 75de73e328e300caed5965faea2f5d3f C:\WINDOWS\ie7updates\KB933566-IE7\wininet.dll
    2007-10-11 01:49 815616 2dbcc6065570d7822bfc7a7b22ca1489 C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
    2008-03-01 14:58 826368 8e027981ddffa690d456fe18b37415a0 C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
    2008-04-23 06:16 826368 02d6aabd5f5a32c61478b5cdfe50e4a8 C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
    2008-06-23 18:28 817152 5f8a137bed66cb1150f139e4e6a6355c C:\WINDOWS\ie7updates\KB956390-IE7\wininet.dll
    2008-08-26 10:11 817152 af5453aee1d7d21eb32a4dc6e74ab75c C:\WINDOWS\ServicePackFiles\i386\wininet.dll
    2008-08-26 10:11 826368 e30cacd98479b36a3dbfa3267bf62dd0 C:\WINDOWS\SoftwareDistribution\Download\1f0ff9cd77277bbfa312e709c95b4b39\sp2gdr\wininet.dll
    2008-08-26 11:10 827904 4b0e70d44297877a313045bd059770e1 C:\WINDOWS\SoftwareDistribution\Download\1f0ff9cd77277bbfa312e709c95b4b39\sp2qfe\wininet.dll
    2008-08-26 10:11 817152 af5453aee1d7d21eb32a4dc6e74ab75c C:\WINDOWS\system32\wininet.dll
    2008-08-26 10:11 826368 e30cacd98479b36a3dbfa3267bf62dd0 C:\WINDOWS\system32\dllcache\wininet.dll

    2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\explorer.exe
    2007-06-13 15:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    2007-06-13 15:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
    2008-04-14 04:34 979968 3efe912dd25d2586e6a0341db0a66f69 C:\WINDOWS\ServicePackFiles\i386\explorer.exe
    2008-04-14 04:34 1037824 f2317622d29f9ff0f88aeecd5f60f0dd C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe

    2008-07-18 22:10 68808 136896c2cdc3f689876e0d44485153ea C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe
    2008-07-18 22:10 68808 136896c2cdc3f689876e0d44485153ea C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 22:10 53448 d316e28958873859b88d72cf47ad1ea5 C:\WINDOWS\system32\dllcache\wuauclt.exe
    .
    ((((((((((((((((((((((((((((( snapshot@2007-11-29_22.34.16.23 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-02-26 11:49:32 297,984 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB932823-v3\update\updspapi.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB938464\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB938464\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB938464\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB938464\update\updspapi.dll
    + 2007-10-29 22:36:31 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
    + 2007-10-30 16:53:32 360,832 ----a-w C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941644\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941644\update\updspapi.dll
    + 2008-03-20 07:56:50 1,846,016 ----a-w C:\WINDOWS\$hf_mig$\KB941693\SP2QFE\win32k.sys
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941693\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941693\update\updspapi.dll
    + 2007-10-10 23:22:14 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\advpack.dll
    + 2007-10-10 23:22:14 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\dxtrans.dll
    + 2007-10-10 23:22:14 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\extmgr.dll
    + 2007-10-10 23:22:14 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\icardie.dll
    + 2007-10-10 08:16:47 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
    + 2007-10-10 23:22:14 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakeng.dll
    + 2007-10-10 23:22:14 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieaksie.dll
    + 2007-10-10 05:47:20 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dat
    + 2007-10-10 23:22:14 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieapfltr.dll
    + 2007-10-10 23:22:15 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iedkcs32.dll
    + 2007-10-10 23:22:16 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieframe.dll
    + 2007-10-10 23:22:16 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iernonce.dll
    + 2007-10-10 23:22:16 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iertutil.dll
    + 2007-10-10 08:16:47 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
    + 2007-10-10 08:16:56 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
    + 2007-10-10 23:22:16 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\jsproxy.dll
    + 2007-10-10 23:22:16 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeeds.dll
    + 2007-10-10 23:22:16 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msfeedsbs.dll
    + 2007-10-30 23:40:57 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
    + 2007-10-10 23:22:18 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mshtmled.dll
    + 2007-10-10 23:22:18 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\msrating.dll
    + 2007-10-10 23:22:18 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\mstime.dll
    + 2007-10-10 23:22:18 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\occache.dll
    + 2007-10-10 23:22:18 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\url.dll
    + 2007-10-10 23:22:19 1,162,240 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\urlmon.dll
    + 2007-10-10 23:22:19 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\webcheck.dll
    + 2007-10-10 23:22:19 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942615-IE7\update\updspapi.dll
    + 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
    + 2007-12-04 18:30:15 551,936 ----a-w C:\WINDOWS\$hf_mig$\KB943055\SP2QFE\oleaut32.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943055\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943055\update\updspapi.dll
    + 2007-11-07 09:50:06 733,696 ----a-w C:\WINDOWS\$hf_mig$\KB943485\SP2QFE\lsasrv.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB943485\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB943485\update\updspapi.dll
    + 2007-12-07 01:42:15 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\advpack.dll
    + 2007-12-19 22:20:28 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtmsft.dll
    + 2007-12-07 01:42:15 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\dxtrans.dll
    + 2007-12-07 01:42:15 133,120 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\extmgr.dll
    + 2007-12-07 01:42:15 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\icardie.dll
    + 2007-12-06 08:34:28 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
    + 2007-12-07 01:42:15 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakeng.dll
    + 2007-12-07 01:42:16 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieaksie.dll
    + 2007-12-06 05:00:02 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dat
    + 2007-12-07 01:42:16 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieapfltr.dll
    + 2007-12-07 01:42:16 388,096 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iedkcs32.dll
    + 2007-12-07 01:42:19 6,067,200 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieframe.dll
    + 2007-12-07 01:42:19 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iernonce.dll
    + 2007-12-07 01:42:19 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iertutil.dll
    + 2007-12-06 08:34:29 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
    + 2007-12-06 08:34:45 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
    + 2007-12-07 01:42:20 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\jsproxy.dll
    + 2007-12-07 01:42:20 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeeds.dll
    + 2007-12-07 01:42:20 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msfeedsbs.dll
    + 2007-12-07 01:42:21 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
    + 2007-12-07 01:42:21 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mshtmled.dll
    + 2007-12-07 01:42:21 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\msrating.dll
    + 2007-12-07 01:42:21 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\mstime.dll
    + 2007-12-07 01:42:21 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\occache.dll
    + 2008-01-11 05:54:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\pngfilt.dll
    + 2007-12-07 01:42:21 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\url.dll
    + 2007-12-07 01:42:22 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\urlmon.dll
    + 2007-12-07 01:42:22 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\webcheck.dll
    + 2007-12-07 01:42:22 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944533-IE7\update\updspapi.dll
    + 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
    + 2008-02-20 05:20:23 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsapi.dll
    + 2008-02-20 18:50:24 45,568 ----a-w C:\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB945553\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB945553\update\updspapi.dll
    + 2007-12-18 09:38:59 179,712 ----a-w C:\WINDOWS\$hf_mig$\KB946026\SP2QFE\mrxdav.sys
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB946026\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB946026\update\updspapi.dll
    + 2008-05-02 13:33:12 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP2QFE\msgsc.dll
    + 2008-05-02 14:01:52 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3GDR\msgsc.dll
    + 2008-05-02 13:44:40 83,968 ----a-w C:\WINDOWS\$hf_mig$\KB946648\SP3QFE\msgsc.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB946648\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB946648\update\updspapi.dll
    + 2008-03-01 12:34:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\advpack.dll
    + 2008-03-01 12:34:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtmsft.dll
    + 2008-03-01 12:34:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\dxtrans.dll
    + 2008-03-01 12:34:27 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\extmgr.dll
    + 2008-03-01 12:34:27 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\icardie.dll
    + 2008-02-22 09:39:56 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
    + 2008-03-01 12:34:27 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakeng.dll
    + 2008-03-01 12:34:27 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieaksie.dll
    + 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dat
    + 2008-03-01 12:34:27 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieapfltr.dll
    + 2008-03-01 12:34:27 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iedkcs32.dll
    + 2008-03-01 12:34:29 6,067,712 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieframe.dll
    + 2008-03-01 12:34:29 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iernonce.dll
    + 2008-03-01 12:34:29 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iertutil.dll
    + 2008-02-22 09:39:56 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
    + 2008-02-22 09:40:22 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
    + 2008-03-01 12:34:30 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\jsproxy.dll
    + 2008-03-01 12:34:30 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeeds.dll
    + 2008-03-01 12:34:30 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msfeedsbs.dll
    + 2008-03-01 12:34:32 3,593,216 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
    + 2008-03-01 12:34:32 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mshtmled.dll
    + 2008-03-01 12:34:32 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\msrating.dll
    + 2008-03-01 12:34:32 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\mstime.dll
    + 2008-03-01 12:34:32 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\occache.dll
    + 2008-03-01 12:34:32 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\pngfilt.dll
    + 2008-03-01 12:34:32 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\url.dll
    + 2008-03-01 12:34:33 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\urlmon.dll
    + 2008-03-01 12:34:33 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\webcheck.dll
    + 2008-03-01 12:34:33 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB947864-IE7\update\updspapi.dll
    + 2008-02-20 06:52:42 282,624 ----a-w C:\WINDOWS\$hf_mig$\KB948590\SP2QFE\gdi32.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948590\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948590\update\updspapi.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB948881\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
    + 2007-03-06 01:35:47 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB948881\update\updspapi.dll
    + 2008-01-23 04:56:21 554,008 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\dao360.dll
    + 2007-12-10 12:41:11 518,944 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexch40.dll
    + 2007-12-10 12:41:11 326,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
    + 2007-12-10 12:41:11 1,516,568 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjet40.dll
    + 2007-12-10 12:41:11 355,112 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
    + 2008-03-25 06:56:31 194,144 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjint40.dll
    + 2007-12-10 12:41:12 60,192 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjter40.dll
    + 2007-12-10 12:41:12 248,608 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
    + 2007-12-10 12:41:12 219,936 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msltus40.dll
    + 2007-12-10 12:41:12 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
    + 2007-12-10 12:41:13 432,928 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
    + 2007-12-10 12:41:13 322,336 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
    + 2007-12-10 12:41:13 559,904 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
    + 2007-12-10 12:41:13 264,992 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mstext40.dll
    + 2007-12-10 12:41:13 838,432 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
    + 2007-11-01 05:15:27 621,344 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
    + 2007-12-10 12:41:14 355,104 ----a-w C:\WINDOWS\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950749\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950749\update\updspapi.dll
    + 2008-04-23 07:19:26 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
    + 2008-04-23 07:19:26 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
    + 2008-04-23 07:19:26 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
    + 2008-04-23 07:19:26 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
    + 2008-04-23 07:19:26 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
    + 2008-04-22 08:02:19 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
    + 2008-04-23 07:19:26 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
    + 2008-04-23 07:19:26 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
    + 2008-04-20 05:07:38 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
    + 2008-04-23 07:19:26 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
    + 2008-04-23 07:19:26 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
    + 2008-04-23 07:19:26 6,068,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
    + 2008-04-23 07:19:26 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
    + 2008-04-23 07:19:26 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
    + 2008-04-22 08:02:19 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
    + 2008-04-22 08:02:46 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
    + 2008-04-23 07:19:26 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
    + 2008-04-23 07:19:27 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
    + 2008-04-23 07:19:27 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
    + 2008-04-23 07:19:27 3,593,728 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
    + 2008-04-23 07:19:27 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
    + 2008-04-23 07:19:27 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
    + 2008-04-23 07:19:27 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
    + 2008-04-23 07:19:27 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
    + 2008-04-23 07:19:27 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
    + 2008-04-23 07:19:27 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
    + 2008-04-23 07:19:27 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
    + 2008-04-23 07:19:27 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
    + 2008-04-23 07:19:27 827,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB950759-IE7\update\updspapi.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950760\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950760\update\updspapi.dll
    + 2008-05-08 12:14:51 203,008 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP2QFE\rmcast.sys
    + 2008-05-08 14:02:52 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3GDR\rmcast.sys
    + 2008-05-08 13:58:17 203,136 ----a-w C:\WINDOWS\$hf_mig$\KB950762\SP3QFE\rmcast.sys
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950762\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950762\update\updspapi.dll
    + 2008-07-07 20:18:27 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
    + 2008-07-07 20:28:20 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
    + 2008-07-07 20:24:11 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
    + 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
    + 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
    + 2008-04-11 18:40:33 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
    + 2008-04-11 19:05:22 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
    + 2008-04-11 22:23:04 691,712 ----a-w C:\WINDOWS\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951066\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\spcustom.dll
    + 2007-12-03 15:25:43 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951066\update\updspapi.dll
    + 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
    + 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
    + 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
    + 2008-06-14 18:03:13 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
    + 2008-06-14 17:33:37 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
    + 2008-06-14 17:40:19 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
    + 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376-v2\update\updspapi.dll
    + 2008-04-14 16:17:04 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP2QFE\bthport.sys
    + 2008-04-14 15:59:30 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3GDR\bthport.sys
    + 2008-04-14 16:22:05 272,768 ----a-w C:\WINDOWS\$hf_mig$\KB951376\SP3QFE\bthport.sys
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951376\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
    + 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951376\update\updspapi.dll
    + 2008-05-07 04:55:47 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
    + 2008-05-07 05:11:24 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
    + 2008-05-07 05:04:59 1,294,336 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
    + 2006-08-16 12:13:24 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
    + 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
    + 2008-06-20 17:37:01 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
    + 2008-06-20 17:37:01 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
    + 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    + 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
    + 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
    + 2008-06-20 17:47:22 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
    + 2008-06-20 17:47:22 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
    + 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    + 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
    + 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
    + 2008-06-20 17:44:02 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
    + 2008-06-20 17:44:02 247,808 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
    + 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    + 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
    + 2007-11-30 12:39:29 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
    + 2007-11-30 12:39:29 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
    + 2007-11-30 12:39:29 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
    + 2007-11-30 12:39:26 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
    + 2007-11-30 12:39:29 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
    + 2008-05-01 15:04:51 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP2QFE\msadce.dll
    + 2008-05-01 14:36:26 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3GDR\msadce.dll
    + 2008-05-01 14:39:23 331,776 ----a-w C:\WINDOWS\$hf_mig$\KB952287\SP3QFE\msadce.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952287\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
    + 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952287\update\updspapi.dll
    + 2008-06-24 16:30:27 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
    + 2008-06-24 16:44:02 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
    + 2008-06-24 16:53:52 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
    + 2007-11-30 12:39:29 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
    + 2007-11-30 12:39:31 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
    + 2008-06-23 15:40:01 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
    + 2008-06-23 15:40:01 347,136 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
    + 2008-06-23 15:40:01 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
    + 2008-06-23 15:40:01 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
    + 2008-06-23 15:40:01 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
    + 2008-06-23 08:23:18 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
    + 2008-06-23 15:40:01 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
    + 2008-06-23 15:40:01 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
    + 2008-06-21 05:23:53 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
    + 2007-04-17 09:32:38 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
    + 2008-06-23 15:40:02 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
    + 2008-06-23 15:40:02 388,608 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
    + 2008-06-23 15:40:04 6,068,736 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
    + 2008-06-23 15:40:04 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
    + 2008-06-23 15:40:04 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
    + 2008-06-23 08:23:18 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
    + 2008-06-23 08:23:52 625,664 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
    + 2008-06-23 15:40:05 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
    + 2008-06-23 15:40:05 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
    + 2008-06-23 15:40:05 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
    + 2008-06-23 15:40:07 3,594,240 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
    + 2008-06-23 15:40:07 477,696 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
    + 2008-06-23 15:40:07 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
    + 2008-06-23 15:40:07 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
    + 2008-06-23 15:40:07 102,912 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
    + 2008-06-23 15:40:07 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
    + 2008-06-23 15:40:07 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
    + 2008-06-23 15:40:08 1,162,752 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
    + 2008-06-23 15:40:08 233,472 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
    + 2008-06-23 15:40:08 827,904 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
    + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\spmsg.dll
    + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\spuninst.exe
    + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\spcustom.dll
    + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe
    + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB953838-IE7\update\updspapi.dll
    + 2007-11-30 11:19:06 18,296 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spmsg.dll
    + 2007-11-30 11:19:06 234,872 ----a-w C:\WINDOWS\$hf_mig$\KB953839\spuninst.exe
    + 2007-11-30 11:19:06 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\spcustom.dll
    + 2007-11-30 11:19:06 767,352 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
    + 2007-11-30 11:19:10 406,392 ----a-w C:\WINDOWS\$hf_mig$\KB953839\update\updspapi.dll
    - 2003-01-13 15:53:24 50,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\1394bus.sys
    - 2006-08-16 12:16:05 95,232 -c----w C:\WINDOWS\$NtServicePackUninstall$\6to4svc.dll
    - 2003-08-02 20:10:00 185,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe
    - 2002-11-27 08:20:40 1,821,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\acgenral.dll
    - 2003-08-02 20:11:00 406,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclayers.dll
    - 2003-08-02 20:11:00 125,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclua.dll
    - 2003-08-02 20:11:00 111,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\aclui.dll
    - 2003-08-02 20:11:00 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
    - 2003-08-02 20:11:00 219,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\acspecfc.dll
    - 2003-08-02 20:12:00 181,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\activeds.dll
    - 2003-08-02 20:12:00 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe
    - 2003-08-02 20:12:00 98,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\actxprxy.dll
    - 2003-08-02 20:12:00 107,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\acxtrnal.dll
    - 2002-05-15 01:08:54 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.dll
    - 2002-05-15 01:08:54 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\admin.exe
    - 2003-08-02 20:13:00 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\admparse.dll
    - 2003-08-02 20:13:00 162,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldp.dll
    - 2003-08-02 20:13:00 139,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsldpc.dll
    - 2003-08-02 20:13:00 62,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsmsext.dll
    - 2003-08-02 20:15:00 239,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\adsnt.dll
    - 2003-08-02 20:15:00 626,176 -c----w C:\WINDOWS\$NtServicePackUninstall$\advapi32.dll
    - 2003-08-02 20:15:00 93,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\advpack.dll
    - 2002-08-28 22:16:38 142,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\aec.sys
    - 2003-08-02 20:15:00 131,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\afd.sys
    - 2003-08-02 20:15:00 22,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentanm.dll
    - 2003-08-02 20:15:00 204,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentctl.dll
    - 2003-08-02 20:15:00 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentdp2.dll
    - 2003-08-02 20:15:00 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentmpx.dll
    - 2003-08-02 20:15:00 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentpsh.dll
    - 2003-08-02 20:15:00 39,936 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsr.dll
    - 2003-08-02 20:15:00 235,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe
    - 2001-08-18 10:58:00 25,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
    - 2003-08-02 20:25:00 21,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\agtintl.dll
    - 2003-08-02 20:34:00 91,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\ahui.exe
    - 2003-08-02 20:34:00 41,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\alg.exe
    - 2003-08-02 20:34:00 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\alrsvc.dll
    - 2003-08-03 10:10:00 34,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk6.sys
    - 2003-08-03 10:10:00 35,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\amdk7.sys
    - 2002-12-12 13:14:32 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\amstream.dll
    - 2003-08-02 20:58:00 115,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\apphelp.dll
    - 2003-08-03 10:10:00 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\arp1394.sys
    - 2003-08-02 20:03:00 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\asycfilt.dll
    - 2003-08-02 20:03:00 13,568 -c----w C:\WINDOWS\$NtServicePackUninstall$\asyncmac.sys
    - 2003-08-02 20:03:00 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\at.exe
    - 2002-10-24 14:59:48 87,040 -c----w C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    - 2003-08-02 20:07:00 74,810 -c----w C:\WINDOWS\$NtServicePackUninstall$\atl.dll
    - 2003-08-02 20:07:00 10,240 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe
    - 2003-08-02 20:07:00 57,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmarpc.sys
    - 2003-08-02 20:07:00 272,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmfd.dll
    - 2003-08-02 20:07:00 53,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlane.sys
    - 2003-08-02 20:07:00 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\atmlib.dll
    - 2003-08-02 20:09:00 38,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\audiosrv.dll
    - 2002-05-15 01:08:54 20,540 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.dll
    - 2002-05-15 01:08:54 16,439 -c----w C:\WINDOWS\$NtServicePackUninstall$\author.exe
    - 2005-03-02 18:21:36 53,760 -c----w C:\WINDOWS\$NtServicePackUninstall$\authz.dll
    - 2003-08-03 10:09:00 602,112 -c----w C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
    - 2003-08-02 20:09:00 614,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\autoconv.exe
    - 2003-08-03 10:09:00 594,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\autofmt.exe
    - 2003-08-02 20:09:00 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\autolfn.exe
    - 2003-08-02 20:10:00 76,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\avifil32.dll
    - 2003-08-02 20:11:00 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\basesrv.dll
    - 2003-08-02 20:11:00 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\batmeter.dll
    - 2003-08-02 20:11:00 6,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\batt.dll
    - 2003-02-17 22:16:26 11,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\bdasup.sys
    - 2003-08-02 20:12:00 14,848 -c----w C:\WINDOWS\$NtServicePackUninstall$\bidispl.dll
    - 2004-07-01 22:08:13 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx2.dll
    - 2004-07-01 22:08:13 7,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\bitsprx3.dll
    - 2003-08-02 20:15:00 68,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\bridge.sys
    - 2003-08-02 20:18:00 69,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\browselc.dll
    - 2003-08-02 20:18:00 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\browser.dll
    - 2006-09-04 06:24:39 1,027,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\browseui.dll
    - 2003-08-02 20:18:00 71,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\browsewm.dll
    - 2003-08-03 10:25:00 59,904 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabinet.dll
    - 2003-08-02 20:25:00 81,408 -c----w C:\WINDOWS\$NtServicePackUninstall$\cabview.dll
    - 2004-03-30 01:49:43 364,544 -c----w C:\WINDOWS\$NtServicePackUninstall$\callcont.dll
    - 2003-08-02 20:34:00 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\camocx.dll
    - 2005-07-26 04:38:21 220,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll
    - 2003-08-02 20:40:00 85,504 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvps.dll
    - 2005-07-26 04:38:23 581,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll
    - 2003-02-17 22:16:26 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\ccdecode.sys
    - 2003-08-02 20:40:00 59,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfs.sys
    - 2004-12-07 19:17:32 144,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdfview.dll
    - 2005-09-10 02:06:03 2,025,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdosys.dll
    - 2003-08-02 20:58:00 47,488 -c----w C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
    - 2003-08-02 20:58:00 192,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\certcli.dll
    - 2003-08-02 20:58:00 446,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\certmgr.dll
    - 2003-08-02 20:02:00 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgbkend.dll
    - 2003-08-02 20:02:00 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgmgr32.dll
    - 2002-05-15 01:08:54 188,480 -c----w C:\WINDOWS\$NtServicePackUninstall$\cfgwiz.exe
    - 2003-08-02 20:06:00 1,268,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\cimwin32.dll
    - 2006-06-22 05:20:17 64,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\ciodm.dll
    - 2003-08-02 20:06:00 5,120 -c----w C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe
    - 2003-08-02 20:07:00 46,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\classpnp.sys
    - 2005-07-26 04:38:24 110,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatex.dll
    - 2005-07-26 04:38:25 497,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\clbcatq.dll
    - 2003-08-02 20:07:00 62,976 -c----w C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe
    - 2003-08-02 20:09:00 127,552 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.dll
    - 2003-08-02 20:09:00 45,632 -c----w C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe
    - 2003-08-02 20:09:00 100,352 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe
    - 2003-08-02 20:09:00 30,720 -c----w C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe
    - 2003-08-02 20:09:00 54,272 -c----w C:\WINDOWS\$NtServicePackUninstall$\clusapi.dll
    - 2003-08-02 20:10:00 12,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmcfg32.dll
    - 2003-08-02 20:10:00 388,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmd.exe
    - 2003-08-02 20:10:00 333,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdial32.dll
    - 2003-08-02 20:10:00 41,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe
    - 2003-08-02 20:10:00 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe
    - 2003-08-02 20:10:00 180,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmprops.dll
    - 2003-08-02 20:10:00 56,832 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe
    - 2003-08-02 20:10:00 37,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\cmutil.dll
    - 2003-08-03 10:03:00 49,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\cnbjmon.dll
    - 2005-07-26 04:38:25 62,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\colbact.dll
    - 2005-07-26 04:38:25 187,392 -c----w C:\WINDOWS\$NtServicePackUninstall$\comadmin.dll
    - 2006-08-25 15:54:04 561,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\comctl32.dll
    - 2003-08-02 20:11:00 262,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\comdlg32.dll
    - 2003-08-02 20:12:00 239,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\compatui.dll
    - 2003-08-02 20:13:00 223,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\compstui.dll
    - 2003-08-02 20:13:00 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe
    - 2003-08-02 20:13:00 851,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\comres.dll
    - 2005-07-26 04:38:28 1,179,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\comsvcs.dll
    - 2005-07-26 04:38:28 499,200 -c----w C:\WINDOWS\$NtServicePackUninstall$\comuid.dll
    - 2003-08-02 20:15:00 1,007,616 -c----w C:\WINDOWS\$NtServicePackUninstall$\conf.exe
    - 2003-08-02 20:15:00 45,056 -c----w C:\WINDOWS\$NtServicePackUninstall$\confmrsl.dll
    - 2003-08-02 20:15:00 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\conime.exe
    - 2003-08-02 20:18:00 14,877 -c----w C:\WINDOWS\$NtServicePackUninstall$\corpol.dll
    - 2003-08-02 20:25:00 160,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\credui.dll
    - 2003-08-03 10:10:00 34,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\crusoe.sys
    - 2003-08-02 20:34:00 564,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\crypt32.dll
    - 2003-08-02 20:34:00 71,168 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdlg.dll
    - 2003-08-02 20:34:00 29,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptdll.dll
    - 2003-08-02 20:34:00 49,664 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptext.dll
    - 2003-08-02 20:34:00 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptnet.dll
    - 2003-08-02 20:34:00 53,248 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
    - 2003-08-02 20:34:00 488,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\cryptui.dll
    - 2004-10-28 01:31:14 93,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscdll.dll
    - 2003-08-02 20:34:00 102,450 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscript.exe
    - 2003-08-02 20:34:00 318,464 -c----w C:\WINDOWS\$NtServicePackUninstall$\cscui.dll
    - 2003-08-02 20:40:00 29,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrsrv.dll
    - 2003-08-02 20:40:00 4,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
    - 2003-08-02 20:40:00 13,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe
    - 2002-07-07 15:01:46 114,688 -c----w C:\WINDOWS\$NtServicePackUninstall$\custsat.dll
    - 2002-12-12 13:14:32 1,177,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8.dll
    - 2002-12-12 13:14:32 8,192 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d8thk.dll
    - 2002-12-12 13:14:32 1,634,304 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3d9.dll
    - 2002-12-12 13:14:32 797,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\d3dim700.dll
    - 2003-08-02 20:11:00 557,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\dao360.dll
    - 2003-08-02 20:11:00 52,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\dataclen.dll
    - 2003-08-02 20:11:00 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\davclnt.dll
    - 2003-08-03 10:12:00 489,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbghelp.dll
    - 2003-08-02 20:12:00 24,576 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbmsrpcn.dll
    - 2003-08-02 20:12:00 61,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnetlib.dll
    - 2003-08-02 20:12:00 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\dbnmpntw.dll
    - 2003-08-02 20:12:00 40,960 -c----w C:\WINDOWS\$NtServicePackUninstall$\dcap32.dll
    - 2003-08-02 20:12:00 7,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\dciman32.dll
    - 2003-08-02 20:12:00 28,672 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe
    - 2002-12-12 13:14:32 284,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
    - 2002-12-12 13:14:32 24,064 -c----w C:\WINDOWS\$NtServicePackUninstall$\ddrawex.dll
    - 2003-08-02 20:13:00 70,656 -c----w C:\WINDOWS\$NtServicePackUninstall$\defrag.exe
    - 2002-12-12 13:14:32 132,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\devenum.dll
    - 2003-08-02 20:15:00 271,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\devmgr.dll
    - 2003-08-02 20:14:00 76,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe
    - 2003-08-02 20:14:00 99,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe
    - 2003-08-02 20:14:00 35,840 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgsnap.dll
    - 2003-08-02 20:14:00 113,152 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfrgui.dll
    - 2003-08-02 20:14:00 25,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\dfsshlex.dll
    - 2003-08-02 20:14:00 107,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\dgnet.dll
    - 2006-05-19 12:14:13 104,448 -c----w C:\WINDOWS\$NtServicePackUninstall$\dhcpcsvc.dll
    - 2003-08-02 20:18:00 531,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\dialer.exe
    - 2003-08-02 20:21:00 79,360 -c----w C:\WINDOWS\$NtServicePackUninstall$\diantz.exe
    - 2003-08-02 20:21:00 55,296 -c----w C:\WINDOWS\$NtServicePackUninstall$\digest.dll
    - 2003-08-02 20:25:00 158,208 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput.dll
    - 2003-08-02 20:24:00 175,104 -c----w C:\WINDOWS\$NtServicePackUninstall$\dinput8.dll
    - 2006-02-27 12:31:38 75,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\directdb.dll
    - 2003-08-02 20:24:00 33,792 -c----w C:\WINDOWS\$NtServicePackUninstall$\disk.sys
    - 2003-08-02 20:24:00 13,184 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskdump.sys
    - 2003-08-02 20:24:00 150,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe
    - 2003-08-02 20:34:00 294,912 -c----w C:\WINDOWS\$NtServicePackUninstall$\dlimport.exe
    - 2003-08-02 20:34:00 4,608 -c----w C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe
    - 2003-08-02 20:34:00 205,312 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe
    - 2002-12-12 13:14:32 27,136 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmband.dll
    - 2003-08-02 20:34:00 781,440 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmboot.sys
    - 2002-12-12 13:14:32 58,368 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmcompos.dll
    - 2003-08-02 20:40:00 184,320 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmdskmgr.dll
    - 2002-12-12 13:14:32 171,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmime.dll
    - 2003-08-02 20:40:00 147,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmio.sys
    - 2002-12-12 13:14:32 33,280 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmloader.dll
    - 2003-08-02 20:40:00 14,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe
    - 2002-12-12 13:14:32 76,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmscript.dll
    - 2003-08-02 20:40:00 22,528 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmserver.dll
    - 2002-12-12 13:14:32 98,816 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmstyle.dll
    - 2002-12-12 13:14:32 100,864 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmsynth.dll
    - 2002-12-12 13:14:32 116,736 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.dll
    - 2001-08-17 20:59:58 50,048 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys
    - 2003-08-03 10:03:00 57,344 -c----w C:\WINDOWS\$NtServicePackUninstall$\dmutil.dll
    - 2006-06-26 17:48:42 140,288 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsapi.dll
    - 2003-08-02 20:58:00 44,032 -c----w C:\WINDOWS\$NtServicePackUninstall$\dnsrslvr.dll
    - 2003-08-02 20:58:00 46,080 -c----w C:\WINDOWS\$NtServicePackUninstall$\docprop2.dll
    - 2003-08-02 20:58:00 115,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpcdll.dll
    - 2002-12-12 13:14:32 28,160 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe
    - 2002-12-12 13:14:32 217,600 -c----w C:\WINDOWS\$NtServicePackUninstall$\dplayx.dll
    - 2002-12-12 13:14:32 77,824 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpmodemx.dll
    - 2002-12-12 13:14:32 3,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnaddr.dll
    - 2002-12-12 13:14:32 723,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnet.dll
    - 2002-12-12 13:14:32 32,768 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhpast.dll
    - 2002-12-12 13:14:32 68,096 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnhupnp.dll
    - 2002-12-12 13:14:32 3,072 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnlobby.dll
    - 2002-12-12 13:14:32 16,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe
    - 2002-12-12 13:14:32 19,968 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvacm.dll
    - 2002-12-12 13:14:32 381,952 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvoice.dll
    - 2002-12-12 13:14:32 80,896 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe
    - 2002-12-12 13:14:32 112,128 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpvvox.dll
    - 2002-12-12 13:14:32 76,800 -c----w C:\WINDOWS\$NtServicePackUninstall$\dpwsockx.dll
    - 2002-12-12 07:50:18 301,712 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmclien.dll
    - 2002-08-29 00:32:34 57,856 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmk.sys
    - 2002-12-12 06:34:42 82,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\drmstor.dll
    - 2003-08-02 20:02:00 11,776 -c----w C:\WINDOWS\$NtServicePackUninstall$\drprov.dll
    - 2003-08-02 20:03:00 16,384 -c----w C:\WINDOWS\$NtServicePackUninstall$\ds32gt.dll
    - 2002-12-12 13:14:32 186,880 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmo.dll
    - 2002-12-12 13:14:32 491,520 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsdmoprp.dll
    - 2003-08-02 20:06:00 86,016 -c----w C:\WINDOWS\$NtServicePackUninstall$\dskquota.dll
    - 2002-12-12 13:14:32 355,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound.dll
    - 2002-12-12 13:14:32 1,294,336 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsound3d.dll
    - 2003-08-02 20:06:00 138,752 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprop.dll
    - 2003-08-02 20:06:00 3,584 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsprpres.dll
    - 2003-08-02 20:06:00 229,376 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsquery.dll
    - 2003-08-02 20:06:00 48,640 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssec.dll
    - 2003-08-02 20:06:00 124,928 -c----w C:\WINDOWS\$NtServicePackUninstall$\dssenh.dll
    - 2003-08-02 20:06:00 107,008 -c----w C:\WINDOWS\$NtServicePackUninstall$\dsuiext.dll
    - 2002-12-12 13:14:32 18,432 -c----w C:\WINDOWS\$NtServicePackUninstall$\dswave.dll
    - 2003-08-02 20:06:00 9,216 -c----w C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe
    - 2003-08-02 20:06:00 263,680 -c----w C:\WINDOWS\$NtServicePackUninstall$\duser.dll
    - 2003-08-02 20:06:00 15,872 -c----w C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe
    - 2003-08-02 20:09:00 180,224 -c----w C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe
    - 2002-12-12 13:14:32 602,624 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx7vb.dll
    - 2002-12-12 13:14:32 1,189,888 -c----w C:\WINDOWS\$NtServicePackUninstall$\dx8vb.dll
    - 2002-12-12 13:14:32 937,984 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe
    - 2003-03-27 06:35:22 1,675,264 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxdiagn.dll
    - 2003-08-02 20:09:00 68,992 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxg.sys
    - 2003-08-02 20:09:00 499,741 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxmasf.dll
    - 2006-06-09 13:35:50 351,744 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxtmsft.dll
    - 2006-06-09 13:35:30 192,512 -c----w C:\WINDOWS\$NtServicePackUninstall$\dxtrans.dll
    - 2003-08-02 20:11:00 169,472 -c----w C:\WINDOWS\$NtServicePackUninstall$\els.dll
    - 2002-12-12 13:14:32 18,944 -c----w C:\WINDOWS\$NtServicePackUninstall$\encapi.dll
    - 2003-08-02 20:11:00 155,648 -c----w C:\WINDOWS\$NtServicePackUninstall$\encdec.dll
    - 2003-08-02 20:12:00 19,456 -c----w C:\WINDOWS\$NtServicePackUninstall$\ersvc.dll
    - 2005-07-26 04:38:28 227,328 -c----w C:\WINDOWS\$NtServicePackUninstall$\es.dll
    - 2005-10-20
    a b 8 Sécurité
    20 Octobre 2008 19:52:10

    Reposte un rapport Hijackthis.
    21 Octobre 2008 13:27:43

    Quel boulet j'avais oublié l'HijackThis ..

    Donc, à notre plus grand bonheur, le truc est encore là oO :

    Citation :
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:25:11, on 21/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TomTom HOME 2\HOMERunner.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\MSMSGS.EXE
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qfr9.hpwis.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: MEDIADICO Familial - {CEDDA62B-5FBE-4AB2-AE2E-5E069F444444} - C:\Program Files\LAventure\MDToolbar\MdToolbar.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [Configuration de la C-BOX] C:\Program Files\Cegetel\C-BOX\Wizard\QuickAccess.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
    O8 - Extra context menu item: Télécharger avec Star Downloader - C:\Program Files\Star Downloader\sdie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon888.free.fr/plugins/hardwaredetection_2_0_...
    O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O20 - Winlogon Notify: qomlkjj - qomlkjj.dll (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 10070 bytes
    a b 8 Sécurité
    21 Octobre 2008 13:30:30

    Bizarre, tu peux fixer la ligne en sans échec ?
    21 Octobre 2008 13:53:06

    Nope même en mode sans echec la ligne revient tout le temps -_o.
    a b 8 Sécurité
    21 Octobre 2008 20:08:53

    Le fichier n'étant plus là, je ne pense pas que cela soit important.

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    22 Octobre 2008 19:38:16

    Apparement je serait infecté d'un autre virus, décidement lol :

    Citation :
    -------------------------------------------------------------------------------
    KASPERSKY ON-LINE SCANNER REPORT
    Wednesday, October 22, 2008 7:35:08 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.84.2
    Dernière mise à jour de la base antivirus Kaspersky : 22/10/2008
    Enregistrements dans la base antivirus Kaspersky : 1195254
    -------------------------------------------------------------------------------

    Paramètres d'analyse:
    Analyser avec la base antivirus suivante: standard
    Analyser les archives: vrai
    Analyser les bases de messagerie: vrai

    Cible de l'analyse - Poste de travail:
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Statistiques de l'analyse:
    Total d'objets analysés: 243060
    Nombre de virus trouvés: 2
    Nombre d'objets infectés: 6 / 0
    Nombre d'objets suspects: 0
    Durée de l'analyse: 04:49:20

    Nom de l'objet infecté / Nom du virus / Dernière action
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\Local Settings\temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Cookies\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008102220081023\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\temp\~DF815.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\temp\~DF829.tmp L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\ntuser.dat L'objet est verrouillé ignoré
    C:\Documents and Settings\Propriétaire\ntuser.dat.LOG L'objet est verrouillé ignoré
    C:\Program Files\RPG Maker 2003\Projets\SLN\Battle\shiningforce_domingo-inbattle_sheet.png L'objet est verrouillé ignoré
    C:\Program Files\RPG Maker 2003\Projets\SLN\Battle\shiningforce_gort-inbattle_sheet.png L'objet est verrouillé ignoré
    C:\qoobox\Quarantine\C\autorun.inf.vir Infecté : Virus.Win32.AutoIt.f ignoré
    C:\qoobox\Quarantine\C\WINDOWS\system32\urqomki.dll.vir Infecté : Trojan.Win32.Monder.gen ignoré
    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP662\A0114132.ini Infecté : Virus.Win32.AutoIt.f ignoré
    C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP675\A0127513.ini Infecté : Virus.Win32.AutoIt.f ignoré
    C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP679\A0127907.inf Infecté : Virus.Win32.AutoIt.f ignoré
    C:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP680\change.log L'objet est verrouillé ignoré
    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
    C:\WINDOWS\system32\config\Windows_OneCare_Evt.evt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
    D:\System Volume Information\_restore{B772CEEF-217A-434D-A8B4-BC9BA573C7EE}\RP679\A0127911.inf Infecté : Virus.Win32.AutoIt.f ignoré

    Analyse terminée.
    a b 8 Sécurité
    22 Octobre 2008 20:42:44

    Re,

    Supprime ce dossier :
    C:\qoobox

    Désactive puis réactive la restauration du système.
    23 Octobre 2008 18:25:05

    Voila ceci est fait !

    D'ailleur je sais pas si c'est le fait d'avoir supprimé mes points de restaurations (ça fait longtemps que j'avais pas activé l'option sur CCleaner) ou d'avoir supprimé le dossier que tu m'a indiqué mais mon PC semble bien plus rapide oO !

    Sinon pour la ligne HijackThis, j'ai fais des recherches et j'ai vu que c'est une trace d'un virus que j'ai eu par le passé (que j'ai d'ailleurs réussis à effacer grâce à ce même site, peut être grâce à toi ^^). Donc comme tu disais puisque le virus n'est plus, inutile de s'inquieter.

    Voila tout cela est fini, je te remercie vraiment beaucoup : ) !!
    a b 8 Sécurité
    23 Octobre 2008 18:43:37

    Bonne continuation ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS