Probleme de virus

Jai fais la supression des fichiers et pendant la supression un message disant Exception proscessing message c0000013 Parameters75afbf7c 4 75afbf7c 75afbf7c est apparu et jai cliqué sur continuer.

Voici le rapport

Merci beaucoup
Marjo

----------------- FindyKill V4.709 ------------------

* User : Owner - MARJORIE_B
* executed from : C:\Program Files\FindyKill
* Update on 10/12/08 par Chiquitine29
* Start at 16:33:36 the 2008-12-19
* Windows XP - Internet Explorer 7.0.5730.11


((((((((((((((( *** deleting *** ))))))))))))))))))


--------------- [ Active Processes ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe

--------------- [ Infected files / folders ] ----------------


»»»» Supression files in C:


»»»» Supression files in C:\WINDOWS


»»»» Supression files in C:\WINDOWS\Prefetch


»»»» Supression files in C:\WINDOWS\system32


»»»» Supression files in C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Supression files in C:\WINDOWS\system32\drivers


»»»» Supression files in C:\Documents and Settings\Owner\Application Data


»»»» Supression files in C:\DOCUME~1\Owner\LOCALS~1\Temp


»»»» Supression files in C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5

Deleted ! - C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{09DBFA8D-148C-4ADD-A9D7-B155B64585CB}.jpg
Deleted ! - C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Media Player\Cache d'images\LocalMLS\{22BE8C6D-4BF4-41B2-84F4-1409603D4B64}.jpg
Deleted ! - C:\Documents and Settings\Owner\Mes documents\Ma musique\La Bottine Souriante\Jean Leloup\Mexico\AlbumArt_{E77B64BC-04DA-442B-8DBB-1B0FAB635914}_Large.jpg
Deleted ! - C:\Documents and Settings\Owner\Mes documents\Ma musique\La Bottine Souriante\Jean Leloup\Mexico\AlbumArt_{E77B64BC-04DA-442B-8DBB-1B0FAB635914}_Small.jpg
Deleted ! - C:\Documents and Settings\Owner\Mes documents\Ma musique\The Beatles\Live at the BBC Disc 1\AlbumArt_{7CB2C401-EEA3-4770-AE97-ABABC4B641C4}_Large.jpg
Deleted ! - C:\Documents and Settings\Owner\Mes documents\Ma musique\The Beatles\Live at the BBC Disc 1\AlbumArt_{7CB2C401-EEA3-4770-AE97-ABABC4B641C4}_Small.jpg

--------------- [ Registry / Infected keys ] ----------------


--------------- [ States / Restarting of services ] ----------------



+- Services : [ Auto=2 / Request=3 / Disable=4 ]

Ndisuio - Type of startup = 3

EapHost - Type of startup = 2

Ip6Fw - Type of startup = 2

SharedAccess - Type of startup = 2

wuauserv - Type of startup = 2

wscsvc - Type of startup = 2


--------------- [ Cleaning removable drives ] ----------------

+- Informations :

C: - Lecteur fixeD: - Lecteur fixeJ: - Lecteur de CD-ROMK: - Lecteur amovibleM: - Lecteur amovible
+- deleting files :

Deleted ! - D:\info.exe
Not deleted !! - J:\autorun.inf

--------------- [ Registry / Mountpoint2 ] ----------------

Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b44a4a1-1439-11da-95be-806d6172696f}\Shell\AutoRun\command

--------------- [ Searching Cracks / Keygen ] ----------------

C:\Documents and Settings\Owner\Mes documents\Antidote\Crack_Antidote_RX_v4.exe
C:\Documents and Settings\All Users\Application Data\IncrediMail\Data\Sound\tchaikovsky_the_nutcracker.imw


---------------- ! End of report ! ------------------

impossible de lancer linstallation de malwarebyte, meme si je le renomme. Ya til une autre solution?

Bonjour

Jai fais comme vous mavez dit et jai lancer combofix sur mon ordinateur et jai ensuite pu installer malwarebyte et jai fais lanalyse et jai ensuite tout supprimer les fichiers en quarantaine. voici les 2 rapports

Merci beaucoup

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1629
Windows 5.1.2600 Service Pack 3

2009-01-07 15:33:28
mbam-log-2009-01-07 (15-33-28).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 115449
Temps écoulé: 38 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 34

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{037c7b8a-151a-49e6-baed-cc05fcb50328} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15421b84-3488-49a7-ad18-cbf84a3efaf6} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Webtools (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\ldjbqlov.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bmhxih.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dhrlsboy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dikmkz.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\explorer32.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\TDSSnrsr.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\TDSSofxh.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\TDSSriqp.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvVOHwt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gxlscmgr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\iaoqwqhc.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfEtRiG.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pkibqmbr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\psgsac.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\TDSScfub.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\uaoukksp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wgozve.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015833.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015834.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015835.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015836.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015857.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015871.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015873.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015874.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015876.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015879.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015881.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015882.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015888.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015891.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015892.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015893.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{49E555D9-D0EB-467A-88B3-D72AC730B29C}\RP149\A0015886.dll (Trojan.Vundo) -> Quarantined and deleted successfully.


ComboFix 09-01-06.02 - Owner 2009-01-07 12:04:27.5 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.382.154 [GMT -5:00]
Lancé depuis: c:\documents and settings\Owner\Bureau\tr.exe
.
[i] ADS - WINDOWS: deleted 24 bytes in 1 streams. /i

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Owner\Application Data\gadcom
c:\documents and settings\Owner\Application Data\SpeedRunner
c:\documents and settings\Owner\Application Data\SpeedRunner\config.cfg
c:\documents and settings\Owner\Application Data\SpeedRunner\SpeedRunner.exe
c:\program files\inetget2
c:\program files\INSTALL.LOG
c:\program files\Mjcore
c:\temp\1cb
c:\temp\1cb\syscheck.log
c:\temp\DIV55
c:\temp\DIV55\xDb.log
c:\windows\fmark2.dat
c:\windows\system32\404Fix.exe
c:\windows\system32\aiabbv.dll
c:\windows\system32\bmhxih.dll
c:\windows\system32\cfvvbi.dll
c:\windows\system32\dhrlsboy.dll
c:\windows\system32\dikmkz.dll
c:\windows\system32\drivers\TDSSmaxt.sys
c:\windows\system32\dumphive.exe
c:\windows\system32\explorer32.exe
c:\windows\system32\eyrsifuc.dll
c:\windows\system32\gxlscmgr.dll
c:\windows\system32\gzayit.dll
c:\windows\system32\iacsvaws.dll
c:\windows\system32\iaoqwqhc.dll
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\kdopndkl.ini
c:\windows\system32\khfEtRiG.dll
c:\windows\system32\ldjbqlov.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\ocmgeaut.dll
c:\windows\system32\odengwvg.ini
c:\windows\system32\op4
c:\windows\system32\peysaf.dll
c:\windows\system32\pkibqmbr.dll
c:\windows\system32\plkyhiwp.ini
c:\windows\system32\psgsac.dll
c:\windows\system32\rbmqbikp.ini
c:\windows\system32\SrchSTS.exe
c:\windows\system32\TDSScfub.dll
c:\windows\system32\TDSSfxmp.dll
c:\windows\system32\TDSSnrsr.dll
c:\windows\system32\TDSSofxh.dll
c:\windows\system32\TDSSosvd.dat
c:\windows\system32\TDSSriqp.dll
c:\windows\system32\TDSStkdv.log
c:\windows\system32\tmp.reg
c:\windows\system32\tskchuwp.dll
c:\windows\system32\tuvVOHwt.dll
c:\windows\system32\twHOVvut.ini
c:\windows\system32\twHOVvut.ini2
c:\windows\system32\uaoukksp.dll
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\vos
c:\windows\system32\wgozve.dll
c:\windows\system32\wkxlfyof.dll
c:\windows\system32\WS2Fix.exe
c:\windows\system32\xryzms.dll
c:\windows\system32\yobslrhd.ini
c:\windows\system32\yypynkcy.ini
c:\windows\Tasks\jjlfwymg.job

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_TDSSserv.sys
-------\Legacy_TDSSserv.sys


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-07 au 2009-01-07 ))))))))))))))))))))))))))))))))))))
.

2009-01-07 08:50 . 2005-08-24 14:46 <REP> d-------- c:\documents and settings\Administrateur\WINDOWS
2009-01-07 08:50 . 2005-04-27 23:11 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau
2009-01-07 08:50 . 2005-04-27 23:11 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression
2009-01-07 08:50 . 2005-08-24 14:46 <REP> d--h----- c:\documents and settings\Administrateur\Modèles
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Mes documents
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Favoris
2009-01-07 08:50 . 2005-08-24 14:46 <REP> d-------- c:\documents and settings\Administrateur\Bureau
2009-01-07 08:50 . 2009-01-07 08:50 <REP> d-------- c:\documents and settings\Administrateur
2008-12-20 14:48 . 2008-12-20 14:48 <REP> d-------- c:\program files\Ma
2008-12-20 14:48 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-20 14:48 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-19 13:13 . 2008-12-20 14:37 <REP> d-------- c:\program files\FindyKill
2008-12-16 11:24 . 2008-12-12 00:57 78,336 --a------ c:\windows\system32\Agent.OMZ.Fix.exe
2008-12-15 13:48 . 2008-12-15 13:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2008-12-15 12:39 . 2008-12-15 12:40 <REP> d-------- c:\program files\Yahoo!
2008-12-10 16:12 . 2008-12-15 12:05 <REP> d-------- c:\documents and settings\Owner\Application Data\Twain
2008-12-10 16:07 . 2008-12-15 13:26 <REP> d-------- c:\program files\Webtools
2008-12-08 15:41 . 2009-01-07 12:04 <REP> d-------- C:\Temp
2008-12-08 11:30 . 2008-12-08 11:30 <REP> d-------- C:\DVD_MAMANCHEZLECOIFFEUR
2008-12-07 19:49 . 2008-12-07 19:49 <REP> d-------- C:\STUPEUR_ET_TREMBLEMENTS

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-19 18:42 --------- d-----w c:\program files\Free Easy Burner
2006-02-03 00:09 0 -c--a-w c:\documents and settings\Owner\Application Data\wklnhst.dat
2006-01-06 17:10 0 -csha-w c:\windows\SMINST\HPCD.sys
2008-09-05 15:52 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090520080906\index.dat
.

((((((((((((((((((((((((((((( snapshot_2008-05-12_14.45.44,85 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-02-26 11:49:32 297,984 -c--a-w c:\windows\$hf_mig$\KB932823-v3\SP2QFE\msctf.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w c:\windows\$hf_mig$\KB932823-v3\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w c:\windows\$hf_mig$\KB932823-v3\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w c:\windows\$hf_mig$\KB932823-v3\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w c:\windows\$hf_mig$\KB932823-v3\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w c:\windows\$hf_mig$\KB932823-v3\update\updspapi.dll
+ 2008-05-02 13:33:12 83,968 -c--a-w c:\windows\$hf_mig$\KB946648\SP2QFE\msgsc.dll
+ 2008-05-02 14:01:52 83,968 -c--a-w c:\windows\$hf_mig$\KB946648\SP3GDR\msgsc.dll
+ 2008-05-02 13:44:40 83,968 -c--a-w c:\windows\$hf_mig$\KB946648\SP3QFE\msgsc.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB946648\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB946648\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB946648\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB946648\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB946648\update\updspapi.dll
+ 2008-01-23 04:56:21 554,008 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\dao360.dll
+ 2007-12-10 12:41:11 518,944 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexch40.dll
+ 2007-12-10 12:41:11 326,432 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msexcl40.dll
+ 2007-12-10 12:41:11 1,516,568 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjet40.dll
+ 2007-12-10 12:41:11 355,112 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjetol1.dll
+ 2008-03-25 06:56:31 194,144 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjint40.dll
+ 2007-12-10 12:41:12 60,192 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjter40.dll
+ 2007-12-10 12:41:12 248,608 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msjtes40.dll
+ 2007-12-10 12:41:12 219,936 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msltus40.dll
+ 2007-12-10 12:41:12 355,104 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mspbde40.dll
+ 2007-12-10 12:41:13 432,928 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd2x40.dll
+ 2007-12-10 12:41:13 322,336 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrd3x40.dll
+ 2007-12-10 12:41:13 559,904 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msrepl40.dll
+ 2007-12-10 12:41:13 264,992 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mstext40.dll
+ 2007-12-10 12:41:13 838,432 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswdat10.dll
+ 2007-11-01 05:15:27 621,344 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\mswstr10.dll
+ 2007-12-10 12:41:14 355,104 -c--a-w c:\windows\$hf_mig$\KB950749\SP2QFE\msxbde40.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w c:\windows\$hf_mig$\KB950749\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w c:\windows\$hf_mig$\KB950749\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w c:\windows\$hf_mig$\KB950749\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w c:\windows\$hf_mig$\KB950749\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w c:\windows\$hf_mig$\KB950749\update\updspapi.dll
+ 2008-04-23 07:19:26 124,928 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\advpack.dll
+ 2008-04-23 07:19:26 347,136 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtmsft.dll
+ 2008-04-23 07:19:26 214,528 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\dxtrans.dll
+ 2008-04-23 07:19:26 132,608 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\extmgr.dll
+ 2008-04-23 07:19:26 63,488 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\icardie.dll
+ 2008-04-22 08:02:19 70,656 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2008-04-23 07:19:26 153,088 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakeng.dll
+ 2008-04-23 07:19:26 230,400 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieaksie.dll
+ 2008-04-20 05:07:38 161,792 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dat
+ 2008-04-23 07:19:26 383,488 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieapfltr.dll
+ 2008-04-23 07:19:26 388,608 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iedkcs32.dll
+ 2008-04-23 07:19:26 6,068,224 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieframe.dll
+ 2008-04-23 07:19:26 44,544 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iernonce.dll
+ 2008-04-23 07:19:26 267,776 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iertutil.dll
+ 2008-04-22 08:02:19 13,824 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2008-04-22 08:02:46 625,664 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2008-04-23 07:19:26 27,648 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\jsproxy.dll
+ 2008-04-23 07:19:27 459,264 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeeds.dll
+ 2008-04-23 07:19:27 52,224 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msfeedsbs.dll
+ 2008-04-23 07:19:27 3,593,728 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
+ 2008-04-23 07:19:27 478,208 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtmled.dll
+ 2008-04-23 07:19:27 193,024 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\msrating.dll
+ 2008-04-23 07:19:27 671,232 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mstime.dll
+ 2008-04-23 07:19:27 102,912 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\occache.dll
+ 2008-04-23 07:19:27 44,544 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\pngfilt.dll
+ 2008-04-23 07:19:27 105,984 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\url.dll
+ 2008-04-23 07:19:27 1,162,752 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\urlmon.dll
+ 2008-04-23 07:19:27 233,472 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\webcheck.dll
+ 2008-04-23 07:19:27 827,392 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB950760\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB950760\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB950760\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB950760\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB950760\update\updspapi.dll
+ 2008-05-08 12:14:51 203,008 -c--a-w c:\windows\$hf_mig$\KB950762\SP2QFE\rmcast.sys
+ 2008-05-08 14:02:52 203,136 -c--a-w c:\windows\$hf_mig$\KB950762\SP3GDR\rmcast.sys
+ 2008-05-08 13:58:17 203,136 -c--a-w c:\windows\$hf_mig$\KB950762\SP3QFE\rmcast.sys
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB950762\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB950762\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB950762\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB950762\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB950762\update\updspapi.dll
+ 2008-07-07 20:18:27 253,952 -c--a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 -c--a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 -c--a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 18:40:33 683,520 -c--a-w c:\windows\$hf_mig$\KB951066\SP2QFE\inetcomm.dll
+ 2008-04-11 19:05:22 691,712 -c--a-w c:\windows\$hf_mig$\KB951066\SP3GDR\inetcomm.dll
+ 2008-04-12 04:23:04 691,712 -c--a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:43 767,352 -c--a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-14 18:03:13 272,768 -c--a-w c:\windows\$hf_mig$\KB951376-v2\SP2QFE\bthport.sys
+ 2008-06-14 17:33:37 272,768 -c--a-w c:\windows\$hf_mig$\KB951376-v2\SP3GDR\bthport.sys
+ 2008-06-14 17:40:19 272,768 -c--a-w c:\windows\$hf_mig$\KB951376-v2\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951376-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\update.exe
+ 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB951376-v2\update\updspapi.dll
+ 2008-04-14 16:17:04 272,768 -c--a-w c:\windows\$hf_mig$\KB951376\SP2QFE\bthport.sys
+ 2008-04-14 15:59:30 272,768 -c--a-w c:\windows\$hf_mig$\KB951376\SP3GDR\bthport.sys
+ 2008-04-14 16:22:05 272,768 -c--a-w c:\windows\$hf_mig$\KB951376\SP3QFE\bthport.sys
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951376\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951376\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951376\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB951376\update\update.exe
+ 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB951376\update\updspapi.dll
+ 2008-05-07 04:55:47 1,294,336 -c--a-w c:\windows\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:11:24 1,294,336 -c--a-w c:\windows\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:59 1,294,336 -c--a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:13:24 100,352 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:37:01 147,968 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:37:01 247,808 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 -c--a-w c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 -c--a-w c:\windows\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:47:22 147,968 -c--a-w c:\windows\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:47:22 247,808 -c--a-w c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 -c--a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 -c--a-w c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:44:02 147,968 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:44:02 247,808 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 -c--a-w c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-05-07 09:07:23 135,168 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:51:45 512,000 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:51:45 180,224 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:51:45 172,032 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:51:45 430,080 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:51:45 90,112 -c--a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:29 18,296 -c--a-w c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:29 234,872 -c--a-w c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:29 26,488 -c--a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 -c--a-w c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:29 406,392 -c--a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-05-01 15:04:51 331,776 -c--a-w c:\windows\$hf_mig$\KB952287\SP2QFE\msadce.dll
+ 2008-05-01 14:36:26 331,776 -c--a-w c:\windows\$hf_mig$\KB952287\SP3GDR\msadce.dll
+ 2008-05-01 14:39:23 331,776 -c--a-w c:\windows\$hf_mig$\KB952287\SP3QFE\msadce.dll
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB952287\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB952287\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB952287\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB952287\update\update.exe
+ 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB952287\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 -c--a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 -c--a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 -c--a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 -c--a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 -c--a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2007-11-30 12:39:22 17,272 -c--a-w c:\windows\$hf_mig$\KB953356\spmsg.dll
+ 2007-11-30 12:39:22 231,288 -c--a-w c:\windows\$hf_mig$\KB953356\spuninst.exe
+ 2008-05-28 12:01:41 26,624 -c--a-w c:\windows\$hf_mig$\KB953356\update\ippmcust.dll
+ 2007-11-30 12:39:22 26,488 -c--a-w c:\windows\$hf_mig$\KB953356\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 -c--a-w c:\windows\$hf_mig$\KB953356\update\update.exe
+ 2007-11-30 12:39:22 382,840 -c--a-w c:\windows\$hf_mig$\KB953356\update\updspapi.dll
+ 2008-06-23 15:40:01 124,928 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\advpack.dll
+ 2008-06-23 15:40:01 347,136 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtmsft.dll
+ 2008-06-23 15:40:01 214,528 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\dxtrans.dll
+ 2008-06-23 15:40:01 132,608 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\extmgr.dll
+ 2008-06-23 15:40:01 63,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\icardie.dll
+ 2008-06-23 08:23:18 70,656 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2008-06-23 15:40:01 153,088 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakeng.dll
+ 2008-06-23 15:40:01 230,400 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieaksie.dll
+ 2008-06-21 05:23:53 161,792 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dat
+ 2008-06-23 15:40:02 383,488 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieapfltr.dll
+ 2008-06-23 15:40:02 388,608 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iedkcs32.dll
+ 2008-06-23 15:40:04 6,068,736 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieframe.dll
+ 2008-06-23 15:40:04 44,544 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iernonce.dll
+ 2008-06-23 15:40:04 267,776 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iertutil.dll
+ 2008-06-23 08:23:18 13,824 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2008-06-23 08:23:52 625,664 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2008-06-23 15:40:05 27,648 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\jsproxy.dll
+ 2008-06-23 15:40:05 459,264 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeeds.dll
+ 2008-06-23 15:40:05 52,224 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msfeedsbs.dll
+ 2008-06-23 15:40:07 3,594,240 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
+ 2008-06-23 15:40:07 477,696 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtmled.dll
+ 2008-06-23 15:40:07 193,024 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\msrating.dll
+ 2008-06-23 15:40:07 671,232 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mstime.dll
+ 2008-06-23 15:40:07 102,912 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\occache.dll
+ 2008-06-23 15:40:07 44,544 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\pngfilt.dll
+ 2008-06-23 15:40:07 105,984 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\url.dll
+ 2008-06-23 15:40:08 1,162,752 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\urlmon.dll
+ 2008-06-23 15:40:08 233,472 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\webcheck.dll
+ 2008-06-23 15:40:08 827,904 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\update\updspapi.dll
+ 2007-11-30 11:19:06 18,296 -c--a-w c:\windows\$hf_mig$\KB953839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 -c--a-w c:\windows\$hf_mig$\KB953839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 -c--a-w c:\windows\$hf_mig$\KB953839\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 -c--a-w c:\windows\$hf_mig$\KB953839\update\update.exe
+ 2007-11-30 11:19:10 406,392 -c--a-w c:\windows\$hf_mig$\KB953839\update\updspapi.dll
+ 2008-09-15 15:20:39 1,847,040 ----a-w c:\windows\$hf_mig$\KB954211\SP3QFE\win32k.sys
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB954211\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB954211\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB954211\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB954211\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954211\update\updspapi.dll
+ 2008-09-10 01:12:14 1,379,840 ----a-w c:\windows\$hf_mig$\KB954459\SP3QFE\msxml6.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB954459\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB954459\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB954459\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB954459\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB954459\update\updspapi.dll
+ 2008-09-04 17:12:47 1,106,944 ----a-w c:\windows\$hf_mig$\KB955069\SP3QFE\msxml3.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB955069\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB955069\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB955069\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB955069\update\update.exe
+ 2008-07-09 18:10:36 406,392 ----a-w c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-08-26 09:10:25 124,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\advpack.dll
+ 2008-08-26 09:10:25 347,136 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtmsft.dll
+ 2008-08-26 09:10:25 214,528 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\dxtrans.dll
+ 2008-08-26 09:10:25 132,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\extmgr.dll
+ 2008-08-26 09:10:25 63,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\icardie.dll
+ 2008-08-25 08:43:21 70,656 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2008-08-26 09:10:26 153,088 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakeng.dll
+ 2008-08-26 09:10:26 230,400 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieaksie.dll
+ 2008-08-23 05:54:50 161,792 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dat
+ 2008-08-26 09:10:26 380,928 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieapfltr.dll
+ 2008-08-26 09:10:26 388,608 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iedkcs32.dll
+ 2008-10-03 16:22:30 6,068,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieframe.dll
+ 2008-08-26 09:10:27 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iernonce.dll
+ 2008-08-26 09:10:27 267,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iertutil.dll
+ 2008-08-25 08:43:21 13,824 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2008-08-23 05:56:16 635,848 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\iexplore.exe
+ 2008-08-26 09:10:27 27,648 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\jsproxy.dll
+ 2008-08-26 09:10:27 459,264 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeeds.dll
+ 2008-08-26 09:10:27 52,224 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msfeedsbs.dll
+ 2008-08-26 09:10:28 3,594,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
+ 2008-08-26 09:10:28 477,696 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtmled.dll
+ 2008-08-26 09:10:28 193,024 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\msrating.dll
+ 2008-08-26 09:10:29 671,232 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mstime.dll
+ 2008-08-26 09:10:29 102,912 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\occache.dll
+ 2008-08-26 09:10:29 44,544 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\pngfilt.dll
+ 2008-08-26 09:10:29 105,984 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\url.dll
+ 2008-08-26 09:10:29 1,162,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\urlmon.dll
+ 2008-08-26 09:10:29 233,472 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\webcheck.dll
+ 2008-08-26 09:10:29 827,904 ----a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w c:\windows\$hf_mig$\KB956390-IE7\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w c:\windows\$hf_mig$\KB956390-IE7\update\updspapi.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB956391\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB956391\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB956391\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956391\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956391\update\updspapi.dll
+ 2008-08-14 10:34:26 138,496 ----a-w c:\windows\$hf_mig$\KB956803\SP3QFE\afd.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956803\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956803\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956803\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB956803\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB956803\update\updspapi.dll
+ 2008-08-14 13:55:54 2,147,328 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlmp.exe
+ 2008-08-14 23:26:00 2,068,096 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
+ 2008-08-14 13:55:47 2,025,984 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrpamp.exe
+ 2008-08-14 23:26:02 2,191,232 ----a-w c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956841\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956841\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956841\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956841\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956841\update\updspapi.dll
+ 2008-09-08 11:37:19 333,824 ----a-w c:\windows\$hf_mig$\KB957095\SP3QFE\srv.sys
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB957095\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB957095\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB957095\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB957095\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB957095\update\updspapi.dll
+ 2008-10-24 11:41:11 455,936 ----a-w c:\windows\$hf_mig$\KB957097\SP3QFE\mrxsmb.sys
+ 2008-07-08 13:03:54 18,296 ----a-w c:\windows\$hf_mig$\KB957097\spmsg.dll
+ 2008-07-08 13:03:55 234,872 ----a-w c:\windows\$hf_mig$\KB957097\spuninst.exe
+ 2008-07-08 13:03:54 26,488 ----a-w c:\windows\$hf_mig$\KB957097\update\spcustom.dll
+ 2008-07-08 13:03:57 767,352 ----a-w c:\windows\$hf_mig$\KB957097\update\update.exe
+ 2008-07-08 13:04:05 406,392 ----a-w c:\windows\$hf_mig$\KB957097\update\updspapi.dll
+ 2008-10-15 16:31:32 339,456 ----a-w c:\windows\$hf_mig$\KB958644\SP3QFE\netapi32.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB958644\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB958644\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB958644\update\spcustom.dll
+ 2007-11-30 11:19:06 767,352 ----a-w c:\windows\$hf_mig$\KB958644\update\update.exe
+ 2007-11-30 11:19:10 406,392 ----a-w c:\windows\$hf_mig$\KB958644\update\updspapi.dll
+ 2004-08-04 06:10:08 53,248 -c----w c:\windows\$NtServicePackUninstall$\1394bus.sys
+ 2008-07-09 19:31:32 2,678 -c----w c:\windows\$NtServicePackUninstall$\1vvtbxr1.dat
+ 2008-07-09 19:31:28 2,678 -c----w c:\windows\$NtServicePackUninstall$\3blnl73b.dat
+ 2006-08-16 11:59:27 100,352 -c----w c:\windows\$NtServicePackUninstall$\6to4svc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll
+ 2006-10-04 14:05:26 39,424 -c----w c:\windows\$NtServicePackUninstall$\acadproc.dll.000
+ 2004-08-05 19:00:00 189,952 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe
+ 2004-08-05 19:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll
+ 2004-08-05 19:00:00 1,852,416 -c----w c:\windows\$NtServicePackUninstall$\acgenral.dll.000
+ 2004-08-05 19:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll
+ 2004-08-05 19:00:00 450,048 -c----w c:\windows\$NtServicePackUninstall$\aclayers.dll.000
+ 2004-08-05 19:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll
+ 2004-08-05 19:00:00 137,728 -c----w c:\windows\$NtServicePackUninstall$\aclua.dll.000
+ 2004-08-05 19:00:00 119,296 -c----w c:\windows\$NtServicePackUninstall$\aclui.dll
+ 2004-08-05 19:00:00 188,672 -c----w c:\windows\$NtServicePackUninstall$\acpi.sys
+ 2004-08-05 19:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll
+ 2004-08-05 19:00:00 244,736 -c----w c:\windows\$NtServicePackUninstall$\acspecfc.dll.000
+ 2004-08-05 19:00:00 194,048 -c----w c:\windows\$NtServicePackUninstall$\activeds.dll
+ 2004-08-05 19:00:00 4,096 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2004-08-05 19:00:00 101,888 -c----w c:\windows\$NtServicePackUninstall$\actxprxy.dll
+ 2004-08-05 19:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll
+ 2004-08-05 19:00:00 116,224 -c----w c:\windows\$NtServicePackUninstall$\acxtrnal.dll.000
+ 2004-08-05 19:00:00 175,616 -c----w c:\windows\$NtServicePackUninstall$\adsldp.dll
+ 2004-08-05 19:00:00 143,360 -c----w c:\windows\$NtServicePackUninstall$\adsldpc.dll
+ 2004-08-05 19:00:00 68,096 -c----w c:\windows\$NtServicePackUninstall$\adsmsext.dll
+ 2004-08-05 19:00:00 263,680 -c----w c:\windows\$NtServicePackUninstall$\adsnt.dll
+ 2004-08-05 19:00:00 685,056 -c----w c:\windows\$NtServicePackUninstall$\advapi32.dll
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys
+ 2006-02-15 00:22:26 142,464 -c----w c:\windows\$NtServicePackUninstall$\aec.sys.000
+ 2008-06-20 10:44:38 138,368 -c----w c:\windows\$NtServicePackUninstall$\afd.sys
+ 2004-08-05 19:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentanm.dll
+ 2004-08-05 19:00:00 214,016 -c----w c:\windows\$NtServicePackUninstall$\agentctl.dll
+ 2006-10-12 13:55:58 42,496 -c----w c:\windows\$NtServicePackUninstall$\agentdp2.dll
+ 2007-03-09 14:00:38 57,344 -c----w c:\windows\$NtServicePackUninstall$\agentdpv.dll
+ 2004-08-05 19:00:00 49,152 -c----w c:\windows\$NtServicePackUninstall$\agentmpx.dll
+ 2004-08-05 19:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agentpsh.dll
+ 2004-08-05 19:00:00 44,032 -c----w c:\windows\$NtServicePackUninstall$\agentsr.dll
+ 2006-10-12 11:54:07 256,512 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe
+ 2004-08-04 13:07:42 42,368 -c----w c:\windows\$NtServicePackUninstall$\agp440.sys
+ 2004-08-04 13:07:44 44,928 -c----w c:\windows\$NtServicePackUninstall$\agpcpq.sys
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0405.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0406.dll
+ 2004-08-05 19:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt0407.dll
+ 2004-08-05 19:00:00 22,016 -c----w c:\windows\$NtServicePackUninstall$\agt0408.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0409.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt040b.dll
+ 2004-08-05 19:00:00 21,504 -c----w c:\windows\$NtServicePackUninstall$\agt040c.dll
+ 2004-08-05 19:00:00 19,968 -c----w c:\windows\$NtServicePackUninstall$\agt040e.dll
+ 2004-08-05 19:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0410.dll
+ 2004-08-05 19:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0413.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0414.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0415.dll
+ 2004-08-05 19:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0416.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt0419.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041d.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\agt041f.dll
+ 2004-08-05 19:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\agt0816.dll
+ 2004-08-05 19:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\agt0c0a.dll
+ 2004-08-05 19:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\agtintl.dll
+ 2004-08-05 19:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe
+ 2004-08-05 19:00:00 44,544 -c----w c:\windows\$NtServicePackUninstall$\alg.exe
+ 2004-08-04 13:07:42 42,752 -c----w c:\windows\$NtServicePackUninstall$\alim1541.sys
+ 2004-08-05 19:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\alrsvc.dll
+ 2004-08-04 13:07:44 43,008 -c----w c:\windows\$NtServicePackUninstall$\amdagp.sys
+ 2004-08-05 19:00:00 41,216 -c----w c:\windows\$NtServicePackUninstall$\amdk6.sys
+ 2004-08-05 19:00:00 41,600 -c----w c:\windows\$NtServicePackUninstall$\amdk7.sys
+ 2004-08-05 19:00:00 70,656 -c----w c:\windows\$NtServicePackUninstall$\amstream.dll
+ 2004-08-05 19:00:00 126,976 -c----w c:\windows\$NtServicePackUninstall$\apphelp.dll
+ 2004-08-05 19:00:00 60,800 -c----w c:\windows\$NtServicePackUninstall$\arp1394.sys
+ 2004-08-05 19:00:00 65,024 -c----w c:\windows\$NtServicePackUninstall$\asycfilt.dll
+ 2004-08-05 19:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\asyncmac.sys
+ 2004-08-05 19:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\at.exe
+ 2004-08-04 04:59:44 95,360 -c----w c:\windows\$NtServicePackUninstall$\atapi.sys
+ 2004-08-05 19:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\atl.dll
+ 2004-08-05 19:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe
+ 2004-08-05 19:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\atmarpc.sys
+ 2004-08-05 19:00:00 285,696 -c----w c:\windows\$NtServicePackUninstall$\atmfd.dll
+ 2004-08-05 19:00:00 55,936 -c----w c:\windows\$NtServicePackUninstall$\atmlane.sys
+ 2004-08-05 19:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\atmlib.dll
+ 2004-08-05 19:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\attrib.exe
+ 2004-08-05 19:00:00 42,496 -c----w c:\windows\$NtServicePackUninstall$\audiosrv.dll
+ 2004-08-05 19:00:00 14,336 -c----w c:\windows\$NtServicePackUninstall$\auditusr.exe
+ 2005-03-02 18:10:36 56,832 -c----w c:\windows\$NtServicePackUninstall$\authz.dll
+ 2004-08-05 19:00:00 625,152 -c----w c:\windows\$NtServicePackUninstall$\autochk.exe
+ 2004-08-05 19:00:00 638,976 -c----w c:\windows\$NtServicePackUninstall$\autoconv.exe
+ 2004-08-05 19:00:00 616,960 -c----w c:\windows\$NtServicePackUninstall$\autofmt.exe
+ 2004-08-05 19:00:00 11,264 -c----w c:\windows\$NtServicePackUninstall$\autolfn.exe
+ 2004-08-05 19:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\avifil32.dll
+ 2004-08-05 19:00:00 52,736 -c----w c:\windows\$NtServicePackUninstall$\basesrv.dll
+ 2004-08-05 19:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\batmeter.dll
+ 2004-08-05 19:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\batt.dll
+ 2004-08-05 19:00:00 17,408 -c----w c:\windows\$NtServicePackUninstall$\bidispl.dll
+ 2004-08-05 19:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\bitsprx2.dll
+ 2004-08-05 19:00:00 7,168 -c----w c:\windows\$NtServicePackUninstall$\bitsprx3.dll
+ 2004-08-05 19:00:00 71,680 -c----w c:\windows\$NtServicePackUninstall$\blastcln.exe
+ 2004-08-05 19:00:00 71,552 -c----w c:\windows\$NtServicePackUninstall$\bridge.sys
+ 2004-08-05 19:00:00 70,144 -c----w c:\windows\$NtServicePackUninstall$\browselc.dll
+ 2004-08-05 19:00:00 77,312 -c----w c:\windows\$NtServicePackUninstall$\browser.dll
+ 2006-09-23 16:12:56 1,022,976 -c----w c:\windows\$NtServicePackUninstall$\browseui.dll
+ 2004-08-05 19:00:00 78,336 -c----w c:\windows\$NtServicePackUninstall$\browsewm.dll
+ 2004-08-05 19:00:00 20,992 -c----w c:\windows\$NtServicePackUninstall$\bthci.dll
+ 2008-06-14 17:59:52 272,768 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys
+ 2008-06-14 17:59:52 272,768 -c----w c:\windows\$NtServicePackUninstall$\bthport.sys.000
+ 2004-08-05 19:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\bthserv.dll
+ 2004-08-05 19:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\btpanui.dll
+ 2004-08-05 19:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\cabinet.dll
+ 2004-08-05 19:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\cabview.dll
+ 2004-08-05 19:00:00 19,456 -c----w c:\windows\$NtServicePackUninstall$\cacls.exe
+ 2004-08-05 19:00:00 385,024 -c----w c:\windows\$NtServicePackUninstall$\callcont.dll
+ 2004-08-05 19:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\camocx.dll
+ 2004-08-05 19:00:00 146,432 -c----w c:\windows\$NtServicePackUninstall$\capesnpn.dll
+ 2005-07-26 04:39:54 225,792 -c----w c:\windows\$NtServicePackUninstall$\catsrv.dll
+ 2004-08-05 19:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\catsrvps.dll
+ 2005-07-26 04:39:54 625,152 -c----w c:\windows\$NtServicePackUninstall$\catsrvut.dll
+ 2004-08-05 19:00:00 63,744 -c----w c:\windows\$NtServicePackUninstall$\cdfs.sys
+ 2006-09-14 08:39:59 152,064 -c----w c:\windows\$NtServicePackUninstall$\cdfview.dll
+ 2005-09-10 01:55:14 2,067,968 -c----w c:\windows\$NtServicePackUninstall$\cdosys.dll
+ 2004-08-05 19:00:00 49,536 -c----w c:\windows\$NtServicePackUninstall$\cdrom.sys
+ 2004-08-05 19:00:00 200,192 -c----w c:\windows\$NtServicePackUninstall$\certcli.dll
+ 2004-08-05 19:00:00 467,968 -c----w c:\windows\$NtServicePackUninstall$\certmgr.dll
+ 2004-08-05 19:00:00 39,424 -c----w c:\windows\$NtServicePackUninstall$\cfgbkend.dll
+ 2004-08-05 19:00:00 16,896 -c----w c:\windows\$NtServicePackUninstall$\cfgmgr32.dll
+ 2004-08-05 19:00:00 109,568 -c----w c:\windows\$NtServicePackUninstall$\cic.dll
+ 2004-08-05 19:00:00 1,352,704 -c----w c:\windows\$NtServicePackUninstall$\cimwin32.dll
+ 2006-06-22 05:13:45 69,120 -c----w c:\windows\$NtServicePackUninstall$\ciodm.dll
+ 2004-08-05 19:00:00 5,632 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2004-08-05 19:00:00 49,664 -c----w c:\windows\$NtServicePackUninstall$\classpnp.sys
+ 2005-07-26 04:39:55 110,080 -c----w c:\windows\$NtServicePackUninstall$\clbcatex.dll
+ 2005-07-26 04:39:55 498,688 -c----w c:\windows\$NtServicePackUninstall$\clbcatq.dll
+ 2004-08-05 19:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe
+ 2004-08-05 19:00:00 77,824 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.dll
+ 2004-08-05 19:00:00 20,480 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe
+ 2004-08-05 19:00:00 104,448 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe
+ 2004-08-05 19:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe
+ 2004-08-05 19:00:00 57,856 -c----w c:\windows\$NtServicePackUninstall$\clusapi.dll
+ 2004-08-05 19:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\cmcfg32.dll
+ 2004-08-05 19:00:00 400,896 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe
+ 2004-08-05 19:00:00 352,256 -c----w c:\windows\$NtServicePackUninstall$\cmdial32.dll
+ 2004-08-05 19:00:00 47,104 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe
+ 2004-08-05 19:00:00 40,448 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe
+ 2004-08-05 19:00:00 191,488 -c----w c:\windows\$NtServicePackUninstall$\cmprops.dll
+ 2004-08-05 19:00:00 13,824 -c----w c:\windows\$NtServicePackUninstall$\cmsetacl.dll
+ 2004-08-05 19:00:00 65,536 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe
+ 2004-08-05 19:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\cmutil.dll
+ 2004-08-05 19:00:00 50,688 -c----w c:\windows\$NtServicePackUninstall$\cnbjmon.dll
+ 2005-07-26 04:39:55 60,416 -c----w c:\windows\$NtServicePackUninstall$\colbact.dll
+ 2004-08-05 19:00:00 25,600 -c----w c:\windows\$NtServicePackUninstall$\comaddin.dll
+ 2005-07-26 04:39:56 195,072 -c----w c:\windows\$NtServicePackUninstall$\comadmin.dll
+ 2006-08-25 15:51:14 617,472 -c----w c:\windows\$NtServicePackUninstall$\comctl32.dll
+ 2004-08-05 19:00:00 281,088 -c----w c:\windows\$NtServicePackUninstall$\comdlg32.dll
+ 2004-08-05 19:00:00 253,440 -c----w c:\windows\$NtServicePackUninstall$\compatui.dll
+ 2004-08-05 19:00:00 230,912 -c----w c:\windows\$NtServicePackUninstall$\compstui.dll
+ 2005-07-26 04:39:56 97,792 -c----w c:\windows\$NtServicePackUninstall$\comrepl.dll
+ 2004-08-05 19:00:00 9,728 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2004-08-05 19:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2004-08-05 19:00:00 851,968 -c----w c:\windows\$NtServicePackUninstall$\comres.dll
+ 2004-08-05 19:00:00 259,584 -c----w c:\windows\$NtServicePackUninstall$\comsetup.dll
+ 2004-08-05 19:00:00 147,456 -c----w c:\windows\$NtServicePackUninstall$\comsnap.dll
+ 2005-07-26 04:39:57 1,267,200 -c----w c:\windows\$NtServicePackUninstall$\comsvcs.dll
+ 2005-07-26 04:39:57 540,160 -c----w c:\windows\$NtServicePackUninstall$\comuid.dll
+ 2004-08-05 19:00:00 1,044,480 -c----w c:\windows\$NtServicePackUninstall$\conf.exe
+ 2004-08-05 19:00:00 45,056 -c----w c:\windows\$NtServicePackUninstall$\confmrsl.dll
+ 2004-08-05 19:00:00 346,112 -c----w c:\windows\$NtServicePackUninstall$\confmsp.dll
+ 2004-08-05 19:00:00 27,648 -c----w c:\windows\$NtServicePackUninstall$\conime.exe
+ 2006-10-17 16:03:56 17,408 -c----w c:\windows\$NtServicePackUninstall$\corpol.dll
+ 2004-08-05 19:00:00 165,888 -c----w c:\windows\$NtServicePackUninstall$\credui.dll
+ 2004-08-05 19:00:00 40,704 -c----w c:\windows\$NtServicePackUninstall$\crusoe.sys
+ 2004-08-05 19:00:00 604,672 -c----w c:\windows\$NtServicePackUninstall$\crypt32.dll
+ 2004-08-05 19:00:00 75,776 -c----w c:\windows\$NtServicePackUninstall$\cryptdlg.dll
+ 2004-08-05 19:00:00 33,280 -c----w c:\windows\$NtServicePackUninstall$\cryptdll.dll
+ 2004-08-05 19:00:00 54,784 -c----w c:\windows\$NtServicePackUninstall$\cryptext.dll
+ 2004-08-05 19:00:00 63,488 -c----w c:\windows\$NtServicePackUninstall$\cryptnet.dll
+ 2004-08-05 19:00:00 60,416 -c----w c:\windows\$NtServicePackUninstall$\cryptsvc.dll
+ 2004-08-05 19:00:00 530,432 -c----w c:\windows\$NtServicePackUninstall$\cryptui.dll
+ 2004-08-05 19:00:00 102,912 -c----w c:\windows\$NtServicePackUninstall$\cscdll.dll
+ 2004-08-05 19:00:00 98,304 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe
+ 2004-08-05 19:00:00 337,920 -c----w c:\windows\$NtServicePackUninstall$\cscui.dll
+ 2004-08-05 19:00:00 32,768 -c----w c:\windows\$NtServicePackUninstall$\csrsrv.dll
+ 2004-08-05 19:00:00 6,144 -c----w c:\windows\$NtServicePackUninstall$\csrss.exe
+ 2004-08-05 19:00:00 15,360 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
+ 2006-06-02 19:32:20 33,792 -c----w c:\windows\$NtServicePackUninstall$\custsat.dll
+ 2004-08-05 19:00:00 1,179,648 -c----w c:\windows\$NtServicePackUninstall$\d3d8.dll
+ 2004-08-05 19:00:00 8,192 -c----w c:\windows\$NtServicePackUninstall$\d3d8thk.dll
+ 2004-08-05 19:00:00 1,689,088 -c----w c:\windows\$NtServicePackUninstall$\d3d9.dll
+ 2004-08-05 19:00:00 825,344 -c----w c:\windows\$NtServicePackUninstall$\d3dim700.dll
+ 2006-09-14 08:40:00 1,056,768 -c----w c:\windows\$NtServicePackUninstall$\danim.dll
+ 2004-08-05 19:00:00 55,296 -c----w c:\windows\$NtServicePackUninstall$\dataclen.dll
+ 2004-08-05 19:00:00 152,064 -c----w c:\windows\$NtServicePackUninstall$\datime.dll
+ 2004-08-05 19:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\davclnt.dll
+ 2004-08-05 19:00:00 640,000 -c----w c:\windows\$NtServicePackUninstall$\dbghelp.dll
+ 2004-08-05 19:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\dbmsrpcn.dll
+ 2004-08-05 19:00:00 110,592 -c----w c:\windows\$NtServicePackUninstall$\dbnetlib.dll
+ 2004-08-05 19:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dbnmpntw.dll
+ 2004-08-05 19:00:00 1,788 -c----w c:\windows\$NtServicePackUninstall$\dcache.bin
+ 2004-08-05 19:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\dcap32.dll
+ 2004-08-05 19:00:00 8,704 -c----w c:\windows\$NtServicePackUninstall$\dciman32.dll
+ 2004-08-05 19:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2004-08-05 19:00:00 31,744 -c----w c:\windows\$NtServicePackUninstall$\ddeshare.exe
+ 2004-08-05 19:00:00 266,240 -c----w c:\windows\$NtServicePackUninstall$\ddraw.dll
+ 2004-08-05 19:00:00 27,136 -c----w c:\windows\$NtServicePackUninstall$\ddrawex.dll
+ 2004-08-05 19:00:00 25,088 -c----w c:\windows\$NtServicePackUninstall$\defrag.exe
+ 2004-08-05 19:00:00 59,904 -c----w c:\windows\$NtServicePackUninstall$\devenum.dll
+ 2004-08-05 19:00:00 290,816 -c----w c:\windows\$NtServicePackUninstall$\devmgr.dll
+ 2004-08-05 19:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dfrgfat.exe
+ 2004-08-05 19:00:00 104,960 -c----w c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
+ 2004-08-05 19:00:00 39,424 -c----w c:\windows\$NtServicePackUninstall$\dfrgsnap.dll
+ 2004-08-05 19:00:00 123,904 -c----w c:\windows\$NtServicePackUninstall$\dfrgui.dll
+ 2004-08-05 19:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dfsshlex.dll
+ 2004-08-05 19:00:00 115,200 -c----w c:\windows\$NtServicePackUninstall$\dgnet.dll
+ 2006-05-19 13:23:35 112,128 -c----w c:\windows\$NtServicePackUninstall$\dhcpcsvc.dll
+ 2004-08-05 19:00:00 401,408 -c----w c:\windows\$NtServicePackUninstall$\dhcpmon.dll
+ 2004-08-05 19:00:00 548,352 -c----w c:\windows\$NtServicePackUninstall$\dialer.exe
+ 2004-08-05 19:00:00 85,504 -c----w c:\windows\$NtServicePackUninstall$\diantz.exe
+ 2004-08-05 19:00:00 68,608 -c----w c:\windows\$NtServicePackUninstall$\digest.dll
+ 2004-08-05 19:00:00 165,376 -c----w c:\windows\$NtServicePackUninstall$\dinput.dll
+ 2004-08-05 19:00:00 187,904 -c----w c:\windows\$NtServicePackUninstall$\dinput8.dll
+ 2007-05-16 15:13:53 86,528 -c----w c:\windows\$NtServicePackUninstall$\directdb.dll
+ 2004-08-05 19:00:00 36,352 -c----w c:\windows\$NtServicePackUninstall$\disk.sys
+ 2004-08-05 19:00:00 1,502,208 -c----w c:\windows\$NtServicePackUninstall$\diskcopy.dll
+ 2004-08-05 19:00:00 14,208 -c----w c:\windows\$NtServicePackUninstall$\diskdump.sys
+ 2004-08-05 19:00:00 167,936 -c----w c:\windows\$NtServicePackUninstall$\diskpart.exe
+ 2004-08-05 19:00:00 45,083 -c----w c:\windows\$NtServicePackUninstall$\dispex.dll
+ 2004-08-05 19:00:00 5,120 -c----w c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2004-08-05 19:00:00 225,280 -c----w c:\windows\$NtServicePackUninstall$\dmadmin.exe
+ 2004-08-05 19:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\dmband.dll
+ 2004-08-05 19:00:00 800,256 -c----w c:\windows\$NtServicePackUninstall$\dmboot.sys
+ 2004-08-05 19:00:00 61,440 -c----w c:\windows\$NtServicePackUninstall$\dmcompos.dll
+ 2004-08-05 19:00:00 273,920 -c----w c:\windows\$NtServicePackUninstall$\dmdlgs.dll
+ 2004-08-05 19:00:00 200,704 -c----w c:\windows\$NtServicePackUninstall$\dmdskmgr.dll
+ 2004-08-05 19:00:00 181,248 -c----w c:\windows\$NtServicePackUninstall$\dmime.dll
+ 2004-08-05 19:00:00 154,496 -c----w c:\windows\$NtServicePackUninstall$\dmio.sys
+ 2004-08-05 19:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\dmloader.dll
+ 2004-08-05 19:00:00 15,872 -c----w c:\windows\$NtServicePackUninstall$\dmremote.exe
+ 2004-08-05 19:00:00 82,432 -c----w c:\windows\$NtServicePackUninstall$\dmscript.dll
+ 2004-08-05 19:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\dmserver.dll
+ 2004-08-05 19:00:00 105,984 -c----w c:\windows\$NtServicePackUninstall$\dmstyle.dll
+ 2004-08-05 19:00:00 103,424 -c----w c:\windows\$NtServicePackUninstall$\dmsynth.dll
+ 2004-08-05 19:00:00 104,448 -c----w c:\windows\$NtServicePackUninstall$\dmusic.dll
+ 2004-08-04 05:07:40 52,864 -c----w c:\windows\$NtServicePackUninstall$\dmusic.sys
+ 2004-08-05 19:00:00 58,880 -c----w c:\windows\$NtServicePackUninstall$\dmutil.dll
+ 2008-06-20 17:41:06 148,992 -c----w c:\windows\$NtServicePackUninstall$\dnsapi.dll
+ 2008-02-20 05:35:05 45,568 -c----w c:\windows\$NtServicePackUninstall$\dnsrslvr.dll
+ 2004-08-05 19:00:00 48,640 -c----w c:\windows\$NtServicePackUninstall$\docprop2.dll
+ 2004-08-05 19:00:00 97,792 -c----w c:\windows\$NtServicePackUninstall$\dpcdll.dll
+ 2004-08-05 19:00:00 30,208 -c----w c:\windows\$NtServicePackUninstall$\dplaysvr.exe
+ 2004-08-05 19:00:00 229,888 -c----w c:\windows\$NtServicePackUninstall$\dplayx.dll
+ 2004-08-05 19:00:00 24,064 -c----w c:\windows\$NtServicePackUninstall$\dpmodemx.dll

Voici mon rapport hijack this et je vais refaire virus total dans 1 semaine.

Merci bcp



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:08, on 2009-01-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: dikmkz.dll gzayit.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS

Bonjour

Voici mon rapport combofix

ComboFix 09-01-10.03 - Owner 2009-01-11 19:15:36.6 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.382.138 [GMT -5:00]
Lancé depuis: c:\documents and settings\Owner\Bureau\lol.exe
Commutateurs utilisés :: c:\documents and settings\Owner\Bureau\WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\mfcans32.DLL
c:\windows\system32\mfcuia32.dll
c:\windows\system32\msrdo20.dll
c:\windows\system32\rdocurs.dll

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-12-12 au 2009-01-12 ))))))))))))))))))))))))))))))))))))
.

2009-01-08 22:43 . 2009-01-08 22:43 0 --a------ c:\windows\nsreg.dat
2009-01-08 22:29 . 2009-01-08 22:29 <REP> d-------- c:\program files\Avira
2009-01-08 22:29 . 2009-01-08 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-01-08 15:39 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-08 15:39 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-08 15:38 . 2009-01-08 15:39 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-07 20:14 . 2009-01-07 20:14 <REP> d-------- c:\program files\CCleaner
2009-01-07 08:50 . 2005-08-24 14:46 <REP> d-------- c:\documents and settings\Administrateur\WINDOWS
2009-01-07 08:50 . 2005-04-27 23:11 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage réseau
2009-01-07 08:50 . 2005-04-27 23:11 <REP> d--h----- c:\documents and settings\Administrateur\Voisinage d'impression
2009-01-07 08:50 . 2005-08-24 14:46 <REP> d--h----- c:\documents and settings\Administrateur\Modèles
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Mes documents
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Menu Démarrer
2009-01-07 08:50 . 2005-08-24 14:46 <REP> dr------- c:\documents and settings\Administrateur\Favoris
2009-01-07 08:50 . 2005-08-24 14:46 <REP> d-------- c:\documents and settings\Administrateur\Bureau
2009-01-07 08:50 . 2009-01-07 08:50 <REP> d-------- c:\documents and settings\Administrateur
2008-12-19 13:13 . 2008-12-20 14:37 <REP> d-------- c:\program files\FindyKill
2008-12-15 13:48 . 2008-12-15 13:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Grisoft
2008-12-15 12:39 . 2008-12-15 12:40 <REP> d-------- c:\program files\Yahoo!

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-09 19:45 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2008-12-19 18:42 --------- d-----w c:\program files\Free Easy Burner
2008-12-15 17:05 --------- d-----w c:\documents and settings\Owner\Application Data\Twain
2008-12-13 06:37 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:12 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:11 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-10-15 16:35 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ------w c:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2006-02-03 00:09 0 -c--a-w c:\documents and settings\Owner\Application Data\wklnhst.dat
2006-01-06 17:10 0 -csha-w c:\windows\SMINST\HPCD.sys
2008-09-05 15:52 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008090520080906\index.dat
.

((((((((((((((((((((((((((((( snapshot_2009-01-07_12.12.41.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:44:51 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:03:54 18,296 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:03:55 234,872 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:03:54 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:40:26 767,352 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:40:35 406,392 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
+ 2008-08-26 08:11:45 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 08:11:45 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 08:11:45 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 08:11:45 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 08:11:45 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:39:40 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 08:11:45 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 08:11:45 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 08:11:46 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 08:11:46 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:12:27 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 08:11:48 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 08:11:48 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 08:11:49 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 08:11:49 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 08:11:49 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 08:11:52 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 08:11:52 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 08:11:52 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 08:11:52 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 08:11:52 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:48 394,976 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 08:11:52 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 08:11:53 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 08:11:53 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 08:11:54 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 09:11:52 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:34:38 216,800 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:35:47 394,976 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
- 2008-08-26 08:11:45 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:18:31 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-08-26 08:11:45 124,928 ------w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:18:31 124,928 ------w c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-08-26 08:11:45 63,488 ------w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:18:32 63,488 ------w c:\windows\system32\dllcache\icardie.dll
- 2008-08-26 08:11:45 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 ----a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 08:11:45 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 ----a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-26 08:11:46 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 ------w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 ----a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 08:11:48 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:18:35 44,544 ----a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 08:11:48 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:18:35 267,776 ------w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 01:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\dllcache\logagent.exe
- 2008-08-26 08:11:49 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 ------w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 08:11:49 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 ------w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 08:11:52 102,912 ------w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:18:41 102,912 ------w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 02:33:46 246,814 ----a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:03:53 247,326 ----a-w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-26 08:11:52 105,984 ------w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:18:41 105,984 ------w c:\windows\system32\dllcache\url.dll
- 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 08:11:53 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:18:42 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-06-18 10:03:08 938,496 ------w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 02:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-05-09 17:15:47 45,376 ----a-w c:\windows\system32\drivers\avgntdd.sys
+ 2008-01-21 22:11:28 22,336 ----a-w c:\windows\system32\drivers\avgntmgr.sys
+ 2008-10-30 15:21:03 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2007-11-08 23:03:26 21,248 ----a-w c:\windows\system32\drivers\ssmdrv.sys
- 2008-08-26 08:11:45 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:18:31 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 08:11:45 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:18:31 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 08:11:45 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:18:31 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-08-26 08:11:45 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:18:32 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:39:40 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:12:20 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 08:11:45 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:18:32 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 08:11:45 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:18:32 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 08:11:46 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:18:32 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 08:11:46 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:18:32 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:12:27 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:18:35 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 08:11:48 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:18:35 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 08:11:48 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:18:35 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-08-26 08:11:49 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:18:36 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-19 01:03:58 100,864 -c--a-w c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\system32\MRT.exe
+ 2008-12-09 23:24:37 17,593,280 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 08:11:49 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:18:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 08:11:49 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:18:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 09:11:52 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:37:56 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 08:11:52 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:18:40 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 08:11:52 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:18:40 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 08:11:52 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:18:41 671,232 ----a-w c:\windows\system32\mstime.dll
- 2008-08-26 08:11:52 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:18:41 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-08-26 08:11:52 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:18:41 44,544 ----a-w c:\windows\system32\pngfilt.dll
- 2008-07-08 13:03:54 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 02:33:46 246,814 -c--a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:03:53 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 02:34:25 60,416 -c----w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 08:11:52 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:18:41 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 08:11:53 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:18:42 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 08:11:53 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:18:42 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 08:11:54 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:18:43 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-19 02:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 10:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-19 02:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-07-24 243072]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-23 68856]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"WeatherEye"="c:\program files\MétéoMédia\MétéoÉclair\WeatherEye.exe" [2008-09-04 4501912]
"Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2006-09-10 439992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-11-15 135168]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-17 339968]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"Reminder"="c:\windows\Creator\Remind_XP.exe" [2005-03-15 966656]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]
"NeroFilterCheck"="c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CHotkey"="zHotkey.exe" [2004-05-17 c:\windows\zHotkey.exe]
"ShowWnd"="ShowWnd.exe" [2003-09-19 c:\windows\ShowWnd.exe]
"SoundMan"="SOUNDMAN.EXE" [2004-12-01 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

c:\documents and settings\Owner\Menu D‚marrer\Programmes\D‚marrage\
WkCalRem.LNK - c:\program files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe [2005-08-23 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BigFix.lnk - c:\program files\BigFix\BigFix.exe [2005-08-23 1742384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=dikmkz.dll gzayit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Owner\\Mes documents\\transportabilite.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

S3 cusbohcn;cusbohcn;\??\c:\docume~1\Owner\LOCALS~1\Temp\cusbohcn.sys --> c:\docume~1\Owner\LOCALS~1\Temp\cusbohcn.sys [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0987888c-13f1-11dd-9a3c-0013d30d7190}]
\shell\Setup\command - setup.exe
.
Contenu du dossier 'Tâches planifiées'

2009-01-07 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.radio-canada.ca/nouvelles/

O16 -: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd

c:\windows\bdoscandellang.ini - c:\windows\bdoscandel.exe
c:\windows\Downloaded Program Files\live.ini
c:\windows\Downloaded Program Files\scanoptions.tsi
c:\windows\Downloaded Program Files\lang.ini
c:\windows\Downloaded Program Files\ipsupd.dll
c:\windows\Downloaded Program Files\bdupd.dll
c:\windows\Downloaded Program Files\libfn.dll
c:\windows\Downloaded Program Files\bdcore.dll
c:\windows\Downloaded Program Files\oscan8.ocx
O16 -: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
c:\windows\Downloaded Program Files\oscan8.inf
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\jogvj4vk.default\
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPOJI610.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-11 19:17:18
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(548)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2009-01-11 19:18:49
ComboFix-quarantined-files.txt 2009-01-12 00:18:36
ComboFix2.txt 2009-01-07 17:13:30
ComboFix3.txt 2008-05-12 02:18:27
ComboFix4.txt 2008-05-09 20:19:18
ComboFix5.txt 2009-01-12 00:14:54

Avant-CF: 107 821 572 096 octets libres
Après-CF: 107,811,684,352 octets libres

355 --- E O F --- 2009-01-08 05:18:13

Bonjour

Jai fait comme vous mavez dit...jai tout dabors fait un scan avec hijackthis mais aucune trace de zone de confiance (Voir plus bas le rapport) j'ai ensuite rendu visible les fichiers caché et Décoché Masquer les extensions de fichiers connus et Décoché Masquer les fichiers protégés du Système mais jai encore une fois pas trouvé de trace de cusbohcn.sys ou de agent.OM2.Fix.exe ou de gzayit.dll ou encore de dikmk2.dll. Jai fait la manip inverse quelques fois mais aucune trace encore. Je dirais que mon ordinateur se comporte beaucoup mieux et j'ai remplacé mon antivirus McAffee par AviraAntivir. Mais jaimerais quand meme etre sur quil n y a plus de fichier espion ou autre de caché dans mon ordinateur.

Voici le rapport hijackthis (Faudrais t-il le faire en mode sans échec?!?)

Merci beaucoup

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:52, on 2009-01-14
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\zHotkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ici.radio-canada.ca/info
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: WkCalRem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: dikmkz.dll gzayit.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Fichiers communs\New Boundary\PrismXL\PRISMXL.SYS