Se connecter / S'enregistrer
Votre question

[Résolu] Ordinateur toujours infecté après plusieurs scans

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
21 Septembre 2007 16:43:20

Bonjour à vous !

Je viens de récupérer un ordi sur lequel j'ai fait plusieurs scans avec divers antivirus. Voyant que ce dernier galère toujours, je préfère passer par vous.

Voici le rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:08, on 21/09/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\winamp.exe
C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {07058BA3-7AA4-113B-9631-087033B78712} - (no file)
O2 - BHO: (no name) - {181EDD6C-335B-6475-7B7C-B04EFA3C4F99} - (no file)
O2 - BHO: (no name) - {2118EC42-DEC0-11BD-4B11-6066D6C4FB2A} - (no file)
O2 - BHO: (no name) - {24B04B37-46C5-2A97-DB2A-5C229426D32E} - (no file)
O2 - BHO: (no name) - {33A0E090-367D-F4A5-3EAB-AC16FCEAE0E4} - (no file)
O2 - BHO: (no name) - {589C2260-26D5-FF39-DD1D-9A4F791A1C96} - (no file)
O2 - BHO: (no name) - {5BB66F6F-6BA4-ED53-05F3-F6ED2C204BED} - (no file)
O2 - BHO: (no name) - {5D734603-843E-8A1B-FA8D-E117433A6C92} - (no file)
O2 - BHO: (no name) - {6913AE91-1F3B-3009-7376-CADA1478744C} - (no file)
O2 - BHO: (no name) - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - (no file)
O2 - BHO: (no name) - {78678C67-58D1-BFFC-FA43-DCB83006E6E6} - (no file)
O2 - BHO: (no name) - {8424CC0C-62AB-C4C4-1B03-13D0644858C3} - (no file)
O2 - BHO: (no name) - {87647AF0-CDBF-C0AC-94F6-54F97CE2A6CA} - (no file)
O2 - BHO: (no name) - {A1964848-A676-8EE9-B32C-A6ED9A744A5D} - (no file)
O2 - BHO: (no name) - {A21291D3-FB9A-C738-0034-769E8D26575C} - (no file)
O2 - BHO: (no name) - {AAF288F2-8F6E-D118-3D01-D566D1BEF181} - (no file)
O2 - BHO: (no name) - {D542ACA4-9789-7E56-C3DF-1421C64535C0} - (no file)
O2 - BHO: (no name) - {D92B1E88-F1C7-F198-E178-68540372A678} - (no file)
O2 - BHO: (no name) - {E4EDC898-7094-9C0B-426A-F49CDE0BAD64} - (no file)
O2 - BHO: (no name) - {EF010CB5-057C-9C15-994C-AEA2292E8DF4} - (no file)
O2 - BHO: (no name) - {F54252AB-AF1A-DA2D-3827-1F172DB2A621} - (no file)
O2 - BHO: (no name) - {FEB759AF-0344-33C1-9B59-C5DB1E7E371F} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\xorfeydb.dll",sitypnow
O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-73586283-1383384898-839522115-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 5197 bytes


Je ne sais pas si il y a un rapport, mais j'ai aussi un problème avec un fichier "Carlton" (il parraîtrait que ça vient de Live Messenger).

Enfin, j'espère que le rapport est direct aussi, mais je n'arrive pas à effectuer les mises à jour Windows Update.

Autres pages sur : resolu ordinateur infecte plusieurs scans

a b 8 Sécurité
21 Septembre 2007 17:51:30

Bonjour,

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    22 Septembre 2007 23:20:31

    ComboFix 07-09-21.2 - "moi" 2007-09-22 23:20:40.3 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.1.1252.1.1036.18.51 [GMT 2:00]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-22 to 2007-09-22 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-21 18:07 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2007-09-21 18:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    2007-09-21 18:05 <REP> d-------- C:\WINDOWS\Internet Logs
    2007-09-21 18:03 <REP> d-------- C:\Program Files\CCleaner
    2007-09-21 18:02 <REP> d-------- C:\Program Files\Avira
    2007-09-21 18:02 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    2007-09-21 17:15 9,424 --ah----- C:\WINDOWS\system32\ifqxv.exe
    2007-09-21 17:14 19,568 --ah----- C:\WINDOWS\system32\ctuin.exe
    2007-09-21 16:35 1,460 --ah----- C:\WINDOWS\system32\naxsgnl.exe
    2007-09-21 16:33 6,580 --ah----- C:\WINDOWS\system32\zgrpken.exe
    2007-09-21 16:32 8,760 --ah----- C:\WINDOWS\system32\agympa.exe
    2007-09-21 16:32 16,044 --ah----- C:\WINDOWS\system32\dcgquo.exe
    2007-09-21 16:32 11,264 --ah----- C:\WINDOWS\system32\yttj.exe
    2007-09-21 16:12 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-21 16:07 2,824 --ah----- C:\WINDOWS\system32\fibve.exe
    2007-09-21 16:04 0 --a------ C:\WINDOWS\system32\updetwind.exe
    2007-09-21 16:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
    2007-09-21 16:00 <REP> d-------- C:\WINDOWS\ERUNT
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
    2007-09-20 22:47 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2007-09-20 22:16 <REP> d-------- C:\Program Files\PhotoFiltre
    2007-09-20 22:14 <REP> d-------- C:\Program Files\Picasa2
    2007-09-20 19:22 83,008 --a------ C:\WINDOWS\system32\xorfeydb.dll
    2007-09-19 19:19 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\U3
    2007-09-19 19:15 28,160 --a------ C:\WINDOWS\system32\xorrk.exe
    2007-09-19 19:11 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
    2007-09-19 19:11 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
    2007-09-19 19:10 991,232 --a------ C:\WINDOWS\system32\virtear.dll
    2007-09-19 19:10 65,536 --a------ C:\WINDOWS\system32\Audio3d.dll
    2007-09-19 19:10 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
    2007-09-19 19:10 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
    2007-09-19 19:10 <REP> d-------- C:\WINDOWS\VirtualEar
    2007-09-19 19:10 <REP> d-------- C:\Program Files\Analog Devices
    2007-09-19 19:07 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
    2007-09-19 19:07 732,928 --a------ C:\WINDOWS\system32\drivers\senfilt.sys
    2007-09-19 19:07 311,296 --a------ C:\WINDOWS\system32\Edcrypt.dll
    2007-09-19 19:07 260,352 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
    2007-09-19 19:07 23,040 --a------ C:\WINDOWS\system32\PostProc.dll
    2007-09-19 19:05 15,840 --------- C:\WINDOWS\system32\drivers\PFMODNT.SYS
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Creative
    2007-09-19 18:30 28,160 --a------ C:\WINDOWS\system32\qsad.exe
    2007-09-19 15:58 <REP> d-------- C:\Program Files\Fichiers communs\mssoap
    2007-09-19 08:10 28,160 --a------ C:\WINDOWS\system32\zyzt.exe
    2007-09-18 21:47 28,160 --a------ C:\WINDOWS\system32\sdvn.exe
    2007-09-18 21:32 <REP> d-------- C:\DOCUME~1\moi\Contacts
    2007-09-18 21:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
    2007-09-18 21:27 <REP> d-------- C:\Program Files\MSN Messenger
    2007-09-18 20:43 <REP> d-------- C:\Program Files\Google
    2007-09-18 20:40 28,160 --a------ C:\WINDOWS\system32\vojn.exe
    2007-09-18 20:14 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
    2007-09-18 18:15 28,160 --a------ C:\WINDOWS\system32\piuuzmd.exe
    2007-09-18 18:03 75,068 --ah----- C:\WINDOWS\system32\mgclnar.exe
    2007-09-18 17:56 19,568 --ah----- C:\WINDOWS\system32\rcfjhqxs.exe
    2007-09-18 17:56 125 --a------ C:\WINDOWS\system32\wxdmtj.bat
    2007-09-18 17:53 7,300 --ah----- C:\WINDOWS\system32\jhtm.exe
    2007-09-18 17:46 128 --a------ C:\WINDOWS\system32\irzncg.bat
    2007-09-18 17:46 122 --a------ C:\WINDOWS\system32\txzdru.bat
    2007-09-18 17:46 10,240 --ah----- C:\WINDOWS\system32\scrqllr.exe
    2007-09-18 17:45 7,300 --ah----- C:\WINDOWS\system32\dyvvslgx.exe
    2007-09-18 17:44 124 --a------ C:\WINDOWS\system32\qdhczure.bat
    2007-09-18 17:40 24,024 --ah----- C:\WINDOWS\system32\invspmxs.exe
    2007-09-18 17:38 37,960 --ah----- C:\WINDOWS\system32\eqkf.exe
    2007-09-18 17:37 120 --a------ C:\WINDOWS\system32\ifsm.bat
    2007-09-18 17:31 2,920 --ah----- C:\WINDOWS\system32\fsfsmkjr.exe
    2007-09-18 17:31 16,288 --ah----- C:\WINDOWS\system32\bbse.exe
    2007-09-18 17:30 115 --a------ C:\WINDOWS\system32\yhwsv.bat
    2007-09-18 17:23 118 --a------ C:\WINDOWS\system32\alspb.bat
    2007-09-18 17:19 20,480 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
    2007-09-18 17:19 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
    2007-09-18 17:18 14,080 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
    2007-09-18 17:18 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
    2007-09-18 17:18 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
    2007-09-18 17:18 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2019-01-08 23:19 --------- d-------- C:\Program Files\RegCleaner
    2007-09-21 18:09 1568 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-09-21 18:09 14368 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-09-21 18:06 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
    2007-09-21 18:06 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-09-21 18:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-09-19 19:10 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-18 20:13 --------- d-------- C:\Program Files\SuperCopier
    2007-09-18 20:08 --------- d-------- C:\Program Files\Fichiers communs\Sony Shared
    2007-09-18 18:53 --------- d-------- C:\DOCUME~1\moi\APPLIC~1\Real
    2007-09-18 18:08 135168 --a------ C:\WINDOWS\system32\sfc_os.dll
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    .

    ((((((((((((((((((((((((((((( snapshot_2007-09-21_161733.25 )))))))))))))))))))))))))))))))))))))))))
    .
    ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe
    ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spuninst.exe
    ----a-w 77,824 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\fontsub.dll
    ----a-w 111,616 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\t2embed.dll
    ----a-w 80,896 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\fontsub.dll
    ----a-w 118,272 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\t2embed.dll
    ----a-w 80,896 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\fontsub.dll
    ----a-w 117,760 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\t2embed.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\iecustom.dll
    ----a-w 163,840 2006-05-26 20:19:50 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgdw400.dll
    ----a-w 27,648 2006-04-06 14:15:48 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgpl400.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spuninst.exe
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spuninst.exe
    ----a-w 53,248 2005-06-10 23:55:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\spoolsv.exe
    ----a-w 102,912 2005-06-11 02:42:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\win32spl.dll
    ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2gdr\spoolsv.exe
    ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2qfe\spoolsv.exe
    ----a-w 30,720 2005-06-29 23:54:30 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spuninst.exe
    ----a-w 340,480 2006-04-20 11:38:44 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP1QFE\tcpip.sys
    ----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2GDR\tcpip.sys
    ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2QFE\tcpip.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spuninst.exe
    ----a-w 321,536 2006-08-14 08:59:20 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP1QFE\srv.sys
    ----a-w 332,928 2006-08-14 10:34:41 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2GDR\srv.sys
    ----a-w 332,928 2006-08-14 12:00:42 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2QFE\srv.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\updspapi.dll
    ----a-w 8,192 2004-10-14 18:35:00 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spmsg.dll
    ----a-w 172,032 2004-10-14 18:36:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spuninst.exe
    ----a-w 21,504 2004-10-14 18:36:10 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\spcustom.dll
    ----a-w 666,624 2004-10-14 18:22:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\update.exe
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spuninst.exe
    ----a-w 1,110,528 2006-09-13 05:10:12 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP1QFE\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:03:06 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2GDR\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:08:36 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2QFE\msxml3.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\iecustom.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spuninst.exe
    ----a-w 1,018,368 2005-06-17 22:26:18 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\browseui.dll
    ----a-w 144,384 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\cdfview.dll
    ----a-w 988,672 2005-10-20 18:10:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\danim.dll
    ----a-w 351,744 2006-06-09 12:35:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtmsft.dll
    ----a-w 192,512 2006-06-09 12:35:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtrans.dll
    ----a-w 236,032 2006-02-24 14:21:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\iepeers.dll
    ----a-w 70,144 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\inseng.dll
    ----a-w 12,288 2006-04-28 08:58:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\jsproxy.dll
    ----a-w 2,703,872 2006-06-30 08:52:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
    ----a-w 132,096 2005-02-24 13:02:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\msrating.dll
    ----a-w 498,176 2006-03-03 14:46:54 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mstime.dll
    ----a-w 34,816 2005-04-27 08:53:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 13:50:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shdocvw.dll
    ----a-w 409,600 2005-08-31 16:50:42 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shlwapi.dll
    ----a-w 463,872 2006-08-31 05:56:36 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\urlmon.dll
    ----a-w 581,120 2006-06-23 11:28:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
    ----a-w 1,018,368 2005-06-18 07:26:16 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\browseui.dll
    ----a-w 144,384 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\cdfview.dll
    ----a-w 988,672 2005-10-21 03:10:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\danim.dll
    ----a-w 351,744 2006-06-09 21:29:08 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtmsft.dll
    ----a-w 192,512 2006-06-09 21:29:02 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtrans.dll
    ----a-w 236,544 2006-02-24 23:55:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\iepeers.dll
    ----a-w 70,144 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\inseng.dll
    ----a-w 12,288 2006-04-28 17:48:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\jsproxy.dll
    ----a-w 2,710,528 2006-06-30 17:38:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
    ----a-w 132,096 2005-02-24 22:02:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\msrating.dll
    ----a-w 498,176 2006-03-04 00:39:04 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mstime.dll
    ----a-w 38,912 2005-04-27 17:50:00 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 22:50:25 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shdocvw.dll
    ----a-w 409,600 2005-09-01 01:50:41 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shlwapi.dll
    ----a-w 465,920 2006-08-31 04:07:07 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\urlmon.dll
    ----a-w 593,408 2006-06-23 19:46:56 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spuninst.exe
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spuninst.exe
    ----a-w 95,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\6to4svc.dll
    ----a-w 104,448 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dhcpcsvc.dll
    ----a-w 140,288 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dnsapi.dll
    ----a-w 31,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\inetmib1.dll
    ----a-w 84,480 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\iphlpapi.dll
    ----a-w 49,152 2006-05-19 12:02:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6.exe
    ----a-w 54,272 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6mon.dll
    ----a-w 86,016 2006-05-19 12:01:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\netsh.exe
    ----a-w 185,856 2006-05-18 23:51:34 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\obrs040c.dll
    ----a-w 203,008 2006-05-19 08:46:02 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tcpip6.sys
    ----a-w 11,776 2006-05-19 08:44:15 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tunmp.sys
    ----a-w 70,656 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ws2_32.dll
    ----a-w 13,312 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\wship6.dll
    ----a-w 112,128 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dhcpcsvc.dll
    ----a-w 148,480 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dnsapi.dll
    ----a-w 95,744 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\iphlpapi.dll
    ----a-w 112,640 2006-05-19 14:16:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dhcpcsvc.dll
    ----a-w 147,456 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dnsapi.dll
    ----a-w 95,744 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\iphlpapi.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spuninst.exe
    ----a-w 260,608 2005-10-06 03:21:29 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\gdi32.dll
    ----a-w 36,864 2004-03-30 01:49:43 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\mf3216.dll
    ----a-w 562,176 2005-03-02 18:21:36 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
    ----a-w 1,799,808 2005-10-06 03:16:55 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\win32k.sys
    ----a-w 280,064 2005-10-06 03:18:11 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:08:49 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\win32k.sys
    ----a-w 280,064 2005-10-06 03:19:52 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:12:57 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\win32k.sys
    ----a-w 30,720 2005-10-05 23:39:44 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spuninst.exe
    ----a-w 368,640 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcprx.dll
    ----a-w 974,336 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtctm.dll
    ----a-w 150,528 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcuiu.dll
    ----a-w 64,512 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxclu.dll
    ----a-w 83,456 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\xolehlp.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\updspapi.dll
    ----a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\npdsplay.dll
    ----a-w 13,536 2005-06-28 07:20:24 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spmsg.dll
    ----a-w 216,800 2005-06-28 07:23:40 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spuninst.exe
    ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spupdsvc.exe
    ----a-w 727,776 2005-06-28 07:25:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\update.exe
    ----a-w 371,424 2005-06-28 07:23:54 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spuninst.exe
    ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spupdsvc.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\updspapi.dll
    ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll
    ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll
    ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll
    ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll
    ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys
    ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll
    ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll
    ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll
    ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll
    ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll
    ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll
    ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll
    ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll
    ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll
    ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll
    ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll
    ----a-w 262,144 2007-09-22 21:14:41 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
    ----a-w 16,384 2007-09-21 15:14:17 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-21 15:14:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-21 15:14:17 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    ----a-w 40,768 2007-08-09 11:04:11 C:\WINDOWS\system32\drivers\avgntdd.sys
    ----a-w 21,312 2007-07-18 12:22:19 C:\WINDOWS\system32\drivers\avgntmgr.sys
    ----a-w 62,016 2007-09-07 10:05:19 C:\WINDOWS\system32\drivers\avipbb.sys
    ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\klif.sys
    ----a-w 28,352 2007-03-01 08:34:36 C:\WINDOWS\system32\drivers\ssmdrv.sys
    ----a-r 190,696 2007-06-11 11:04:38 C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
    ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
    ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
    ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
    ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
    ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
    ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
    ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
    ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
    ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
    ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
    ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\ZoneLabs\avsys\klif_32.sys
    ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
    ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
    ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
    ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
    ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
    ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
    ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
    ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
    ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
    ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
    ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
    ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
    ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
    ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
    ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
    ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
    ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
    ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
    .
    ----a-w 16,384 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07058BA3-7AA4-113B-9631-087033B78712}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{181EDD6C-335B-6475-7B7C-B04EFA3C4F99}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2118EC42-DEC0-11BD-4B11-6066D6C4FB2A}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{24B04B37-46C5-2A97-DB2A-5C229426D32E}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{33A0E090-367D-F4A5-3EAB-AC16FCEAE0E4}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{589C2260-26D5-FF39-DD1D-9A4F791A1C96}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5BB66F6F-6BA4-ED53-05F3-F6ED2C204BED}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5D734603-843E-8A1B-FA8D-E117433A6C92}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6913AE91-1F3B-3009-7376-CADA1478744C}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6E15F4D5-4588-FA6E-9B33-7152B249E5A0}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78678C67-58D1-BFFC-FA43-DCB83006E6E6}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8424CC0C-62AB-C4C4-1B03-13D0644858C3}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{87647AF0-CDBF-C0AC-94F6-54F97CE2A6CA}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1964848-A676-8EE9-B32C-A6ED9A744A5D}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A21291D3-FB9A-C738-0034-769E8D26575C}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AAF288F2-8F6E-D118-3D01-D566D1BEF181}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D542ACA4-9789-7E56-C3DF-1421C64535C0}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D92B1E88-F1C7-F198-E178-68540372A678}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4EDC898-7094-9C0B-426A-F49CDE0BAD64}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EF010CB5-057C-9C15-994C-AEA2292E8DF4}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F54252AB-AF1A-DA2D-3827-1F172DB2A621}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEB759AF-0344-33C1-9B59-C5DB1E7E371F}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
    "SearchIndexer"="C:\WINDOWS\System32\xorfeydb.dll" [2007-09-20 19:23]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Windos Seres Agnts"=jwlmdtsz.exe

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04]

    R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
    R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
    S2 mshexdefx;ms hexidecimal defx;"C:\WINDOWS\system32\dllcache\ivchost.exe"
    S3 jswmidin;jswmidin;\??\C:\DOCUME~1\moi\LOCALS~1\Temp\jswmidin.sys
    S3 U3SSTOR;U3SMSCDriver;C:\WINDOWS\System32\DRIVERS\U3SWDMb.SYS

    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-22 23:21:44
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-22 23:22:10
    C:\ComboFix-quarantined-files.txt ... 2007-09-22 23:22
    C:\ComboFix2.txt ... 2007-09-21 16:18
    .
    --- E O F ---
    Contenus similaires
    a b 8 Sécurité
    23 Septembre 2007 12:03:54

    Re,

    Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {07058BA3-7AA4-113B-9631-087033B78712} - (no file)
    O2 - BHO: (no name) - {181EDD6C-335B-6475-7B7C-B04EFA3C4F99} - (no file)
    O2 - BHO: (no name) - {2118EC42-DEC0-11BD-4B11-6066D6C4FB2A} - (no file)
    O2 - BHO: (no name) - {24B04B37-46C5-2A97-DB2A-5C229426D32E} - (no file)
    O2 - BHO: (no name) - {33A0E090-367D-F4A5-3EAB-AC16FCEAE0E4} - (no file)
    O2 - BHO: (no name) - {589C2260-26D5-FF39-DD1D-9A4F791A1C96} - (no file)
    O2 - BHO: (no name) - {5BB66F6F-6BA4-ED53-05F3-F6ED2C204BED} - (no file)
    O2 - BHO: (no name) - {5D734603-843E-8A1B-FA8D-E117433A6C92} - (no file)
    O2 - BHO: (no name) - {6913AE91-1F3B-3009-7376-CADA1478744C} - (no file)
    O2 - BHO: (no name) - {6E15F4D5-4588-FA6E-9B33-7152B249E5A0} - (no file)
    O2 - BHO: (no name) - {78678C67-58D1-BFFC-FA43-DCB83006E6E6} - (no file)
    O2 - BHO: (no name) - {8424CC0C-62AB-C4C4-1B03-13D0644858C3} - (no file)
    O2 - BHO: (no name) - {87647AF0-CDBF-C0AC-94F6-54F97CE2A6CA} - (no file)
    O2 - BHO: (no name) - {A1964848-A676-8EE9-B32C-A6ED9A744A5D} - (no file)
    O2 - BHO: (no name) - {A21291D3-FB9A-C738-0034-769E8D26575C} - (no file)
    O2 - BHO: (no name) - {AAF288F2-8F6E-D118-3D01-D566D1BEF181} - (no file)
    O2 - BHO: (no name) - {D542ACA4-9789-7E56-C3DF-1421C64535C0} - (no file)
    O2 - BHO: (no name) - {D92B1E88-F1C7-F198-E178-68540372A678} - (no file)
    O2 - BHO: (no name) - {E4EDC898-7094-9C0B-426A-F49CDE0BAD64} - (no file)
    O2 - BHO: (no name) - {EF010CB5-057C-9C15-994C-AEA2292E8DF4} - (no file)
    O2 - BHO: (no name) - {F54252AB-AF1A-DA2D-3827-1F172DB2A621} - (no file)
    O2 - BHO: (no name) - {FEB759AF-0344-33C1-9B59-C5DB1E7E371F} - (no file)
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\xorfeydb.dll",sitypnow
    O4 - HKLM\..\Run: [Winamp Agent] C:\WINDOWS\System32\winamp.exe


    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\ifqxv.exe
    C:\WINDOWS\system32\ctuin.exe
    C:\WINDOWS\system32\naxsgnl.exe
    C:\WINDOWS\system32\zgrpken.exe
    C:\WINDOWS\system32\agympa.exe
    C:\WINDOWS\system32\dcgquo.exe
    C:\WINDOWS\system32\yttj.exe
    C:\WINDOWS\system32\fibve.exe
    C:\WINDOWS\system32\updetwind.exe
    C:\WINDOWS\system32\piuuzmd.exe
    C:\WINDOWS\system32\mgclnar.exe
    C:\WINDOWS\system32\rcfjhqxs.exe
    C:\WINDOWS\system32\jhtm.exe
    C:\WINDOWS\system32\scrqllr.exe
    C:\WINDOWS\system32\dyvvslgx.exe
    C:\WINDOWS\system32\invspmxs.exe
    C:\WINDOWS\system32\eqkf.exe
    C:\WINDOWS\system32\fsfsmkjr.exe
    C:\WINDOWS\system32\bbse.exe
    C:\WINDOWS\System32\xorfeydb.dll


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    23 Septembre 2007 18:39:45

    ComboFix 07-09-21.2 - "moi" 2007-09-23 18:38:04.4 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.1.1252.1.1036.18.58 [GMT 2:00]
    * Created a new restore point

    FILE::
    C:\WINDOWS\system32\ifqxv.exe
    C:\WINDOWS\system32\ctuin.exe
    C:\WINDOWS\system32\naxsgnl.exe
    C:\WINDOWS\system32\zgrpken.exe
    C:\WINDOWS\system32\agympa.exe
    C:\WINDOWS\system32\dcgquo.exe
    C:\WINDOWS\system32\yttj.exe
    C:\WINDOWS\system32\fibve.exe
    C:\WINDOWS\system32\updetwind.exe
    C:\WINDOWS\system32\piuuzmd.exe
    C:\WINDOWS\system32\mgclnar.exe
    C:\WINDOWS\system32\rcfjhqxs.exe
    C:\WINDOWS\system32\jhtm.exe
    C:\WINDOWS\system32\scrqllr.exe
    C:\WINDOWS\system32\dyvvslgx.exe
    C:\WINDOWS\system32\invspmxs.exe
    C:\WINDOWS\system32\eqkf.exe
    C:\WINDOWS\system32\fsfsmkjr.exe
    C:\WINDOWS\system32\bbse.exe
    C:\WINDOWS\System32\xorfeydb.dll
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\agympa.exe
    C:\WINDOWS\system32\bbse.exe
    C:\WINDOWS\system32\ctuin.exe
    C:\WINDOWS\system32\dcgquo.exe
    C:\WINDOWS\system32\dyvvslgx.exe
    C:\WINDOWS\system32\eqkf.exe
    C:\WINDOWS\system32\fibve.exe
    C:\WINDOWS\system32\firewall.exe
    C:\WINDOWS\system32\fsfsmkjr.exe
    C:\WINDOWS\system32\iexplore.exe
    C:\WINDOWS\system32\ifqxv.exe
    C:\WINDOWS\system32\invspmxs.exe
    C:\WINDOWS\system32\jhtm.exe
    C:\WINDOWS\system32\mgclnar.exe
    C:\WINDOWS\system32\naxsgnl.exe
    C:\WINDOWS\system32\piuuzmd.exe
    C:\WINDOWS\system32\rcfjhqxs.exe
    C:\WINDOWS\system32\scrqllr.exe
    C:\WINDOWS\system32\updetwind.exe
    C:\WINDOWS\System32\xorfeydb.dll
    C:\WINDOWS\system32\yttj.exe
    C:\WINDOWS\system32\zgrpken.exe

    .
    ((((((((((((((((((((((((( Files Created from 2007-08-23 to 2007-09-23 )))))))))))))))))))))))))))))))
    .

    2007-09-23 18:33 69,860 --ah----- C:\WINDOWS\system32\srnjhhqq.exe
    2007-09-23 16:08 44,468 --ah----- C:\WINDOWS\system32\nusmvgwl.exe
    2007-09-23 16:03 8,760 --ah----- C:\WINDOWS\system32\oirbp.exe
    2007-09-23 16:03 59,860 --ah----- C:\WINDOWS\system32\zueyp.exe
    2007-09-23 15:46 21,682 --ah----- C:\WINDOWS\system32\ewww.exe
    2007-09-23 15:45 2,920 --ah----- C:\WINDOWS\system32\jpyttpxi.exe
    2007-09-23 15:44 4,380 --ah----- C:\WINDOWS\system32\eipxib.exe
    2007-09-23 15:41 512 --ah----- C:\WINDOWS\system32\tolzgach.exe
    2007-09-23 12:07 48,640 --ah----- C:\WINDOWS\system32\okwz.exe
    2007-09-23 11:26 143,360 --ah----- C:\WINDOWS\system32\geamatrw.exe
    2007-09-23 11:25 143,360 --ah----- C:\WINDOWS\system32\kqeax.exe
    2007-09-23 11:20 69,860 --ah----- C:\WINDOWS\system32\xfrq.exe
    2007-09-23 10:26 23,552 --ah----- C:\WINDOWS\system32\olgenb.exe
    2007-09-23 10:25 23,552 --ah----- C:\WINDOWS\system32\tpcpf.exe
    2007-09-23 09:57 143,360 --ah----- C:\WINDOWS\system32\uppppsz.exe
    2007-09-22 23:48 0 --a------ C:\WINDOWS\system32\ftpupd.exe
    2007-09-22 23:41 143,360 --ah----- C:\WINDOWS\system32\yicme.exe
    2007-09-22 23:38 143,360 --ah----- C:\WINDOWS\system32\ihniqrsk.exe
    2007-09-22 23:38 130 --a------ C:\WINDOWS\system32\bzncpigw.bat
    2007-09-22 23:30 143,360 --ah----- C:\WINDOWS\system32\cyvlc.exe
    2007-09-22 23:30 118 --a------ C:\WINDOWS\system32\irrtd.bat
    2007-09-21 18:07 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2007-09-21 18:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    2007-09-21 18:05 <REP> d-------- C:\WINDOWS\Internet Logs
    2007-09-21 18:03 <REP> d-------- C:\Program Files\CCleaner
    2007-09-21 18:02 <REP> d-------- C:\Program Files\Avira
    2007-09-21 18:02 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    2007-09-21 16:12 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-21 16:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
    2007-09-21 16:00 <REP> d-------- C:\WINDOWS\ERUNT
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
    2007-09-20 22:47 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2007-09-20 22:16 <REP> d-------- C:\Program Files\PhotoFiltre
    2007-09-20 22:14 <REP> d-------- C:\Program Files\Picasa2
    2007-09-19 19:19 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\U3
    2007-09-19 19:15 28,160 --a------ C:\WINDOWS\system32\xorrk.exe
    2007-09-19 19:11 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
    2007-09-19 19:11 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
    2007-09-19 19:10 991,232 --a------ C:\WINDOWS\system32\virtear.dll
    2007-09-19 19:10 65,536 --a------ C:\WINDOWS\system32\Audio3d.dll
    2007-09-19 19:10 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
    2007-09-19 19:10 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
    2007-09-19 19:10 <REP> d-------- C:\WINDOWS\VirtualEar
    2007-09-19 19:10 <REP> d-------- C:\Program Files\Analog Devices
    2007-09-19 19:07 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
    2007-09-19 19:07 732,928 --a------ C:\WINDOWS\system32\drivers\senfilt.sys
    2007-09-19 19:07 311,296 --a------ C:\WINDOWS\system32\Edcrypt.dll
    2007-09-19 19:07 260,352 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
    2007-09-19 19:07 23,040 --a------ C:\WINDOWS\system32\PostProc.dll
    2007-09-19 19:05 15,840 --------- C:\WINDOWS\system32\drivers\PFMODNT.SYS
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Creative
    2007-09-19 18:30 28,160 --a------ C:\WINDOWS\system32\qsad.exe
    2007-09-19 15:58 <REP> d-------- C:\Program Files\Fichiers communs\mssoap
    2007-09-18 21:47 28,160 --a------ C:\WINDOWS\system32\sdvn.exe
    2007-09-18 21:32 <REP> d-------- C:\DOCUME~1\moi\Contacts
    2007-09-18 21:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
    2007-09-18 21:27 <REP> d-------- C:\Program Files\MSN Messenger
    2007-09-18 20:43 <REP> d-------- C:\Program Files\Google
    2007-09-18 20:40 28,160 --a------ C:\WINDOWS\system32\vojn.exe
    2007-09-18 20:14 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
    2007-09-18 17:56 125 --a------ C:\WINDOWS\system32\wxdmtj.bat
    2007-09-18 17:46 128 --a------ C:\WINDOWS\system32\irzncg.bat
    2007-09-18 17:46 122 --a------ C:\WINDOWS\system32\txzdru.bat
    2007-09-18 17:44 124 --a------ C:\WINDOWS\system32\qdhczure.bat
    2007-09-18 17:37 120 --a------ C:\WINDOWS\system32\ifsm.bat
    2007-09-18 17:30 115 --a------ C:\WINDOWS\system32\yhwsv.bat
    2007-09-18 17:23 118 --a------ C:\WINDOWS\system32\alspb.bat
    2007-09-18 17:19 20,480 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
    2007-09-18 17:19 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
    2007-09-18 17:18 14,080 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
    2007-09-18 17:18 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
    2007-09-18 17:18 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
    2007-09-18 17:18 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2019-01-08 23:19 --------- d-------- C:\Program Files\RegCleaner
    2007-09-21 18:09 1568 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-09-21 18:09 14368 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-09-21 18:06 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
    2007-09-21 18:06 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-09-21 18:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-09-19 19:10 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-18 20:13 --------- d-------- C:\Program Files\SuperCopier
    2007-09-18 20:08 --------- d-------- C:\Program Files\Fichiers communs\Sony Shared
    2007-09-18 18:53 --------- d-------- C:\DOCUME~1\moi\APPLIC~1\Real
    .

    ((((((((((((((((((((((((((((( snapshot_2007-09-21_161733.25 )))))))))))))))))))))))))))))))))))))))))
    .
    ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe
    ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spuninst.exe
    ----a-w 77,824 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\fontsub.dll
    ----a-w 111,616 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\t2embed.dll
    ----a-w 80,896 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\fontsub.dll
    ----a-w 118,272 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\t2embed.dll
    ----a-w 80,896 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\fontsub.dll
    ----a-w 117,760 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\t2embed.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\iecustom.dll
    ----a-w 163,840 2006-05-26 20:19:50 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgdw400.dll
    ----a-w 27,648 2006-04-06 14:15:48 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgpl400.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spuninst.exe
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spuninst.exe
    ----a-w 53,248 2005-06-10 23:55:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\spoolsv.exe
    ----a-w 102,912 2005-06-11 02:42:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\win32spl.dll
    ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2gdr\spoolsv.exe
    ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2qfe\spoolsv.exe
    ----a-w 30,720 2005-06-29 23:54:30 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spuninst.exe
    ----a-w 340,480 2006-04-20 11:38:44 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP1QFE\tcpip.sys
    ----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2GDR\tcpip.sys
    ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2QFE\tcpip.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spuninst.exe
    ----a-w 321,536 2006-08-14 08:59:20 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP1QFE\srv.sys
    ----a-w 332,928 2006-08-14 10:34:41 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2GDR\srv.sys
    ----a-w 332,928 2006-08-14 12:00:42 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2QFE\srv.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\updspapi.dll
    ----a-w 8,192 2004-10-14 18:35:00 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spmsg.dll
    ----a-w 172,032 2004-10-14 18:36:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spuninst.exe
    ----a-w 21,504 2004-10-14 18:36:10 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\spcustom.dll
    ----a-w 666,624 2004-10-14 18:22:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\update.exe
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spuninst.exe
    ----a-w 1,110,528 2006-09-13 05:10:12 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP1QFE\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:03:06 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2GDR\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:08:36 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2QFE\msxml3.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\iecustom.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spuninst.exe
    ----a-w 1,018,368 2005-06-17 22:26:18 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\browseui.dll
    ----a-w 144,384 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\cdfview.dll
    ----a-w 988,672 2005-10-20 18:10:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\danim.dll
    ----a-w 351,744 2006-06-09 12:35:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtmsft.dll
    ----a-w 192,512 2006-06-09 12:35:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtrans.dll
    ----a-w 236,032 2006-02-24 14:21:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\iepeers.dll
    ----a-w 70,144 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\inseng.dll
    ----a-w 12,288 2006-04-28 08:58:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\jsproxy.dll
    ----a-w 2,703,872 2006-06-30 08:52:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
    ----a-w 132,096 2005-02-24 13:02:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\msrating.dll
    ----a-w 498,176 2006-03-03 14:46:54 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mstime.dll
    ----a-w 34,816 2005-04-27 08:53:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 13:50:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shdocvw.dll
    ----a-w 409,600 2005-08-31 16:50:42 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shlwapi.dll
    ----a-w 463,872 2006-08-31 05:56:36 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\urlmon.dll
    ----a-w 581,120 2006-06-23 11:28:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
    ----a-w 1,018,368 2005-06-18 07:26:16 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\browseui.dll
    ----a-w 144,384 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\cdfview.dll
    ----a-w 988,672 2005-10-21 03:10:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\danim.dll
    ----a-w 351,744 2006-06-09 21:29:08 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtmsft.dll
    ----a-w 192,512 2006-06-09 21:29:02 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtrans.dll
    ----a-w 236,544 2006-02-24 23:55:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\iepeers.dll
    ----a-w 70,144 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\inseng.dll
    ----a-w 12,288 2006-04-28 17:48:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\jsproxy.dll
    ----a-w 2,710,528 2006-06-30 17:38:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
    ----a-w 132,096 2005-02-24 22:02:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\msrating.dll
    ----a-w 498,176 2006-03-04 00:39:04 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mstime.dll
    ----a-w 38,912 2005-04-27 17:50:00 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 22:50:25 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shdocvw.dll
    ----a-w 409,600 2005-09-01 01:50:41 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shlwapi.dll
    ----a-w 465,920 2006-08-31 04:07:07 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\urlmon.dll
    ----a-w 593,408 2006-06-23 19:46:56 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spuninst.exe
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spuninst.exe
    ----a-w 95,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\6to4svc.dll
    ----a-w 104,448 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dhcpcsvc.dll
    ----a-w 140,288 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dnsapi.dll
    ----a-w 31,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\inetmib1.dll
    ----a-w 84,480 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\iphlpapi.dll
    ----a-w 49,152 2006-05-19 12:02:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6.exe
    ----a-w 54,272 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6mon.dll
    ----a-w 86,016 2006-05-19 12:01:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\netsh.exe
    ----a-w 185,856 2006-05-18 23:51:34 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\obrs040c.dll
    ----a-w 203,008 2006-05-19 08:46:02 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tcpip6.sys
    ----a-w 11,776 2006-05-19 08:44:15 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tunmp.sys
    ----a-w 70,656 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ws2_32.dll
    ----a-w 13,312 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\wship6.dll
    ----a-w 112,128 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dhcpcsvc.dll
    ----a-w 148,480 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dnsapi.dll
    ----a-w 95,744 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\iphlpapi.dll
    ----a-w 112,640 2006-05-19 14:16:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dhcpcsvc.dll
    ----a-w 147,456 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dnsapi.dll
    ----a-w 95,744 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\iphlpapi.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spuninst.exe
    ----a-w 260,608 2005-10-06 03:21:29 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\gdi32.dll
    ----a-w 36,864 2004-03-30 01:49:43 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\mf3216.dll
    ----a-w 562,176 2005-03-02 18:21:36 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
    ----a-w 1,799,808 2005-10-06 03:16:55 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\win32k.sys
    ----a-w 280,064 2005-10-06 03:18:11 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:08:49 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\win32k.sys
    ----a-w 280,064 2005-10-06 03:19:52 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:12:57 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\win32k.sys
    ----a-w 30,720 2005-10-05 23:39:44 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spuninst.exe
    ----a-w 368,640 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcprx.dll
    ----a-w 974,336 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtctm.dll
    ----a-w 150,528 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcuiu.dll
    ----a-w 64,512 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxclu.dll
    ----a-w 83,456 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\xolehlp.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\updspapi.dll
    ----a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\npdsplay.dll
    ----a-w 13,536 2005-06-28 07:20:24 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spmsg.dll
    ----a-w 216,800 2005-06-28 07:23:40 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spuninst.exe
    ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spupdsvc.exe
    ----a-w 727,776 2005-06-28 07:25:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\update.exe
    ----a-w 371,424 2005-06-28 07:23:54 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spuninst.exe
    ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spupdsvc.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\updspapi.dll
    ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll
    ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll
    ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll
    ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll
    ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys
    ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll
    ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll
    ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll
    ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll
    ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll
    ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll
    ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll
    ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll
    ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll
    ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll
    ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll
    ----a-w 262,144 2007-09-23 16:37:41 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
    ----a-w 16,384 2007-09-22 21:48:54 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-22 21:48:54 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-22 21:48:54 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    ----a-w 40,768 2007-08-09 11:04:11 C:\WINDOWS\system32\drivers\avgntdd.sys
    ----a-w 21,312 2007-07-18 12:22:19 C:\WINDOWS\system32\drivers\avgntmgr.sys
    ----a-w 62,016 2007-09-07 10:05:19 C:\WINDOWS\system32\drivers\avipbb.sys
    ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\klif.sys
    ----a-w 28,352 2007-03-01 08:34:36 C:\WINDOWS\system32\drivers\ssmdrv.sys
    ----a-r 190,696 2007-06-11 11:04:38 C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
    ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
    ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
    ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
    ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
    ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
    ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
    ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
    ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
    ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
    ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
    ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\ZoneLabs\avsys\klif_32.sys
    ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
    ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
    ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
    ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
    ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
    ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
    ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
    ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
    ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
    ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
    ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
    ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
    ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
    ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
    ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
    ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
    ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
    ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
    .
    ----a-w 16,384 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "@"="" []
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
    "Windows DLL Loader"="C:\WINDOWS\System32\mtdfjbjf.exe" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Windos Seres Agnts"=jwlmdtsz.exe

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04]

    R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
    R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
    S2 mshexdefx;ms hexidecimal defx;"C:\WINDOWS\system32\dllcache\ivchost.exe"
    S3 jswmidin;jswmidin;\??\C:\DOCUME~1\moi\LOCALS~1\Temp\jswmidin.sys
    S3 U3SSTOR;U3SMSCDriver;C:\WINDOWS\System32\DRIVERS\U3SWDMb.SYS

    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-23 18:40:07
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-23 18:41:24 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-23 18:41
    C:\ComboFix2.txt ... 2007-09-22 23:22
    C:\ComboFix3.txt ... 2007-09-21 16:18
    .
    --- E O F ---
    23 Septembre 2007 18:40:14

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:42:32, on 23/09/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\System32\mtdfjbjf.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: ms hexidecimal defx (mshexdefx) - Unknown owner - C:\WINDOWS\system32\dllcache\ivchost.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 4104 bytes
    a b 8 Sécurité
    23 Septembre 2007 18:47:28

    Utilise ce script :

    C:\WINDOWS\system32\srnjhhqq.exe
    C:\WINDOWS\system32\nusmvgwl.exe
    C:\WINDOWS\system32\oirbp.exe
    C:\WINDOWS\system32\zueyp.exe
    C:\WINDOWS\system32\ewww.exe
    C:\WINDOWS\system32\jpyttpxi.exe
    C:\WINDOWS\system32\eipxib.exe
    C:\WINDOWS\system32\tolzgach.exe
    C:\WINDOWS\system32\okwz.exe
    C:\WINDOWS\system32\geamatrw.exe
    C:\WINDOWS\system32\kqeax.exe
    C:\WINDOWS\system32\xfrq.exe
    C:\WINDOWS\system32\olgenb.exe
    C:\WINDOWS\system32\tpcpf.exe
    C:\WINDOWS\system32\uppppsz.exe
    C:\WINDOWS\system32\ftpupd.exe
    C:\WINDOWS\system32\yicme.exe
    C:\WINDOWS\system32\ihniqrsk.exe
    23 Septembre 2007 21:15:08

    ComboFix 07-09-21.2 - "moi" 2007-09-23 21:14:14.5 - NTFSx86
    Command switches used :: C:\Documents and Settings\moi\Bureau\CFScript.txt.txt

    FILE::
    C:\WINDOWS\system32\srnjhhqq.exe
    C:\WINDOWS\system32\nusmvgwl.exe
    C:\WINDOWS\system32\oirbp.exe
    C:\WINDOWS\system32\zueyp.exe
    C:\WINDOWS\system32\ewww.exe
    C:\WINDOWS\system32\jpyttpxi.exe
    C:\WINDOWS\system32\eipxib.exe
    C:\WINDOWS\system32\tolzgach.exe
    C:\WINDOWS\system32\okwz.exe
    C:\WINDOWS\system32\geamatrw.exe
    C:\WINDOWS\system32\kqeax.exe
    C:\WINDOWS\system32\xfrq.exe
    C:\WINDOWS\system32\olgenb.exe
    C:\WINDOWS\system32\tpcpf.exe
    C:\WINDOWS\system32\uppppsz.exe
    C:\WINDOWS\system32\ftpupd.exe
    C:\WINDOWS\system32\yicme.exe
    C:\WINDOWS\system32\ihniqrsk.exe
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\eipxib.exe
    C:\WINDOWS\system32\ewww.exe
    C:\WINDOWS\system32\ftpupd.exe
    C:\WINDOWS\system32\geamatrw.exe
    C:\WINDOWS\system32\ihniqrsk.exe
    C:\WINDOWS\system32\jpyttpxi.exe
    C:\WINDOWS\system32\kqeax.exe
    C:\WINDOWS\system32\nusmvgwl.exe
    C:\WINDOWS\system32\oirbp.exe
    C:\WINDOWS\system32\okwz.exe
    C:\WINDOWS\system32\olgenb.exe
    C:\WINDOWS\system32\srnjhhqq.exe
    C:\WINDOWS\system32\tolzgach.exe
    C:\WINDOWS\system32\tpcpf.exe
    C:\WINDOWS\system32\uppppsz.exe
    C:\WINDOWS\system32\xfrq.exe
    C:\WINDOWS\system32\yicme.exe
    C:\WINDOWS\system32\zueyp.exe

    .
    ((((((((((((((((((((((((( Files Created from 2007-08-23 to 2007-09-23 )))))))))))))))))))))))))))))))
    .

    2007-09-23 21:15 52,749 --a------ C:\WINDOWS\gh941.exe
    2007-09-23 21:15 43,542 --a------ C:\WINDOWS\system32\awtsrpm.dll
    2007-09-23 19:44 10,732 --ah----- C:\WINDOWS\system32\fztt.exe
    2007-09-23 19:40 65,700 --ah----- C:\WINDOWS\system32\ejbh.exe
    2007-09-23 19:39 4,380 --ah----- C:\WINDOWS\system32\ccllsq.exe
    2007-09-23 19:36 38,912 --a------ C:\WINDOWS\system32\ne1.exe
    2007-09-23 19:34 69,860 --ah----- C:\WINDOWS\system32\cmowmsgl.exe
    2007-09-23 19:34 67,412 --ah----- C:\WINDOWS\system32\nxpuipc.exe
    2007-09-23 19:33 35,552 --ah----- C:\WINDOWS\system32\ykkjnw.exe
    2007-09-23 19:24 14,454 --ah----- C:\WINDOWS\system32\kbtmgvut.exe
    2007-09-23 19:20 57,452 --ah----- C:\WINDOWS\system32\alzrt.exe
    2007-09-23 19:18 8,760 --ah----- C:\WINDOWS\system32\dywmjne.exe
    2007-09-23 19:18 55,480 --ah----- C:\WINDOWS\system32\tlsb.exe
    2007-09-23 19:06 56,950 --ah----- C:\WINDOWS\system32\wsskz.exe
    2007-09-23 18:56 69,860 --ah----- C:\WINDOWS\system32\hdmy.exe
    2007-09-23 18:56 69,120 --ah----- C:\WINDOWS\system32\gmmoabk.exe
    2007-09-23 18:54 69,860 --ah----- C:\WINDOWS\system32\awnfrpl.exe
    2007-09-23 18:46 4,380 --ah----- C:\WINDOWS\system32\odsqjd.exe
    2007-09-22 23:38 130 --a------ C:\WINDOWS\system32\bzncpigw.bat
    2007-09-22 23:30 143,360 --ah----- C:\WINDOWS\system32\cyvlc.exe
    2007-09-22 23:30 118 --a------ C:\WINDOWS\system32\irrtd.bat
    2007-09-21 18:07 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2007-09-21 18:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    2007-09-21 18:05 <REP> d-------- C:\WINDOWS\Internet Logs
    2007-09-21 18:03 <REP> d-------- C:\Program Files\CCleaner
    2007-09-21 18:02 <REP> d-------- C:\Program Files\Avira
    2007-09-21 18:02 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    2007-09-21 16:12 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-21 16:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
    2007-09-21 16:00 <REP> d-------- C:\WINDOWS\ERUNT
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
    2007-09-20 22:47 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2007-09-20 22:16 <REP> d-------- C:\Program Files\PhotoFiltre
    2007-09-20 22:14 <REP> d-------- C:\Program Files\Picasa2
    2007-09-19 19:19 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\U3
    2007-09-19 19:15 28,160 --a------ C:\WINDOWS\system32\xorrk.exe
    2007-09-19 19:11 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
    2007-09-19 19:11 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
    2007-09-19 19:10 991,232 --a------ C:\WINDOWS\system32\virtear.dll
    2007-09-19 19:10 65,536 --a------ C:\WINDOWS\system32\Audio3d.dll
    2007-09-19 19:10 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
    2007-09-19 19:10 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
    2007-09-19 19:10 <REP> d-------- C:\WINDOWS\VirtualEar
    2007-09-19 19:10 <REP> d-------- C:\Program Files\Analog Devices
    2007-09-19 19:07 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
    2007-09-19 19:07 732,928 --a------ C:\WINDOWS\system32\drivers\senfilt.sys
    2007-09-19 19:07 311,296 --a------ C:\WINDOWS\system32\Edcrypt.dll
    2007-09-19 19:07 260,352 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
    2007-09-19 19:07 23,040 --a------ C:\WINDOWS\system32\PostProc.dll
    2007-09-19 19:05 15,840 --------- C:\WINDOWS\system32\drivers\PFMODNT.SYS
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Creative
    2007-09-19 18:30 28,160 --a------ C:\WINDOWS\system32\qsad.exe
    2007-09-19 15:58 <REP> d-------- C:\Program Files\Fichiers communs\mssoap
    2007-09-18 21:47 28,160 --a------ C:\WINDOWS\system32\sdvn.exe
    2007-09-18 21:32 <REP> d-------- C:\DOCUME~1\moi\Contacts
    2007-09-18 21:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
    2007-09-18 21:27 <REP> d-------- C:\Program Files\MSN Messenger
    2007-09-18 20:43 <REP> d-------- C:\Program Files\Google
    2007-09-18 20:40 28,160 --a------ C:\WINDOWS\system32\vojn.exe
    2007-09-18 20:14 <REP> d--h----- C:\Program Files\Fichiers communs\Carlson
    2007-09-18 17:56 125 --a------ C:\WINDOWS\system32\wxdmtj.bat
    2007-09-18 17:46 128 --a------ C:\WINDOWS\system32\irzncg.bat
    2007-09-18 17:46 122 --a------ C:\WINDOWS\system32\txzdru.bat
    2007-09-18 17:44 124 --a------ C:\WINDOWS\system32\qdhczure.bat
    2007-09-18 17:37 120 --a------ C:\WINDOWS\system32\ifsm.bat
    2007-09-18 17:30 115 --a------ C:\WINDOWS\system32\yhwsv.bat
    2007-09-18 17:23 118 --a------ C:\WINDOWS\system32\alspb.bat
    2007-09-18 17:19 20,480 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
    2007-09-18 17:19 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
    2007-09-18 17:18 14,080 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
    2007-09-18 17:18 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
    2007-09-18 17:18 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
    2007-09-18 17:18 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2019-01-08 23:19 --------- d-------- C:\Program Files\RegCleaner
    2007-09-21 18:09 1568 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-09-21 18:09 14368 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-09-21 18:06 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
    2007-09-21 18:06 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-09-21 18:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-09-19 19:10 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-18 20:13 --------- d-------- C:\Program Files\SuperCopier
    2007-09-18 20:08 --------- d-------- C:\Program Files\Fichiers communs\Sony Shared
    2007-09-18 18:53 --------- d-------- C:\DOCUME~1\moi\APPLIC~1\Real
    2007-09-18 18:08 135168 --a------ C:\WINDOWS\system32\sfc_os.dll
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    2002-09-18 15:23:24 769,024 --sh--r C:\WINDOWS\system32\efjmovfbdaq.exe
    .

    ((((((((((((((((((((((((((((( snapshot_2007-09-21_161733.25 )))))))))))))))))))))))))))))))))))))))))
    .
    ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe
    ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spuninst.exe
    ----a-w 77,824 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\fontsub.dll
    ----a-w 111,616 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\t2embed.dll
    ----a-w 80,896 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\fontsub.dll
    ----a-w 118,272 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\t2embed.dll
    ----a-w 80,896 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\fontsub.dll
    ----a-w 117,760 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\t2embed.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\iecustom.dll
    ----a-w 163,840 2006-05-26 20:19:50 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgdw400.dll
    ----a-w 27,648 2006-04-06 14:15:48 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgpl400.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spuninst.exe
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spuninst.exe
    ----a-w 53,248 2005-06-10 23:55:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\spoolsv.exe
    ----a-w 102,912 2005-06-11 02:42:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\win32spl.dll
    ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2gdr\spoolsv.exe
    ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2qfe\spoolsv.exe
    ----a-w 30,720 2005-06-29 23:54:30 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spuninst.exe
    ----a-w 340,480 2006-04-20 11:38:44 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP1QFE\tcpip.sys
    ----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2GDR\tcpip.sys
    ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2QFE\tcpip.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spuninst.exe
    ----a-w 321,536 2006-08-14 08:59:20 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP1QFE\srv.sys
    ----a-w 332,928 2006-08-14 10:34:41 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2GDR\srv.sys
    ----a-w 332,928 2006-08-14 12:00:42 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2QFE\srv.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\updspapi.dll
    ----a-w 8,192 2004-10-14 18:35:00 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spmsg.dll
    ----a-w 172,032 2004-10-14 18:36:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spuninst.exe
    ----a-w 21,504 2004-10-14 18:36:10 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\spcustom.dll
    ----a-w 666,624 2004-10-14 18:22:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\update.exe
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spuninst.exe
    ----a-w 1,110,528 2006-09-13 05:10:12 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP1QFE\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:03:06 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2GDR\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:08:36 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2QFE\msxml3.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\iecustom.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spuninst.exe
    ----a-w 1,018,368 2005-06-17 22:26:18 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\browseui.dll
    ----a-w 144,384 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\cdfview.dll
    ----a-w 988,672 2005-10-20 18:10:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\danim.dll
    ----a-w 351,744 2006-06-09 12:35:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtmsft.dll
    ----a-w 192,512 2006-06-09 12:35:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtrans.dll
    ----a-w 236,032 2006-02-24 14:21:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\iepeers.dll
    ----a-w 70,144 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\inseng.dll
    ----a-w 12,288 2006-04-28 08:58:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\jsproxy.dll
    ----a-w 2,703,872 2006-06-30 08:52:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
    ----a-w 132,096 2005-02-24 13:02:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\msrating.dll
    ----a-w 498,176 2006-03-03 14:46:54 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mstime.dll
    ----a-w 34,816 2005-04-27 08:53:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 13:50:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shdocvw.dll
    ----a-w 409,600 2005-08-31 16:50:42 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shlwapi.dll
    ----a-w 463,872 2006-08-31 05:56:36 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\urlmon.dll
    ----a-w 581,120 2006-06-23 11:28:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
    ----a-w 1,018,368 2005-06-18 07:26:16 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\browseui.dll
    ----a-w 144,384 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\cdfview.dll
    ----a-w 988,672 2005-10-21 03:10:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\danim.dll
    ----a-w 351,744 2006-06-09 21:29:08 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtmsft.dll
    ----a-w 192,512 2006-06-09 21:29:02 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtrans.dll
    ----a-w 236,544 2006-02-24 23:55:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\iepeers.dll
    ----a-w 70,144 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\inseng.dll
    ----a-w 12,288 2006-04-28 17:48:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\jsproxy.dll
    ----a-w 2,710,528 2006-06-30 17:38:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
    ----a-w 132,096 2005-02-24 22:02:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\msrating.dll
    ----a-w 498,176 2006-03-04 00:39:04 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mstime.dll
    ----a-w 38,912 2005-04-27 17:50:00 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 22:50:25 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shdocvw.dll
    ----a-w 409,600 2005-09-01 01:50:41 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shlwapi.dll
    ----a-w 465,920 2006-08-31 04:07:07 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\urlmon.dll
    ----a-w 593,408 2006-06-23 19:46:56 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spuninst.exe
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spuninst.exe
    ----a-w 95,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\6to4svc.dll
    ----a-w 104,448 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dhcpcsvc.dll
    ----a-w 140,288 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dnsapi.dll
    ----a-w 31,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\inetmib1.dll
    ----a-w 84,480 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\iphlpapi.dll
    ----a-w 49,152 2006-05-19 12:02:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6.exe
    ----a-w 54,272 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6mon.dll
    ----a-w 86,016 2006-05-19 12:01:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\netsh.exe
    ----a-w 185,856 2006-05-18 23:51:34 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\obrs040c.dll
    ----a-w 203,008 2006-05-19 08:46:02 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tcpip6.sys
    ----a-w 11,776 2006-05-19 08:44:15 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tunmp.sys
    ----a-w 70,656 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ws2_32.dll
    ----a-w 13,312 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\wship6.dll
    ----a-w 112,128 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dhcpcsvc.dll
    ----a-w 148,480 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dnsapi.dll
    ----a-w 95,744 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\iphlpapi.dll
    ----a-w 112,640 2006-05-19 14:16:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dhcpcsvc.dll
    ----a-w 147,456 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dnsapi.dll
    ----a-w 95,744 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\iphlpapi.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spuninst.exe
    ----a-w 260,608 2005-10-06 03:21:29 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\gdi32.dll
    ----a-w 36,864 2004-03-30 01:49:43 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\mf3216.dll
    ----a-w 562,176 2005-03-02 18:21:36 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
    ----a-w 1,799,808 2005-10-06 03:16:55 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\win32k.sys
    ----a-w 280,064 2005-10-06 03:18:11 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:08:49 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\win32k.sys
    ----a-w 280,064 2005-10-06 03:19:52 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:12:57 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\win32k.sys
    ----a-w 30,720 2005-10-05 23:39:44 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spuninst.exe
    ----a-w 368,640 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcprx.dll
    ----a-w 974,336 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtctm.dll
    ----a-w 150,528 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcuiu.dll
    ----a-w 64,512 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxclu.dll
    ----a-w 83,456 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\xolehlp.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\updspapi.dll
    ----a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\npdsplay.dll
    ----a-w 13,536 2005-06-28 07:20:24 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spmsg.dll
    ----a-w 216,800 2005-06-28 07:23:40 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spuninst.exe
    ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spupdsvc.exe
    ----a-w 727,776 2005-06-28 07:25:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\update.exe
    ----a-w 371,424 2005-06-28 07:23:54 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spuninst.exe
    ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spupdsvc.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\updspapi.dll
    ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll
    ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll
    ---h--w 69,860 2002-09-18 15:23:24 C:\WINDOWS\system32\lssas.exe
    ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll
    ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll
    ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys
    ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll
    ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll
    ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll
    ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll
    ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll
    ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll
    ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll
    ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll
    ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll
    ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll
    ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll
    ----a-w 262,144 2007-09-23 16:37:41 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
    ----a-w 16,384 2007-09-23 19:12:08 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-23 19:12:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-23 19:12:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    ----a-w 40,768 2007-08-09 11:04:11 C:\WINDOWS\system32\drivers\avgntdd.sys
    ----a-w 21,312 2007-07-18 12:22:19 C:\WINDOWS\system32\drivers\avgntmgr.sys
    ----a-w 62,016 2007-09-07 10:05:19 C:\WINDOWS\system32\drivers\avipbb.sys
    ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\klif.sys
    ----a-w 28,352 2007-03-01 08:34:36 C:\WINDOWS\system32\drivers\ssmdrv.sys
    ----a-r 190,696 2007-06-11 11:04:38 C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
    ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
    ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
    ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
    ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
    ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
    ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
    ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
    ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
    ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
    ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
    ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\ZoneLabs\avsys\klif_32.sys
    ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
    ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
    ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
    ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
    ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
    ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
    ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
    ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
    ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
    ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
    ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
    ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
    ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
    ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
    ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
    ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
    ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
    ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
    .
    ----a-w 16,384 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
    "Windows DLL Loader"="C:\WINDOWS\System32\mtdfjbjf.exe" []
    "Windows Service Svc"="efjmovfbdaq.exe" [2002-09-18 17:23 C:\WINDOWS\system32\efjmovfbdaq.exe]
    "Local Security Authority Service"="C:\WINDOWS\System32\lssas.exe" [2002-09-18 17:23]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
    "Windows Service Svc"=efjmovfbdaq.exe

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Windos Seres Agnts"=jwlmdtsz.exe
    "Windows Service Svc"=efjmovfbdaq.exe

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{4AA49418-D47E-47EB-AAD9-3FA5155F3025}"= C:\WINDOWS\System32\awtsrpm.dll [2007-09-23 21:15 43542]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsrpm]
    awtsrpm.dll 2007-09-23 21:15 43542 C:\WINDOWS\system32\awtsrpm.dll


    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-23 21:15:54
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    C:\WINDOWS\system32\ujexyt.exe

    scan completed successfully
    hidden files: 1

    **************************************************************************
    .
    Completion time: 2007-09-23 21:16:29
    C:\ComboFix-quarantined-files.txt ... 2007-09-23 21:16
    C:\ComboFix2.txt ... 2007-09-23 18:41
    C:\ComboFix3.txt ... 2007-09-22 23:22
    .
    --- E O F ---
    23 Septembre 2007 21:16:23

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:17:46, on 23/09/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\System32\efjmovfbdaq.exe
    C:\WINDOWS\System32\lssas.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\System32\mtdfjbjf.exe
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-21-73586283-1383384898-839522115-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O20 - Winlogon Notify: awtsrpm - C:\WINDOWS\SYSTEM32\awtsrpm.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: ms hexidecimal defx (mshexdefx) - Unknown owner - C:\WINDOWS\system32\dllcache\ivchost.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 4600 bytes
    a b 8 Sécurité
    23 Septembre 2007 21:22:33

    Re,

    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    Double clique sur SDFix.exe et choisis Install pour l'extraire sur le Bureau.

    Redémarre en mode sans échec

  • Ouvre le dossier SDFix qui vient d'être créé à la racine de ton dique dur (C:) et double clique sur RunThis.bat pour lancer le script.
  • Appuie sur Y pour commencer le processus de nettoyage.
  • Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
  • Appuie sur une touche pour redémarrer le PC.
  • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
  • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
  • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
  • Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
  • Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis.
    23 Septembre 2007 22:59:38

    SDFix: Version 1.107

    Run by Administrateur on 23/09/2007 at 22:56

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:

    Name:
    mshexdefx

    ImagePath:

    mshexdefx - Deleted



    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...


    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\WINDOWS\system32\.exe - Deleted
    C:\WINDOWS\system32\.exe - Deleted
    C:\WINDOWS\system32\crypts.dll - Deleted
    C:\WINDOWS\system32\dllcache\ivchost.exe - Deleted
    C:\WINDOWS\system32\i - Deleted
    C:\WINDOWS\system32\logon.exe - Deleted
    C:\WINDOWS\system32\lssas.exe - Deleted
    C:\WINDOWS\system32\o - Deleted
    C:\WINDOWS\system32\TFTP2488 - Deleted
    C:\WINDOWS\SYSTEM32\BODALST.EXE - Deleted
    C:\WINDOWS\system32\algs.exe - Deleted
    C:\WINDOWS\system32\o - Deleted
    C:\WINDOWS\system32\spoolsvc.exe - Deleted


    Folder C:\Program Files\Fichiers communs\Carlson - Removed

    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    Remaining Services:
    ------------------




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\\WINDOWS\\System32\\uhieecol.exe"="C:\\WINDOWS\\System32\\uhi"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    Remaining Files:
    ---------------

    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Sat 9 Sep 2006 4,789,792 ...H. --- "C:\Program Files\Picasa2\setup.exe"
    Sun 23 Sep 2007 57,452 A..H. --- "C:\WINDOWS\system32\alzrt.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\awnfrpl.exe"
    Sun 23 Sep 2007 4,380 A..H. --- "C:\WINDOWS\system32\ccllsq.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\cmowmsgl.exe"
    Sat 22 Sep 2007 143,360 A..H. --- "C:\WINDOWS\system32\cyvlc.exe"
    Sun 23 Sep 2007 8,760 A..H. --- "C:\WINDOWS\system32\dywmjne.exe"
    Wed 18 Sep 2002 769,024 ..SHR --- "C:\WINDOWS\system32\efjmovfbdaq.exe"
    Sun 23 Sep 2007 65,700 A..H. --- "C:\WINDOWS\system32\ejbh.exe"
    Sun 23 Sep 2007 4,608 A..H. --- "C:\WINDOWS\system32\fsjshdr.exe"
    Sun 23 Sep 2007 10,732 A..H. --- "C:\WINDOWS\system32\fztt.exe"
    Sun 23 Sep 2007 69,120 A..H. --- "C:\WINDOWS\system32\gmmoabk.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\hdmy.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\hxeyjhrj.exe"
    Sun 23 Sep 2007 14,454 A..H. --- "C:\WINDOWS\system32\kbtmgvut.exe"
    Sun 23 Sep 2007 67,412 A..H. --- "C:\WINDOWS\system32\nxpuipc.exe"
    Sun 23 Sep 2007 4,380 A..H. --- "C:\WINDOWS\system32\odsqjd.exe"
    Sun 23 Sep 2007 812,525 ..SH. --- "C:\WINDOWS\system32\rtvwa.bak1"
    Sun 23 Sep 2007 55,480 A..H. --- "C:\WINDOWS\system32\tlsb.exe"
    Sun 23 Sep 2007 56,950 A..H. --- "C:\WINDOWS\system32\wsskz.exe"
    Sun 23 Sep 2007 35,552 A..H. --- "C:\WINDOWS\system32\ykkjnw.exe"
    Sun 15 May 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 24 Aug 2005 782 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv12.bak"
    Fri 22 Jul 2005 401 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv17.bak"

    Finished!
    23 Septembre 2007 23:00:43

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:02:48, on 23/09/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\System32\efjmovfbdaq.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\system32\ftp.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [kiss] C:\Program Files\ssdasd\pingy.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\afaqajwb.dll",sitypnow
    O4 - HKLM\..\Run: [nassor] C:\Program Files\gfdgfdg\ms04.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [] .exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [] .exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agccnt] bodalst.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: DomainService - - C:\WINDOWS\System32\uhieecol.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 4713 bytes
    24 Septembre 2007 14:48:49

    J'ai remarqué aussi que la bestiole était infectée au niveau de lsass.dll et redémarre au bout d'une minute. J'ai donc fait mes recherches et pour le moment je le désactive avant la fin du compte à rebours par la commande "shutdown -a". J'ai voulu faire un Windiws Update, mais c'est impossible, ça ne fonctionne pas....
    a b 8 Sécurité
    24 Septembre 2007 17:50:13

    Installe un firewall comme Kerio puis refais un scan Combofix.
    24 Septembre 2007 18:25:21

    ComboFix 07-09-21.2 - "moi" 2007-09-24 18:17:09.6 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.1.1252.33.1036.18.49 [GMT 2:00]
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\check_LSA7.txt
    C:\WINDOWS\system32\.exe
    C:\WINDOWS\system32\5_exception.nls
    C:\WINDOWS\system32\awtsrpm.dll
    C:\WINDOWS\system32\awvtr.dll
    C:\WINDOWS\system32\drivers\runtime2.sys
    C:\WINDOWS\system32\drivers\secdrv.sys
    C:\WINDOWS\system32\miibtwai.exe
    C:\WINDOWS\system32\rtvwa.bak1
    C:\WINDOWS\system32\rtvwa.ini
    C:\WINDOWS\system32\uhieecol.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    -------\LEGACY_DOMAINSERVICE
    -------\LEGACY_RUNTIME
    -------\LEGACY_RUNTIME2
    -------\DomainService
    -------\runtime


    ((((((((((((((((((((((((( Files Created from 2007-08-24 to 2007-09-24 )))))))))))))))))))))))))))))))
    .

    2007-09-24 18:16 57,856 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\nbkrjlbx.exe
    2007-09-24 18:15 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\Kerio
    2007-09-24 18:13 3,584 --ah----- C:\WINDOWS\system32\wpuqk.exe
    2007-09-24 18:12 888,832 --------- C:\WINDOWS\system32\KTiconv.dll
    2007-09-24 18:12 765,952 --------- C:\WINDOWS\system32\KTlibeay32_0.9.7.dll
    2007-09-24 18:12 56,320 --------- C:\WINDOWS\system32\KTzlib.dll
    2007-09-24 18:12 344,064 --------- C:\WINDOWS\system32\msvcr70.dll
    2007-09-24 18:12 155,648 --------- C:\WINDOWS\system32\KTssleay32_0.9.7.dll
    2007-09-24 18:11 78,336 --------- C:\WINDOWS\system32\drivers\WRDRV.SYS
    2007-09-24 18:11 59,392 --a------ C:\WINDOWS\system32\drivers\kvpndrv.sys
    2007-09-24 18:11 <REP> d-------- C:\Program Files\Kerio
    2007-09-24 18:09 57,856 --ahs---- C:\WINDOWS\system32\irdvxc.exe
    2007-09-24 18:09 54,784 --a------ C:\WINDOWS\gh941.exe
    2007-09-24 17:02 69,860 --ah----- C:\WINDOWS\system32\qnmxg.exe
    2007-09-24 17:02 54,784 --ah----- C:\WINDOWS\system32\dqmdqmsc.exe
    2007-09-24 17:02 128 --a------ C:\WINDOWS\system32\hyatmd.bat
    2007-09-23 22:46 69,860 --ah----- C:\WINDOWS\system32\hxeyjhrj.exe
    2007-09-23 22:46 126 --a------ C:\WINDOWS\system32\uple.bat
    2007-09-23 22:00 940,451 --a------ C:\DOCUME~1\moi\fdfdsfddfs.exe
    2007-09-23 22:00 <REP> d-------- C:\Program Files\gfdgfdg
    2007-09-23 21:36 4,608 --ah----- C:\WINDOWS\system32\fsjshdr.exe
    2007-09-23 21:32 85,568 --a------ C:\WINDOWS\system32\afaqajwb.dll
    2007-09-23 21:30 <REP> d-------- C:\Program Files\ssdasd
    2007-09-23 21:29 991,310 --a------ C:\WINDOWS\system32\dsfs.exe
    2007-09-23 21:18 83,808 --a------ C:\WINDOWS\system32\dsfsdsda.exe
    2007-09-23 19:44 10,732 --ah----- C:\WINDOWS\system32\fztt.exe
    2007-09-23 19:40 65,700 --ah----- C:\WINDOWS\system32\ejbh.exe
    2007-09-23 19:39 4,380 --ah----- C:\WINDOWS\system32\ccllsq.exe
    2007-09-23 19:34 69,860 --ah----- C:\WINDOWS\system32\cmowmsgl.exe
    2007-09-23 19:34 67,412 --ah----- C:\WINDOWS\system32\nxpuipc.exe
    2007-09-23 19:33 35,552 --ah----- C:\WINDOWS\system32\ykkjnw.exe
    2007-09-23 19:24 14,454 --ah----- C:\WINDOWS\system32\kbtmgvut.exe
    2007-09-23 19:20 57,452 --ah----- C:\WINDOWS\system32\alzrt.exe
    2007-09-23 19:18 8,760 --ah----- C:\WINDOWS\system32\dywmjne.exe
    2007-09-23 19:18 55,480 --ah----- C:\WINDOWS\system32\tlsb.exe
    2007-09-23 19:06 56,950 --ah----- C:\WINDOWS\system32\wsskz.exe
    2007-09-23 18:56 69,860 --ah----- C:\WINDOWS\system32\hdmy.exe
    2007-09-23 18:56 69,120 --ah----- C:\WINDOWS\system32\gmmoabk.exe
    2007-09-23 18:54 69,860 --ah----- C:\WINDOWS\system32\awnfrpl.exe
    2007-09-23 18:46 4,380 --ah----- C:\WINDOWS\system32\odsqjd.exe
    2007-09-22 23:38 130 --a------ C:\WINDOWS\system32\bzncpigw.bat
    2007-09-22 23:30 143,360 --ah----- C:\WINDOWS\system32\cyvlc.exe
    2007-09-22 23:30 118 --a------ C:\WINDOWS\system32\irrtd.bat
    2007-09-21 18:07 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
    2007-09-21 18:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier
    2007-09-21 18:05 <REP> d-------- C:\WINDOWS\Internet Logs
    2007-09-21 18:03 <REP> d-------- C:\Program Files\CCleaner
    2007-09-21 18:02 <REP> d-------- C:\Program Files\Avira
    2007-09-21 18:02 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    2007-09-21 16:12 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-21 16:00 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
    2007-09-21 16:00 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
    2007-09-21 16:00 <REP> d-------- C:\WINDOWS\ERUNT
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
    2007-09-21 16:00 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
    2007-09-20 22:47 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
    2007-09-20 22:16 <REP> d-------- C:\Program Files\PhotoFiltre
    2007-09-20 22:14 <REP> d-------- C:\Program Files\Picasa2
    2007-09-19 19:19 <REP> d-------- C:\DOCUME~1\moi\APPLIC~1\U3
    2007-09-19 19:15 28,160 --a------ C:\WINDOWS\system32\xorrk.exe
    2007-09-19 19:11 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
    2007-09-19 19:11 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
    2007-09-19 19:10 991,232 --a------ C:\WINDOWS\system32\virtear.dll
    2007-09-19 19:10 65,536 --a------ C:\WINDOWS\system32\Audio3d.dll
    2007-09-19 19:10 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
    2007-09-19 19:10 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
    2007-09-19 19:10 <REP> d-------- C:\WINDOWS\VirtualEar
    2007-09-19 19:10 <REP> d-------- C:\Program Files\Analog Devices
    2007-09-19 19:07 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
    2007-09-19 19:07 732,928 --a------ C:\WINDOWS\system32\drivers\senfilt.sys
    2007-09-19 19:07 311,296 --a------ C:\WINDOWS\system32\Edcrypt.dll
    2007-09-19 19:07 260,352 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
    2007-09-19 19:07 23,040 --a------ C:\WINDOWS\system32\PostProc.dll
    2007-09-19 19:05 15,840 --------- C:\WINDOWS\system32\drivers\PFMODNT.SYS
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Fichiers communs\InstallShield
    2007-09-19 19:05 <REP> d-------- C:\Program Files\Creative
    2007-09-19 18:30 28,160 --a------ C:\WINDOWS\system32\qsad.exe
    2007-09-19 15:58 <REP> d-------- C:\Program Files\Fichiers communs\mssoap
    2007-09-18 21:47 28,160 --a------ C:\WINDOWS\system32\sdvn.exe
    2007-09-18 21:32 <REP> d-------- C:\DOCUME~1\moi\Contacts
    2007-09-18 21:29 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
    2007-09-18 21:27 <REP> d-------- C:\Program Files\MSN Messenger
    2007-09-18 20:43 <REP> d-------- C:\Program Files\Google
    2007-09-18 20:40 28,160 --a------ C:\WINDOWS\system32\vojn.exe
    2007-09-18 17:56 125 --a------ C:\WINDOWS\system32\wxdmtj.bat
    2007-09-18 17:46 128 --a------ C:\WINDOWS\system32\irzncg.bat
    2007-09-18 17:46 122 --a------ C:\WINDOWS\system32\txzdru.bat
    2007-09-18 17:44 124 --a------ C:\WINDOWS\system32\qdhczure.bat
    2007-09-18 17:37 120 --a------ C:\WINDOWS\system32\ifsm.bat
    2007-09-18 17:30 115 --a------ C:\WINDOWS\system32\yhwsv.bat
    2007-09-18 17:23 118 --a------ C:\WINDOWS\system32\alspb.bat
    2007-09-18 17:19 20,480 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
    2007-09-18 17:19 20,480 --a------ C:\WINDOWS\system32\hidserv.dll
    2007-09-18 17:18 14,080 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
    2007-09-18 17:18 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
    2007-09-18 17:18 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
    2007-09-18 17:18 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2019-01-08 23:19 --------- d-------- C:\Program Files\RegCleaner
    2007-09-24 18:11 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-09-21 18:09 1568 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2007-09-21 18:09 14368 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2007-09-21 18:06 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
    2007-09-21 18:06 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2007-09-21 18:06 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2007-09-21 18:04 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    2007-09-18 20:13 --------- d-------- C:\Program Files\SuperCopier
    2007-09-18 20:08 --------- d-------- C:\Program Files\Fichiers communs\Sony Shared
    2007-09-18 18:53 --------- d-------- C:\DOCUME~1\moi\APPLIC~1\Real
    2002-09-18 15:23:24 769,024 --sh--r C:\WINDOWS\system32\efjmovfbdaq.exe
    2002-09-18 15:23:24 516,143 --sh--r C:\WINDOWS\system32\vfavnrz.exe
    .

    ((((((((((((((((((((((((((((( snapshot_2007-09-21_161733.25 )))))))))))))))))))))))))))))))))))))))))
    .
    ----a-w 75,248 2007-06-21 19:54:48 C:\WINDOWS\zllsputility.exe
    ----a-w 42,384 2007-06-21 19:55:32 C:\WINDOWS\zllsputility_loc040c.dll
    ----a-w 163,328 2007-09-23 06:52:19 C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
    ----a-w 376,832 2007-09-23 20:55:54 C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
    ----a-w 8,192 2007-09-23 20:55:54 C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\spuninst.exe
    ----a-w 77,824 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\fontsub.dll
    ----a-w 111,616 2005-10-17 21:30:33 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp1qfe\t2embed.dll
    ----a-w 80,896 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\fontsub.dll
    ----a-w 118,272 2005-10-17 21:21:08 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2gdr\t2embed.dll
    ----a-w 80,896 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\fontsub.dll
    ----a-w 117,760 2005-10-17 21:26:30 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\sp2qfe\t2embed.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\2ddd87bec6ea0d3870758aca072e3e8a\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\iecustom.dll
    ----a-w 163,840 2006-05-26 20:19:50 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgdw400.dll
    ----a-w 27,648 2006-04-06 14:15:48 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\jgpl400.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\spuninst.exe
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\3556f01dfe2929f710532cac25d2e3ec\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\spuninst.exe
    ----a-w 53,248 2005-06-10 23:55:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\spoolsv.exe
    ----a-w 102,912 2005-06-11 02:42:46 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp1qfe\win32spl.dll
    ----a-w 57,856 2005-06-10 23:53:32 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2gdr\spoolsv.exe
    ----a-w 57,856 2005-06-11 00:17:13 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\sp2qfe\spoolsv.exe
    ----a-w 30,720 2005-06-29 23:54:30 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\4088a68d0a8934555c37417459b6507e\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\spuninst.exe
    ----a-w 340,480 2006-04-20 11:38:44 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP1QFE\tcpip.sys
    ----a-w 359,808 2006-04-20 11:51:50 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2GDR\tcpip.sys
    ----a-w 360,576 2006-04-20 12:18:35 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\SP2QFE\tcpip.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\507067b70cd6d949aad91fc738213e69\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\spuninst.exe
    ----a-w 321,536 2006-08-14 08:59:20 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP1QFE\srv.sys
    ----a-w 332,928 2006-08-14 10:34:41 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2GDR\srv.sys
    ----a-w 332,928 2006-08-14 12:00:42 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\SP2QFE\srv.sys
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\551a37fe97d22cfc1a735a1ac3cad362\update\updspapi.dll
    ----a-w 8,192 2004-10-14 18:35:00 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spmsg.dll
    ----a-w 172,032 2004-10-14 18:36:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\spuninst.exe
    ----a-w 21,504 2004-10-14 18:36:10 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\spcustom.dll
    ----a-w 666,624 2004-10-14 18:22:11 C:\WINDOWS\SoftwareDistribution\Download\5f51a5d334ac80a2988bd8848bc695cb\update\update.exe
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\spuninst.exe
    ----a-w 1,110,528 2006-09-13 05:10:12 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP1QFE\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:03:06 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2GDR\msxml3.dll
    ----a-w 1,084,416 2006-09-13 05:08:36 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\SP2QFE\msxml3.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\63fa4b45e27c53442285aaba36557804\update\updspapi.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\iecustom.dll
    ----a-w 15,072 2005-06-28 08:21:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spmsg.dll
    ----a-w 216,800 2005-06-28 08:23:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\spuninst.exe
    ----a-w 1,018,368 2005-06-17 22:26:18 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\browseui.dll
    ----a-w 144,384 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\cdfview.dll
    ----a-w 988,672 2005-10-20 18:10:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\danim.dll
    ----a-w 351,744 2006-06-09 12:35:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtmsft.dll
    ----a-w 192,512 2006-06-09 12:35:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\dxtrans.dll
    ----a-w 236,032 2006-02-24 14:21:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\iepeers.dll
    ----a-w 70,144 2004-12-07 18:17:32 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\inseng.dll
    ----a-w 12,288 2006-04-28 08:58:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\jsproxy.dll
    ----a-w 2,703,872 2006-06-30 08:52:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mshtml.dll
    ----a-w 132,096 2005-02-24 13:02:50 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\msrating.dll
    ----a-w 498,176 2006-03-03 14:46:54 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\mstime.dll
    ----a-w 34,816 2005-04-27 08:53:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 13:50:26 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shdocvw.dll
    ----a-w 409,600 2005-08-31 16:50:42 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\shlwapi.dll
    ----a-w 463,872 2006-08-31 05:56:36 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\urlmon.dll
    ----a-w 581,120 2006-06-23 11:28:30 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\rtmgdr\wininet.dll
    ----a-w 1,018,368 2005-06-18 07:26:16 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\browseui.dll
    ----a-w 144,384 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\cdfview.dll
    ----a-w 988,672 2005-10-21 03:10:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\danim.dll
    ----a-w 351,744 2006-06-09 21:29:08 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtmsft.dll
    ----a-w 192,512 2006-06-09 21:29:02 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\dxtrans.dll
    ----a-w 236,544 2006-02-24 23:55:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\iepeers.dll
    ----a-w 70,144 2004-12-08 03:24:28 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\inseng.dll
    ----a-w 12,288 2006-04-28 17:48:05 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\jsproxy.dll
    ----a-w 2,710,528 2006-06-30 17:38:24 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mshtml.dll
    ----a-w 132,096 2005-02-24 22:02:48 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\msrating.dll
    ----a-w 498,176 2006-03-04 00:39:04 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\mstime.dll
    ----a-w 38,912 2005-04-27 17:50:00 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\pngfilt.dll
    ----a-w 1,339,904 2006-05-26 22:50:25 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shdocvw.dll
    ----a-w 409,600 2005-09-01 01:50:41 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\shlwapi.dll
    ----a-w 465,920 2006-08-31 04:07:07 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\urlmon.dll
    ----a-w 593,408 2006-06-23 19:46:56 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\RTMQFE\wininet.dll
    ----a-w 36,864 2005-04-19 12:56:40 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\iecustom.dll
    ----a-w 727,776 2005-06-28 08:25:06 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\update.exe
    ----a-w 394,976 2005-06-28 08:24:12 C:\WINDOWS\SoftwareDistribution\Download\73231fc5e2f4907698b91ecd0c870ff8\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\spuninst.exe
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\90e71ccf083d4636c615101d20c96448\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\spuninst.exe
    ----a-w 95,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\6to4svc.dll
    ----a-w 104,448 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dhcpcsvc.dll
    ----a-w 140,288 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\dnsapi.dll
    ----a-w 31,232 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\inetmib1.dll
    ----a-w 84,480 2006-05-19 12:14:13 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\iphlpapi.dll
    ----a-w 49,152 2006-05-19 12:02:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6.exe
    ----a-w 54,272 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ipv6mon.dll
    ----a-w 86,016 2006-05-19 12:01:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\netsh.exe
    ----a-w 185,856 2006-05-18 23:51:34 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\obrs040c.dll
    ----a-w 203,008 2006-05-19 08:46:02 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tcpip6.sys
    ----a-w 11,776 2006-05-19 08:44:15 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\tunmp.sys
    ----a-w 70,656 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\ws2_32.dll
    ----a-w 13,312 2006-05-19 12:14:14 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP1QFE\wship6.dll
    ----a-w 112,128 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dhcpcsvc.dll
    ----a-w 148,480 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\dnsapi.dll
    ----a-w 95,744 2006-05-19 13:23:35 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2GDR\iphlpapi.dll
    ----a-w 112,640 2006-05-19 14:16:50 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dhcpcsvc.dll
    ----a-w 147,456 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\dnsapi.dll
    ----a-w 95,744 2006-05-19 14:16:51 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\SP2QFE\iphlpapi.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\be96031e349de0228a58a3a562a48caf\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\spuninst.exe
    ----a-w 260,608 2005-10-06 03:21:29 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\gdi32.dll
    ----a-w 36,864 2004-03-30 01:49:43 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\mf3216.dll
    ----a-w 562,176 2005-03-02 18:21:36 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\user32.dll
    ----a-w 1,799,808 2005-10-06 03:16:55 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp1qfe\win32k.sys
    ----a-w 280,064 2005-10-06 03:18:11 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:08:49 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2gdr\win32k.sys
    ----a-w 280,064 2005-10-06 03:19:52 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\gdi32.dll
    ----a-w 1,839,616 2005-10-06 03:12:57 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\sp2qfe\win32k.sys
    ----a-w 30,720 2005-10-05 23:39:44 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\arpidfix.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\cbdc1787b6b277961f5fc0d18aa5c3d2\update\updspapi.dll
    ----a-w 15,072 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spmsg.dll
    ----a-w 216,800 2005-10-12 23:15:24 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\spuninst.exe
    ----a-w 368,640 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcprx.dll
    ----a-w 974,336 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtctm.dll
    ----a-w 150,528 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\msdtcuiu.dll
    ----a-w 64,512 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxclu.dll
    ----a-w 83,456 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:45:35 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP1QFE\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:43:50 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:43:51 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2GDR\xolehlp.dll
    ----a-w 426,496 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcprx.dll
    ----a-w 956,416 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtctm.dll
    ----a-w 161,280 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\msdtcuiu.dll
    ----a-w 66,560 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxclu.dll
    ----a-w 91,136 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\mtxoci.dll
    ----a-w 11,776 2006-03-01 19:42:12 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\SP2QFE\xolehlp.dll
    ----a-w 22,752 2005-10-12 23:15:23 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\spcustom.dll
    ----a-w 727,776 2005-10-12 23:15:26 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\update.exe
    ----a-w 394,976 2005-10-12 23:15:43 C:\WINDOWS\SoftwareDistribution\Download\cef4d84f54fa3cbb88b347e5551b26a8\update\updspapi.dll
    ----a-w 364,544 2005-11-29 14:27:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\npdsplay.dll
    ----a-w 13,536 2005-06-28 07:20:24 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spmsg.dll
    ----a-w 216,800 2005-06-28 07:23:40 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spuninst.exe
    ----a-w 22,752 2005-06-28 07:21:34 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\spupdsvc.exe
    ----a-w 727,776 2005-06-28 07:25:06 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\update.exe
    ----a-w 371,424 2005-06-28 07:23:54 C:\WINDOWS\SoftwareDistribution\Download\dcc40725a7d5df54019097409776908c\update\updspapi.dll
    ----a-w 15,072 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spmsg.dll
    ----a-w 213,216 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spuninst.exe
    ----a-w 22,752 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\spupdsvc.exe
    ----a-w 22,240 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\spcustom.dll
    ----a-w 730,336 2005-02-25 03:35:24 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\update.exe
    ----a-w 395,488 2005-02-25 03:35:25 C:\WINDOWS\SoftwareDistribution\Download\fbbf97636558a8b12d2660a1fbe98336\update\updspapi.dll
    ----a-w 3,640 2007-09-24 16:13:40 C:\WINDOWS\SoftwareDistribution\EventCache\{AFC36E58-8B59-48D0-BC92-48ED0BD9517A}.bin
    ----a-w 21,904 2007-06-21 19:55:28 C:\WINDOWS\system32\imsinstall_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:28 C:\WINDOWS\system32\imslsp_install_loc040c.dll
    ----a-w 796,048 2007-06-21 19:54:26 C:\WINDOWS\system32\libeay32_0.9.6l.dll
    ----a-w 142,696 2007-07-31 00:25:54 C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
    ----a-w 17,474,680 2007-09-05 17:50:44 C:\WINDOWS\system32\MRT.exe
    ----a-w 11,264 2004-04-27 02:40:52 C:\WINDOWS\system32\SpOrder.dll
    ----a-w 83,432 2007-06-21 19:54:30 C:\WINDOWS\system32\vsdata.dll
    ----a-w 394,984 2007-06-21 19:54:52 C:\WINDOWS\system32\vsdatant.sys
    ----a-w 157,160 2007-06-21 19:54:32 C:\WINDOWS\system32\vsinit.dll
    ----a-w 103,912 2007-06-21 19:54:32 C:\WINDOWS\system32\vsmonapi.dll
    ----a-w 275,944 2007-06-21 19:54:32 C:\WINDOWS\system32\vspubapi.dll
    ----a-w 71,144 2007-06-21 19:54:32 C:\WINDOWS\system32\vsregexp.dll
    ----a-w 472,552 2007-06-21 19:54:34 C:\WINDOWS\system32\vsutil.dll
    ----a-w 54,672 2007-06-21 19:55:30 C:\WINDOWS\system32\vsutil_loc040c.dll
    ----a-w 46,568 2007-06-21 19:54:34 C:\WINDOWS\system32\vswmi.dll
    ----a-w 99,816 2007-06-21 19:54:34 C:\WINDOWS\system32\vsxml.dll
    ---h--w 69,860 2002-09-18 15:23:24 C:\WINDOWS\system32\winamp.exe
    ---h--w 54,784 2002-09-18 15:23:24 C:\WINDOWS\system32\winIogon.exe
    ----a-w 83,432 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcomm.dll
    ----a-w 71,144 2007-06-21 19:54:34 C:\WINDOWS\system32\zlcommdb.dll
    ----a-w 1,086,952 2007-06-21 19:54:40 C:\WINDOWS\system32\zpeng24.dll
    ----a-w 262,144 2007-09-24 16:17:03 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
    ----a-w 32,768 2007-09-24 16:10:21 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-24 16:10:21 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-24 16:10:21 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    ----a-w 991,310 2007-09-23 19:30:18 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\7R2ZX4N1\Sx[1].exe
    ----a-w 40,768 2007-08-09 11:04:11 C:\WINDOWS\system32\drivers\avgntdd.sys
    ----a-w 21,312 2007-07-18 12:22:19 C:\WINDOWS\system32\drivers\avgntmgr.sys
    ----a-w 62,016 2007-09-07 10:05:19 C:\WINDOWS\system32\drivers\avipbb.sys
    ----a-w 110,360 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\kl1.sys
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\drivers\klif.sys
    ----a-w 28,352 2007-03-01 08:34:36 C:\WINDOWS\system32\drivers\ssmdrv.sys
    ----a-r 190,696 2007-06-11 11:04:38 C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
    ----a-w 26,000 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
    ----a-w 75,152 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
    ----a-w 79,336 2007-06-21 19:54:30 C:\WINDOWS\system32\ZoneLabs\vsdb.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
    ----a-w 75,304 2007-06-21 19:54:46 C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    ----a-w 46,480 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
    ----a-w 1,345,000 2007-06-21 19:54:32 C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
    ----a-w 198,032 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:30 C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
    ----a-w 17,808 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
    ----a-w 21,904 2007-06-21 19:55:32 C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
    ----a-w 77,824 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
    ----a-w 110,592 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
    ----a-w 331,776 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
    ----a-w 38,400 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
    ----a-w 208,960 2006-09-19 21:12:14 C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
    ----a-w 258,048 2007-05-30 22:03:16 C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
    ----a-w 175,376 2007-05-30 22:03:48 C:\WINDOWS\system32\ZoneLabs\avsys\klif_32.sys
    ----a-w 1,093,632 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
    ----a-w 548,864 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
    ----a-w 626,688 2007-05-30 22:03:20 C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
    ----a-w 184,320 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
    ----a-w 90,112 2007-05-30 22:03:22 C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
    ----a-w 118,784 2007-05-30 22:03:18 C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
    ----a-w 200,704 2006-12-19 16:13:52 C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
    ----a-w 65,248 2007-05-30 22:03:30 C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
    ----a-w 21,568 2006-06-30 12:47:36 C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
    ----a-w 288,144 2007-06-21 19:55:26 C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
    ----a-w 152,976 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
    ----a-w 26,000 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
    ----a-w 1,361,296 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
    ----a-w 71,056 2007-06-21 19:54:54 C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
    ----a-w 30,184 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
    ----a-w 30,216 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
    ----a-w 210,432 2007-06-21 19:56:16 C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
    ----a-w 3,229,176 2007-06-21 19:56:18 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
    ----a-w 26,000 2007-06-21 19:55:28 C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
    .
    ----a-w 163,328 2007-09-19 21:46:25 C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
    ----a-w 372,736 2007-09-21 14:00:57 C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT
    ----a-w 8,192 2007-09-21 14:00:57 C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat
    ----a-w 16,384 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
    ----a-w 32,768 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    ----a-w 49,152 2007-09-20 17:22:08 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "@"="" []
    "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
    "Windows Service Svc"="efjmovfbdaq.exe" [2002-09-18 17:23 C:\WINDOWS\system32\efjmovfbdaq.exe]
    "kiss"="C:\Program Files\ssdasd\pingy.exe" [2007-09-14 05:14]
    "SearchIndexer"="C:\WINDOWS\System32\afaqajwb.dll" [2007-09-23 21:33]
    "nassor"="C:\Program Files\gfdgfdg\ms04.exe" [2006-10-08 23:50]
    "Windows Logon Application"="C:\WINDOWS\System32\winIogon.exe" [2002-09-18 17:23]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
    "Windows Service Svc"="efjmovfbdaq.exe" [2002-09-18 17:23 C:\WINDOWS\system32\efjmovfbdaq.exe]
    "@"=".exe" []
    "WrCtrl"="C:\Program Files\Kerio\WinRoute Firewall\WrCtrl.exe" [2004-07-14 12:17]
    "Microsoft Windows Update"="vfavnrz.exe" [2002-09-18 17:23 C:\WINDOWS\system32\vfavnrz.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
    "Windows Service Svc"=efjmovfbdaq.exe
    "Microsoft Windows Update"=vfavnrz.exe

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Windos Seres Agnts"=jwlmdtsz.exe
    "Windows Service Svc"=efjmovfbdaq.exe
    "<NO NAME>"=.exe
    "Windows Service Agccnt"=bodalst.exe
    "Microsoft Windows Update"=vfavnrz.exe

    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 11:01:04]

    R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
    R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
    R1 WRDRV;WRDRV;C:\WINDOWS\System32\drivers\wrdrv.sys
    R2 WinRoute;Kerio WinRoute Firewall;"C:\Program Files\Kerio\WinRoute Firewall\winroute.exe"
    R3 kvpndev;Kerio VPN adapter;C:\WINDOWS\System32\DRIVERS\kvpndrv.sys
    S2 MSDisk;Network helper Service;"C:\WINDOWS\System32\irdvxc.exe" /service
    S3 jswmidin;jswmidin;\??\C:\DOCUME~1\moi\LOCALS~1\Temp\jswmidin.sys
    S3 U3SSTOR;U3SMSCDriver;C:\WINDOWS\System32\DRIVERS\U3SWDMb.SYS

    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-24 18:20:28
    Windows 5.1.2600 Service Pack 1 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-24 18:21:59 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-24 18:21
    C:\ComboFix2.txt ... 2007-09-23 21:16
    C:\ComboFix3.txt ... 2007-09-23 18:41
    .
    --- E O F ---
    24 Septembre 2007 18:26:10

    Par contre, j'ai désinstallé Kerio derrière parce qu'il me bloquait la connexion Internet et que je ne connais rien aux Firewall.... :( 
    a b 8 Sécurité
    24 Septembre 2007 18:32:20

    Reposte un rapport Hijackthis.
    24 Septembre 2007 19:04:34

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:06:39, on 24/09/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\System32\vfavnrz.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\efjmovfbdaq.exe
    C:\WINDOWS\System32\winIogon.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [kiss] C:\Program Files\Symantic\pingy.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\afaqajwb.dll",sitypnow
    O4 - HKLM\..\Run: [nassor] C:\Program Files\gfdgfdg\ms04.exe
    O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\winIogon.exe
    O4 - HKLM\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\RunServices: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-21-73586283-1383384898-839522115-1004\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agccnt] bodalst.exe (User '?')
    O4 - HKUS\S-1-5-18\..\Run: [Microsoft Windows Update] vfavnrz.exe (User '?')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 5239 bytes
    a b 8 Sécurité
    24 Septembre 2007 19:44:36

    Installe d'urgence le SP2 de Windows.
    24 Septembre 2007 19:54:58

    OK ! Merci pour tout, je te tiens au courant !!
    a b 8 Sécurité
    24 Septembre 2007 19:56:34

    Ok.
    25 Septembre 2007 17:45:21

    Voilà, SP2 installé, je refais un Hijackthis et un combofix et je reposte tout ça.
    25 Septembre 2007 17:46:05

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:45:23, on 25/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\efjmovfbdaq.exe
    C:\WINDOWS\system32\vfavnrz.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\winIogon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [kiss] C:\Program Files\Symantic\pingy.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\afaqajwb.dll",sitypnow
    O4 - HKLM\..\Run: [nassor] C:\Program Files\gfdgfdg\ms04.exe
    O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\system32\winIogon.exe
    O4 - HKLM\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\RunServices: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [] .exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agccnt] bodalst.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Microsoft Windows Update] vfavnrz.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 5244 bytes
    a b 8 Sécurité
    25 Septembre 2007 17:50:10

    Repasse un coup d'SDFix stp.
    25 Septembre 2007 18:15:05


    SDFix: Version 1.107

    Run by Administrateur on 25/09/2007 at 18:10

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:

    Name:
    MSDisk

    ImagePath:
    "C:\WINDOWS\System32\irdvxc.exe" /service

    MSDisk - Deleted



    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...


    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\WINDOWS\SYSTEM32\VFAVNRZ.EXE - Deleted
    C:\WINDOWS\SYSTEM32\VFAVNRZ.EXE - Deleted
    C:\WINDOWS\system32\i - Deleted
    C:\WINDOWS\system32\irdvxc.exe - Deleted
    C:\WINDOWS\system32\winamp.exe - Deleted
    C:\WINDOWS\system32\winIogon.exe - Deleted



    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    Remaining Services:
    ------------------




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    Remaining Files:
    ---------------

    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Sat 9 Sep 2006 4,789,792 ...H. --- "C:\Program Files\Picasa2\setup.exe"
    Sun 23 Sep 2007 57,452 A..H. --- "C:\WINDOWS\system32\alzrt.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\awnfrpl.exe"
    Sun 23 Sep 2007 4,380 A..H. --- "C:\WINDOWS\system32\ccllsq.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\cmowmsgl.exe"
    Sat 22 Sep 2007 143,360 A..H. --- "C:\WINDOWS\system32\cyvlc.exe"
    Mon 24 Sep 2007 54,784 A..H. --- "C:\WINDOWS\system32\dqmdqmsc.exe"
    Sun 23 Sep 2007 8,760 A..H. --- "C:\WINDOWS\system32\dywmjne.exe"
    Wed 18 Sep 2002 769,024 ..SHR --- "C:\WINDOWS\system32\efjmovfbdaq.exe"
    Sun 23 Sep 2007 65,700 A..H. --- "C:\WINDOWS\system32\ejbh.exe"
    Sun 23 Sep 2007 4,608 A..H. --- "C:\WINDOWS\system32\fsjshdr.exe"
    Sun 23 Sep 2007 10,732 A..H. --- "C:\WINDOWS\system32\fztt.exe"
    Sun 23 Sep 2007 69,120 A..H. --- "C:\WINDOWS\system32\gmmoabk.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\hdmy.exe"
    Sun 23 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\hxeyjhrj.exe"
    Sun 23 Sep 2007 14,454 A..H. --- "C:\WINDOWS\system32\kbtmgvut.exe"
    Sun 23 Sep 2007 67,412 A..H. --- "C:\WINDOWS\system32\nxpuipc.exe"
    Sun 23 Sep 2007 4,380 A..H. --- "C:\WINDOWS\system32\odsqjd.exe"
    Mon 24 Sep 2007 69,860 A..H. --- "C:\WINDOWS\system32\qnmxg.exe"
    Sun 23 Sep 2007 55,480 A..H. --- "C:\WINDOWS\system32\tlsb.exe"
    Mon 24 Sep 2007 5,044 A..H. --- "C:\WINDOWS\system32\wpuqk.exe"
    Sun 23 Sep 2007 56,950 A..H. --- "C:\WINDOWS\system32\wsskz.exe"
    Sun 23 Sep 2007 35,552 A..H. --- "C:\WINDOWS\system32\ykkjnw.exe"
    Sun 15 May 2005 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 24 Aug 2005 782 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv12.bak"
    Fri 22 Jul 2005 401 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv17.bak"
    Tue 25 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\27efdbd68a382580fdb15dd4f797360e\BIT4.tmp"
    Tue 25 Sep 2007 322,708 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\ec9dc63e53c8bf9a1e80cf1489c682bd\download\BIT1C.tmp"

    Finished!
    a b 8 Sécurité
    25 Septembre 2007 18:18:29

    Re,

    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne TOUS les emplacements en gras ci-dessous :

    C:\WINDOWS\system32\alzrt.exe
    C:\WINDOWS\system32\awnfrpl.exe
    C:\WINDOWS\system32\ccllsq.exe
    C:\WINDOWS\system32\cmowmsgl.exe
    C:\WINDOWS\system32\cyvlc.exe
    C:\WINDOWS\system32\dqmdqmsc.exe
    C:\WINDOWS\system32\dywmjne.exe
    C:\WINDOWS\system32\efjmovfbdaq.exe
    C:\WINDOWS\system32\ejbh.exe
    C:\WINDOWS\system32\fsjshdr.exe
    C:\WINDOWS\system32\fztt.exe
    C:\WINDOWS\system32\gmmoabk.exe
    C:\WINDOWS\system32\hdmy.exe
    C:\WINDOWS\system32\hxeyjhrj.exe
    C:\WINDOWS\system32\kbtmgvut.exe
    C:\WINDOWS\system32\nxpuipc.exe
    C:\WINDOWS\system32\odsqjd.exe
    C:\WINDOWS\system32\qnmxg.exe
    C:\WINDOWS\system32\tlsb.exe
    C:\WINDOWS\system32\wpuqk.exe
    C:\WINDOWS\system32\wsskz.exe
    C:\WINDOWS\system32\ykkjnw.exe"


    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    25 Septembre 2007 18:38:50

    Je suis en train de faire un windows update complet, maintenant que ça marche... :) 

    Je fais ça tout de suite après, à toute !
    a b 8 Sécurité
    25 Septembre 2007 18:42:21

    Ok ;) 
    25 Septembre 2007 19:19:51

    C:\WINDOWS\system32\alzrt.exe moved successfully.
    C:\WINDOWS\system32\awnfrpl.exe moved successfully.
    C:\WINDOWS\system32\ccllsq.exe moved successfully.
    C:\WINDOWS\system32\cmowmsgl.exe moved successfully.
    C:\WINDOWS\system32\cyvlc.exe moved successfully.
    C:\WINDOWS\system32\dqmdqmsc.exe moved successfully.
    C:\WINDOWS\system32\dywmjne.exe moved successfully.
    File move failed. C:\WINDOWS\system32\efjmovfbdaq.exe scheduled to be moved on reboot.
    C:\WINDOWS\system32\ejbh.exe moved successfully.
    C:\WINDOWS\system32\fsjshdr.exe moved successfully.
    C:\WINDOWS\system32\fztt.exe moved successfully.
    C:\WINDOWS\system32\gmmoabk.exe moved successfully.
    C:\WINDOWS\system32\hdmy.exe moved successfully.
    C:\WINDOWS\system32\hxeyjhrj.exe moved successfully.
    C:\WINDOWS\system32\kbtmgvut.exe moved successfully.
    C:\WINDOWS\system32\nxpuipc.exe moved successfully.
    C:\WINDOWS\system32\odsqjd.exe moved successfully.
    C:\WINDOWS\system32\qnmxg.exe moved successfully.
    C:\WINDOWS\system32\tlsb.exe moved successfully.
    C:\WINDOWS\system32\wpuqk.exe moved successfully.
    C:\WINDOWS\system32\wsskz.exe moved successfully.
    File move failed. C:\WINDOWS\system32\ykkjnw.exe" scheduled to be moved on reboot.

    Created on 09/25/2007 19:19:19
    25 Septembre 2007 19:24:52

    Je viens de m'appercevoir d'un petit problème (et oui, encore un ! :D )... Quand je fais un Ctrl + Alt + Suppr, dans mon gestionnaire de périphériques, je n'ai pas accès aux processus, enfin, voilà ce que j'ai :

    a b 8 Sécurité
    25 Septembre 2007 19:28:04

    C'est le dernier de mes soucis ^^ On s'occupe d'abord des virus.
    Reposte un rapport Hijackthis.
    25 Septembre 2007 19:29:04

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:31:28, on 25/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [kiss] C:\Program Files\Symantic\pingy.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\afaqajwb.dll",sitypnow
    O4 - HKLM\..\Run: [nassor] C:\Program Files\gfdgfdg\ms04.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [] .exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agccnt] bodalst.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Microsoft Windows Update] vfavnrz.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 4719 bytes
    25 Septembre 2007 19:29:48

    C'est un ordi qu'on a refilé à ma copine en fait, j'ai l'impression qu'il est bien infecté le bestiaux !
    a b 8 Sécurité
    25 Septembre 2007 19:43:45

    Très infecté même :/ 

    Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKLM\..\Run: [kiss] C:\Program Files\Symantic\pingy.exe
    O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\afaqajwb.dll",sitypnow
    O4 - HKLM\..\Run: [nassor] C:\Program Files\gfdgfdg\ms04.exe
    O4 - HKLM\..\RunServices: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [Windows Service Svc] efjmovfbdaq.exe
    O4 - HKCU\..\Run: [Microsoft Windows Update] vfavnrz.exe
    O4 - HKUS\S-1-5-18\..\Run: [] .exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agccnt] bodalst.exe (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Microsoft Windows Update] vfavnrz.exe (User 'SYSTEM')


    Sélectionne TOUS les emplacements en gras ci-dessous :

    C:\Program Files\Symantic
    C:\WINDOWS\System32\afaqajwb.dll
    C:\Program Files\gfdgfdg


    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    25 Septembre 2007 20:14:25

    Folder move failed. C:\Program Files\Symantic\murd3r scheduled to be moved on reboot.
    C:\Program Files\Symantic moved successfully.
    LoadLibrary failed for C:\WINDOWS\System32\afaqajwb.dll
    C:\WINDOWS\System32\afaqajwb.dll NOT unregistered.
    C:\WINDOWS\System32\afaqajwb.dll moved successfully.
    Folder move failed. C:\Program Files\gfdgfdg\v1rg1n scheduled to be moved on reboot.
    C:\Program Files\gfdgfdg\sounds moved successfully.
    Folder move failed. C:\Program Files\gfdgfdg\sa scheduled to be moved on reboot.
    C:\Program Files\gfdgfdg\logs moved successfully.
    C:\Program Files\gfdgfdg\download moved successfully.
    C:\Program Files\gfdgfdg moved successfully.

    Created on 09/25/2007 20:14:10
    a b 8 Sécurité
    25 Septembre 2007 20:18:33

    Reposte un rapport Hijackthis.
    25 Septembre 2007 20:19:10

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:21:34, on 25/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\moi\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.registration.sonystyle-europe.com (HKLM)
    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - http://visioplace.com/download/cfweb_visioplace.com-dow...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.com/resources/MsnPUpld....
    O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

    --
    End of file - 4020 bytes
    a b 8 Sécurité
    25 Septembre 2007 20:29:13

    Ton pc se comporte mieux ?
    25 Septembre 2007 20:30:52

    Carrement oui !

    Déjà Antivir ne se manifeste plus toutes les minutes, il démarre plus vite, il e plante plus, on sent la différence !
    25 Septembre 2007 20:39:45

    Et le gestionnaire de périphériques, c'est quoi le problème ?

    J'veux pas parraître chiant hein ?! :D 
    a b 8 Sécurité
    25 Septembre 2007 20:41:47

    C'est quoi el problème ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS