Infection de spywares

Merci de ta prompte réponse, Le sioux. J'ai donc fait ce que tu m'as conseillé de faire. Par contre, lorsque j'ai executé smitfraudfix avec l'option 2 en mode sans échec, il ne m'a pas proposé de corriger un quelconque fichier infecté, peut-être est-ce une information importante. Voici le rapport smitfraudfix :

SmitFraudFix v2.319

Rapport fait à 23:50:15,09, 05/05/2008
Executé à partir de E:\Documents and Settings\Ollin\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin





Et enfin voici le rapport HijackThis :






Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:59:04, on 05/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\Program Files\QuickTime\QTTask.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\WINDOWS\mrofinu2000352.exe
E:\WINDOWS\system32\Rundll32.exe
E:\WINDOWS\system32\ctfmon.exe
C:\jfcjr.exe
E:\Program Files\Svconr\Svconr.exe
E:\Program Files\JavaCore\JavaCore.exe
E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe
E:\WINDOWS\system32\?ymantec\w?auclt.exe
E:\Documents and Settings\Ollin\Application Data\SpeedRunner\SpeedRunner.exe
E:\Documents and Settings\Ollin\Application Data\Microsoft\Windows\vipbowgh.exe
E:\WINDOWS\system32\IcoSauve.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] E:\WINDOWS\mrofinu2000352.exe 61A847B5BBF72810329B385577FB01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSDisp32] rundll32.exe E:\WINDOWS\system32\drvter.dll,startup
O4 - HKLM\..\Run: [18668593] rundll32.exe "E:\WINDOWS\system32\cvamqvlb.dll",b
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BMdffdea39] Rundll32.exe "E:\WINDOWS\system32\knldwmkp.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [amva] E:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [WintelUpdate] C:\jfcjr.exe
O4 - HKCU\..\Run: [Svconr] E:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [JavaCore] E:\Program Files\\JavaCore\\JavaCore.exe
O4 - HKCU\..\Run: [Hahp] "E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe" -vt yazb
O4 - HKCU\..\Run: [Kkh] E:\WINDOWS\system32\?ymantec\w?auclt.exe
O4 - HKCU\..\Run: [SpeedRunner] E:\Documents and Settings\Ollin\Application Data\SpeedRunner\SpeedRunner.exe
O4 - HKCU\..\Run: [SfKg6wIP] E:\Documents and Settings\Ollin\Application Data\Microsoft\Windows\vipbowgh.exe
O4 - Startup: IcoSauve.lnk = E:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: BitChe It! - E:\Program Files\BitCheIt\bc.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer = 192.168.1.1
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe

Re, Voici les rapports retournés par SDFix et Hijackthis :


SDFix :




[b]SDFix: Version 1.180 [/b]
Run by Ollin on 06/05/2008 at 00:23

Microsoft Windows XP [version 5.1.2600]
Running From: E:\DOCUME~1\Ollin\Bureau\SDFix\SDFix

[b]Checking Services [/b]:

[b]Name [/b]:
kzq5re

[b]Path [/b]:
\??\E:\WINDOWS\system32\kzq5re.sys

kzq5re - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

E:\WINDOWS\system32\WINIAE32.dll - Deleted
E:\WINDOWS\SYSTEM32\FCCDEEVW.DLL - Deleted
E:\WINDOWS\SYSTEM32\PMNOOFDT.DLL - Deleted
E:\WINDOWS\SYSTEM32\TUVUKCVM.DLL - Deleted
E:\WINDOWS\SYSTEM32\TUVVVNED.DLL - Deleted
E:\WINDOWS\SYSTEM32\YAYXXWTL.DLL - Deleted
E:\DOCUME~1\OLLIN\APPLIC~1\MICROS~1\WINDOWS\VIPBOWGH.EXE - Deleted
E:\autorun.inf - Deleted
E:\Documents and Settings\Ollin\Application Data\SpeedRunner\config.cfg - Deleted
E:\Documents and Settings\Ollin\Application Data\SpeedRunner\SpeedRunner.exe - Deleted
E:\Documents and Settings\Ollin\Application Data\SpeedRunner\SRUninstall.exe - Deleted
E:\Program Files\JavaCore\JavaCore.exe - Deleted
E:\Program Files\JavaCore\UnInstall.exe - Deleted
E:\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe - Deleted
E:\Program Files\Fichiers communs\Yazzle1560OinUninstaller.exe - Deleted
E:\WINDOWS\b128.exe - Deleted
E:\WINDOWS\b152.exe - Deleted
E:\WINDOWS\b155.exe - Deleted
E:\WINDOWS\b156.exe - Deleted
E:\WINDOWS\b157.exe - Deleted
E:\WINDOWS\mrofinu1535.exe - Deleted
E:\WINDOWS\mrofinu2000352.exe - Deleted
E:\WINDOWS\mrofinu1535.exe.tmp - Deleted
E:\autorun.PNF - Deleted
E:\WINDOWS\system32\crypts.dll - Deleted
E:\WINDOWS\system32\kzq5re.sys - Deleted



Folder E:\Documents and Settings\Ollin\Application Data\SpeedRunner - Removed
Folder E:\Program Files\InetGet2 - Removed
Folder E:\Program Files\JavaCore - Removed
Folder E:\Program Files\Temporary - Removed


Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-06 00:26:20
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="E:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"E:\\Program Files\\eMule\\emule.exe"="E:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"E:\\Program Files\\Bonjour\\mDNSResponder.exe"="E:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\\Program Files\\iTunes\\iTunes.exe"="E:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"E:\\Program Files\\Azureus\\Azureus.exe"="E:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"E:\\WINDOWS\\system32\\winver.exe"="E:\\WINDOWS\\system32\\winver.exe:*:Enabled:winver"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[b]Remaining Files [/b]:


File Backups: - E:\DOCUME~1\Ollin\Bureau\SDFix\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sat 3 May 2008 6,104,632 A..H. --- "E:\Program Files\Picasa2\setup.exe"
Sun 13 Apr 2008 102,954 ..SHR --- "E:\WINDOWS\system32\amvo.exe"
Mon 5 May 2008 70,656 ..SHR --- "E:\WINDOWS\system32\amvo0.dll"
Fri 11 Apr 2008 230,400 ..SHR --- "E:\WINDOWS\system32\?ymantec\w?auclt.exe"
Mon 6 Feb 2006 39,424 A..H. --- "E:\Documents and Settings\Ollin\Mes documents\paperasse\~WRL0001.tmp"
Mon 5 May 2008 68,608 ..SHR --- "E:\Documents and Settings\Ollin\Mes documents\?ecurity\mmc.exe"

[b]Finished![/b]







Hijackthis :




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:31:06, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\WINDOWS\system32\notepad.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\Program Files\QuickTime\QTTask.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\WINDOWS\system32\Rundll32.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Svconr\Svconr.exe
E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe
E:\WINDOWS\system32\?ymantec\w?auclt.exe
E:\WINDOWS\system32\IcoSauve.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\NOTEPAD.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSDisp32] rundll32.exe E:\WINDOWS\system32\drvter.dll,startup
O4 - HKLM\..\Run: [18668593] rundll32.exe "E:\WINDOWS\system32\cvamqvlb.dll",b
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [BMdffdea39] Rundll32.exe "E:\WINDOWS\system32\knldwmkp.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [amva] E:\WINDOWS\system32\amvo.exe
O4 - HKCU\..\Run: [Svconr] E:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [Hahp] "E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe" -vt yazb
O4 - HKCU\..\Run: [Kkh] E:\WINDOWS\system32\?ymantec\w?auclt.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = E:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: BitChe It! - E:\Program Files\BitCheIt\bc.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer = 192.168.1.1
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe

Re, voici la nouvelle fournée de rapports :




Combofix :




ComboFix 08-05-01.3 - Ollin 2008-05-06 0:51:43.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1599 [GMT 2:00]
Endroit: E:\Documents and Settings\Ollin\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
D:\Autorun.inf
E:\autorun.inf
E:\Documents and Settings\Ollin\Menu Démarrer\Programmes\Outerinfo
E:\Documents and Settings\Ollin\Menu Démarrer\Programmes\Outerinfo\Terms.lnk
E:\Documents and Settings\Ollin\Menu Démarrer\Programmes\Outerinfo\Uninstall.lnk
E:\Documents and Settings\Ollin\Mes documents\ECURIT~1
E:\Documents and Settings\Ollin\Mes documents\ECURIT~1\?ecurity\
E:\Documents and Settings\Ollin\Mes documents\ECURIT~1\mmc.exe
E:\Program Files\outerinfo
E:\Program Files\outerinfo\FF\chrome.manifest
E:\Program Files\outerinfo\FF\components\FF.dll
E:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
E:\Program Files\outerinfo\FF\install.rdf
E:\Program Files\outerinfo\Terms.rtf
E:\WINDOWS\cookies.ini
E:\WINDOWS\pskt.ini
E:\WINDOWS\system32\amvo.exe
E:\WINDOWS\system32\amvo0.dll
E:\WINDOWS\system32\blvqmavc.ini
E:\WINDOWS\system32\cbXQiIAT.dll
E:\WINDOWS\system32\cziy.dll
E:\WINDOWS\system32\knldwmkp.dll
E:\WINDOWS\system32\mlJyAtus.dll
E:\WINDOWS\system32\pmnljHby.dll
E:\WINDOWS\system32\pwlbhxrp.dll
E:\WINDOWS\system32\rqRKATLE.dll
E:\WINDOWS\system32\ybHjlnmp.ini
E:\WINDOWS\system32\ybHjlnmp.ini2
E:\WINDOWS\system32\ymante~1
E:\WINDOWS\system32\ymante~1\w?auclt.exe
F:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-05 to 2008-05-05 ))))))))))))))))))))))))))))))))))))
.

2008-05-06 00:53 . 2008-05-06 00:54 <REP> d-------- E:\WINDOWS\LastGood
2008-05-06 00:53 . 20,540 E:\WINDOWS\system32\dllcache\SET9.tmp
2008-05-06 00:53 . 20,540 E:\WINDOWS\system32\dllcache\SET6.tmp
2008-05-06 00:53 . 2003-03-24 15:52 20,540 --a--c--- E:\WINDOWS\system32\dllcache\OLD8.tmp
2008-05-06 00:48 . 2008-05-06 00:48 <REP> d-------- E:\Program Files\Lavasoft
2008-05-06 00:48 . 2008-05-06 00:48 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-06 00:47 . 2008-05-06 00:47 <REP> d-------- E:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-06 00:42 . 2008-05-06 00:42 <REP> d-------- E:\WINDOWS\Sun
2008-05-06 00:26 . 2004-08-19 18:09 2,134,528 --a--c--- E:\WINDOWS\system32\dllcache\OLDA6.tmp
2008-05-06 00:25 . 2008-05-06 00:27 <REP> d-------- E:\WINDOWS\LastGood.Tmp
2008-05-06 00:21 . 2008-05-06 00:21 <REP> d-------- E:\WINDOWS\ERUNT
2008-05-05 23:58 . 2008-05-05 23:58 <REP> d-------- E:\Program Files\Trend Micro
2008-05-05 23:02 . 2008-05-05 23:50 2,108 --a------ E:\WINDOWS\system32\tmp.reg
2008-05-05 22:50 . 2008-05-06 00:55 378,912 --ahs---- E:\WINDOWS\system32\drivers\fidbox.dat
2008-05-05 22:50 . 2008-05-06 00:52 8,600 --ahs---- E:\WINDOWS\system32\drivers\fidbox.idx
2008-05-05 22:48 . 2008-05-05 22:48 <REP> d-------- E:\Program Files\Zone Labs
2008-05-05 22:48 . 2008-05-05 22:48 <REP> d-------- E:\Documents and Settings\All Users\Application Data\MailFrontier
2008-05-05 22:31 . 2008-05-05 22:31 399,616 --a------ E:\WINDOWS\system32\drivers\EagleNt.sys
2008-05-05 21:38 . 2008-05-05 21:38 9,662 --a------ E:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-05-05 21:07 . 2008-05-05 21:07 <REP> d-------- E:\Program Files\Spcron
2008-05-05 21:03 . 2008-05-05 21:03 18,944 --a------ E:\WINDOWS\system32\drvter.dll
2008-05-05 21:02 . 2008-05-06 00:50 109,786 --a------ E:\WINDOWS\BMdffdea39.xml
2008-05-05 21:01 . 2008-05-05 21:01 <REP> d-------- E:\Program Files\Svconr
2008-05-04 20:59 . 2008-05-04 20:59 <REP> d-------- E:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-04 20:56 . 2008-05-04 20:56 <REP> d-------- E:\Program Files\gPotato.eu
2008-05-04 20:56 . 2005-08-11 15:29 73,728 --a------ E:\WINDOWS\system32\ISUSPM.cpl
2008-05-04 16:19 . 2008-05-04 16:19 <REP> d-------- E:\Program Files\Fichiers communs\Ahead
2008-05-04 16:19 . 2008-05-04 16:19 <REP> d-------- E:\Program Files\Ahead
2008-05-04 16:19 . 2004-07-26 16:16 1,568,768 --------- E:\WINDOWS\system32\ImagX7.dll
2008-05-04 16:19 . 2004-07-26 16:16 476,320 --------- E:\WINDOWS\system32\ImagXpr7.dll
2008-05-04 16:19 . 2004-07-26 16:16 471,040 --------- E:\WINDOWS\system32\ImagXRA7.dll
2008-05-04 16:19 . 2004-07-09 08:43 364,544 --------- E:\WINDOWS\system32\TwnLib4.dll
2008-05-04 16:19 . 2004-07-26 16:16 262,144 --------- E:\WINDOWS\system32\ImagXR7.dll
2008-05-04 16:19 . 2001-07-09 10:50 155,648 --a------ E:\WINDOWS\system32\NeroCheck.exe
2008-05-04 16:19 . 2005-09-01 11:03 127,488 --------- E:\WINDOWS\system32\drivers\imagesrv.sys
2008-05-04 16:19 . 2000-06-26 10:45 106,496 --a------ E:\WINDOWS\system32\TwnLib20.dll
2008-05-04 16:19 . 2005-09-01 11:03 5,888 --------- E:\WINDOWS\system32\drivers\imagedrv.sys
2008-05-04 14:05 . 2008-05-04 14:05 <REP> d-------- E:\Program Files\Free Audio Pack
2008-05-04 12:01 . 2008-05-04 12:01 <REP> d--h----- E:\WINDOWS\PIF
2008-05-04 12:00 . 2008-05-04 12:00 <REP> d-------- E:\Program Files\PowerArchiver
2008-05-03 19:46 . 2006-10-05 04:42 2,560 --------- E:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-03 19:46 . 2006-10-05 04:42 2,432 --------- E:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-03 19:45 . 2008-05-03 19:45 <REP> d-------- E:\WINDOWS\system32\IOSUBSYS
2008-05-03 19:45 . 2008-05-03 19:51 <REP> d-------- E:\Program Files\Picasa2
2008-05-03 19:45 . 2008-05-03 19:45 <REP> d-------- E:\Program Files\Google
2008-05-02 09:32 . 2008-05-02 09:32 <REP> d-------- E:\Program Files\Bit Che
2008-05-02 09:32 . 2008-05-02 09:32 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Convivea
2008-05-02 09:32 . 2004-03-09 00:00 1,081,616 --a------ E:\WINDOWS\system32\mscomctl.OCX
2008-05-02 09:32 . 2004-03-09 00:00 152,848 --a------ E:\WINDOWS\system32\comdlg32.OCX
2008-05-02 09:32 . 2004-03-09 00:00 124,688 --a------ E:\WINDOWS\system32\mswinsck.ocx
2008-05-02 09:29 . 2008-05-02 09:29 <REP> d-------- E:\Program Files\BitCheIt
2008-05-02 01:42 . 2008-05-02 09:25 <REP> d-------- E:\Program Files\Azureus
2008-05-02 01:42 . 2008-05-02 21:46 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Azureus
2008-05-01 22:22 . 2008-05-01 22:22 <REP> d-------- E:\Program Files\iTunes
2008-05-01 22:22 . 2008-05-01 22:22 <REP> d-------- E:\Program Files\iPod
2008-05-01 22:21 . 2008-05-01 22:21 <REP> d-------- E:\Program Files\Bonjour
2008-05-01 22:21 . 2008-05-06 00:53 54,156 --ah----- E:\WINDOWS\QTFont.qfn
2008-05-01 22:21 . 2008-05-01 22:21 1,409 --a------ E:\WINDOWS\QTFont.for
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d----c--- E:\WINDOWS\system32\DRVSTORE
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Program Files\Fichiers communs\Apple
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Program Files\Apple Software Update
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple
2008-05-01 22:20 . 2008-02-18 11:16 30,464 --a------ E:\WINDOWS\system32\drivers\usbaapl.sys
2008-05-01 18:20 . 2008-05-04 13:39 <REP> d-------- E:\Program Files\eMule
2008-05-01 16:29 . 2008-05-01 16:29 0 --a------ E:\WINDOWS\nsreg.dat
2008-04-30 01:26 . 2008-04-30 01:26 <REP> d-------- E:\Program Files\Analog Devices
2008-04-30 01:01 . 2008-04-30 01:01 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Apple Computer
2008-04-30 01:00 . 2008-05-01 22:21 <REP> d-------- E:\Program Files\QuickTime
2008-04-30 00:59 . 2008-04-30 00:59 <REP> d-------- E:\WINDOWS\Downloaded Installations
2008-04-30 00:59 . 2008-05-01 22:21 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-30 00:56 . 2008-04-30 00:56 <REP> d-------- E:\Program Files\NVIDIA Corporation
2008-04-30 00:56 . 2008-05-04 20:56 <REP> d--h----- E:\Program Files\InstallShield Installation Information
2008-04-30 00:56 . 2008-04-30 00:56 25 --a------ E:\WINDOWS\FileName
2008-04-30 00:50 . 2008-04-30 00:50 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\vlc
2008-04-30 00:50 . 2008-05-02 01:07 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\dvdcss
2008-04-30 00:49 . 2008-04-30 00:49 <REP> d-------- E:\Program Files\VideoLAN
2008-04-29 20:51 . 2008-04-29 20:51 <REP> d-------- E:\WINDOWS\nview
2008-04-29 20:51 . 2007-12-05 01:41 356,352 --a------ E:\WINDOWS\system32\nvudisp.exe
2008-04-29 20:51 . 2008-04-29 20:51 163,353 --a------ E:\WINDOWS\system32\nvapps.xml
2008-04-29 20:51 . 2007-12-05 01:41 17,737 --a------ E:\WINDOWS\system32\nvdisp.nvu
2008-04-29 20:22 . 2007-07-30 19:19 38,232 --a------ E:\WINDOWS\system32\wucltui.dll.mui
2008-04-29 20:22 . 2007-07-30 19:20 30,040 --a------ E:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-29 20:22 . 2007-07-30 19:19 30,040 --a------ E:\WINDOWS\system32\wuapi.dll.mui
2008-04-29 20:22 . 2007-07-30 19:18 21,336 --a------ E:\WINDOWS\system32\wuaueng.dll.mui
2008-04-29 20:19 . 2006-03-23 19:53 442,368 --a------ E:\WINDOWS\system32\CapabilityTable.exe
2008-04-29 20:19 . 2006-04-14 14:00 208,896 --------- E:\WINDOWS\system32\nvuide.exe
2008-04-29 20:19 . 2006-02-20 13:00 1,570 --------- E:\WINDOWS\system32\nvide.nvu
2008-04-29 20:18 . 2008-05-04 20:56 <REP> d-------- E:\Program Files\Fichiers communs\InstallShield
2008-04-29 20:18 . 2007-12-05 02:53 356,352 --a------ E:\WINDOWS\system32\NVUNINST.EXE
2008-04-29 20:18 . 2006-03-23 20:51 208,896 --a------ E:\WINDOWS\system32\nvusmb.exe
2008-04-29 20:18 . 2006-03-23 19:51 208,896 --a------ E:\WINDOWS\system32\nvunrm.exe
2008-04-29 20:18 . 2006-03-22 14:23 109,568 --a------ E:\WINDOWS\system32\drivers\nvtcp.sys
2008-04-29 20:18 . 2006-02-20 13:00 3,903 --a------ E:\WINDOWS\system32\nvnrm.nvu
2008-04-29 20:18 . 2006-02-20 13:00 1,864 --a------ E:\WINDOWS\system32\nvsmb.nvu

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-28 19:58 --------- d---a-w E:\Documents and Settings\Ollin\Application Data\gtopala
2008-04-28 19:58 --------- d---a-w E:\Documents and Settings\Ollin\Application Data\aignes
2008-04-28 19:54 --------- d-----w E:\Program Files\Java
2008-04-28 19:54 --------- d-----w E:\Program Files\Fichiers communs\Java
2008-04-28 19:53 --------- d-----w E:\Program Files\WMV9_VCM
2008-04-28 19:53 --------- d-----w E:\Program Files\Windows Media Connect 2
2008-04-28 19:46 --------- d-----w E:\Program Files\WSTARTUP
2008-04-28 19:46 --------- d-----w E:\Program Files\UTILS
2008-04-28 19:46 --------- d-----w E:\Program Files\MSXML 4.0
2008-04-28 19:46 --------- d-----w E:\Program Files\JEUX
2008-04-28 19:41 --------- d-----w E:\Program Files\microsoft frontpage
2008-04-13 13:39 102,954 --sh--r E:\uq9peya.bat
2008-04-02 19:08 54,672 ----a-w E:\WINDOWS\system32\vsutil_loc040c.dll
2008-04-02 19:08 42,384 ----a-w E:\WINDOWS\zllsputility_loc040c.dll
2008-04-02 19:08 21,904 ----a-w E:\WINDOWS\system32\imsinstall_loc040c.dll
2008-04-02 19:08 17,808 ----a-w E:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-04-02 19:07 75,248 ----a-w E:\WINDOWS\zllsputility.exe
2008-04-02 19:07 1,086,952 ----a-w E:\WINDOWS\system32\zpeng24.dll
.

------- Sigcheck -------

2006-11-11 15:02 359808 8d8949936913b041c6a0e184fbf1030b E:\WINDOWS\system32\drivers\tcpip.sys

2006-11-19 00:59 1035264 7ba68df484b550c1f75dd80ae1d7ef67 E:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="E:\WINDOWS\system32\ctfmon.exe" [2004-08-19 18:09 15360]
"Svconr"="E:\Program Files\Svconr\Svconr.exe" [2008-05-05 21:01 57344]
"Hahp"="E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe" [ ]
"Kkh"="E:\WINDOWS\system32\?ymantec\w?auclt.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="E:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 E:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="E:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"SoundMAXPnP"="E:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-09-26 23:29 872448]
"SoundMAX"="E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 08:12 729088]
"QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"NeroFilterCheck"="E:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"MSDisp32"="E:\WINDOWS\system32\drvter.dll" [2008-05-05 21:03 18944]
"18668593"="E:\WINDOWS\system32\cvamqvlb.dll" [ ]
"ZoneAlarm Client"="E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-04-02 21:07 919016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"MaxRecentDocs"= 15 (0xf)
"NoInstrumentation"= 0 (0x0)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)
"DisallowCpl"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\rqRKATLE]
rqRKATLE.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"E:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"E:\\Program Files\\eMule\\emule.exe"=
"E:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"E:\\Program Files\\iTunes\\iTunes.exe"=
"E:\\Program Files\\Azureus\\Azureus.exe"=

R0 jahci;jahci;E:\WINDOWS\system32\drivers\jahci.sys [2006-12-13 14:15]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - C:\uq9peya.bat
\Shell\explore\Command - C:\uq9peya.bat
\Shell\open\Command - C:\uq9peya.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\uq9peya.bat
\Shell\explore\Command - D:\uq9peya.bat
\Shell\open\Command - D:\uq9peya.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\uq9peya.bat
\Shell\explore\Command - F:\uq9peya.bat
\Shell\open\Command - F:\uq9peya.bat

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-01 20:20:58 E:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- E:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-06 00:53:33
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
E:\WINDOWS\system32\rundll32.exe
E:\WINDOWS\system32\IcoSauve.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
E:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-06 1:04:49 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-05 23:04:46

Pre-Run: 117,205,225,472 octets libres
Post-Run: 115,974,000,640 octets libres

267









Hijackthis :







Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:07:19, on 06/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Analog Devices\Core\smax4pnp.exe
E:\Program Files\Analog Devices\SoundMAX\Smax4.exe
E:\Program Files\QuickTime\QTTask.exe
E:\Program Files\iTunes\iTunesHelper.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Svconr\Svconr.exe
E:\WINDOWS\system32\IcoSauve.exe
E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\explorer.exe
E:\WINDOWS\system32\notepad.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] E:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "E:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSDisp32] rundll32.exe E:\WINDOWS\system32\drvter.dll,startup
O4 - HKLM\..\Run: [18668593] rundll32.exe "E:\WINDOWS\system32\cvamqvlb.dll",b
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Svconr] E:\Program Files\Svconr\Svconr.exe
O4 - HKCU\..\Run: [Hahp] "E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe" -vt yazb
O4 - HKCU\..\Run: [Kkh] E:\WINDOWS\system32\?ymantec\w?auclt.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - Startup: IcoSauve.lnk = E:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: BitChe It! - E:\Program Files\BitCheIt\bc.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{268B0DA4-C1F6-46C0-A787-7727DB5FD4E0}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC19DA5E-90F5-4879-B23F-BA62F9E0EAF2}: NameServer = 192.168.1.1
O20 - Winlogon Notify: rqRKATLE - rqRKATLE.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - E:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe

Re,

J'ai l'impression que ca commence à évoluer positivement. Internet fonctionne de nouveau à une vitesse convenable et les icônes de warning ont disparus (reste à savoir s'ils ne réapparaitrons pas après redémarrage). Voici les nouveaux rapports :

Combofix :







ComboFix 08-05-01.3 - Ollin 2008-05-06 1:41:15.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1649 [GMT 2:00]
Endroit: E:\Documents and Settings\Ollin\Bureau\ComboFix.exe
Command switches used :: E:\Documents and Settings\Ollin\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
E:\DOCUME~1\Ollin\MESDOC~1\ECURIT~1\mmc.exe
E:\Program Files\Svconr\Svconr.exe
E:\uq9peya.bat
E:\WINDOWS\BMdffdea39.xml
E:\WINDOWS\system32\cvamqvlb.dll
E:\WINDOWS\system32\dllcache\OLD8.tmp
E:\WINDOWS\system32\dllcache\SET6.tmp
E:\WINDOWS\system32\dllcache\SET9.tmp
E:\WINDOWS\system32\drvter.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\Documents and Settings\Ollin\Local Settings\Temporary Internet Files\bestwiner.stt
E:\Program Files\Spcron
E:\Program Files\Spcron\Spcron.dll
E:\Program Files\Svconr
E:\Program Files\Svconr\Svconr.exe
E:\uq9peya.bat
E:\WINDOWS\b999.exe
E:\WINDOWS\BMdffdea39.xml
E:\WINDOWS\system32\drvter.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-05 to 2008-05-05 ))))))))))))))))))))))))))))))))))))
.

2008-05-06 01:34 . 2008-05-06 01:34 <REP> d-------- E:\WINDOWS\LastGood
2008-05-06 01:04 . 2001-08-17 21:28 794,654 --a--c--- E:\WINDOWS\system32\dllcache\usr1801.sys
2008-05-06 01:03 . 2001-08-23 17:47 495,616 --a--c--- E:\WINDOWS\system32\dllcache\sblfx.dll
2008-05-06 01:02 . 2001-08-23 17:18 899,914 --a--c--- E:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-05-06 01:01 . 2004-08-19 16:09 1,737,856 --a--c--- E:\WINDOWS\system32\dllcache\mtxparhd.dll
2008-05-06 01:00 . 2001-08-23 17:46 1,733,120 --a--c--- E:\WINDOWS\system32\dllcache\g400d.dll
2008-05-06 00:59 . 2001-08-17 20:14 952,007 --a--c--- E:\WINDOWS\system32\dllcache\diwan.sys
2008-05-06 00:58 . 2001-08-23 17:04 980,034 --a--c--- E:\WINDOWS\system32\dllcache\cicap.sys
2008-05-06 00:54 . 2003-03-24 15:52 16,439 --a--c--- E:\WINDOWS\system32\dllcache\admin.exe
2008-05-06 00:53 . 2003-03-24 15:52 20,540 --a--c--- E:\WINDOWS\system32\dllcache\admin.dll
2008-05-06 00:48 . 2008-05-06 00:48 <REP> d-------- E:\Program Files\Lavasoft
2008-05-06 00:48 . 2008-05-06 00:48 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-06 00:47 . 2008-05-06 00:47 <REP> d-------- E:\Program Files\Fichiers communs\Wise Installation Wizard
2008-05-06 00:42 . 2008-05-06 00:42 <REP> d-------- E:\WINDOWS\Sun
2008-05-06 00:26 . 2004-08-19 18:09 2,134,528 --a--c--- E:\WINDOWS\system32\dllcache\OLDA6.tmp
2008-05-06 00:25 . 2004-05-13 00:39 876,653 --a--c--- E:\WINDOWS\system32\dllcache\OLD4F.tmp
2008-05-06 00:21 . 2008-05-06 00:21 <REP> d-------- E:\WINDOWS\ERUNT
2008-05-05 23:58 . 2008-05-05 23:58 <REP> d-------- E:\Program Files\Trend Micro
2008-05-05 23:02 . 2008-05-05 23:50 2,108 --a------ E:\WINDOWS\system32\tmp.reg
2008-05-05 22:50 . 2008-05-06 01:42 907,296 --ahs---- E:\WINDOWS\system32\drivers\fidbox.dat
2008-05-05 22:50 . 2008-05-06 01:32 14,480 --ahs---- E:\WINDOWS\system32\drivers\fidbox.idx
2008-05-05 22:48 . 2008-05-06 01:36 <REP> d-------- E:\WINDOWS\system32\ZoneLabs
2008-05-05 22:48 . 2008-05-06 01:36 <REP> d-------- E:\WINDOWS\Internet Logs
2008-05-05 22:48 . 2008-05-05 22:48 <REP> d-------- E:\Program Files\Zone Labs
2008-05-05 22:48 . 2008-05-05 22:48 <REP> d-------- E:\Documents and Settings\All Users\Application Data\MailFrontier
2008-05-05 22:48 . 2008-05-05 22:49 4,212 ---h----- E:\WINDOWS\system32\zllictbl.dat
2008-05-05 22:31 . 2008-05-05 22:31 399,616 --a------ E:\WINDOWS\system32\drivers\EagleNt.sys
2008-05-05 21:38 . 2008-05-05 21:38 9,662 --a------ E:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-05-04 20:59 . 2008-05-04 20:59 <REP> d-------- E:\Documents and Settings\All Users\Application Data\InstallShield
2008-05-04 20:56 . 2008-05-04 20:56 <REP> d-------- E:\Program Files\gPotato.eu
2008-05-04 20:56 . 2005-08-11 15:29 73,728 --a------ E:\WINDOWS\system32\ISUSPM.cpl
2008-05-04 16:19 . 2008-05-04 16:19 <REP> d-------- E:\Program Files\Fichiers communs\Ahead
2008-05-04 16:19 . 2008-05-04 16:19 <REP> d-------- E:\Program Files\Ahead
2008-05-04 16:19 . 2004-07-26 16:16 1,568,768 --------- E:\WINDOWS\system32\ImagX7.dll
2008-05-04 16:19 . 2004-07-26 16:16 476,320 --------- E:\WINDOWS\system32\ImagXpr7.dll
2008-05-04 16:19 . 2004-07-26 16:16 471,040 --------- E:\WINDOWS\system32\ImagXRA7.dll
2008-05-04 16:19 . 2004-07-09 08:43 364,544 --------- E:\WINDOWS\system32\TwnLib4.dll
2008-05-04 16:19 . 2004-07-26 16:16 262,144 --------- E:\WINDOWS\system32\ImagXR7.dll
2008-05-04 16:19 . 2001-07-09 10:50 155,648 --a------ E:\WINDOWS\system32\NeroCheck.exe
2008-05-04 16:19 . 2005-09-01 11:03 127,488 --------- E:\WINDOWS\system32\drivers\imagesrv.sys
2008-05-04 16:19 . 2000-06-26 10:45 106,496 --a------ E:\WINDOWS\system32\TwnLib20.dll
2008-05-04 16:19 . 2005-09-01 11:03 5,888 --------- E:\WINDOWS\system32\drivers\imagedrv.sys
2008-05-04 14:05 . 2008-05-04 14:05 <REP> d-------- E:\Program Files\Free Audio Pack
2008-05-04 12:01 . 2008-05-04 12:01 <REP> d--h----- E:\WINDOWS\PIF
2008-05-04 12:00 . 2008-05-04 12:00 <REP> d-------- E:\Program Files\PowerArchiver
2008-05-03 19:46 . 2006-10-05 04:42 2,560 --------- E:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-03 19:46 . 2006-10-05 04:42 2,432 --------- E:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-03 19:45 . 2008-05-03 19:45 <REP> d-------- E:\WINDOWS\system32\IOSUBSYS
2008-05-03 19:45 . 2008-05-03 19:51 <REP> d-------- E:\Program Files\Picasa2
2008-05-03 19:45 . 2008-05-03 19:45 <REP> d-------- E:\Program Files\Google
2008-05-02 09:32 . 2008-05-02 09:32 <REP> d-------- E:\Program Files\Bit Che
2008-05-02 09:32 . 2008-05-02 09:32 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Convivea
2008-05-02 09:32 . 2004-03-09 00:00 1,081,616 --a------ E:\WINDOWS\system32\mscomctl.OCX
2008-05-02 09:32 . 2004-03-09 00:00 152,848 --a------ E:\WINDOWS\system32\comdlg32.OCX
2008-05-02 09:32 . 2004-03-09 00:00 124,688 --a------ E:\WINDOWS\system32\mswinsck.ocx
2008-05-02 09:29 . 2008-05-02 09:29 <REP> d-------- E:\Program Files\BitCheIt
2008-05-02 01:42 . 2008-05-02 09:25 <REP> d-------- E:\Program Files\Azureus
2008-05-02 01:42 . 2008-05-02 21:46 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Azureus
2008-05-01 22:22 . 2008-05-01 22:22 <REP> d-------- E:\Program Files\iTunes
2008-05-01 22:22 . 2008-05-01 22:22 <REP> d-------- E:\Program Files\iPod
2008-05-01 22:21 . 2008-05-01 22:21 <REP> d-------- E:\Program Files\Bonjour
2008-05-01 22:21 . 2008-05-06 01:34 54,156 --ah----- E:\WINDOWS\QTFont.qfn
2008-05-01 22:21 . 2008-05-01 22:21 1,409 --a------ E:\WINDOWS\QTFont.for
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d----c--- E:\WINDOWS\system32\DRVSTORE
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Program Files\Fichiers communs\Apple
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Program Files\Apple Software Update
2008-05-01 22:20 . 2008-05-01 22:20 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple
2008-05-01 22:20 . 2008-02-18 11:16 30,464 --a------ E:\WINDOWS\system32\drivers\usbaapl.sys
2008-05-01 18:20 . 2008-05-04 13:39 <REP> d-------- E:\Program Files\eMule
2008-05-01 16:29 . 2008-05-01 16:29 0 --a------ E:\WINDOWS\nsreg.dat
2008-04-30 01:26 . 2008-04-30 01:26 <REP> d-------- E:\Program Files\Analog Devices
2008-04-30 01:01 . 2008-04-30 01:01 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\Apple Computer
2008-04-30 01:00 . 2008-05-01 22:21 <REP> d-------- E:\Program Files\QuickTime
2008-04-30 00:59 . 2008-04-30 00:59 <REP> d-------- E:\WINDOWS\Downloaded Installations
2008-04-30 00:59 . 2008-05-01 22:21 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-30 00:56 . 2008-04-30 00:56 <REP> d-------- E:\Program Files\NVIDIA Corporation
2008-04-30 00:56 . 2008-05-04 20:56 <REP> d--h----- E:\Program Files\InstallShield Installation Information
2008-04-30 00:56 . 2008-04-30 00:56 25 --a------ E:\WINDOWS\FileName
2008-04-30 00:50 . 2008-04-30 00:50 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\vlc
2008-04-30 00:50 . 2008-05-02 01:07 <REP> d-------- E:\Documents and Settings\Ollin\Application Data\dvdcss
2008-04-30 00:49 . 2008-04-30 00:49 <REP> d-------- E:\Program Files\VideoLAN
2008-04-29 20:51 . 2008-04-29 20:51 <REP> d-------- E:\WINDOWS\nview
2008-04-29 20:51 . 2007-12-05 01:41 356,352 --a------ E:\WINDOWS\system32\nvudisp.exe
2008-04-29 20:51 . 2008-04-29 20:51 163,353 --a------ E:\WINDOWS\system32\nvapps.xml
2008-04-29 20:51 . 2007-12-05 01:41 17,737 --a------ E:\WINDOWS\system32\nvdisp.nvu
2008-04-29 20:22 . 2007-07-30 19:19 38,232 --a------ E:\WINDOWS\system32\wucltui.dll.mui
2008-04-29 20:22 . 2007-07-30 19:20 30,040 --a------ E:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-29 20:22 . 2007-07-30 19:19 30,040 --a------ E:\WINDOWS\system32\wuapi.dll.mui
2008-04-29 20:22 . 2007-07-30 19:18 21,336 --a------ E:\WINDOWS\system32\wuaueng.dll.mui
2008-04-29 20:19 . 2006-03-23 19:53 442,368 --a------ E:\WINDOWS\system32\CapabilityTable.exe
2008-04-29 20:19 . 2006-04-14 14:00 208,896 --------- E:\WINDOWS\system32\nvuide.exe
2008-04-29 20:19 . 2006-02-20 13:00 1,570 --------- E:\WINDOWS\system32\nvide.nvu
2008-04-29 20:18 . 2008-05-04 20:56 <REP> d-------- E:\Program Files\Fichiers communs\InstallShield
2008-04-29 20:18 . 2007-12-05 02:53 356,352 --a------ E:\WINDOWS\system32\NVUNINST.EXE
2008-04-29 20:18 . 2006-03-23 20:51 208,896 --a------ E:\WINDOWS\system32\nvusmb.exe
2008-04-29 20:18 . 2006-03-23 19:51 208,896 --a------ E:\WINDOWS\system32\nvunrm.exe
2008-04-29 20:18 . 2006-03-22 14:23 109,568 --a------ E:\WINDOWS\system32\drivers\nvtcp.sys
2008-04-29 20:18 . 2006-02-20 13:00 3,903 --a------ E:\WINDOWS\system32\nvnrm.nvu
2008-04-29 20:18 . 2006-02-20 13:00 1,864 --a------ E:\WINDOWS\system32\nvsmb.nvu

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-28 19:58 --------- d---a-w E:\Documents and Settings\Ollin\Application Data\gtopala
2008-04-28 19:58 --------- d---a-w E:\Documents and Settings\Ollin\Application Data\aignes
2008-04-28 19:54 --------- d-----w E:\Program Files\Java
2008-04-28 19:54 --------- d-----w E:\Program Files\Fichiers communs\Java
2008-04-28 19:53 --------- d-----w E:\Program Files\WMV9_VCM
2008-04-28 19:53 --------- d-----w E:\Program Files\Windows Media Connect 2
2008-04-28 19:46 --------- d-----w E:\Program Files\WSTARTUP
2008-04-28 19:46 --------- d-----w E:\Program Files\UTILS
2008-04-28 19:46 --------- d-----w E:\Program Files\MSXML 4.0
2008-04-28 19:46 --------- d-----w E:\Program Files\JEUX
2008-04-28 19:41 --------- d-----w E:\Program Files\microsoft frontpage
.

------- Sigcheck -------

2006-11-11 15:02 359808 8d8949936913b041c6a0e184fbf1030b E:\WINDOWS\system32\drivers\tcpip.sys

2006-11-19 00:59 1035264 7ba68df484b550c1f75dd80ae1d7ef67 E:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((( snapshot@2008-05-06_ 0.56.38.06 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-05 22:53:19 2,048 --s-a-w E:\WINDOWS\bootstat.dat
+ 2008-05-05 23:34:00 2,048 --s-a-w E:\WINDOWS\bootstat.dat
+ 2004-08-03 21:00:14 8,192 -c--a-w E:\WINDOWS\system32\dllcache\changer.sys
+ 2001-08-23 15:04:06 272,640 -c--a-w E:\WINDOWS\system32\dllcache\cinemclc.sys
+ 2006-12-13 12:04:13 262,528 -c--a-w E:\WINDOWS\system32\dllcache\cinemst2.sys
+ 2001-08-23 15:46:44 91,264 -c--a-w E:\WINDOWS\system32\dllcache\cirrus.dll
+ 2001-08-17 19:57:16 45,696 -c--a-w E:\WINDOWS\system32\dllcache\cirrus.sys
+ 2001-08-23 15:46:44 111,232 -c--a-w E:\WINDOWS\system32\dllcache\cl5465.dll
+ 2001-08-23 15:46:44 170,880 -c--a-w E:\WINDOWS\system32\dllcache\cl546x.dll
+ 2001-08-17 19:57:36 248,064 -c--a-w E:\WINDOWS\system32\dllcache\cl546xm.sys
+ 2004-08-03 21:07:40 14,080 -c--a-w E:\WINDOWS\system32\dllcache\cmbatt.sys
+ 2001-08-23 15:04:40 20,864 -c--a-w E:\WINDOWS\system32\dllcache\cmbp0wdm.sys
+ 2001-08-23 15:04:44 6,656 -c--a-w E:\WINDOWS\system32\dllcache\cmdide.sys
+ 2006-12-13 12:05:59 50,688 -c--a-w E:\WINDOWS\system32\dllcache\cnbjmon.dll
+ 2001-08-23 15:47:00 44,544 -c--a-w E:\WINDOWS\system32\dllcache\cnusd.dll
+ 2001-08-17 18:11:42 39,936 -c--a-w E:\WINDOWS\system32\dllcache\cnxt1803.sys
+ 2001-08-17 19:58:00 9,344 -c--a-w E:\WINDOWS\system32\dllcache\compbatt.sys
+ 2001-08-17 19:52:06 14,976 -c--a-w E:\WINDOWS\system32\dllcache\cpqarray.sys
+ 2006-12-13 12:04:13 11,776 -c--a-w E:\WINDOWS\system32\dllcache\cpqdap01.sys
+ 2001-08-23 15:07:28 21,533 -c--a-w E:\WINDOWS\system32\dllcache\cpqndis5.sys
+ 2001-08-23 15:07:28 61,194 -c--a-w E:\WINDOWS\system32\dllcache\cpqtrnd5.sys
+ 2001-08-23 15:47:00 216,576 -c--a-w E:\WINDOWS\system32\dllcache\cpscan.dll
+ 2001-08-17 18:19:18 42,112 -c--a-w E:\WINDOWS\system32\dllcache\crtaud.sys
+ 2006-12-13 12:05:59 40,704 -c--a-w E:\WINDOWS\system32\dllcache\crusoe.sys
+ 2001-08-23 15:47:00 175,104 -c--a-w E:\WINDOWS\system32\dllcache\csamsp.dll
+ 2001-08-17 18:19:28 6,912 -c--a-w E:\WINDOWS\system32\dllcache\ctlfacem.sys
+ 2001-08-17 18:19:20 3,712 -c--a-w E:\WINDOWS\system32\dllcache\ctljystk.sys
+ 2001-08-17 18:19:20 96,256 -c--a-w E:\WINDOWS\system32\dllcache\ctlsb16.sys
+ 2004-08-19 14:09:22 252,416 -c--a-w E:\WINDOWS\system32\dllcache\ctmasetp.dll
+ 2001-08-23 15:47:00 4,096 -c--a-w E:\WINDOWS\system32\dllcache\ctwdm32.dll
+ 2001-08-17 18:19:24 3,072 -c--a-w E:\WINDOWS\system32\dllcache\cwbase.sys
+ 2001-08-17 18:19:26 3,072 -c--a-w E:\WINDOWS\system32\dllcache\cwbmidi.sys
+ 2001-08-17 18:19:28 72,832 -c--a-w E:\WINDOWS\system32\dllcache\cwbwdm.sys
+ 2001-08-17 18:19:30 3,584 -c--a-w E:\WINDOWS\system32\dllcache\cwcosnt5.sys
+ 2001-08-17 18:19:36 111,872 -c--a-w E:\WINDOWS\system32\dllcache\cwcspud.sys
+ 2001-08-17 18:19:48 93,952 -c--a-w E:\WINDOWS\system32\dllcache\cwcwdm.sys
+ 2004-08-03 20:32:26 48,640 -c--a-w E:\WINDOWS\system32\dllcache\cwrwdm.sys
+ 2001-08-23 15:08:38 17,536 -c--a-w E:\WINDOWS\system32\dllcache\cyclad-z.sys
+ 2001-08-23 15:08:38 15,104 -c--a-w E:\WINDOWS\system32\dllcache\cyclom-y.sys
+ 2001-08-23 15:47:00 29,184 -c--a-w E:\WINDOWS\system32\dllcache\cyycoins.dll
+ 2001-08-23 15:08:40 50,944 -c--a-w E:\WINDOWS\system32\dllcache\cyyport.sys
+ 2001-08-23 15:47:00 28,160 -c--a-w E:\WINDOWS\system32\dllcache\cyyports.dll
+ 2001-08-23 15:47:00 28,160 -c--a-w E:\WINDOWS\system32\dllcache\cyzcoins.dll
+ 2001-08-23 15:08:42 50,688 -c--a-w E:\WINDOWS\system32\dllcache\cyzport.sys
+ 2001-08-23 15:47:00 28,160 -c--a-w E:\WINDOWS\system32\dllcache\cyzports.dll
+ 2001-08-23 15:08:44 117,760 -c--a-w E:\WINDOWS\system32\dllcache\d100ib5.sys
+ 2001-08-17 19:52:16 179,584 -c--a-w E:\WINDOWS\system32\dllcache\dac2w2k.sys
+ 2001-08-17 19:52:16 14,720 -c--a-w E:\WINDOWS\system32\dllcache\dac960nt.sys
+ 2001-08-23 15:47:00 25,600 -c--a-w E:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-23 15:47:00 82,432 -c--a-w E:\WINDOWS\system32\dllcache\dc210usd.dll
+ 2001-08-17 18:12:02 63,208 -c--a-w E:\WINDOWS\system32\dllcache\dc21x4.sys
+ 2001-08-23 15:47:00 87,552 -c--a-w E:\WINDOWS\system32\dllcache\dc240usd.dll
+ 2001-08-23 15:47:00 112,128 -c--a-w E:\WINDOWS\system32\dllcache\dc260usd.dll
+ 2001-08-17 19:52:58 7,424 -c--a-w E:\WINDOWS\system32\dllcache\ddsmc.sys
+ 2001-08-17 18:11:44 20,928 -c--a-w E:\WINDOWS\system32\dllcache\defpa.sys
+ 2001-08-23 15:47:00 256,512 -c--a-w E:\WINDOWS\system32\dllcache\devcon32.dll
+ 2001-08-23 15:47:34 24,064 -c--a-w E:\WINDOWS\system32\dllcache\devldr32.exe
+ 2001-08-17 18:11:48 24,648 -c--a-w E:\WINDOWS\system32\dllcache\dfe650.sys
+ 2001-08-17 18:11:48 24,649 -c--a-w E:\WINDOWS\system32\dllcache\dfe650d.sys
+ 2001-08-23 15:09:48 29,691 -c--a-w E:\WINDOWS\system32\dllcache\dgapci.sys
+ 2001-08-23 15:47:00 422,429 -c--a-w E:\WINDOWS\system32\dllcache\dgconfig.dll
+ 2001-08-23 15:47:02 65,622 -c--a-w E:\WINDOWS\system32\dllcache\digiasyn.dll
+ 2001-08-23 15:10:10 37,927 -c--a-w E:\WINDOWS\system32\dllcache\digiasyn.sys
+ 2001-08-23 15:47:02 135,252 -c--a-w E:\WINDOWS\system32\dllcache\digidbp.dll
+ 2001-08-23 15:10:10 103,492 -c--a-w E:\WINDOWS\system32\dllcache\digidxb.sys
+ 2001-08-23 15:10:12 90,685 -c--a-w E:\WINDOWS\system32\dllcache\digifep5.sys
+ 2001-08-23 15:47:02 229,462 -c--a-w E:\WINDOWS\system32\dllcache\digifwrk.dll
+ 2001-08-23 15:47:02 159,828 -c--a-w E:\WINDOWS\system32\dllcache\digihlc.dll
+ 2001-08-23 15:47:02 102,484 -c--a-w E:\WINDOWS\system32\dllcache\digiinf.dll
+ 2001-08-23 15:47:02 41,046 -c--a-w E:\WINDOWS\system32\dllcache\digiisdn.dll
+ 2001-08-17 18:14:44 21,606 -c--a-w E:\WINDOWS\system32\dllcache\digiisdn.sys
+ 2001-08-23 15:47:02 110,621 -c--a-w E:\WINDOWS\system32\dllcache\digirlpt.dll
+ 2001-08-23 15:10:16 42,656 -c--a-w E:\WINDOWS\system32\dllcache\digirlpt.sys
+ 2001-08-23 15:47:34 622,621 -c--a-w E:\WINDOWS\system32\dllcache\digiview.exe
+ 2001-08-17 18:13:52 91,305 -c--a-w E:\WINDOWS\system32\dllcache\dimaint.sys
+ 2004-08-03 22:59:55 36,352 -c--a-w E:\WINDOWS\system32\dllcache\disk.sys
+ 2001-08-23 15:47:02 6,729 -c--a-w E:\WINDOWS\system32\dllcache\disrvci.dll
+ 2001-08-23 15:47:02 31,817 -c--a-w E:\WINDOWS\system32\dllcache\disrvpp.dll
+ 2001-08-23 15:47:02 38,985 -c--a-w E:\WINDOWS\system32\dllcache\disrvsu.dll
+ 2001-08-23 15:47:34 236,060 -c--a-w E:\WINDOWS\system32\dllcache\ditrace.exe
+ 2001-08-23 15:47:02 6,216 -c--a-w E:\WINDOWS\system32\dllcache\divaci.dll
+ 2001-08-23 15:47:02 37,962 -c--a-w E:\WINDOWS\system32\dllcache\divaprop.dll
+ 2001-08-23 15:47:02 29,768 -c--a-w E:\WINDOWS\system32\dllcache\divasu.dll
+ 2001-08-17 18:11:44 26,698 -c--a-w E:\WINDOWS\system32\dllcache\dlh5xnd5.sys
+ 2004-08-03 21:00:06 8,320 -c--a-w E:\WINDOWS\system32\dllcache\dlttape.sys
+ 2001-08-17 18:11:42 29,696 -c--a-w E:\WINDOWS\system32\dllcache\dm9pci5.sys
+ 2004-08-03 21:07:40 52,864 -c--a-w E:\WINDOWS\system32\dllcache\dmusic.sys
+ 2006-12-13 12:05:59 58,880 -c--a-w E:\WINDOWS\system32\dllcache\dmutil.dll
+ 2004-08-03 20:58:30 207,360 -c--a-w E:\WINDOWS\system32\dllcache\dot4.sys
+ 2001-08-17 19:47:32 12,928 -c--a-w E:\WINDOWS\system32\dllcache\dot4prt.sys
+ 2001-08-17 19:47:32 8,704 -c--a-w E:\WINDOWS\system32\dllcache\dot4scan.sys
+ 2001-08-23 15:11:02 24,064 -c--a-w E:\WINDOWS\system32\dllcache\dot4usb.sys
+ 2001-08-17 18:12:32 28,062 -c--a-w E:\WINDOWS\system32\dllcache\dp83820.sys
+ 2001-08-17 20:07:44 20,192 -c--a-w E:\WINDOWS\system32\dllcache\dpti2o.sys
+ 2004-08-03 21:08:00 60,288 -c--a-w E:\WINDOWS\system32\dllcache\drmk.sys
+ 2004-08-03 21:07:58 2,944 -c--a-w E:\WINDOWS\system32\dllcache\drmkaud.sys
+ 2001-08-17 18:20:18 334,208 -c--a-w E:\WINDOWS\system32\dllcache\ds1wdm.sys
+ 2006-12-13 12:04:13 59,392 -c--a-w E:\WINDOWS\system32\dllcache\dvdplay.exe
+ 2004-08-03 23:00:55 71,040 -c--a-w E:\WINDOWS\system32\dllcache\dxg.sys
+ 2001-08-23 15:12:50 51,743 -c--a-w E:\WINDOWS\system32\dllcache\e1000nt5.sys
+ 2001-08-23 15:12:50 117,760 -c--a-w E:\WINDOWS\system32\dllcache\e100b325.sys
+ 2001-08-17 18:12:12 19,594 -c--a-w E:\WINDOWS\system32\dllcache\e100isa4.sys
+ 2001-08-23 15:13:26 44,615 -c--a-w E:\WINDOWS\system32\dllcache\el515.sys
+ 2001-08-17 18:10:56 55,999 -c--a-w E:\WINDOWS\system32\dllcache\el556nd5.sys
+ 2001-08-17 18:10:56 24,653 -c--a-w E:\WINDOWS\system32\dllcache\el574nd4.sys
+ 2001-08-17 18:10:58 69,692 -c--a-w E:\WINDOWS\system32\dllcache\el575nd5.sys
+ 2001-08-17 18:10:52 26,141 -c--a-w E:\WINDOWS\system32\dllcache\el589nd5.sys
+ 2001-08-17 18:11:00 69,194 -c--a-w E:\WINDOWS\system32\dllcache\el656cd5.sys
+ 2001-08-23 15:13:28 634,166 -c--a-w E:\WINDOWS\system32\dllcache\el656ct5.sys
+ 2001-08-17 18:11:00 77,386 -c--a-w E:\WINDOWS\system32\dllcache\el656nd5.sys
+ 2001-08-23 15:13:30 241,238 -c--a-w E:\WINDOWS\system32\dllcache\el656se5.sys
+ 2001-08-17 18:11:06 66,591 -c--a-w E:\WINDOWS\system32\dllcache\el90xbc5.sys
+ 2001-08-23 15:13:30 153,631 -c--a-w E:\WINDOWS\system32\dllcache\el90xnd5.sys
+ 2001-08-23 15:13:30 455,711 -c--a-w E:\WINDOWS\system32\dllcache\el985n51.sys
+ 2001-08-17 18:11:04 70,174 -c--a-w E:\WINDOWS\system32\dllcache\el98xn5.sys
+ 2001-08-23 15:13:32 175,104 -c--a-w E:\WINDOWS\system32\dllcache\el99xn51.sys
+ 2001-08-17 19:53:02 7,296 -c--a-w E:\WINDOWS\system32\dllcache\elmsmc.sys
+ 2001-08-17 18:10:52 25,159 -c--a-w E:\WINDOWS\system32\dllcache\elnk3.sys
+ 2001-08-17 18:10:54 19,996 -c--a-w E:\WINDOWS\system32\dllcache\em556n4.sys
+ 2001-08-17 18:19:26 283,904 -c--a-w E:\WINDOWS\system32\dllcache\emu10k1m.sys
+ 2001-08-17 21:46:40 6,400 -c--a-w E:\WINDOWS\system32\dllcache\enum1394.sys
+ 2001-08-17 19:50:20 144,896 -c--a-w E:\WINDOWS\system32\dllcache\epcfw2k.sys
+ 2001-08-17 18:12:08 18,503 -c--a-w E:\WINDOWS\system32\dllcache\epro4.sys
+ 2001-08-17 19:50:20 114,944 -c--a-w E:\WINDOWS\system32\dllcache\epstw2k.sys
+ 2001-08-23 15:16:00 630,016 -c--a-w E:\WINDOWS\system32\dllcache\eqn.sys
+ 2001-08-23 15:47:34 53,760 -c--a-w E:\WINDOWS\system32\dllcache\eqndiag.exe
+ 2001-08-23 15:47:34 51,712 -c--a-w E:\WINDOWS\system32\dllcache\eqnlogr.exe
+ 2001-08-23 15:47:34 62,464 -c--a-w E:\WINDOWS\system32\dllcache\eqnloop.exe
+ 2001-08-17 18:19:38 37,120 -c--a-w E:\WINDOWS\system32\dllcache\es1370mp.sys
+ 2001-08-17 18:19:34 40,704 -c--a-w E:\WINDOWS\system32\dllcache\es1371mp.sys
+ 2001-08-17 18:19:58 72,192 -c--a-w E:\WINDOWS\system32\dllcache\es1969.sys
+ 2001-08-17 18:19:48 174,464 -c--a-w E:\WINDOWS\system32\dllcache\es198x.sys
+ 2001-08-23 15:16:04 596,319 -c--a-w E:\WINDOWS\system32\dllcache\es56cvmp.sys
+ 2001-08-23 15:16:06 594,910 -c--a-w E:\WINDOWS\system32\dllcache\es56hpi.sys
+ 2001-08-23 15:16:06 348,222 -c--a-w E:\WINDOWS\system32\dllcache\es56tpi.sys
+ 2001-08-17 18:19:56 63,360 -c--a-w E:\WINDOWS\system32\dllcache\ess.sys
+ 2004-08-03 20:32:28 137,088 -c--a-w E:\WINDOWS\system32\dllcache\essm2e.sys
+ 2001-08-23 15:47:04 43,008 -c--a-w E:\WINDOWS\system32\dllcache\esucm.dll
+ 2001-08-23 15:47:04 34,816 -c--a-w E:\WINDOWS\system32\dllcache\esuimg.dll
+ 2001-08-23 15:47:04 46,080 -c--a-w E:\WINDOWS\system32\dllcache\esuni.dll
+ 2001-08-23 15:47:04 46,080 -c--a-w E:\WINDOWS\system32\dllcache\esunib.dll
+ 2001-08-17 18:12:08 16,998 -c--a-w E:\WINDOWS\system32\dllcache\ex10.sys
+ 2001-08-17 19:52:48 7,040 -c--a-w E:\WINDOWS\system32\dllcache\exabyte2.sys
+ 2001-08-17 18:11:54 12,362 -c--a-w E:\WINDOWS\system32\dllcache\f3ab18xi.sys
+ 2001-08-17 18:11:56 11,850 -c--a-w E:\WINDOWS\system32\dllcache\f3ab18xj.sys
+ 2001-08-17 18:12:32 16,074 -c--a-w E:\WINDOWS\system32\dllcache\fa312nd5.sys
+ 2001-08-17 18:12:32 24,618 -c--a-w E:\WINDOWS\system32\dllcache\fa410nd5.sys
+ 2004-08-03 22:59:27 27,392 -c--a-w E:\WINDOWS\system32\dllcache\fdc.sys
+ 2001-08-17 18:10:54 22,090 -c--a-w E:\WINDOWS\system32\dllcache\fem556n5.sys
+ 2001-08-17 18:13:08 27,165 -c--a-w E:\WINDOWS\system32\dllcache\fetnd5.sys
+ 2004-08-03 22:59:27 20,480 -c--a-w E:\WINDOWS\system32\dllcache\flpydisk.sys
+ 2001-08-23 15:47:04 72,192 -c--a-w E:\WINDOWS\system32\dllcache\fnfilter.dll
+ 2004-08-03 20:31:24 34,173 -c--a-w E:\WINDOWS\system32\dllcache\forehe.sys
+ 2001-08-17 18:14:24 444,416 -c--a-w E:\WINDOWS\system32\dllcache\fpcibase.sys
+ 2001-08-17 18:14:44 441,728 -c--a-w E:\WINDOWS\system32\dllcache\fpcmbase.sys
+ 2001-08-17 18:15:02 442,240 -c--a-w E:\WINDOWS\system32\dllcache\fpnpbase.sys
+ 2004-08-19 16:09:55 193,024 -c--a-w E:\WINDOWS\system32\dllcache\fsquirt.exe
+ 2006-12-13 12:04:13 12,416 -c--a-w E:\WINDOWS\system32\dllcache\fsvga.sys
+ 2002-09-06 19:59:59 126,080 -c--a-w E:\WINDOWS\system32\dllcache\ftdisk.sys
+ 2001-08-17 18:15:22 455,680 -c--a-w E:\WINDOWS\system32\dllcache\fus2base.sys
+ 2001-08-17 18:15:38 455,296 -c--a-w E:\WINDOWS\system32\dllcache\fusbbase.sys
+ 2001-08-23 15:47:04 92,672 -c--a-w E:\WINDOWS\system32\dllcache\fuusd.dll
+ 2001-08-17 18:15:56 454,912 -c--a-w E:\WINDOWS\system32\dllcache\fxusbase.sys
+ 2001-08-23 15:46:44 470,144 -c--a-w E:\WINDOWS\system32\dllcache\g200d.dll
+ 2001-08-23 15:18:04 320,512 -c--a-w E:\WINDOWS\system32\dllcache\g200m.sys
+ 2001-08-23 15:18:06 322,560 -c--a-w E:\WINDOWS\system32\dllcache\g400m.sys
+ 2004-08-03 21:07:44 46,464 -c--a-w E:\WINDOWS\system32\dllcache\gagp30kx.sys
+ 2004-08-03 21:08:22 10,624 -c--a-w E:\WINDOWS\system32\dllcache\gameenum.sys
+ 2004-08-03 21:08:30 59,136 -c--a-w E:\WINDOWS\system32\dllcache\gckernel.sys
+ 2001-08-23 15:18:36 17,664 -c--a-w E:\WINDOWS\system32\dllcache\gpr400.sys
+ 2001-08-23 15:18:40 82,560 -c--a-w E:\WINDOWS\system32\dllcache\grclass.sys
+ 2004-08-19 13:55:22 28,672 -c--a-w E:\WINDOWS\system32\dllcache\grserial.sys
+ 2004-08-19 16:09:27 7,168 -c--a-w E:\WINDOWS\system32\dllcache\hccoin.dll
+ 2001-08-23 15:19:04 908,000 -c--a-w E:\WINDOWS\system32\dllcache\hcf_msft.sys
+ 2006-12-13 12:05:59 20,992 -c--a-w E:\WINDOWS\system32\dllcache\hid.dll
+ 2001-08-17 19:58:00 19,200 -c--a-w E:\WINDOWS\system32\dllcache\hidbatt.sys
+ 2004-08-19 13:55:52 25,856 -c--a-w E:\WINDOWS\system32\dllcache\hidbth.sys
+ 2004-08-03 23:08:19 36,224 -c--a-w E:\WINDOWS\system32\dllcache\hidclass.sys
+ 2001-08-17 20:02:32 8,576 -c--a-w E:\WINDOWS\system32\dllcache\hidgame.sys
+ 2004-08-03 21:08:20 15,104 -c--a-w E:\WINDOWS\system32\dllcache\hidir.sys
+ 2004-08-03 23:08:17 24,960 -c--a-w E:\WINDOWS\system32\dllcache\hidparse.sys
+ 2004-08-19 14:09:28 21,504 -c--a-w E:\WINDOWS\system32\dllcache\hidserv.dll
+ 2001-08-17 20:02:50 2,688 -c--a-w E:\WINDOWS\system32\dllcache\hidswvd.sys
+ 2002-09-06 19:59:59 9,600 -c--a-w E:\WINDOWS\system32\dllcache\hidusb.sys
+ 2001-08-23 15:47:04 119,296 -c--a-w E:\WINDOWS\system32\dllcache\hpdigwia.dll
+ 2001-08-23 15:47:04 83,968 -c--a-w E:\WINDOWS\system32\dllcache\hpgt21.dll
+ 2001-08-23 15:47:04 123,392 -c--a-w E:\WINDOWS\system32\dllcache\hpgt21tk.dll
+ 2001-08-23 15:47:04 89,088 -c--a-w E:\WINDOWS\system32\dllcache\hpgt33.dll
+ 2001-08-23 15:47:04 48,128 -c--a-w E:\WINDOWS\system32\dllcache\hpgt33tk.dll
+ 2001-08-23 15:47:04 101,376 -c--a-w E:\WINDOWS\system32\dllcache\hpgt34.dll
+ 2001-08-23 15:47:04 126,976 -c--a-w E:\WINDOWS\system32\dllcache\hpgt34tk.dll
+ 2001-08-23 15:47:04 93,696 -c--a-w E:\WINDOWS\system32\dllcache\hpgt42.dll
+ 2001-08-23 15:47:04 31,232 -c--a-w E:\WINDOWS\system32\dllcache\hpgt42tk.dll
+ 2001-08-23 15:47:04 165,888 -c--a-w E:\WINDOWS\system32\dllcache\hpgt53.dll
+ 2001-08-23 15:47:04 68,608 -c--a-w E:\WINDOWS\system32\dllcache\hpgt53tk.dll
+ 2001-08-23 15:47:04 32,768 -c--a-w E:\WINDOWS\system32\dllcache\hpgtmcro.dll
+ 2001-08-17 20:07:44 25,952 -c--a-w E:\WINDOWS\system32\dllcache\hpn.sys
+ 2001-08-23 15:47:04 324,608 -c--a-w E:\WINDOWS\system32\dllcache\hpojwia.dll
+ 2001-08-23 15:47:04 13,312 -c--a-w E:\WINDOWS\system32\dllcache\hpsjmcro.dll
+ 2001-08-17 19:52:50 5,760 -c--a-w E:\WINDOWS\system32\dllcache\hpt4qic.sys
+ 2001-08-23 15:47:04 19,456 -c--a-w E:\WINDOWS\system32\dllcache\hr1w.dll
+ 2001-08-17 19:28:04 150,239 -c--a-w E:\WINDOWS\system32\dllcache\hsf_amos.sys
+ 2001-08-17 19:28:04 67,167 -c--a-w E:\WINDOWS\system32\dllcache\hsf_bsc2.sys
+ 2001-08-17 19:28:06 289,887 -c--a-w E:\WINDOWS\system32\dllcache\hsf_fall.sys
+ 2001-08-17 19:28:06 199,711 -c--a-w E:\WINDOWS\system32\dllcache\hsf_faxx.sys
+ 2001-08-17 19:28:06 115,807 -c--a-w E:\WINDOWS\system32\dllcache\hsf_fsks.sys
+ 2001-08-23 15:47:04 9,759 -c--a-w E:\WINDOWS\system32\dllcache\hsf_inst.dll
+ 2001-08-17 19:28:08 391,199 -c--a-w E:\WINDOWS\system32\dllcache\hsf_k56k.sys
+ 2001-08-17 19:28:10 542,879 -c--a-w E:\WINDOWS\system32\dllcache\hsf_msft.sys
+ 2001-08-17 19:28:10 57,471 -c--a-w E:\WINDOWS\system32\dllcache\hsf_samp.sys
+ 2001-08-17 19:28:10 44,863 -c--a-w E:\WINDOWS\system32\dllcache\hsf_soar.sys
+ 2001-08-17 19:28:10 73,279 -c--a-w E:\WINDOWS\system32\dllcache\hsf_spkp.sys
+ 2001-08-17 19:28:12 50,751 -c--a-w E:\WINDOWS\system32\dllcache\hsf_tone.sys
+ 2001-08-17 19:28:12 488,383 -c--a-w E:\WINDOWS\system32\dllcache\hsf_v124.sys
+ 2004-08-03 20:41:48 220,032 -c--a-w E:\WINDOWS\system32\dllcache\hsfbs2s2.sys
+ 2004-08-19 14:09:28 32,285 -c--a-w E:\WINDOWS\system32\dllcache\hsfcisp2.dll
+ 2004-08-03 20:41:50 685,056 -c--a-w E:\WINDOWS\system32\dllcache\hsfcxts2.sys
+ 2004-08-03 20:41:56 1,041,536 -c--a-w E:\WINDOWS\system32\dllcache\hsfdpsp2.sys
+ 2006-12-13 11:52:32 262,656 -c--a-w E:\WINDOWS\system32\dllcache\http.sys
+ 2004-08-03 21:00:52 8,192 -c--a-w E:\WINDOWS\system32\dllcache\i2omgmt.sys
+ 2004-08-03 21:00:52 18,560 -c--a-w E:\WINDOWS\system32\dllcache\i2omp.sys
+ 2001-08-23 15:46:46 353,184 -c--a-w E:\WINDOWS\system32\dllcache\i740dnt5.dll
+ 2001-08-17 18:49:06 58,592 -c--a-w E:\WINDOWS\system32\dllcache\i740nt5.sys
+ 2004-08-19 15:56:39 54,400 -c--a-w E:\WINDOWS\system32\dllcache\i8042prt.sys
+ 2004-08-19 14:09:28 702,845 -c--a-w E:\WINDOWS\system32\dllcache\i81xdnt5.dll
+ 2004-08-03 20:29:38 161,020 -c--a-w E:\WINDOWS\system32\dllcache\i81xnt5.sys
+ 2001-08-17 18:11:58 28,700 -c--a-w E:\WINDOWS\system32\dllcache\ibmexmp.sys
+ 2001-08-23 15:45:26 10,240 -c--a-w E:\WINDOWS\system32\dllcache\ibmsgnet.dll
+ 2001-08-17 18:12:00 100,936 -c--a-w E:\WINDOWS\system32\dllcache\ibmtok.sys
+ 2001-08-17 18:12:02 109,085 -c--a-w E:\WINDOWS\system32\dllcache\ibmtrp.sys
+ 2001-08-17 20:06:46 38,528 -c--a-w E:\WINDOWS\system32\dllcache\ibmvcap.sys
+ 2001-08-17 20:05:44 141,056 -c--a-w E:\WINDOWS\system32\dllcache\icam3.sys
+ 2001-08-23 15:47:04 27,136 -c--a-w E:\WINDOWS\system32\dllcache\icam3ext.dll
+ 2001-08-23 15:47:04 92,160 -c--a-w E:\WINDOWS\system32\dllcache\icam4com.dll
+ 2001-08-23 15:47:04 63,488 -c--a-w E:\WINDOWS\system32\dllcache\icam4ext.dll
+ 2001-08-17 20:06:02 154,496 -c--a-w E:\WINDOWS\system32\dllcache\icam4usb.sys
+ 2001-08-23 15:47:04 45,056 -c--a-w E:\WINDOWS\system32\dllcache\icam5com.dll
+ 2001-08-23 15:47:04 20,992 -c--a-w E:\WINDOWS\system32\dllcache\icam5ext.dll
+ 2001-08-17 20:06:20 100,992 -c--a-w E:\WINDOWS\system32\dllcache\icam5usb.sys
+ 2001-08-23 15:47:04 372,824 -c--a-w E:\WINDOWS\system32\dllcache\iconf32.dll
+ 2004-08-03 23:00:15 41,856 -c--a-w E:\WINDOWS\system32\dllcache\imapi.sys
+ 2001-08-17 19:52:08 16,000 -c--a-w E:\WINDOWS\system32\dllcache\ini910u.sys
+ 2001-08-23 14:57:12 13,824 -c--a-w E:\WINDOWS\system32\dllcache\inport.sys
+ 2004-08-19 13:59:08 5,504 -c--a-w E:\WINDOWS\system32\dllcache\intelide.sys
+ 2004-08-19 15:59:09 40,320 -c--a-w E:\WINDOWS\system32\dllcache\intelppm.sys
+ 2001-08-17 19:50:56 38,784 -c--a-w E:\WINDOWS\system32\dllcache\io8.sys
+ 2001-08-23 15:47:04 90,200 -c--a-w E:\WINDOWS\system32\dllcache\io8ports.dll
+ 2001-08-17 18:12:12 45,632 -c--a-w E:\WINDOWS\system32\dllcache\ip5515.sys
+ 2004-08-03 21:08:34 40,832 -c--a-w E:\WINDOWS\system32\dllcache\irbus.sys
+ 2004-08-03 21:00:54 87,424 -c--a-w E:\WINDOWS\system32\dllcache\irda.sys
+ 2004-08-19 14:09:56 154,112 -c--a-w E:\WINDOWS\system32\dllcache\irftp.exe
+ 2001-08-17 19:49:04 23,552 -c--a-w E:\WINDOWS\system32\dllcache\irmk7.sys
+ 2004-08-19 14:09:32 28,160 -c--a-w E:\WINDOWS\system32\dllcache\irmon.dll
+ 2001-08-17 19:51:32 18,688 -c--a-w E:\WINDOWS\system32\dllcache\irsir.sys
+ 2001-08-17 19:49:10 26,624 -c--a-w E:\WINDOWS\system32\dllcache\irstusb.sys
+ 2002-09-06 19:59:59 36,224 -c--a-w E:\WINDOWS\system32\dllcache\isapnp.sys
+ 2006-12-13 12:05:59 47,616 -c--a-w E:\WINDOWS\system32\dllcache\iyuv_32.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w E:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w E:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 20:55:56 5,632 -c--a-w E:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w E:\WINDOWS\system32\dllcache\kbd106.dll
+ 2004-08-19 16:00:33 25,216 -c--a-w E:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2004-08-19 14:00:36 14,848 -c--a-w E:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2001-08-23 15:47:06 8,704 -c--a-w E:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-23 15:47:06 8,192 -c--a-w E:\WINDOWS\system32\dllcache\kbdkor.dll
+ 2001-08-23 15:47:06 46,080 -c--a-w E:\WINDOWS\system32\dllcache\kdsui.dll
+ 2001-08-23 15:47:06 242,688 -c--a-w E:\WINDOWS\system32\dllcache\kdsusd.dll
+ 2006-06-14 07:50:20 172,416 -c--a-w E:\WINDOWS\system32\dllcache\kmixer.sys
+ 2001-08-23 15:47:06 37,888 -c--a-w E:\WINDOWS\system32\dllcache\kousd.dll
+ 2004-08-03 21:15:22 140,928 -c--a-w E:\WINDOWS\system32\dllcache\ks.sys
+ 2004-08-19 14:09:32 4,096 -c--a-w E:\WINDOWS\system32\dllcache\ksuser.dll
+ 2001-08-17 18:12:14 19,016 -c--a-w E:\WINDOWS\system32\dllcache\ktc111.sys
+ 2001-08-23 14:59:46 26,922 -c--a-w E:\WINDOWS\system32\dllcache\lanepic5.sys
+ 2004-08-03 20:59:34 34,688 -c--a-w E:\WINDOWS\system32\dllcache\lbrtfdc.sys
+ 2001-08-23 15:00:10 16,384 -c--a-w E:\WINDOWS\system32\dllcache\lit220p.sys
+ 2001-08-17 18:11:52 25,065 -c--a-w E:\WINDOWS\system32\dllcache\lmndis3.sys
+ 2001-08-17 18:12:20 20,573 -c--a-w E:\WINDOWS\system32\dllcache\lne100.sys
+ 2001-08-17 18:12:24 70,730 -c--a-w E:\WINDOWS\system32\dllcache\lne100tx.sys
+ 2001-08-17 19:53:42 4,992 -c--a-w E:\WINDOWS\system32\dllcache\loop.sys
+ 2001-08-23 15:00:48 728,554 -c--a-w E:\WINDOWS\system32\dllcache\ltck000c.sys
+ 2004-08-19 14:02:02 607,452 -c--a-w E:\WINDOWS\system32\dllcache\ltmdmnt.sys
+ 2001-08-23 15:00:50 577,514 -c--a-w E:\WINDOWS\system32\dllcache\ltmdmntl.sys
+ 2004-08-19 14:02:06 422,528 -c--a-w E:\WINDOWS\system32\dllcache\ltmdmntt.sys
+ 2004-08-03 21:00:08 7,040 -c--a-w E:\WINDOWS\system32\dllcache\ltotape.sys
+ 2001-08-17 19:28:10 802,683 -c--a-w E:\WINDOWS\system32\dllcache\ltsm.sys
+ 2001-08-17 19:28:12 797,500 -c--a-w E:\WINDOWS\system32\dllcache\ltsmt.sys
+ 2004-08-03 20:39:32 20,864 -c--a-w E:\WINDOWS\system32\dllcache\lwadihid.sys
+ 2001-08-17 18:49:20 22,848 -c--a-w E:\WINDOWS\system32\dllcache\lwusbhid.sys
+ 2001-08-23 15:47:06 58,880 -c--a-w E:\WINDOWS\system32\dllcache\m3091dc.dll
+ 2001-08-23 15:47:06 59,392 -c--a-w E:\WINDOWS\system32\dllcache\m3092dc.dll
+ 2001-08-17 18:19:58 48,768 -c--a-w E:\WINDOWS\system32\dllcache\maestro.sys
+ 2001-08-17 19:52:50 7,424 -c--a-w E:\WINDOWS\system32\dllcache\mammoth.sys
+ 2001-08-23 15:02:28 165,066 -c--a-w E:\WINDOWS\system32\dllcache\mdgndis5.sys
+ 2006-12-13 12:04:13 147,968 -c--a-w E:\WINDOWS\system32\dllcache\mdwmdmsp.dll
+ 2001-08-17 19:58:04 8,320 -c--a-w E:\WINDOWS\system32\dllcache\memcard.sys
+ 2001-08-23 15:47:06 47,616 -c--a-w E:\WINDOWS\system32\dllcache\memgrp.dll
+ 2004-08-03 21:00:50 26,112 -c--a-w E:\WINDOWS\system32\dllcache\memstpci.sys
+ 2006-12-13 12:05:59 63,744 -c--a-w E:\WINDOWS\system32\dllcache\mf.sys
+ 2001-08-23 15:46:46 235,648 -c--a-w E:\WINDOWS\system32\dllcache\mgaud.dll
+ 2001-08-23 15:03:46 320,384 -c--a-w E:\WINDOWS\system32\dllcache\mgaum.sys
+ 2001-08-17 19:52:50 6,528 -c--a-w E:\WINDOWS\system32\dllcache\miniqic.sys
+ 2006-12-13 12:05:59 30,336 -c--a-w E:\WINDOWS\system32\dllcache\modem.sys
+ 2001-08-17 19:57:38 16,128 -c--a-w E:\WINDOWS\system32\dllcache\modemcsa.sys
+ 2006-12-13 12:05:59 23,680 -c--a-w E:\WINDOWS\system32\dllcache\mouclass.sys
+ 2006-12-13 12:04:13 12,288 -c--a-w E:\WINDOWS\system32\dllcache\mouhid.sys
+ 2004-08-03 21:10:14 15,360 -c--a-w E:\WINDOWS\system32\dllcache\mpe.sys
+ 2001-08-17 19:52:12 17,280 -c--a-w E:\WINDOWS\system32\dllcache\mraid35x.sys
+ 2006-12-13 11:52:35 454,656 -c--a-w E:\WINDOWS\system32\dllcache\mrxsmb.sys
+ 2004-08-03 21:10:00 51,328 -c--a-w E:\WINDOWS\system32\dllcache\msdv.sys
+ 2001-08-17 19:48:36 6,016 -c--a-w E:\WINDOWS\system32\dllcache\msfsio.sys
+ 2001-08-17 20:02:40 35,200 -c--a-w E:\WINDOWS\system32\dllcache\msgame.sys
+ 2004-08-03 21:00:48 22,016 -c--a-w E:\WINDOWS\system32\dllcache\msircomm.sys
+ 2004-08-03 20:58:42 7,552 -c--a-w E:\WINDOWS\system32\dllcache\mskssrv.sys
+ 2001-08-17 20:00:04 2,944 -c--a-w E:\WINDOWS\system32\dllcache\msmpu401.sys
+ 2004-08-03 20:58:40 5,376 -c--a-w E:\WINDOWS\system32\dllcache\mspclock.sys
+ 2004-08-03 20:58:42 4,992 -c--a-w E:\WINDOWS\system32\dllcache\mspqm.sys
+ 2001-08-17 19:48:50 12,416 -c--a-w E:\WINDOWS\system32\dllcache\msriffwv.sys
+ 2006-12-13 12:05:59 15,488 -c--a-w E:\WINDOWS\system32\dllcache\mssmbios.sys
+ 2004-08-03 21:10:00 49,024 -c--a-w E:\WINDOWS\system32\dllcache\mstape.sys
+ 2004-08-03 20:58:40 5,504 -c--a-w E:\WINDOWS\system32\dllcache\mstee.sys
+ 2006-12-13 12:05:59 17,408 -c--a-w E:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-03 20:41:40 126,686 -c--a-w E:\WINDOWS\system32\dllcache\mtlmnt5.sys
+ 2004-08-03 20:41:38 1,309,184 -c--a-w E:\WINDOWS\system32\dllcache\mtlstrm.sys
+ 2004-08-03 20:29:38 452,736 -c--a-w E:\WINDOWS\system32\dllcache\mtxparhm.sys
+ 2001-08-17 18:50:04 103,296 -c--a-w E:\WINDOWS\system32\dllcache\mtxvideo.sys
+ 2004-08-03 21:04:52 12,672 -c--a-w E:\WINDOWS\system32\dllcache\mutohpen.sys
+ 2001-08-23 15:08:58 22,144 -c--a-w E:\WINDOWS\system32\dllcache\mxcard.sys
+ 2001-08-23 15:47:14 19,968 -c--a-w E:\WINDOWS\system32\dllcache\mxicfg.dll
+ 2001-08-17 19:49:32 19,968 -c--a-w E:\WINDOWS\system32\dllcache\mxnic.sys
+ 2001-08-23 15:47:14 7,168 -c--a-w E:\WINDOWS\system32\dllcache\mxport.dll
+ 2001-08-23 15:09:00 76,928 -c--a-w E:\WINDOWS\system32\dllcache\mxport.sys
+ 2001-08-23 15:09:02 53,791 -c--a-w E:\WINDOWS\system32\dllcache\n1000nt5.sys
+ 2001-08-23 15:09:02 131,072 -c--a-w E:\WINDOWS\system32\dllcache\n100325.sys
+ 2001-08-23 15:46:46 35,392 -c--a-w E:\WINDOWS\system32\dllcache\n9i128.dll
+ 2001-08-17 18:50:06 13,664 -c--a-w E:\WINDOWS\system32\dllcache\n9i128.sys
+ 2001-08-23 15:46:46 59,104 -c--a-w E:\WINDOWS\system32\dllcache\n9i128v2.dll
+ 2001-08-17 18:50:08 33,088 -c--a-w E:\WINDOWS\system32\dllcache\n9i128v2.sys
+ 2001-08-17 18:50:10 27,936 -c--a-w E:\WINDOWS\system32\dllcache\n9i3d.sys
+ 2001-08-23 15:46:46 91,488 -c--a-w E:\WINDOWS\system32\dllcache\n9i3disp.dll
+ 2004-08-03 21:10:30 85,376 -c--a-w E:\WINDOWS\system32\dllcache\nabtsfec.sys
+ 2004-08-03 21:10:14 10,880 -c--a-w E:\WINDOWS\system32\dllcache\ndisip.sys
+ 2005-04-19 23:54:04 14,592 -c--a-w E:\WINDOWS\system32\dllcache\ndisuio.sys
+ 2001-08-17 19:49:14 15,872 -c--a-w E:\WINDOWS\system32\dllcache\ne2000.sys
+ 2001-08-23 15:46:46 60,480 -c--a-w E:\WINDOWS\system32\dllcache\neo20xx.dll
+ 2001-08-17 18:50:04 39,264 -c--a-w E:\WINDOWS\system32\dllcache\neo20xx.sys
+ 2001-08-23 15:10:08 66,302 -c--a-w E:\WINDOWS\system32\dllcache\netflx3.sys
+ 2004-08-19 14:03:26 132,695 -c--a-w E:\WINDOWS\system32\dllcache\netwlan5.sys
+ 2001-08-17 18:12:20 32,840 -c--a-w E:\WINDOWS\system32\dllcache\ngrpci.sys
+ 2006-12-13 12:05:59 61,824 -c--a-w E:\WINDOWS\system32\dllcache\nic1394.sys
+ 2006-12-13 12:04:13 12,032 -c--a-w E:\WINDOWS\system32\dllcache\nikedrv.sys
+ 2001-08-17 18:20:08 126,080 -c--a-w E:\WINDOWS\system32\dllcache\nm5a2wdm.sys
+ 2001-08-17 18:20:08 87,040 -c--a-w E:\WINDOWS\system32\dllcache\nm6wdm.sys
+ 2004-08-03 21:00:52 28,672 -c--a-w E:\WINDOWS\system32\dllcache\nscirda.sys
+ 2001-08-17 19:53:02 7,552 -c--a-w E:\WINDOWS\system32\dllcache\nsmmc.sys
+ 2001-08-23 15:11:48 9,472 -c--a-w E:\WINDOWS\system32\dllcache\ntapm.sys
+ 2001-08-17 18:49:04 51,552 -c--a-w E:\WINDOWS\system32\dllcache\ntgrip.sys
+ 2005-09-29 18:28:42 2,059,520 -c--a-w E:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2005-09-29 18:28:57 2,017,792 -c--a-w E:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2004-08-03 20:41:40 180,360 -c--a-w E:\WINDOWS\system32\dllcache\ntmtlfax.sys
+ 2001-08-23 15:46:46 123,776 -c--a-w E:\WINDOWS\system32\dllcache\nv3.dll
+ 2001-08-17 18:50:18 198,144 -c--a-w E:\WINDOWS\system32\dllcache\nv3.sys
+ 2007-12-04 23:41:00 5,773,568 -c--a-w E:\WINDOWS\system32\dllcache\nv4_disp.dll
+ 2007-12-04 23:41:00 7,435,392 -c--a-w E:\WINDOWS\system32\dllcache\nv4_mini.sys
+ 2006-12-13 11:50:51 61,312 -c--a-w E:\WINDOWS\system32\dllcache\ohci1394.sys
+ 2001-08-17 18:20:16 54,528 -c--a-w E:\WINDOWS\system32\dllcache\opl3sax.sys
+ 2002-09-06 19:59:59 3,456 -c--a-w E:\WINDOWS\system32\dllcache\oprghdlr.sys
+ 2001-08-17 18:12:36 27,209 -c--a-w E:\WINDOWS\system32\dllcache\otc06x5.sys
+ 2001-08-23 15:15:04 44,297 -c--a-w E:\WINDOWS\system32\dllcache\otceth5.sys
+ 2001-08-23 15:15:04 54,954 -c--a-w E:\WINDOWS\system32\dllcache\otcsercb.sys
+ 2001-08-17 20:05:04 25,088 -c--a-w E:\WINDOWS\system32\dllcache\ovca.sys
+ 2001-08-17 20:05:12 48,000 -c--a-w E:\WINDOWS\system32\dllcache\ovcam2.sys
+ 2001-08-17 20:05:16 28,032 -c--a-w E:\WINDOWS\system32\dllcache\ovcd.sys
+ 2001-08-17 20:05:20 31,872 -c--a-w E:\WINDOWS\system32\dllcache\ovce.sys
+ 2001-08-23 15:47:16 116,736 -c--a-w E:\WINDOWS\system32\dllcache\ovcodec2.dll
+ 2001-08-17 20:05:12 351,616 -c--a-w E:\WINDOWS\system32\dllcache\ovcodek2.sys
+ 2001-08-23 15:47:16 20,480 -c--a-w E:\WINDOWS\system32\dllcache\ovcomc.dll
+ 2001-08-23 15:47:42 39,424 -c--a-w E:\WINDOWS\system32\dllcache\ovcoms.exe
+ 2001-08-17 20:05:06 25,216 -c--a-w E:\WINDOWS\system32\dllcache\ovsound2.sys
+ 2001-08-23 15:47:16 44,544 -c--a-w E:\WINDOWS\system32\dllcache\ovui2.dll
+ 2001-08-23 15:47:16 42,496 -c--a-w E:\WINDOWS\system32\dllcache\ovui2rc.dll
+ 2006-12-13 12:05:59 46,720 -c--a-w E:\WINDOWS\system32\dllcache\p3.sys
+ 2006-12-13 12:04:13 157,696 -c--a-w E:\WINDOWS\system32\dllcache\paqsp.dll
+ 2006-12-13 12:05:59 80,384 -c--a-w E:\WINDOWS\system32\dllcache\parport.sys
+ 2001-08-17 18:12:18 30,495 -c--a-w E:\WINDOWS\system32\dllcache\pc100nds.sys
+ 2004-08-03 20:31:24 29,502 -c--a-w E:\WINDOWS\system32\dllcache\pca200e.sys
+ 2004-08-19 15:52:03 68,608 -c--a-w E:\WINDOWS\system32\dllcache\pci.sys
+ 2002-09-06 19:59:59 3,328 -c--a-w E:\WINDOWS\system32\dllcache\pciide.sys
+ 2004-08-03 22:59:41 25,088 -c--a-w E:\WINDOWS\system32\dllcache\pciidex.sys
+ 2004-08-19 15:52:09 120,320 -c--a-w E:\WINDOWS\system32\dllcache\pcmcia.sys
+ 2001-08-17 18:12:18 26,153 -c--a-w E:\WINDOWS\system32\dllcache\pcmlm56.sys
+ 2001-08-17 18:11:22 30,282 -c--a-w E:\WINDOWS\system32\dllcache\pcntn5hl.sys
+ 2001-08-17 18:11:20 29,769 -c--a-w E:\WINDOWS\system32\dllcache\pcntn5m.sys
+ 2001-08-17 18:11:22 35,328 -c--a-w E:\WINDOWS\system32\dllcache\pcntpci5.sys
+ 2001-08-23 15:47:42 86,016 -c--a-w E:\WINDOWS\system32\dllcache\pctspk.exe
+ 2004-08-03 20:06:18 169,984 -c--a-w E:\WINDOWS\system32\dllcache\pcx500.sys
+ 2001-08-17 20:07:40 27,296 -c--a-w E:\WINDOWS\system32\dllcache\perc2.sys
+ 2001-08-17 20:07:42 5,504 -c--a-w E:\WINDOWS\system32\dllcache\perc2hib.sys
+ 2004-08-03 21:06:56 27,904 -c--a-w E:\WINDOWS\system32\dllcache\perm2.sys
+ 2004-08-19 14:08:46 211,712 -c--a-w E:\WINDOWS\system32\dllcache\perm2dll.dll
+ 2004-08-03 21:06:58 28,032 -c--a-w E:\WINDOWS\system32\dllcache\perm3.sys
+ 2004-08-19 14:08:46 259,328 -c--a-w E:\WINDOWS\system32\dllcache\perm3dd.dll
+ 2001-08-23 15:47:16 16,896 -c--a-w E:\WINDOWS\system32\dllcache\philcam1.dll
+ 2001-08-17 20:04:50 75,776 -c--a-w E:\WINDOWS\system32\dllcache\philcam1.sys
+ 2001-08-17 20:04:08 173,696 -c--a-w E:\WINDOWS\system32\dllcache\philcam2.sys
+ 2001-08-17 20:04:04 92,416 -c--a-w E:\WINDOWS\system32\dllcache\phildec.sys
+ 2001-08-17 20:07:20 19,840 -c--a-w E:\WINDOWS\system32\dllcache\philtune.sys
+ 2001-08-23 15:47:16 121,344 -c--a-w E:\WINDOWS\system32\dllcache\phvfwext.dll
+ 2006-12-13 12:05:59 35,328 -c--a-w E:\WINDOWS\system32\dllcache\pid.dll
+ 2006-12-13 12:05:59 15,360 -c--a-w E:\WINDOWS\system32\dllcache\pjlmon.dll
+ 2001-08-17 19:53:04 7,168 -c--a-w E:\WINDOWS\system32\dllcache\pnrmc.sys
+ 2004-08-03 21:15:50 145,792 -c--a-w E:\WINDOWS\system32\dllcache\portcls.sys
+ 2001-08-17 19:53:14 7,552 -c--a-w E:\WINDOWS\system32\dllcache\powerfil.sys
+ 2001-08-17 19:53:22 17,792 -c--a-w E:\WINDOWS\system32\dllcache\ppa.sys
+ 2004-08-03 21:00:18 17,664 -c--a-w E:\WINDOWS\system32\dllcache\ppa3.sys
+ 2006-12-13 12:05:59 39,552 -c--a-w E:\WINDOWS\system32\dllcache\processr.sys
+ 2001-08-23 15:17:32 16,512 -c--a-w E:\WINDOWS\system32\dllcache\pscr.sys
+ 2005-03-25 20:43:50 363,520 -c--a-w E:\WINDOWS\system32\dllcache\psisdecd.dll
+ 2001-08-23 15:47:16 35,328 -c--a-w E:\WINDOWS\system32\dllcache\psisload.dll
+ 2001-08-23 15:47:16 5,632 -c--a-w E:\WINDOWS\system32\dllcache\ptpusb.dll
+ 2004-08-19 14:09:40 159,232 -c--a-w E:\WINDOWS\system32\dllcache\ptpusd.dll
+ 2001-08-17 19:28:12 128,286 -c--a-w E:\WINDOWS\system32\dllcache\ptserli.sys
+ 2001-08-17 19:28:14 112,574 -c--a-w E:\WINDOWS\system32\dllcache\ptserlp.sys
+ 2001-08-17 19:28:14 130,942 -c--a-w E:\WINDOWS\system32\dllcache\ptserlv.sys
+ 2004-08-03 21:00:06 6,016 -c--a-w E:\WINDOWS\system32\dllcache\qic157.sys
+ 2001-08-17 19:52:20 40,320 -c--a-w E:\WINDOWS\system32\dllcache\ql1080.sys
+ 2001-08-17 19:52:16 33,152 -c--a-w E:\WINDOWS\system32\dllcache\ql10wnt.sys
+ 2001-08-17 19:52:20 45,312 -c--a-w E:\WINDOWS\system32\dllcache\ql12160.sys
+ 2001-08-17 19:52:16 40,448 -c--a-w E:\WINDOWS\system32\dllcache\ql1240.sys
+ 2001-08-17 19:52:18 49,024 -c--a-w E:\WINDOWS\system32\dllcache\ql1280.sys
+ 2001-08-17 19:53:32 3,328 -c--a-w E:\WINDOWS\system32\dllcache\qv2kux.sys
+ 2001-08-23 15:47:16 41,984 -c--a-w E:\WINDOWS\system32\dllcache\qvusd.dll
+ 2001-08-23 15:18:16 715,530 -c--a-w E:\WINDOWS\system32\dllcache\r2mdmkxx.sys
+ 2001-08-17 19:51:32 19,584 -c--a-w E:\WINDOWS\system32\dllcache\rasirda.sys
+ 2004-08-03 21:01:16 196,864 -c--a-w E:\WINDOWS\system32\dllcache\rdpdr.sys
+ 2004-08-03 20:41:40 13,776 -c--a-w E:\WINDOWS\system32\dllcache\recagent.sys
+ 2004-08-19 15:54:52 58,496 -c--a-w E:\WINDOWS\system32\dllcache\redbook.sys
+ 2001-08-23 15:47:16 86,097 -c--a-w E:\WINDOWS\system32\dllcache\reslog32.dll
+ 2004-08-03 21:10:40 59,648 -c--a-w E:\WINDOWS\system32\dllcache\rfcomm.sys
+ 2006-12-13 12:04:13 12,032 -c--a-w E:\WINDOWS\system32\dllcache\rio8drv.sys
+ 2006-12-13 12:04:13 12,032 -c--a-w E:\WINDOWS\system32\dllcache\riodrv.sys
+ 2001-08-17 18:12:36 37,563 -c--a-w E:\WINDOWS\system32\dllcache\rlnet5.sys
+ 2004-08-03 21:04:32 30,080 -c--a-w E:\WINDOWS\system32\dllcache\rndismpx.sys
+ 2004-08-19 13:55:34 79,360 -c--a-w E:\WINDOWS\system32\dllcache\rocket.sys
+ 2001-08-17 18:19:20 3,840 -c--a-w E:\WINDOWS\system32\dllcache\rpfun.sys
+ 2001-08-23 15:47:16 10,240 -c--a-w E:\WINDOWS\system32\dllcache\rsmgrstr.dll
+ 2001-08-17 18:19:22 30,720 -c--a-w E:\WINDOWS\system32\dllcache\rthwcls.sys
+ 2001-08-17 18:12:40 19,017 -c--a-w E:\WINDOWS\system32\dllcache\rtl8029.sys
+ 2004-08-03 20:31:34 20,992 -c--a-w E:\WINDOWS\system32\dllcache\rtl8139.sys
+ 2001-08-23 15:47:16 25,088 -c--a-w E:\WINDOWS\system32\dllcache\rw430ext.dll
+ 2001-08-23 15:47:16 26,624 -c--a-w E:\WINDOWS\system32\dllcache\rw450ext.dll
+ 2001-08-23 15:47:16 81,408 -c--a-w E:\WINDOWS\system32\dllcache\rwia430.dll
+ 2001-08-23 15:47:16 83,968 -c--a-w E:\WINDOWS\system32\dllcache\rwia450.dll
+ 2004-08-19 14:09:40 397,056 -c--a-w E:\WINDOWS\system32\dllcache\s3gnb.dll
+ 2004-08-03 20:29:52 166,912 -c--a-w E:\WINDOWS\system32\dllcache\s3gnbm.sys
+ 2001-08-17 19:57:46 65,664 -c--a-w E:\WINDOWS\system32\dllcache\s3legacy.sys
+ 2001-08-17 18:50:34 166,720 -c--a-w E:\WINDOWS\system32\dllcache\s3m.sys
+ 2001-08-23 15:46:46 182,272 -c--a-w E:\WINDOWS\system32\dllcache\s3mt3d.dll
+ 2001-08-17 18:50:40 41,216 -c--a-w E:\WINDOWS\system32\dllcache\s3mt3d.sys
+ 2001-08-23 15:46:46 62,496 -c--a-w E:\WINDOWS\system32\dllcache\s3mtrio.dll
+ 2001-08-23 15:46:46 210,496 -c--a-w E:\WINDOWS\system32\dllcache\s3mvirge.dll
+ 2001-08-23 15:46:48 179,264 -c--a-w E:\WINDOWS\system32\dllcache\s3sav3d.dll
+ 2001-08-17 18:50:22 61,504 -c--a-w E:\WINDOWS\system32\dllcache\s3sav3dm.sys
+ 2001-08-23 15:46:48 198,400 -c--a-w E:\WINDOWS\system32\dllcache\s3sav4.dll
+ 2001-08-17 18:50:28 77,824 -c--a-w E:\WINDOWS\system32\dllcache\s3sav4m.sys
+ 2001-08-23 15:46:48 245,632 -c--a-w E:\WINDOWS\system32\dllcache\s3savmx.dll
+ 2001-08-17 18:50:34 75,392 -c--a-w E:\WINDOWS\system32\dllcache\s3savmxm.sys
+ 2004-08-03 20:59:58 43,136 -c--a-w E:\WINDOWS\system32\dllcache\sbp2port.sys
+ 2001-08-23 15:20:20 24,064 -c--a-w E:\WINDOWS\system32\dllcache\sccmn50m.sys
+ 2001-08-17 19:51:14 23,936 -c--a-w E:\WINDOWS\system32\dllcache\sccmusbm.sys
+ 2001-08-23 15:20:30 16,768 -c--a-w E:\WINDOWS\system32\dllcache\scmstcs.sys
+ 2001-08-23 15:20:32 17,536 -c--a-w E:\WINDOWS\system32\dllcache\scr111.sys
+ 2004-08-03 22:59:41 96,256 -c--a-w E:\WINDOWS\system32\dllcache\scsiport.sys
+ 2001-08-17 19:52:34 11,648 -c--a-w E:\WINDOWS\system32\dllcache\scsiprnt.sys
+ 2001-08-17 19:53:26 10,880 -c--a-w E:\WINDOWS\system32\dllcache\scsiscan.sys
+ 2004-08-03 23:07:47 67,584 -c--a-w E:\WINDOWS\system32\dllcache\sdbus.sys
+ 2004-08-19 16:09:40 29,184 -c--a-w E:\WINDOWS\system32\dllcache\sdhcinst.dll
+ 2001-08-17 19:53:10 6,912 -c--a-w E:\WINDOWS\system32\dllcache\seaddsmc.sys
+ 2004-08-03 22:59:07 15,488 -c--a-w E:\WINDOWS\system32\dllcache\serenum.sys
+ 2004-08-19 15:56:39 66,560 -c--a-w E:\WINDOWS\system32\dllcache\serial.sys
+ 2001-08-23 15:20:50 18,432 -c--a-w E:\WINDOWS\system32\dllcache\sermouse.sys
+ 2001-08-23 15:20:50 6,912 -c--a-w E:\WINDOWS\system32\dllcache\serscan.sys
+ 2004-08-03 22:59:55 11,136 -c--a-w E:\WINDOWS\system32\dllcache\sffdisk.sys
+ 2004-08-03 22:59:55 10,240 -c--a-w E:\WINDOWS\system32\dllcache\sffp_sd.sys
+ 2004-08-03 22:59:55 11,392 -c--a-w E:\WINDOWS\system32\dllcache\sfloppy.sys
+ 2001-08-17 18:19:34 36,480 -c--a-w E:\WINDOWS\system32\dllcache\sfmanm.sys
+ 2001-08-23 15:46:48 386,560 -c--a-w E:\WINDOWS\system32\dllcache\sgiul50.dll
+ 2001-08-17 18:51:04 98,080 -c--a-w E:\WINDOWS\system32\dllcache\sgiulnt5.sys
+ 2001-07-21 20:29:20 18,400 -c--a-w E:\WINDOWS\system32\dllcache\sgsmld.sys
+ 2001-08-23 15:21:04 161,664 -c--a-w E:\WINDOWS\system32\dllcache\sgsmusb.sys
+ 2004-08-19 14:09:42 3,901 -c--a-w E:\WINDOWS\system32\dllcache\siint5.dll
+ 2001-08-17 18:50:46 101,760 -c--a-w E:\WINDOWS\system32\dllcache\sis300ip.sys
+ 2001-08-23 15:46:48 252,032 -c--a-w E:\WINDOWS\system32\dllcache\sis300iv.dll
+ 2001-08-17 18:50:56 68,608 -c--a-w E:\WINDOWS\system32\dllcache\sis6306p.sys
+ 2001-08-23 15:46:48 150,144 -c--a-w E:\WINDOWS\system32\dllcache\sis6306v.dll
+ 2004-08-03 21:07:44 41,088 -c--a-w E:\WINDOWS\system32\dllcache\sisagp.sys
+ 2001-08-17 18:50:48 104,064 -c--a-w E:\WINDOWS\system32\dllcache\sisgrp.sys
+ 2001-08-23 15:47:18 238,592 -c--a-w E:\WINDOWS\system32\dllcache\sisgrv.dll
+ 2004-08-03 20:31:36 32,768 -c--a-w E:\WINDOWS\system32\dllcache\sisnic.sys
+ 2001-08-17 18:50:56 50,432 -c--a-w E:\WINDOWS\system32\dllcache\sisv.sys
+ 2001-08-23 15:46:48 157,696 -c--a-w E:\WINDOWS\system32\dllcache\sisv256.dll
+ 2001-08-23 15:21:34 95,114 -c--a-w E:\WINDOWS\system32\dllcache\sk98xwin.sys
+ 2001-08-17 18:12:52 91,294 -c--a-w E:\WINDOWS\system32\dllcache\skfpwin.sys
+ 2004-08-03 20:31:42 63,547 -c--a-w E:\WINDOWS\system32\dllcache\sla30nd5.sys
+ 2004-08-19 14:09:42 73,832 -c--a-w E:\WINDOWS\system32\dllcache\slcoinst.dll
+ 2004-08-19 14:09:42 286,792 -c--a-w E:\WINDOWS\system32\dllcache\slextspk.dll
+ 2004-08-19 14:09:42 188,508 -c--a-w E:\WINDOWS\system32\dllcache\slgen.dll
+ 2004-08-03 21:10:18 11,136 -c--a-w E:\WINDOWS\system32\dllcache\slip.sys
+ 2004-08-03 20:41:42 129,535 -c--a-w E:\WINDOWS\system32\dllcache\slnt7554.sys
+ 2004-08-03 20:41:44 404,990 -c--a-w E:\WINDOWS\system32\dllcache\slntamr.sys
+ 2004-08-03 20:41:46 95,424 -c--a-w E:\WINDOWS\system32\dllcache\slnthal.sys
+ 2004-08-19 14:10:04 32,866 -c--a-w E:\WINDOWS\system32\dllcache\slrundll.exe
+ 2004-08-19 14:10:04 73,796 -c--a-w E:\WINDOWS\system32\dllcache\slserv.exe
+ 2004-08-03 20:41:46 13,240 -c--a-w E:\WINDOWS\system32\dllcache\slwdmsup.sys
+ 2001-08-23 15:47:18 28,160 -c--a-w E:\WINDOWS\system32\dllcache\sm91w.dll
+ 2001-08-23 15:47:18 28,672 -c--a-w E:\WINDOWS\system32\dllcache\sma0w.dll
+ 2001-08-23 15:47:18 33,792 -c--a-w E:\WINDOWS\system32\dllcache\smb0w.dll
+ 2001-08-23 15:47:18 45,568 -c--a-w E:\WINDOWS\system32\dllcache\smb3w.dll
+ 2004-08-03 21:07:38 6,016 -c--a-w E:\WINDOWS\system32\dllcache\smbali.sys
+ 2004-08-03 21:07:36 16,128 -c--a-w E:\WINDOWS\system32\dllcache\smbbatt.sys
+ 2004-08-03 21:07:36 6,912 -c--a-w E:\WINDOWS\system32\dllcache\smbclass.sys
+ 2001-08-17 19:57:56 6,784 -c--a-w E:\WINDOWS\system32\dllcache\smbhc.sys
+ 2001-08-17 18:12:46 24,576 -c--a-w E:\WINDOWS\system32\dllcache\smc8000n.sys
+ 2001-08-23 15:21:42 36,937 -c--a-w E:\WINDOWS\system32\dllcache\smcirda.sys
+ 2001-08-17 18:12:48 25,034 -c--a-w E:\WINDOWS\system32\dllcache\smcpwr2n.sys
+ 2001-08-23 15:46:48 147,200 -c--a-w E:\WINDOWS\system32\dllcache\smidispb.dll
+ 2001-08-17 18:51:00 58,368 -c--a-w E:\WINDOWS\system32\dllcache\smiminib.sys
+ 2001-08-17 19:53:14 7,040 -c--a-w E:\WINDOWS\system32\dllcache\snyaitmc.sys
+ 2004-08-03 21:00:06 7,552 -c--a-w E:\WINDOWS\system32\dllcache\sonyait.sys
+ 2006-12-13 12:05:59 25,472 -c--a-w E:\WINDOWS\system32\dllcache\sonydcam.sys
+ 2001-08-17 19:53:04 9,600 -c--a-w E:\WINDOWS\system32\dllcache\sonymc.sys
+ 2001-08-17 18:51:20 20,752 -c--a-w E:\WINDOWS\system32\dllcache\sonync.sys
+ 2001-08-23 15:47:18 114,688 -c--a-w E:\WINDOWS\system32\dllcache\sonypi.dll
+ 2001-08-17 18:51:22 37,040 -c--a-w E:\WINDOWS\system32\dllcache\sonypi.sys
+ 2001-08-17 19:56:16 7,552 -c--a-w E:\WINDOWS\system32\dllcache\sonypvu1.sys
+ 2001-08-17 20:07:44 19,072 -c--a-w E:\WINDOWS\system32\dllcache\sparrow.sys
+ 2001-08-23 15:47:18 106,584 -c--a-w E:\WINDOWS\system32\dllcache\spdports.dll
+ 2001-08-17 19:51:00 61,824 -c--a-w E:\WINDOWS\system32\dllcache\speed.sys
+ 2006-06-14 07:50:20 6,272 -c--a-w E:\WINDOWS\system32\dllcache\splitter.sys
+ 2006-12-13 12:04:13 69,632 -c--a-w E:\WINDOWS\system32\dllcache\spnike.dll
+ 2006-12-13 12:04:13 70,656 -c--a-w E:\WINDOWS\system32\dllcache\sprio600.dll
+ 2006-12-13 12:04:13 72,192 -c--a-w E:\WINDOWS\system32\dllcache\sprio800.dll
+ 2001-08-23 15:47:18 24,660 -c--a-w E:\WINDOWS\system32\dllcache\spxupchk.dll
+ 2001-08-23 15:47:20 99,840 -c--a-w E:\WINDOWS\system32\dllcache\srusd.dll
+ 2001-08-17 18:11:08 48,736 -c--a-w E:\WINDOWS\system32\dllcache\srwlnd5.sys
+ 2001-08-23 14:57:46 17,024 -c--a-w E:\WINDOWS\system32\dllcache\stcusb.sys
+ 2001-08-23 14:57:58 286,848 -c--a-w E:\WINDOWS\system32\dllcache\stlnata.sys
+ 2001-08-23 15:47:20 53,248 -c--a-w E:\WINDOWS\system32\dllcache\stlncoin.dll
+ 2001-08-23 15:47:20 155,648 -c--a-w E:\WINDOWS\system32\dllcache\stlnprop.dll
+ 2004-08-19 16:09:46 76,800 -c--a-w E:\WINDOWS\system32\dllcache\storprop.dll
+ 2004-08-03 21:08:04 48,640 -c--a-w E:\WINDOWS\system32\dllcache\stream.sys
+ 2006-12-13 12:04:13 8,192 -c--a-w E:\WINDOWS\system32\dllcache\streamci.dll
+ 2004-08-03 21:10:14 15,360 -c--a-w E:\WINDOWS\system32\dllcache\streamip.sys
+ 2001-08-23 15:47:20 41,472 -c--a-w E:\WINDOWS\system32\dllcache\sw_effct.dll
+ 2001-08-23 15:47:20 53,760 -c--a-w E:\WINDOWS\system32\dllcache\sw_wheel.dll
+ 2006-12-13 12:05:59 4,352 -c--a-w E:\WINDOWS\system32\dllcache\swenum.sys
+ 2001-08-17 20:00:52 54,272 -c--a-w E:\WINDOWS\system32\dllcache\swmidi.sys
+ 2001-08-23 15:47:20 10,240 -c--a-w E:\WINDOWS\system32\dllcache\swpdflt2.dll
+ 2001-08-23 15:47:20 10,240 -c--a-w E:\WINDOWS\system32\dllcache\swpidflt.dll
+ 2001-08-17 20:02:56 3,968 -c--a-w E:\WINDOWS\system32\dllcache\swusbflt.sys
+ 2001-08-17 19:50:58 103,936 -c--a-w E:\WINDOWS\system32\dllcache\sx.sys
+ 2001-08-23 15:47:20 94,293 -c--a-w E:\WINDOWS\system32\dllcache\sxports.dll
+ 2001-08-17 20:07:40 28,384 -c--a-w E:\WINDOWS\system32\dllcache\sym_hi.sys
+ 2001-08-17 20:07:42 30,688 -c--a-w E:\WINDOWS\system32\dllcache\sym_u3.sys
+ 2001-08-17 20:07:34 16,256 -c--a-w E:\WINDOWS\system32\dllcache\symc810.sys
+ 2001-08-17 20:07:36 32,640 -c--a-w E:\WINDOWS\system32\dllcache\symc8xx.sys
+ 2004-08-03 21:15:56 60,800 -c--a-w E:\WINDOWS\system32\dllcache\sysaudio.sys
+ 2001-08-23 15:46:48 172,768 -c--a-w E:\WINDOWS\system32\dllcache\t2r4disp.dll
+ 2001-08-17 18:50:12 36,640 -c--a-w E:\WINDOWS\system32\dllcache\t2r4mini.sys
+ 2001-08-17 19:52:54 7,040 -c--a-w E:\WINDOWS\system32\dllcache\tandqic.sys
+ 2001-08-17 19:49:46 30,464 -c--a-w E:\WINDOWS\system32\dllcache\tbatm155.sys
+ 2001-08-17 18:13:00 37,961 -c--a-w E:\WINDOWS\system32\dllcache\tdk100b.sys
+ 2001-08-17 18:13:00 17,129 -c--a-w E:\WINDOWS\system32\dllcache\tdkcd31.sys
+ 2004-08-19 14:10:18 40,840 -c--a-w E:\WINDOWS\system32\dllcache\termdd.sys
+ 2004-08-03 21:00:06 149,376 -c--a-w E:\WINDOWS\system32\dllcache\tffsport.sys
+ 2001-08-23 15:46:48 81,408 -c--a-w E:\WINDOWS\system32\dllcache\tgiul50.dll
+ 2001-08-17 18:51:10 138,528 -c--a-w E:\WINDOWS\system32\dllcache\tgiulnt5.sys
+ 2001-08-17 18:14:26 123,995 -c--a-w E:\WINDOWS\system32\dllcache\tjisdn.sys
+ 2001-08-17 18:10:26 28,232 -c--a-w E:\WINDOWS\system32\dllcache\tos4mo.sys
+ 2006-12-13 12:04:13 51,712 -c--a-w E:\WINDOWS\system32\dllcache\tosdvd.sys
+ 2001-08-17 20:01:52 241,664 -c--a-w E:\WINDOWS\system32\dllcache\tosdvd02.sys
+ 2001-08-17 20:02:00 230,912 -c--a-w E:\WINDOWS\system32\dllcache\tosdvd03.sys
+ 2001-08-23 15:00:46 4,992 -c--a-w E:\WINDOWS\system32\dllcache\toside.sys
+ 2001-08-23 15:47:20 31,744 -c--a-w E:\WINDOWS\system32\dllcache\tp4.dll
+ 2004-08-19 14:10:04 82,432 -c--a-w E:\WINDOWS\system32\dllcache\tp4mon.exe
+ 2001-08-23 15:46:22 43,520 -c--a-w E:\WINDOWS\system32\dllcache\tp4res.dll
+ 2001-08-17 18:12:12 34,375 -c--a-w E:\WINDOWS\system32\dllcache\tpro4.sys
+ 2001-08-23 15:46:48 315,520 -c--a-w E:\WINDOWS\system32\dllcache\trid3d.dll
+ 2001-08-17 18:51:16 222,336 -c--a-w E:\WINDOWS\system32\dllcache\trid3dm.sys
+ 2001-08-23 15:46:48 440,576 -c--a-w E:\WINDOWS\system32\dllcache\tridkb.dll
+ 2001-08-17 18:51:16 159,232 -c--a-w E:\WINDOWS\system32\dllcache\tridkbm.sys
+ 2001-08-23 15:47:20 525,568 -c--a-w E:\WINDOWS\system32\dllcache\tridxp.dll
+ 2001-08-17 18:51:22 166,784 -c--a-w E:\WINDOWS\system32\dllcache\tridxpm.sys
+ 2006-12-13 12:04:13 21,376 -c--a-w E:\WINDOWS\system32\dllcache\tsbvcap.sys
+ 2006-12-13 12:04:13 8,192 -c--a-w E:\WINDOWS\system32\dllcache\tsbyuv.dll
+ 2006-12-13 12:05:59 12,416 -c--a-w E:\WINDOWS\system32\dllcache\tunmp.sys
+ 2001-08-17 19:48:14 11,520 -c--a-w E:\WINDOWS\system32\dllcache\twotrack.sys
+ 2004-08-03 21:07:44 44,672 -c--a-w E:\WINDOWS\system32\dllcache\uagp35.sys
+ 2001-08-17 19:52:22 36,736 -c--a-w E:\WINDOWS\system32\dllcache\ultra.sys
+ 2001-08-23 15:47:20 216,576 -c--a-w E:\WINDOWS\system32\dllcache\um34scan.dll
+ 2001-08-23 15:47:20 212,480 -c--a-w E:\WINDOWS\system32\dllcache\um54scan.dll
+ 2001-08-23 15:47:20 47,616 -c--a-w E:\WINDOWS\system32\dllcache\umaxcam.dll
+ 2001-08-23 15:47:20 50,688 -c--a-w E:\WINDOWS\system32\dllcache\umaxp60.dll
+ 2001-08-17 19:58:12 22,912 -c--a-w E:\WINDOWS\system32\dllcache\umaxpcls.sys
+ 2001-08-23 15:47:20 50,688 -c--a-w E:\WINDOWS\system32\dllcache\umaxscan.dll
+ 2001-08-23 15:47:20 70,144 -c--a-w E:\WINDOWS\system32\dllcache\umaxu12.dll
+ 2001-08-23 15:47:20 27,136 -c--a-w E:\WINDOWS\system32\dllcache\umaxu22.dll
+ 2001-08-23 15:47:20 28,672 -c--a-w E:\WINDOWS\system32\dllcache\umaxu40.dll
+ 2001-08-23 15:47:20 94,720 -c--a-w E:\WINDOWS\system32\dllcache\umaxud32.dll
+ 2004-08-19 13:58:16 32,384 -c--a-w E:\WINDOWS\system32\dllcache\usb101et.sys
+ 2004-08-03 21:04:34 12,672 -c--a-w E:\WINDOWS\system32\dllcache\usb8023x.sys
+ 2004-08-03 21:07:56 59,264 -c--a-w E:\WINDOWS\system32\dllcache\usbaudio.sys
+ 2006-12-13 12:04:13 23,808 -c--a-w E:\WINDOWS\system32\dllcache\usbcamd.sys
+ 2006-12-13 12:04:13 23,936 -c--a-w E:\WINDOWS\system32\dllcache\usbcamd2.sys
+ 2004-08-03 21:08:48 31,616 -c--a-w E:\WINDOWS\system32\dllcache\usbccgp.sys
+ 2002-09-06 19:59:59 4,736 -c--a-w E:\WINDOWS\system32\dllcache\usbd.sys
+ 2004-08-03 23:08:37 26,624 -c--a-w E:\WINDOWS\system32\dllcache\usbehci.sys
+ 2004-08-03 23:08:43 57,600 -c--a-w E:\WINDOWS\system32\dllcache\usbhub.sys
+ 2006-12-13 12:05:59 16,000 -c--a-w E:\WINDOWS\system32\dllcache\usbintel.sys
+ 2004-08-03 23:08:37 17,024 -c--a-w E:\WINDOWS\system32\dllcache\usbohci.sys
+ 2004-08-03 23:08:43 142,976 -c--a-w E:\WINDOWS\system32\dllcache\usbport.sys
+ 2004-08-03 21:01:26 25,856 -c--a-w E:\WINDOWS\system32\dllcache\usbprint.sys