Lutino

merci encore charles ingals pour le temps passé à dépanner ma machine je t'en suis vraiment reconnaissant...je vais lire attentivement tes conseils et vais aller rapporter mon infection sur malware complaints. je suis content et je te dis pas à bientôt... de peur de voir réapparaitre ce malware. bonne suite à toi

ok mister charles on se recroise ce soir sans doute @ +

salut charles ingals bon ok ces 5 fichiers n'ont pas moufté lors de leurs effacement c'était eux les fautifs? sinon je cherche sur bitfefender pro v8 mais ya rien en configuration du parefeu je ne vois nulle part evoqué ne serait ce que les ports alors le mode furtif... peut etre une bonne idée de changer tout ça et de mettre avast plus kerio? qu'en penses tu? sinon le pc est tout calme : plus d'alertes depuis qques jours, ça serait y desinfecté? @ + et bonne journée

hola charles ingals voici le premier fichier qkiiw.bat @echo off :deleteagain del /A:H /F iebrkp.exe del /F iebrkp.exe if exist iebrkp.exe goto deleteagain del qkiiw.bat les autres sont du même tonneau: même rédaction même style d'algorythme yen a 5 comme ça: les 3 que tu as mentionnés plus deux autres (bedgsly.bat et xdll.bat) c'est grave doc? sinon le pc fonctionne plutot bien, bit defender est bien calmé, je dirais même muet pourvu que ça dure... une question en ce qui concerne mes ports à présent fermés : y a t il un moyen qu'ils soient masqués plutôt que fermés? j'arrive pas à trouver un tuto pour configurer le parefeu de bitd 8 à + et merci encore

je suis bille en info j'avoue... heureusement que tu m'aides pour ce malware sinon ça fait longtemps que j'aurais formaté voici le log panda Incident Statut Analyse Spyware:Cookie/WUpd No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@revenue[2].txt Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\Administrateur\Cookies\[email protected][1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Administrateur\Cookies\administrateur@xiti[1].txt Outil indésirable:Application/Processor No Désinfecté C:\WINNT\system32\Process.exe Outil indésirable:Application/KillApp.B No Désinfecté D:\Mes documents\Programmes source\EasyDivX\softs\ck.exe je t'envoie le reste en suivant... @ + log de winpfind3u [Files/Folders - Created Within 90 days] C:\WINNT\SYSTEM32\massvc32.exe moved successfully. [Files/Folders - Modified Within 90 days] C:\WINNT\SYSTEM32\dp.exe moved successfully. File C:\WINNT\SYSTEM32\massvc32.exe not found! < End of log > Created on 04/11/2007 14:28:09 et enfin service filter The script did not recognize the services listed below. This does not mean that they are a problem. To copy the entire contents of this document for posting: At the top of this window click "Edit" then "Select All" Next click "Edit" again then "Copy" Now right click in the forum post box then click "Paste" ######################################## ServiceFilter 1.1 by rand1038 Microsoft Windows 2000 Professionnel Version: 5.0.2195 Service Pack 4 avr. 11, 2007 14:30:08 ---> Begin Service Listing <--- Unknown Service # 1 Service Name: AVG Anti-Spyware Guard Display Name: AVG Anti-Spyware Guard Start Mode: Auto Start Name: LocalSystem Description: AVG Anti-Spyware ... Service Type: Own Process Path: d:\avg anti-spyware 7.5\guard.exe State: Running Process ID: 500 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Faux Unknown Service # 2 Service Name: bdss Display Name: BitDefender Scan Server Start Mode: Auto Start Name: LocalSystem Description: BitDefender Scan ... Service Type: Own Process Path: c:\program files\fichiers communs\softwin\bitdefender scan server\bdss.exe /service State: Running Process ID: 864 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Vrai Unknown Service # 3 Service Name: gusvc Display Name: Google Updater Service Start Mode: Manual Start Name: LocalSystem Description: Google Updater ... Service Type: Own Process Path: "c:\program files\google\common\google updater\googleupdaterservice.exe" State: Stopped Process ID: 0 Started: Faux Exit Code: 1077 Accept Pause: Faux Accept Stop: Faux Unknown Service # 4 Service Name: StarWindService Display Name: StarWind iSCSI Service Start Mode: Auto Start Name: LocalSystem Description: StarWind iSCSI ... Service Type: Own Process Path: d:\alcohol 120\starwind\starwindservice.exe State: Running Process ID: 600 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Vrai Unknown Service # 5 Service Name: VSSERV Display Name: BitDefender Virus Shield Start Mode: Auto Start Name: LocalSystem Description: BitDefender Virus ... Service Type: Own Process Path: c:\program files\softwin\bitdefender8\vsserv.exe /service State: Running Process ID: 1044 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Vrai Unknown Service # 6 Service Name: XCOMM Display Name: BitDefender Communicator Start Mode: Auto Start Name: LocalSystem Description: BitDefender ... Service Type: Own Process Path: c:\program files\fichiers communs\softwin\bitdefender communicator\xcommsvr.exe /service State: Running Process ID: 772 Started: Vrai Exit Code: 0 Accept Pause: Faux Accept Stop: Vrai ---> End Service Listing <--- There are 64 Win32 services on this machine. 6 were unrecognized. Script Execution Time: 6,015625 seconds. ça serait y pas mieux??

salut charles ingals bon le fichier massvc32.exe dans winnt\system32 n'existe pas ou se cache très bien tandis que dp.exe est un fichier qui fait 0 Ko et donc virustotal me revoie un message d'erreur "0 bytes size received / Se ha recibido un archivo vacio" miam ensuite voila le log de winpfind3u [Win32 Services - Non-Microsoft Only] Service Event stopped successfully. Service Event deleted successfully. File C:\WINNT\SYSTEM32\drivers\csrss.exe not found. [Files/Folders - Created Within 90 days] File C:\b48da1ca53575bea94a6b53607 not found! < End of log > Created on 04/11/2007 09:13:41 j'ai bien peur que ça aie pas marché et donc je lance le scan panda... @ + et bonne journée ah j'oubliais pas de matos de marque cirrus ma CG est geforce fx5200 de chez MSI

yes ça y est merci msieur tesgaz et ingals ce port est à présent fermé pret à continuer...

ben naaann toujours 139 ouvert malgré tout...

oui j'avais pensé à un truc comme ça et ça fait trois fois que je redémarre en recochant le tout soit le port 139 soit tout le monde soit le port 135 mais toujours ce port 139 reste ouvert je retente encore pour voir...

je me ballade un peu sur zebulon et j'ai d'un coup un gros doute: je viens d'aller sur "mon assistant" et je tombe, dans l'onglet "messages", sur tous les topics que j'ai visité??? si c'est le cas y a un problème car il y a une foule de topics evoqués où je n'ai jamais mis les pieds... y aurait il un enorme brother qui se ballade à ma place??? bon autant pour moi je paranoïe à fond depuis que j'ai ces malwares: je viens de lire l'aide et j'ai compris ce qu'est que cet onglet messages dans l'assistant desolé

slt charles i et encore merci de tes réponses j'ai le port 139 toujours ouvert malgré zebprotect (pourtant 139 coché dans la liste) est ce que ce ne serait pas obligatoire puisque ma boite est branché sur port ethernet? Ports TCP ouverts 139 netbios-ssn Utilisé pour le partage de fichiers dans un réseau local Ports TCP fermés 21 ftp Utilisé pour le transfert de fichier entre ordinateurs 22 ssh Le shell SSH permet de se connecter à un serveur de façon sécurisée 23 telnet Utilisé pour obtenir un shell distant 25 smtp Utilisé pour le transfert de courrier électronique entre deux hôtes. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 79 finger Permet de connaître diverses informations relatives à votre profil 80 http Utilisé pour les services Web. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port 110 pop3 Utilisé par les serveurs de messagerie Internet. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 113 auth Utilisé par certains serveurs de messagerie ou de newsgroups (MiRC - Virc...). Des problèmes de performances peuvent survenir si ce port est masqué 119 nntp Utilisé par les serveurs de news pour la distribution d'articles Usenet 135 N/A Utilisé pour les applications client/server basées sur des systèmes d'exploitation Microsoft 143 imap Utilisé par les serveurs de messagerie Internet pour l'envoi de messages électroniques. Si vous n'utilisez pas de serveur IMAP, il est conseillé de fermer ce port. 389 ldap LDAP (Lightweight Directory Access Protocol) : utilisé pour accéder automatiquement à des services d'annuaires en ligne 443 https Utilisé pour sécuriser les communications HTTP. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port. Ce port est également utilisé par AOL Instant Messenger 445 microsoft-ds Utilisé pour le partage des protocoles SMB. Son exploitation peut permettre d'obtenir vos mots de passe 1002 N/A Port non standard 1024 N/A Port réservé 1025 N/A Port non standard 1026 N/A Port non standard 1027 N/A Port non standard 1028 N/A Port non standard 1029 N/A Port non standard 1030 N/A Port non standard 1720 h323hostcall Port non standard. Peut être utilisé par NetMeeting 5000 N/A Utilisé pour communiquer avec tous les périphériques UpnP reliés à votre réseau Ports TCP masqués Aucun port détecté Temps d'exécution du scan : 1.18 seconds mais c'est déjà mieux semble t il...

ah ben pile au moment ou tu rajoutais ton edit sur mes ports que je t'en parlais dans mon message... donc voici ce que me repond le test je crains que ce ne soit pas bien terrible mais je ne trouve pas comment configurer le firewall de bitdefender 8 Ports TCP ouverts 135 N/A Utilisé pour les applications client/server basées sur des systèmes d'exploitation Microsoft 139 netbios-ssn Utilisé pour le partage de fichiers dans un réseau local 445 microsoft-ds Utilisé pour le partage des protocoles SMB. Son exploitation peut permettre d'obtenir vos mots de passe 1025 N/A Port non standard Ports TCP fermés 21 ftp Utilisé pour le transfert de fichier entre ordinateurs 22 ssh Le shell SSH permet de se connecter à un serveur de façon sécurisée 23 telnet Utilisé pour obtenir un shell distant 25 smtp Utilisé pour le transfert de courrier électronique entre deux hôtes. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 79 finger Permet de connaître diverses informations relatives à votre profil 80 http Utilisé pour les services Web. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port 110 pop3 Utilisé par les serveurs de messagerie Internet. Si vous n'utilisez pas de serveur de messagerie, il est conseillé de fermer ce port. 113 auth Utilisé par certains serveurs de messagerie ou de newsgroups (MiRC - Virc...). Des problèmes de performances peuvent survenir si ce port est masqué 119 nntp Utilisé par les serveurs de news pour la distribution d'articles Usenet 143 imap Utilisé par les serveurs de messagerie Internet pour l'envoi de messages électroniques. Si vous n'utilisez pas de serveur IMAP, il est conseillé de fermer ce port. 389 ldap LDAP (Lightweight Directory Access Protocol) : utilisé pour accéder automatiquement à des services d'annuaires en ligne 443 https Utilisé pour sécuriser les communications HTTP. Si vous n'utilisez pas de serveur web, il est conseillé de fermer ce port. Ce port est également utilisé par AOL Instant Messenger 1002 N/A Port non standard 1024 N/A Port réservé 1026 N/A Port non standard 1027 N/A Port non standard 1028 N/A Port non standard 1029 N/A Port non standard 1030 N/A Port non standard 1720 h323hostcall Port non standard. Peut être utilisé par NetMeeting 5000 N/A Utilisé pour communiquer avec tous les périphériques UpnP reliés à votre réseau Ports TCP masqués Aucun port détecté voili voilà comment faire pour fermer ces ports ( et faut il les fermer?)

salut charles ingals en ce qui concerne les dossiers partagés il n'y en a plus sur mon disque c (j'ai plusieurs partitions et celle nommée c: abrite windows) j'ai donc pas trop regardé sur les autres disques car j'imagine que les malwares et autres bebettes se greffent plus volontiers sur le disque hébergeant win daube. d'autre part j'avais regardé il y a un moment de ça la configuration de mes ports et plusieurs étaient carrément ouverts je vais essayer de poster un rapport... sinon voici le winpfind3u WinPFind3 logfile created on: 10/04/2007 14:20:26 WinPFind3U by OldTimer - Version 1.0.34 Folder = C:\Documents and Settings\Administrateur\Bureau\winpfind3u\WinPFind3u\ Microsoft Windows 2000 Service Pack 4 (Version = 5.0.2195) Internet Explorer (Version = 6.0.2800.1106) 383,48 Mb Total Physical Memory | 12,50 Mb Available Physical Memory | 3,26% Memory free 920,11 Mb Paging File | 480,67 Mb Available in Paging File | 52,24% Paging File free Paging file location(s): C:\pagefile.sys 576 1152; %SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files Drive C: | 11,46 Gb Total Space | 4,82 Gb Free Space | 42,04% Space Free Drive D: | 11,35 Gb Total Space | 0,66 Gb Free Space | 5,81% Space Free Drive E: | 11,35 Gb Total Space | 1,64 Gb Free Space | 14,44% Space Free Drive F: | 11,67 Gb Total Space | 3,41 Gb Free Space | 29,21% Space Free Computer Name: HOULALA Current User Name: Administrateur Logged in as Administrator. Current Boot Mode: Normal [Processes - Non-Microsoft Only] a2guard.exe -> D:\a-squared Anti-Malware\a2guard.exe -> Emsi Software GmbH [Ver = 2.1.0.73 | Size = 1164896 bytes | Modified Date = 28/03/2007 12:03:22 | Attr = ] acrord32.exe -> D:\Acrobat 5.0\Reader\AcroRd32.exe -> Adobe Systems Incorporated [Ver = 5.0.5.2001092400 | Size = 3891268 bytes | Modified Date = 24/09/2001 17:15:58 | Attr = ] alert.exe -> D:\PC Alert III\alert.exe -> MICRO-STAR INT'L CO., LTD. [Ver = 3.4.3.8 | Size = 1774080 bytes | Modified Date = 15/11/2001 16:04:58 | Attr = ] avgas.exe -> D:\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 07/10/2006 14:20:00 | Attr = ] bdmcon.exe -> %ProgramFiles%\Softwin\BitDefender8\bdmcon.exe -> SOFTWIN S.R.L. [Ver = 8.1.0.3 | Size = 421888 bytes | Modified Date = 24/01/2007 21:31:38 | Attr = ] bdnagent.exe -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 8192 bytes | Modified Date = 24/01/2007 21:31:40 | Attr = ] bdoesrv.exe -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> SOFTWIN SRL [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:31:48 | Attr = ] bdss.exe -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 24/01/2007 21:32:16 | Attr = ] firefox.exe -> D:\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.3: 2007030919 | Size = 7633008 bytes | Modified Date = 05/04/2007 23:35:40 | Attr = ] guard.exe -> d:\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 16:13:20 | Attr = ] jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15/12/2006 03:23:28 | Attr = ] nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ] soffice.bin -> %ProgramFiles%\OpenOffice.org 2.0\program\soffice.bin -> OpenOffice.org [Ver = 1.09.9005 | Size = 2478080 bytes | Modified Date = 24/02/2006 18:29:20 | Attr = ] soffice.exe -> %ProgramFiles%\OpenOffice.org 2.0\program\soffice.exe -> OpenOffice.org [Ver = 1.09.9005 | Size = 2334720 bytes | Modified Date = 24/02/2006 18:29:12 | Attr = ] starwindservice.exe -> d:\Alcohol 120\StarWind\StarWindService.exe -> Rocket Division Software [Ver = 2.6.1 Build 0x20050401 | Size = 217600 bytes | Modified Date = 01/04/2005 19:51:48 | Attr = ] teatimer.exe -> D:\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 31/05/2005 02:04:00 | Attr = ] vsserv.exe -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> SOFTWIN S.R.L. [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] winpfind3u.exe -> %UserDesktop%\winpfind3u\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.34.0 | Size = 318976 bytes | Modified Date = 08/04/2007 19:02:38 | Attr = ] xcommsvr.exe -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 17:36:48 | Attr = ] [Win32 Services - Non-Microsoft Only] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> d:\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 16:13:20 | Attr = ] (bdss) BitDefender Scan Server [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 24/01/2007 21:32:16 | Attr = ] (dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> VERITAS Software Corp. [Ver = 2195.6624.297.3 | Size = 147728 bytes | Modified Date = 19/06/2003 12:05:04 | Attr = ] (Event) Events Log [Win32_Own | Auto | Stopped] -> %System32%\drivers\csrss.exe -> File not found (gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 03:40:22 | Attr = ] (NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ] (rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> CACE Technologies [Ver = 4.0.0.755 | Size = 93048 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ] (StarWindService) StarWind iSCSI Service [Win32_Own | Auto | Running] -> d:\Alcohol 120\StarWind\StarWindService.exe -> Rocket Division Software [Ver = 2.6.1 Build 0x20050401 | Size = 217600 bytes | Modified Date = 01/04/2005 19:51:48 | Attr = ] (VSSERV) BitDefender Virus Shield [Win32_Own | Auto | Running] -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> SOFTWIN S.R.L. [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] (XCOMM) BitDefender Communicator [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 17:36:48 | Attr = ] [Registry - Non-Microsoft Only] < Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run !AVG Anti-Spyware -> D:\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 07/10/2006 14:20:00 | Attr = ] a-squared -> D:\a-squared Anti-Malware\a2guard.exe -> Emsi Software GmbH [Ver = 2.1.0.73 | Size = 1164896 bytes | Modified Date = 28/03/2007 12:03:22 | Attr = ] BDMCon -> %ProgramFiles%\Softwin\BitDefender8\bdmcon.exe -> SOFTWIN S.R.L. [Ver = 8.1.0.3 | Size = 421888 bytes | Modified Date = 24/01/2007 21:31:38 | Attr = ] BDNewsAgent -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 8192 bytes | Modified Date = 24/01/2007 21:31:40 | Attr = ] BDOESRV -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> SOFTWIN SRL [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:31:48 | Attr = ] NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ] NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ] nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ] PSDrvCheck -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.56 | Size = 396800 bytes | Modified Date = 28/08/2003 12:47:40 | Attr = ] SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15/12/2006 03:23:28 | Attr = ] < Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run SpybotSD TeaTimer -> d:\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 31/05/2005 02:04:00 | Attr = ] < User Startup > -> C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage %UserStartup%\Raccourci vers alert.lnk -> D:\PC Alert III\alert.exe -> MICRO-STAR INT'L CO., LTD. [Ver = 3.4.3.8 | Size = 1774080 bytes | Modified Date = 15/11/2001 16:04:58 | Attr = ] < AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] < ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> d:\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 16:13:28 | Attr = ] < SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders < Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon < HOSTS File > (790 bytes) -> C:\WINNT\System32\drivers\etc\Hosts 127.0.0.1 localhost -> -> < Internet Explorer Settings > -> HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome -> HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Local Page -> C:\WINNT\SYSTEM32\blank.htm -> HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home -> HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm -> HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKCU: Local Page -> C:\WINNT\SYSTEM32\blank.htm -> HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch -> HKCU: Start Page -> about:blank -> HKCU: ProxyEnable -> 0 -> < BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 03:23:24 | Attr = ] < Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found < Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 03:23:26 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 03:23:24 | Attr = ] {85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found < DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ {571270EB-7A29-4CAF-AEF7-090D7346D530} -> () -> {63B72289-F0CD-4594-A305-4F81567A1A30} -> (Carte de bus ND010 Ethernet/Fast Ethernet PCI) -> < Default Protocols [HKCU] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults shell -> shell protocol not assigned -> < Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ipp -> Reg Data - Key not found -> File not found msdaipp -> Reg Data - Key not found -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab -> {6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1169836031859 -> {74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab -> {8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab -> {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} -> a-squared Scanner - CodeBase = http://ax.emsisoft.com/asquared.cab -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -> [Registry - Additional Scans - Non-Microsoft Only] < Security Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\firewalldisableoverride -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k BITSgroup -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> Rpcss;SENS;Wmi; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités qui dépendent de BITS, telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> %SystemRoot%\System32\qmgr.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 3 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 11477 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k wugroup -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINNT\system32\wuauserv.dll -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> [Files/Folders - Created Within 90 days] !Submit -> %SystemDrive%\!Submit -> [Folder | Created Date = 28/01/2007 17:26:22 | Attr = ] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ] avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 06/04/2007 06:25:33 | Attr = ] b48da1ca53575bea94a6b53607 -> %SystemDrive%\b48da1ca53575bea94a6b53607 -> [Folder | Created Date = 28/03/2007 13:49:02 | Attr = ] Bases -> %SystemDrive%\Bases -> [Folder | Created Date = 24/03/2007 17:58:10 | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 202 bytes | Created Date = 24/01/2007 20:32:10 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 24/01/2007 21:06:18 | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = H ] diff.exe -> %SystemDrive%\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ] Directx -> %SystemDrive%\Directx -> [Folder | Created Date = 28/01/2007 19:19:15 | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 24/01/2007 19:33:45 | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 24/03/2007 17:58:10 | Attr = ] getfile.dat -> %SystemDrive%\getfile.dat -> [Ver = | Size = 14 bytes | Created Date = 24/01/2007 20:37:35 | Attr = ] grep.exe -> %SystemDrive%\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = RHS] Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 24/03/2007 17:57:22 | Attr = ] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = RHS] Myst V End Of Ages -> %SystemDrive%\Myst V End Of Ages -> [Folder | Created Date = 22/02/2007 19:57:57 | Attr = ] Nvidia Driver Geforce fx5200 -> %SystemDrive%\Nvidia Driver Geforce fx5200 -> [Folder | Created Date = 24/01/2007 20:04:23 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Created Date = 24/01/2007 19:34:09 | Attr = R ] reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 24/01/2007 20:41:49 | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 08/11/1833 19:50:52 | Attr = HS] WINNT -> %SystemRoot% -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] $NtUpdateRollupPackUninstall$ -> %SystemRoot%\$NtUpdateRollupPackUninstall$ -> [Folder | Created Date = 28/03/2007 13:49:37 | Attr = H ] $SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> %SystemRoot%\$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> [Folder | Created Date = 29/03/2007 19:09:06 | Attr = H ] addins -> %SystemRoot%\addins -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] alcrmv.exe -> %SystemRoot%\alcrmv.exe -> Avance Logic, Inc. [Ver = 1, 6, 0, 0 | Size = 151552 bytes | Created Date = 24/01/2007 20:00:18 | Attr = ] alcupd.exe -> %SystemRoot%\alcupd.exe -> Avance Logic, Inc. [Ver = 1, 6, 1, 0 | Size = 217088 bytes | Created Date = 24/01/2007 20:00:18 | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Created Date = 27/01/2007 12:30:16 | Attr = ] AU_Log -> %SystemRoot%\AU_Log -> [Folder | Created Date = 27/01/2007 12:25:10 | Attr = ] AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Created Date = 15/03/2007 20:14:53 | Attr = ] avrack.ini -> %SystemRoot%\avrack.ini -> [Ver = | Size = 164 bytes | Created Date = 24/01/2007 20:00:19 | Attr = ] bdinit.ini -> %SystemRoot%\bdinit.ini -> [Ver = | Size = 10 bytes | Created Date = 16/03/2007 20:40:15 | Attr = ] BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 20/03/2007 22:54:58 | Attr = ] BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Created Date = 27/01/2007 12:30:14 | Attr = ] Bulles de savon.bmp -> %SystemRoot%\Bulles de savon.bmp -> [Ver = | Size = 65978 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ] Cookies -> %SystemRoot%\Cookies -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S] CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 24/01/2007 19:51:32 | Attr = HS] Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 271 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Created Date = 22/02/2007 20:19:08 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 24/01/2007 19:42:11 | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Fichiers d'installation de Windows Update -> %SystemRoot%\Fichiers d'installation de Windows Update -> [Folder | Created Date = 24/02/2007 20:03:03 | Attr = ] folder.htt -> %SystemRoot%\folder.htt -> [Ver = | Size = 21844 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ] Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = R S] GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Created Date = 27/01/2007 12:25:11 | Attr = ] gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ] gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Created Date = 03/04/2007 22:34:18 | Attr = ] gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Created Date = 03/04/2007 22:34:20 | Attr = ] gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ] Granit vert.bmp -> %SystemRoot%\Granit vert.bmp -> [Ver = | Size = 26582 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Historique -> %SystemRoot%\Historique -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S] hpdj5100.his -> %SystemRoot%\hpdj5100.his -> [Ver = | Size = 180248 bytes | Created Date = 02/02/2007 09:09:32 | Attr = ] hpdj5100.ini -> %SystemRoot%\hpdj5100.ini -> [Ver = | Size = 11413 bytes | Created Date = 02/02/2007 09:09:32 | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1418 bytes | Created Date = 20/03/2007 22:34:52 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 24/01/2007 19:51:36 | Attr = HS] IsUn040c.exe -> %SystemRoot%\IsUn040c.exe -> InstallShield Software Corporation [Ver = 5, 50, 137, 0 | Size = 327168 bytes | Created Date = 02/02/2007 09:14:04 | Attr = ] IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 24/01/2007 19:55:54 | Attr = ] Jour de pêche.bmp -> %SystemRoot%\Jour de pêche.bmp -> [Ver = | Size = 17336 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] LPT$VPN.219 -> %SystemRoot%\LPT$VPN.219 -> [Ver = | Size = 25798821 bytes | Created Date = 27/01/2007 12:31:31 | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] meta4.exe -> %SystemRoot%\meta4.exe -> [Ver = | Size = 217073 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 28/02/2007 19:16:45 | Attr = ] MOTA113.exe -> %SystemRoot%\MOTA113.exe -> [Ver = | Size = 66560 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 4243 bytes | Created Date = 24/01/2007 23:14:09 | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Created Date = 24/02/2007 20:16:53 | Attr = H ] msiinst.tmp -> %SystemRoot%\msiinst.tmp -> [Folder | Created Date = 28/03/2007 13:49:33 | Attr = ] Mur de Santa Fe.bmp -> %SystemRoot%\Mur de Santa Fe.bmp -> [Ver = | Size = 65832 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] mww32 -> %SystemRoot%\mww32 -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 49 bytes | Created Date = 30/01/2007 18:47:33 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 21:41:47 | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Created Date = 24/01/2007 20:04:47 | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 207 bytes | Created Date = 29/01/2007 20:26:15 | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4429 bytes | Created Date = 24/01/2007 19:34:12 | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 24/01/2007 19:42:11 | Attr = R ] OpPrintServer.INI -> %SystemRoot%\OpPrintServer.INI -> [Ver = | Size = 0 bytes | Created Date = 07/03/2007 14:16:52 | Attr = ] PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ] PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 21/03/2007 00:15:07 | Attr = H ] Plume.bmp -> %SystemRoot%\Plume.bmp -> [Ver = | Size = 16730 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] pss -> %SystemRoot%\pss -> [Folder | Created Date = 27/01/2007 13:08:31 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 08/04/2007 18:27:29 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 08/04/2007 18:27:29 | Attr = H ] RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Created Date = 29/01/2007 20:24:23 | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 24/01/2007 19:41:12 | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 07/03/2007 14:24:41 | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] report -> %SystemRoot%\report -> [Folder | Created Date = 27/01/2007 12:31:37 | Attr = ] Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] Rivière Sumida.bmp -> %SystemRoot%\Rivière Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] Rosace bleue 16.bmp -> %SystemRoot%\Rosace bleue 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] RUNAWAY.INI -> %SystemRoot%\RUNAWAY.INI -> [Ver = | Size = 40 bytes | Created Date = 28/01/2007 19:27:38 | Attr = ] security -> %SystemRoot%\security -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] SET29.tmp -> %SystemRoot%\SET29.tmp -> [Ver = | Size = 14816 bytes | Created Date = 24/01/2007 19:33:58 | Attr = R ] SET51.tmp -> %SystemRoot%\SET51.tmp -> [Ver = | Size = 1135628 bytes | Created Date = 24/01/2007 19:33:59 | Attr = R ] setup.inf -> %SystemRoot%\setup.inf -> [Ver = | Size = 957 bytes | Created Date = 29/03/2007 18:27:38 | Attr = ] setup.rpt -> %SystemRoot%\setup.rpt -> [Ver = | Size = 283 bytes | Created Date = 29/03/2007 18:27:38 | Attr = ] ShellNew -> %SystemRoot%\ShellNew -> [Folder | Created Date = 24/01/2007 22:43:59 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 26/01/2007 19:27:22 | Attr = ] Speech -> %SystemRoot%\Speech -> [Folder | Created Date = 24/01/2007 19:34:10 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 14/02/2007 13:58:36 | Attr = ] super.chm -> %SystemRoot%\super.chm -> [Ver = | Size = 9292 bytes | Created Date = 25/02/2007 12:32:51 | Attr = H ] system -> %SystemRoot%\system -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] system32 -> %System32% -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 24/01/2007 19:41:59 | Attr = S] Tasse à café.bmp -> %SystemRoot%\Tasse à café.bmp -> [Ver = | Size = 17062 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] temp -> %SystemRoot%\temp -> [Folder | Created Date = 27/03/2007 18:46:09 | Attr = ] Temporary Internet Files -> %SystemRoot%\Temporary Internet Files -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S] TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ] tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ] tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ] tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1992471 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 24/01/2007 19:41:10 | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 24/01/2007 19:41:10 | Attr = ] Vent de prairie.bmp -> %SystemRoot%\Vent de prairie.bmp -> [Ver = | Size = 65954 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] vpd.properties -> %SystemRoot%\vpd.properties -> [Ver = | Size = 4508 bytes | Created Date = 22/02/2007 20:02:51 | Attr = ] VPTNFILE.219 -> %SystemRoot%\VPTNFILE.219 -> [Ver = | Size = 25798821 bytes | Created Date = 27/01/2007 12:30:10 | Attr = ] vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Created Date = 27/01/2007 12:30:14 | Attr = ] War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 15095 bytes | Created Date = 10/02/2007 17:12:07 | Attr = ] War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 126976 bytes | Created Date = 10/02/2007 17:12:03 | Attr = ] War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Created Date = 10/02/2007 17:12:03 | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = S] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 23/02/2007 14:25:22 | Attr = ] x2.64.exe -> %SystemRoot%\x2.64.exe -> [Ver = | Size = 502784 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ] Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 24/01/2007 19:40:41 | Attr = ] ~TempMui.inf -> %SystemRoot%\~TempMui.inf -> [Ver = | Size = 5538 bytes | Created Date = 29/01/2007 20:26:18 | Attr = ] desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 24/01/2007 19:41:59 | Attr = RH ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 24/01/2007 19:42:37 | Attr = H ] $winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 341 bytes | Created Date = 24/01/2007 20:32:06 | Attr = ] 12520437.cpx -> %System32%\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ] 12520850.cpx -> %System32%\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ] ac3DX.ax -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 04/04/2007 06:11:40 | Attr = ] amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 24/01/2007 19:42:49 | Attr = ] amstream.dll -> %System32%\amstream.dll -> [Ver = | Size = 64512 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] appmgmt -> %System32%\appmgmt -> [Folder | Created Date = 02/02/2007 09:16:46 | Attr = ] asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 04/04/2007 06:12:22 | Attr = ] AUTOEXEC.NT -> %System32%\AUTOEXEC.NT -> [Ver = | Size = 531 bytes | Created Date = 24/01/2007 19:34:04 | Attr = ] AVCDX.ax -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] avisynth.dll -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 306688 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ] AVSredirect.dll -> %System32%\AVSredirect.dll -> [Ver = | Size = 27648 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ] bedgsly.bat -> %System32%\bedgsly.bat -> [Ver = | Size = 129 bytes | Created Date = 20/03/2007 17:48:25 | Attr = ] BITS -> %System32%\BITS -> [Folder | Created Date = 28/03/2007 19:49:32 | Attr = ] bopomofo.uce -> %System32%\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 24/01/2007 19:40:38 | Attr = ] CatRoot -> %System32%\CatRoot -> [Folder | Created Date = 24/01/2007 19:33:57 | Attr = ] cbrowser.dll -> %System32%\cbrowser.dll -> Sound Vision, Inc. [Ver = 1, 2, 0, 18 | Size = 126976 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ] cliconf.chm -> %System32%\cliconf.chm -> [Ver = | Size = 71859 bytes | Created Date = 29/01/2007 20:26:08 | Attr = ] CNDCK170.dll -> %System32%\CNDCK170.dll -> Canon, Inc. [Ver = 2003, 7, 23, 1 | Size = 81920 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ] CNDNDlg.exe -> %System32%\CNDNDlg.exe -> Canon Inc. [Ver = 2003, 4, 14, 1 | Size = 40960 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ] CNDUK170.dll -> %System32%\CNDUK170.dll -> Canon, Inc. [Ver = 2003, 7, 23, 1 | Size = 159744 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ] Com -> %System32%\Com -> [Folder | Created Date = 24/01/2007 19:40:32 | Attr = ] ComLib.dll -> %System32%\ComLib.dll -> Sound Vision [Ver = .0013x05 | Size = 40960 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ] config -> %System32%\config -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ] CONFIG.TMP -> %System32%\CONFIG.TMP -> [Ver = | Size = 3072 bytes | Created Date = 24/01/2007 19:34:05 | Attr = ] CoreAAC.ax -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] c_20127.nls -> %System32%\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 24/01/2007 19:34:07 | Attr = ] d3d9caps.dat -> %System32%\d3d9caps.dat -> [Ver = | Size = 664 bytes | Created Date = 29/01/2007 20:27:31 | Attr = ] desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 271 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ] devil.dll -> %System32%\devil.dll -> Abysmal Software [Ver = 1.6.6 | Size = 719872 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ] dgrpsetu.dll -> %System32%\dgrpsetu.dll -> Digi [Ver = 2.2.1 | Size = 123904 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] dgsetup.dll -> %System32%\dgsetup.dll -> Digi International [Ver = v3.7.1.10 | Size = 86288 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] dhcp -> %System32%\dhcp -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] DiracSplitter.ax -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] DirectX -> %System32%\DirectX -> [Folder | Created Date = 28/01/2007 19:21:51 | Attr = ] dllcache -> %System32%\dllcache -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = RHS] DonationCoder_urlsnooper_InstallInfo.dat -> %System32%\DonationCoder_urlsnooper_InstallInfo.dat -> [Ver = | Size = 46 bytes | Created Date = 21/02/2007 13:44:11 | Attr = ] dp.exe -> %System32%\dp.exe -> [Ver = | Size = 0 bytes | Created Date = 28/03/2007 11:12:16 | Attr = ] drivers -> %System32%\drivers -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] dsound.vxd -> %System32%\dsound.vxd -> [Ver = | Size = 49666 bytes | Created Date = 02/02/2007 19:06:09 | Attr = ] DTCLog -> %System32%\DTCLog -> [Folder | Created Date = 24/01/2007 19:41:01 | Attr = ] dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 15204 bytes | Created Date = 24/01/2007 19:41:40 | Attr = ] EqnClass.Dll -> %System32%\EqnClass.Dll -> Equinox Systems Inc. [Ver = 3.0d | Size = 176400 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] export -> %System32%\export -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] flvDX.dll -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 126112 bytes | Created Date = 24/01/2007 19:33:44 | Attr = ] folder.htt -> %System32%\folder.htt -> [Ver = | Size = 21844 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ] gb2312.uce -> %System32%\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 24/01/2007 19:40:38 | Attr = ] GroupPolicy -> %System32%\GroupPolicy -> [Folder | Created Date = 24/01/2007 19:51:33 | Attr = H ] Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 04/04/2007 06:11:45 | Attr = ] hticons.dll -> %System32%\hticons.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.6684 | Size = 21776 bytes | Created Date = 24/01/2007 19:40:35 | Attr = ] HTML.OCX -> %System32%\HTML.OCX -> NetManage Inc. [Ver = 6.02.1194 | Size = 169472 bytes | Created Date = 25/01/2007 08:27:08 | Attr = ] hypertrm.dll -> %System32%\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.7000 | Size = 583440 bytes | Created Date = 24/01/2007 19:40:35 | Attr = ] i420vfw.dll -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ] ias -> %System32%\ias -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] ideograf.uce -> %System32%\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ] ie_de -> %System32%\ie_de -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] ImageDrive.cpl -> %System32%\ImageDrive.cpl -> Ahead Software AG [Ver = 2, 23, 0, 14 | Size = 57344 bytes | Created Date = 29/01/2007 19:12:23 | Attr = ] imagr5.dll -> %System32%\imagr5.dll -> Pegasus Software,LLC [Ver = 5.00.304 | Size = 569344 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ] imagx5.dll -> %System32%\imagx5.dll -> Pegasus Software, LLC [Ver = 5.00.014 | Size = 544768 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ] ImagXpr5.dll -> %System32%\ImagXpr5.dll -> Pegasus Software, LLC [Ver = 5.00.009 | Size = 283920 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ] imgadmin.ocx -> %System32%\imgadmin.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 104208 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] imgcmn.dll -> %System32%\imgcmn.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 63760 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] imgedit.ocx -> %System32%\imgedit.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 311056 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ] imgscan.ocx -> %System32%\imgscan.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 119568 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] imgshl.dll -> %System32%\imgshl.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13584 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] imgthumb.ocx -> %System32%\imgthumb.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 108816 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] inetsrv -> %System32%\inetsrv -> [Folder | Created Date = 24/01/2007 19:43:23 | Attr = ] instcat.sql -> %System32%\instcat.sql -> [Ver = | Size = 766934 bytes | Created Date = 29/01/2007 20:26:10 | Attr = ] IOSUBSYS -> %System32%\IOSUBSYS -> [Folder | Created Date = 11/03/2007 19:17:43 | Attr = ] irxgskvw.PIF -> %System32%\irxgskvw.PIF -> [Ver = | Size = 2855 bytes | Created Date = 21/03/2007 23:23:32 | Attr = ] java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ] javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ] javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ] jpeg1x32.dll -> %System32%\jpeg1x32.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 27920 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] jpeg2x32.dll -> %System32%\jpeg2x32.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 38160 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 11/02/2007 12:15:23 | Attr = ] kanji_1.uce -> %System32%\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ] kanji_2.uce -> %System32%\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ] Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 16/03/2007 20:49:37 | Attr = ] korean.uce -> %System32%\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ] l3codeca.acm -> %System32%\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0305 | Size = 290816 bytes | Created Date = 23/02/2007 14:26:59 | Attr = ] l3codecx.ax -> %System32%\l3codecx.ax -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 5, 0, 50 | Size = 83456 bytes | Created Date = 29/01/2007 20:22:27 | Attr = ] Macromed -> %System32%\Macromed -> [Folder | Created Date = 24/01/2007 22:35:41 | Attr = ] mapisvc.inf -> %System32%\mapisvc.inf -> [Ver = | Size = 725 bytes | Created Date = 24/01/2007 19:41:47 | Attr = ] massvc32.exe -> %System32%\massvc32.exe -> [Ver = | Size = 0 bytes | Created Date = 18/03/2007 12:34:52 | Attr = ] MatroskaDX.ax -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] mciqtz32.dll -> %System32%\mciqtz32.dll -> [Ver = | Size = 34304 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] Microsoft -> %System32%\Microsoft -> [Folder | Created Date = 24/01/2007 19:49:12 | Attr = ] mpeg2data.ax -> %System32%\mpeg2data.ax -> [Ver = | Size = 57856 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ] mpg2splt.ax -> %System32%\mpg2splt.ax -> [Ver = | Size = 136192 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] msconfig.chm -> %System32%\msconfig.chm -> [Ver = | Size = 18069 bytes | Created Date = 27/01/2007 13:06:03 | Attr = ] msdmo.dll -> %System32%\msdmo.dll -> [Ver = | Size = 13312 bytes | Created Date = 29/01/2007 20:22:27 | Attr = ] msdtcprf.h -> %System32%\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 24/01/2007 19:40:36 | Attr = ] msdtcprf.ini -> %System32%\msdtcprf.ini -> [Ver = | Size = 3863 bytes | Created Date = 24/01/2007 19:40:36 | Attr = ] msdvbnp.ax -> %System32%\msdvbnp.ax -> [Ver = | Size = 52224 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ] mui -> %System32%\mui -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] N067UFW.dll -> %System32%\N067UFW.dll -> CANON INC. [Ver = 1.010 | Size = 339968 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ] n2k.bmp -> %System32%\n2k.bmp -> [Ver = | Size = 2048 bytes | Created Date = 24/01/2007 19:40:47 | Attr = ] NeroCheck.exe -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Created Date = 29/01/2007 19:12:00 | Attr = ] NMOCOD.DLL -> %System32%\NMOCOD.DLL -> [Ver = | Size = 240640 bytes | Created Date = 25/01/2007 08:27:08 | Attr = ] NMORENU.DLL -> %System32%\NMORENU.DLL -> NetManage Inc. [Ver = 6.02.1198 | Size = 66560 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ] NMSCKN.DLL -> %System32%\NMSCKN.DLL -> NetManage Inc. [Ver = 6.02.1194 | Size = 48128 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ] NMW3VWN.DLL -> %System32%\NMW3VWN.DLL -> NetManage Inc. [Ver = 6.02.1194 | Size = 462848 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ] npp -> %System32%\npp -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 24/01/2007 19:42:49 | Attr = ] nsp.dll -> %System32%\nsp.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 114688 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ] nspa6.dll -> %System32%\nspa6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1429504 bytes | Created Date = 23/02/2007 14:25:17 | Attr = ] nspm5.dll -> %System32%\nspm5.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1335296 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ] nspm6.dll -> %System32%\nspm6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1404928 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ] nspp6.dll -> %System32%\nspp6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1318912 bytes | Created Date = 23/02/2007 14:25:18 | Attr = ] nsppx.dll -> %System32%\nsppx.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1306624 bytes | Created Date = 23/02/2007 14:25:16 | Attr = ] nspw7.dll -> %System32%\nspw7.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1441792 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ] NtmsData -> %System32%\NtmsData -> [Folder | Created Date = 24/01/2007 19:49:57 | Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Created Date = 24/01/2007 20:04:49 | Attr = ] nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 17056 bytes | Created Date = 24/01/2007 20:04:47 | Attr = ] nvudisp.exe -> %System32%\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 24/01/2007 20:04:47 | Attr = ] NVUNINST.EXE -> %System32%\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 24/01/2007 20:04:39 | Attr = ] odbcconf.rsp -> %System32%\odbcconf.rsp -> [Ver = | Size = 28 bytes | Created Date = 29/01/2007 20:25:50 | Attr = ] oieng400.dll -> %System32%\oieng400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 444176 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ] oiprt400.dll -> %System32%\oiprt400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13072 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] oislb400.dll -> %System32%\oislb400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 21776 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] oissq400.dll -> %System32%\oissq400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13072 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] oitwa400.dll -> %System32%\oitwa400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 25872 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] oiui400.dll -> %System32%\oiui400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 63760 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ] os2 -> %System32%\os2 -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] Packet.dll -> %System32%\Packet.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 88952 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 04/04/2007 06:11:44 | Attr = ] Perflib_Perfdata_17c.dat -> %System32%\Perflib_Perfdata_17c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:29:07 | Attr = ] Perflib_Perfdata_188.dat -> %System32%\Perflib_Perfdata_188.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:24:49 | Attr = ] Perflib_Perfdata_1c0.dat -> %System32%\Perflib_Perfdata_1c0.dat -> [Ver = | Size = 16384 bytes | Created Date = 26/03/2007 17:53:43 | Attr = ] Perflib_Perfdata_234.dat -> %System32%\Perflib_Perfdata_234.dat -> [Ver = | Size = 16384 bytes | Created Date = 27/03/2007 22:31:49 | Attr = ] Perflib_Perfdata_2c0.dat -> %System32%\Perflib_Perfdata_2c0.dat -> [Ver = | Size = 16384 bytes | Created Date = 13/02/2007 11:02:22 | Attr = ] Perflib_Perfdata_310.dat -> %System32%\Perflib_Perfdata_310.dat -> [Ver = | Size = 16384 bytes | Created Date = 29/03/2007 18:19:26 | Attr = ] Perflib_Perfdata_314.dat -> %System32%\Perflib_Perfdata_314.dat -> [Ver = | Size = 16384 bytes | Created Date = 28/03/2007 19:46:52 | Attr = ] Perflib_Perfdata_31c.dat -> %System32%\Perflib_Perfdata_31c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 19:22:28 | Attr = ] Perflib_Perfdata_4d8.dat -> %System32%\Perflib_Perfdata_4d8.dat -> [Ver = | Size = 16384 bytes | Created Date = 28/02/2007 18:33:52 | Attr = ] Perflib_Perfdata_57c.dat -> %System32%\Perflib_Perfdata_57c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:45:43 | Attr = ] Perflib_Perfdata_5b8.dat -> %System32%\Perflib_Perfdata_5b8.dat -> [Ver = | Size = 16384 bytes | Created Date = 19/03/2007 20:25:03 | Attr = ] Perflib_Perfdata_5c8.dat -> %System32%\Perflib_Perfdata_5c8.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 19:06:27 | Attr = ] Perflib_Perfdata_5d8.dat -> %System32%\Perflib_Perfdata_5d8.dat -> [Ver = | Size = 16384 bytes | Created Date = 22/03/2007 19:38:05 | Attr = ] Perflib_Perfdata_60c.dat -> %System32%\Perflib_Perfdata_60c.dat -> [Ver = | Size = 16384 bytes | Created Date = 22/03/2007 19:30:23 | Attr = ] Perflib_Perfdata_640.dat -> %System32%\Perflib_Perfdata_640.dat -> [Ver = | Size = 16384 bytes | Created Date = 20/03/2007 17:43:27 | Attr = ] PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 742792 bytes | Created Date = 24/01/2007 19:34:13 | Attr = ] picn20.dll -> %System32%\picn20.dll -> Pegasus Imaging Corp. [Ver = 1.0.0.54 | Size = 38912 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ] pncrt.dll -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ] pndx5016.dll -> %System32%\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ] pndx5032.dll -> %System32%\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ] Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] PROTOCOL.INI -> %System32%\PROTOCOL.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:47 | Attr = ] PSCLK170.dll -> %System32%\PSCLK170.dll -> Canon. Inc [Ver = 2003, 7, 24, 1 | Size = 81920 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ] PSDrvCheck.CHS -> %System32%\PSDrvCheck.CHS -> [Ver = 1.0.0.56 | Size = 16384 bytes | Created Date = 23/02/2007 14:25:15 | Attr = ] PSDrvCheck.CHT -> %System32%\PSDrvCheck.CHT -> [Ver = 1.0.0.56 | Size = 26112 bytes | Created Date = 23/02/2007 14:25:15 | Attr = ] PSDrvCheck.DE -> %System32%\PSDrvCheck.DE -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:16 | Attr = ] PSDrvCheck.DEU -> %System32%\PSDrvCheck.DEU -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ] PSDrvCheck.ES -> %System32%\PSDrvCheck.ES -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ] PSDrvCheck.ESP -> %System32%\PSDrvCheck.ESP -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ] PSDrvCheck.exe -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.56 | Size = 396800 bytes | Created Date = 23/02/2007 14:25:18 | Attr = ] PSDrvCheck.FR -> %System32%\PSDrvCheck.FR -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:12 | Attr = ] PSDrvCheck.FRA -> %System32%\PSDrvCheck.FRA -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:21 | Attr = ] PSDrvCheck.IT -> %System32%\PSDrvCheck.IT -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:11 | Attr = ] PSDrvCheck.ITA -> %System32%\PSDrvCheck.ITA -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:09 | Attr = ] PSDrvCheck.KOR -> %System32%\PSDrvCheck.KOR -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:14 | Attr = ] PSDrvCheck.NL -> %System32%\PSDrvCheck.NL -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:14 | Attr = ] PSDrvCheck.NLD -> %System32%\PSDrvCheck.NLD -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:21 | Attr = ] psisdecd.dll -> %System32%\psisdecd.dll -> [Ver = | Size = 354816 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ] psisrndr.ax -> %System32%\psisrndr.ax -> [Ver = | Size = 30208 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ] pthreadVC.dll -> %System32%\pthreadVC.dll -> [Ver = | Size = 53299 bytes | Created Date = 25/01/2007 18:31:36 | Attr = ] px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 514808 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.95a | Size = 477944 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.41a | Size = 68344 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 183032 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 379640 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] qedwipes.dll -> %System32%\qedwipes.dll -> [Ver = | Size = 733184 bytes | Created Date = 29/01/2007 20:22:28 | Attr = ] qkiiw.bat -> %System32%\qkiiw.bat -> [Ver = | Size = 121 bytes | Created Date = 19/03/2007 21:36:24 | Attr = ] ras -> %System32%\ras -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] RealMediaDX.ax -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] RLAPEDec.ax -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] RLMPCDec.ax -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] RLOgg.ax -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS] RLSpeexDec.ax -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS] RLTheoraDec.ax -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS] RLVorbisDec.ax -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS] rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ] rocket -> %System32%\rocket -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ] rpcproxy -> %System32%\rpcproxy -> [Folder | Created Date = 24/01/2007 19:43:23 | Attr = ] rtl70.bpl -> %System32%\rtl70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 778240 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ] rxwas.bat -> %System32%\rxwas.bat -> [Ver = | Size = 121 bytes | Created Date = 18/03/2007 11:18:58 | Attr = ] sczihu.bat -> %System32%\sczihu.bat -> [Ver = | Size = 116 bytes | Created Date = 16/03/2007 23:37:42 | Attr = ] Setup -> %System32%\Setup -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] SG62CPL.DLL -> %System32%\SG62CPL.DLL -> CANON INC. [Ver = 6.2.2 | Size = 28720 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ] SG62UUD.DLL -> %System32%\SG62UUD.DLL -> CANON INC. [Ver = 1.0.0.3 | Size = 114688 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ] ShellDHCP -> %System32%\ShellDHCP -> [Folder | Created Date = 25/02/2007 12:35:06 | Attr = ] ShellExt -> %System32%\ShellExt -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] shiftjis.uce -> %System32%\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] Shutdown.exe -> %System32%\Shutdown.exe -> [Ver = | Size = 35600 bytes | Created Date = 24/03/2007 18:35:56 | Attr = ] Smab.dll -> %System32%\Smab.dll -> [Ver = | Size = 845312 bytes | Created Date = 25/02/2007 12:35:07 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Created Date = 24/01/2007 20:32:13 | Attr = ] spool -> %System32%\spool -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] spxcoins.dll -> %System32%\spxcoins.dll -> Specialix International Ltd. [Ver = 1.0.0.0004 | Size = 150528 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] sqlsodbc.chm -> %System32%\sqlsodbc.chm -> [Ver = | Size = 46133 bytes | Created Date = 29/01/2007 20:26:13 | Attr = ] SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] subrange.uce -> %System32%\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ] swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ] SYSTEM.INI -> %System32%\SYSTEM.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:46 | Attr = ] tifflt.dll -> %System32%\tifflt.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2920.0000 | Size = 33552 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 1422 bytes | Created Date = 26/03/2007 18:33:16 | Attr = ] tunes.bmp -> %System32%\tunes.bmp -> [Ver = | Size = 1584 bytes | Created Date = 24/01/2007 19:40:47 | Attr = ] UCS32P.DLL -> %System32%\UCS32P.DLL -> Canon [Ver = 1.9.1 | Size = 323644 bytes | Created Date = 24/01/2007 20:12:15 | Attr = R ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 04/04/2007 06:11:45 | Attr = ] vcl70.bpl -> %System32%\vcl70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 1381376 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ] vclx70.bpl -> %System32%\vclx70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 215040 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ] vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.72a | Size = 39672 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ] WanPacket.dll -> %System32%\WanPacket.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 68480 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ] wbem -> %System32%\wbem -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] WIN.INI -> %System32%\WIN.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:46 | Attr = ] Windows Media -> %System32%\Windows Media -> [Folder | Created Date = 28/03/2007 13:50:25 | Attr = ] wins -> %System32%\wins -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] wpcap.dll -> %System32%\wpcap.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 240496 bytes | Created Date = 25/01/2007 18:31:36 | Attr = ] x.264.exe -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ] xdll.bat -> %System32%\xdll.bat -> [Ver = | Size = 114 bytes | Created Date = 20/03/2007 17:48:14 | Attr = ] xiffr3_0.dll -> %System32%\xiffr3_0.dll -> Scansoft [Ver = 3. 0. 0. 18 | Size = 641808 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] yv12vfw.dll -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ] ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 04/04/2007 06:12:21 | Attr = ] 12520437.cpx -> %System32%\dllcache\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ] 12520850.cpx -> %System32%\dllcache\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ] amstream.dll -> %System32%\dllcache\amstream.dll -> [Ver = | Size = 64512 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] dgrpsetu.dll -> %System32%\dllcache\dgrpsetu.dll -> Digi [Ver = 2.2.1 | Size = 123904 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] dgsetup.dll -> %System32%\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.1.10 | Size = 86288 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] eqnclass.dll -> %System32%\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 3.0d | Size = 176400 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] fpencode.dll -> %System32%\dllcache\fpencode.dll -> [Ver = | Size = 94208 bytes | Created Date = 24/01/2007 19:43:46 | Attr = ] htrn_jis.dll -> %System32%\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.6684 | Size = 11536 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ] mciqtz32.dll -> %System32%\dllcache\mciqtz32.dll -> [Ver = | Size = 34304 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] mei32api.dll -> %System32%\dllcache\mei32api.dll -> IBM Corporation [Ver = 2.60.35 | Size = 31232 bytes | Created Date = 24/01/2007 19:44:03 | Attr = ] meiw0439.dll -> %System32%\dllcache\meiw0439.dll -> IBM Corporation [Ver = 2.60.35 | Size = 83968 bytes | Created Date = 24/01/2007 19:44:03 | Attr = ] mpg2splt.ax -> %System32%\dllcache\mpg2splt.ax -> [Ver = | Size = 136192 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ] mwave.dll -> %System32%\dllcache\mwave.dll -> IBM Corporation [Ver = 2.60.35 | Size = 50688 bytes | Created Date = 24/01/2007 19:44:14 | Attr = ] mwavesrv.dll -> %System32%\dllcache\mwavesrv.dll -> IBM Corporation [Ver = 2.60.35 | Size = 129024 bytes | Created Date = 24/01/2007 19:44:14 | Attr = ] mwblw32.dll -> %System32%\dllcache\mwblw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 56832 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ] mwci32.dll -> %System32%\dllcache\mwci32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 51712 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ] mwcicore.dll -> %System32%\dllcache\mwcicore.dll -> IBM Corporation [Ver = 2.60.35 | Size = 71680 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ] mwcload.exe -> %System32%\dllcache\mwcload.exe -> IBM Corporation [Ver = 2.60.35 | Size = 56832 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ] mwcloadw.exe -> %System32%\dllcache\mwcloadw.exe -> IBM Corporation [Ver = 2.60.35 | Size = 60928 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ] mwclw32.dll -> %System32%\dllcache\mwclw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 90624 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwcnam32.dll -> %System32%\dllcache\mwcnam32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 33280 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwcpa32.cpl -> %System32%\dllcache\mwcpa32.cpl -> IBM Corporation [Ver = 2.60.35 | Size = 94208 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwcpyrt.exe -> %System32%\dllcache\mwcpyrt.exe -> IBM Corporation [Ver = 2.60.35 | Size = 26112 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwcsw32.exe -> %System32%\dllcache\mwcsw32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 160256 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwmdmsvc.exe -> %System32%\dllcache\mwmdmsvc.exe -> IBM Corporation [Ver = 2.60.35 | Size = 50688 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwmlw32.dll -> %System32%\dllcache\mwmlw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 262144 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwmmw32.dll -> %System32%\dllcache\mwmmw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 40448 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwmpw32.dll -> %System32%\dllcache\mwmpw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 164352 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ] mwmw32.dll -> %System32%\dllcache\mwmw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 121344 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwrcov16.exe -> %System32%\dllcache\mwrcov16.exe -> IBM Corporation [Ver = 2.60:35 | Size = 42496 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwremind.exe -> %System32%\dllcache\mwremind.exe -> IBM Corporation [Ver = 2.60.35 | Size = 202752 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwsetupk.sys -> %System32%\dllcache\mwsetupk.sys -> IBM Corporation [Ver = 2.60.01.0 | Size = 5376 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwssw32.exe -> %System32%\dllcache\mwssw32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 29184 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwwdm.sys -> %System32%\dllcache\mwwdm.sys -> IBM Corporation [Ver = 2.60.05.0 | Size = 39200 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwwdmhlp.dll -> %System32%\dllcache\mwwdmhlp.dll -> IBM Corporation [Ver = 2.60.35 | Size = 30720 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] mwwtt32.dll -> %System32%\dllcache\mwwtt32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 108032 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ] nt5.cat -> %System32%\dllcache\nt5.cat -> [Ver = | Size = 1847411 bytes | Created Date = 24/01/2007 19:33:57 | Attr = ] nt5inf.cat -> %System32%\dllcache\nt5inf.cat -> [Ver = | Size = 97252 bytes | Created Date = 24/01/2007 19:33:57 | Attr = ] odbcconf.rsp -> %System32%\dllcache\odbcconf.rsp -> [Ver = | Size = 28 bytes | Created Date = 29/01/2007 20:25:50 | Attr = ] pinball.exe -> %System32%\dllcache\pinball.exe -> Cinematronics [Ver = 5.00.2134.1 | Size = 305424 bytes | Created Date = 24/01/2007 19:40:51 | Attr = ] qtest32.exe -> %System32%\dllcache\qtest32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 155648 bytes | Created Date = 24/01/2007 19:44:29 | Attr = ] qtestm32.dll -> %System32%\dllcache\qtestm32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 31744 bytes | Created Date = 24/01/2007 19:44:29 | Attr = ] rtl8139.sys -> %System32%\dllcache\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.366.0818.1999 | Size = 18704 bytes | Created Date = 15/03/2007 19:12:18 | Attr = ] spxcoins.dll -> %System32%\dllcache\spxcoins.dll -> Specialix International Ltd. [Ver = 1.0.0.0004 | Size = 150528 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ] srgb.icm -> %System32%\dllcache\srgb.icm -> [Ver = | Size = 3144 bytes | Created Date = 02/02/2007 09:12:39 | Attr = ] tcarc.sys -> %System32%\dllcache\tcarc.sys -> Thomas-Conrad Corporation [Ver = 1.10.0.0 | Size = 10800 bytes | Created Date = 24/01/2007 19:44:46 | Attr = ] tifflt.dll -> %System32%\dllcache\tifflt.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2920.0000 | Size = 33552 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] wangimg.exe -> %System32%\dllcache\wangimg.exe -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 7440 bytes | Created Date = 24/01/2007 19:44:52 | Attr = ] xiffr3_0.dll -> %System32%\dllcache\xiffr3_0.dll -> Scansoft [Ver = 3. 0. 0. 18 | Size = 641808 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ] xilinxit.dll -> %System32%\dllcache\xilinxit.dll -> IBM Corporation [Ver = 2.60.35 | Size = 36352 bytes | Created Date = 24/01/2007 19:44:55 | Attr = ] ALCXWDM.SYS -> %System32%\drivers\ALCXWDM.SYS -> Avance Logic, Inc. [Ver = 5.10.3610 | Size = 285533 bytes | Created Date = 24/01/2007 20:00:19 | Attr = ] asapiW2k.sys -> %System32%\drivers\asapiW2k.sys -> VOB Computersysteme GmbH [Ver = 6, 0, 0, 1 | Size = 11264 bytes | Created Date = 23/02/2007 14:25:12 | Attr = ] atksgt.sys -> %System32%\drivers\atksgt.sys -> [Ver = | Size = 271360 bytes | Created Date = 03/02/2007 13:29:45 | Attr = ] AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 19/03/2007 18:40:07 | Attr = ] cdr4_2k.sys -> %System32%\drivers\cdr4_2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 11/03/2007 19:17:54 | Attr = ] cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 11/03/2007 19:17:54 | Attr = ] disdn -> %System32%\drivers\disdn -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] etc -> %System32%\drivers\etc -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ] fbxusb32.sys -> %System32%\drivers\fbxusb32.sys -> FreeBox SA [Ver = 1.3.0.0 | Size = 21344 bytes | Created Date = 24/01/2007 20:09:40 | Attr = R ] gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ] imagedrv.sys -> %System32%\drivers\imagedrv.sys -> Ahead Software AG and its licensors [Ver = 2.23.0.0 | Size = 89184 bytes | Created Date = 29/01/2007 19:12:23 | Attr = ] lirsgt.sys -> %System32%\drivers\lirsgt.sys -> [Ver = | Size = 18048 bytes | Created Date = 03/02/2007 13:29:44 | Attr = ] npf.sys -> %System32%\drivers\npf.sys -> CACE Technologies [Ver = 4.0.0.755 | Size = 42000 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ] nwlnkcr.sys -> %System32%\drivers\nwlnkcr.sys -> [Ver = | Size = 18 bytes | Created Date = 31/03/2007 11:53:31 | Attr = ] rob_a.sys -> %System32%\drivers\rob_a.sys -> Pinnacle Systems GmbH [Ver = 1.0.2.8 | Size = 17664 bytes | Created Date = 02/02/2007 09:07:53 | Attr = R ] rob_v.sys -> %System32%\drivers\rob_v.sys -> Pinnacle Systems GmbH [Ver = 1.0.2.35 | Size = 125568 bytes | Created Date = 24/01/2007 20:20:32 | Attr = R ] RTL8139.sys -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.366.0818.1999 | Size = 18704 bytes | Created Date = 15/03/2007 19:12:18 | Attr = ] SECDRV.SYS -> %System32%\drivers\SECDRV.SYS -> Macrovision Europe Ltd [Ver = 3.18.000 | Size = 12400 bytes | Created Date = 25/01/2007 08:18:33 | Attr = ] sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 642560 bytes | Created Date = 25/01/2007 08:07:32 | Attr = ] sptd5725.sys -> %System32%\drivers\sptd5725.sys -> [Ver = | Size = 74192 bytes | Created Date = 25/01/2007 08:07:32 | Attr = ] SvStream.sys -> %System32%\drivers\SvStream.sys -> Sound Vision Inc. [Ver = 1, 1, 0, 9 | Size = 93144 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ] vaxscsi.sys -> %System32%\drivers\vaxscsi.sys -> [Ver = | Size = 223128 bytes | Created Date = 25/01/2007 08:10:44 | Attr = ] VIAAGP1.SYS -> %System32%\drivers\VIAAGP1.SYS -> VIA Technologies, Inc. [Ver = 5.00.00.0405 | Size = 23730 bytes | Created Date = 24/01/2007 19:56:20 | Attr = R ] viaide.sys -> %System32%\drivers\viaide.sys -> VIA Technologies, Inc. [Ver = 5.00.2195.5110 | Size = 4795 bytes | Created Date = 24/01/2007 19:56:22 | Attr = R ] VIAPFD.SYS -> %System32%\drivers\VIAPFD.SYS -> VIA Technologies. Inc. [Ver = 5.00.2195.100 | Size = 3033 bytes | Created Date = 24/01/2007 19:55:55 | Attr = ] viausb.sys -> %System32%\drivers\viausb.sys -> VIA Technologies, Inc. [Ver = 1.08 | Size = 9038 bytes | Created Date = 24/01/2007 19:55:55 | Attr = ] [Files/Folders - Modified Within 90 days] !Submit -> %SystemDrive%\!Submit -> [Folder | Modified Date = 15/03/2007 20:38:30 | Attr = ] AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = ] avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 06/04/2007 07:25:34 | Attr = ] b48da1ca53575bea94a6b53607 -> %SystemDrive%\b48da1ca53575bea94a6b53607 -> [Folder | Modified Date = 28/03/2007 14:49:14 | Attr = ] Bases -> %SystemDrive%\Bases -> [Folder | Modified Date = 24/03/2007 19:12:56 | Attr = ] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 202 bytes | Modified Date = 05/04/2007 18:54:28 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 31/03/2007 08:48:10 | Attr = HS] CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = H ] Directx -> %SystemDrive%\Directx -> [Folder | Modified Date = 28/01/2007 20:19:36 | Attr = ] Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 26/02/2007 16:07:24 | Attr = ] Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 24/03/2007 19:12:38 | Attr = ] getfile.dat -> %SystemDrive%\getfile.dat -> [Ver = | Size = 14 bytes | Modified Date = 19/03/2007 21:12:34 | Attr = ] IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = RHS] Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 25/03/2007 14:16:48 | Attr = ] MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = RHS] Myst V End Of Ages -> %SystemDrive%\Myst V End Of Ages -> [Folder | Modified Date = 28/03/2007 10:45:22 | Attr = ] Nvidia Driver Geforce fx5200 -> %SystemDrive%\Nvidia Driver Geforce fx5200 -> [Folder | Modified Date = 24/01/2007 21:04:34 | Attr = ] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 04/04/2007 23:08:46 | Attr = R ] RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 24/01/2007 21:41:50 | Attr = HS] System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 24/01/2007 20:49:16 | Attr = HS] WINNT -> %SystemRoot% -> [Folder | Modified Date = 08/04/2007 19:27:30 | Attr = ] $NtUpdateRollupPackUninstall$ -> %SystemRoot%\$NtUpdateRollupPackUninstall$ -> [Folder | Modified Date = 28/03/2007 14:50:02 | Attr = H ] $SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> %SystemRoot%\$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> [Folder | Modified Date = 29/03/2007 20:09:10 | Attr = H ] addins -> %SystemRoot%\addins -> [Folder | Modified Date = 24/01/2007 21:30:32 | Attr = ] AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 08/04/2007 13:20:34 | Attr = ] AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Modified Date = 27/01/2007 13:30:18 | Attr = ] AU_Log -> %SystemRoot%\AU_Log -> [Folder | Modified Date = 27/01/2007 13:25:12 | Attr = ] AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Modified Date = 15/03/2007 21:15:00 | Attr = ] avrack.ini -> %SystemRoot%\avrack.ini -> [Ver = | Size = 164 bytes | Modified Date = 24/01/2007 21:47:52 | Attr = ] Awm4midi.ini -> %SystemRoot%\Awm4midi.ini -> [Ver = | Size = 276 bytes | Modified Date = 29/01/2007 21:29:58 | Attr = ] bdinit.ini -> %SystemRoot%\bdinit.ini -> [Ver = | Size = 10 bytes | Modified Date = 16/03/2007 21:40:16 | Attr = ] BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 20/03/2007 23:55:02 | Attr = ] BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] Config -> %SystemRoot%\Config -> [Folder | Modified Date = 24/01/2007 21:30:48 | Attr = ] Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = ] Cookies -> %SystemRoot%\Cookies -> [Folder | Modified Date = 17/03/2007 19:27:50 | Attr = S] CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 10/04/2007 09:03:02 | Attr = HS] Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 25/02/2007 13:26:38 | Attr = ] Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 10/04/2007 09:03:34 | Attr = ] desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 271 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 22/02/2007 21:19:10 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 08/04/2007 13:20:14 | Attr = S] Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] Fichiers d'installation de Windows Update -> %SystemRoot%\Fichiers d'installation de Windows Update -> [Folder | Modified Date = 24/02/2007 21:16:52 | Attr = ] folder.htt -> %SystemRoot%\folder.htt -> [Ver = | Size = 21844 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 23/02/2007 15:25:24 | Attr = R S] GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Modified Date = 15/03/2007 21:15:00 | Attr = ] gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ] gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Modified Date = 07/03/2007 15:52:36 | Attr = ] gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Modified Date = 03/04/2007 23:35:16 | Attr = ] gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ] hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] Help -> %SystemRoot%\Help -> [Folder | Modified Date = 31/03/2007 18:44:28 | Attr = ] Historique -> %SystemRoot%\Historique -> [Folder | Modified Date = 04/02/2007 18:41:38 | Attr = S] hpdj5100.his -> %SystemRoot%\hpdj5100.his -> [Ver = | Size = 180248 bytes | Modified Date = 02/02/2007 10:16:08 | Attr = ] hpdj5100.ini -> %SystemRoot%\hpdj5100.ini -> [Ver = | Size = 11413 bytes | Modified Date = 02/02/2007 10:16:08 | Attr = ] ime -> %SystemRoot%\ime -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ] imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1418 bytes | Modified Date = 29/03/2007 21:33:04 | Attr = ] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 08/04/2007 00:59:36 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 31/03/2007 08:48:10 | Attr = HS] LPT$VPN.219 -> %SystemRoot%\LPT$VPN.219 -> [Ver = | Size = 25798821 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] Media -> %SystemRoot%\Media -> [Folder | Modified Date = 24/01/2007 23:44:10 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 17/03/2007 19:24:54 | Attr = ] mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 4243 bytes | Modified Date = 31/03/2007 08:48:16 | Attr = ] msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 29/03/2007 20:00:44 | Attr = ] msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 24/01/2007 23:20:32 | Attr = ] msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Modified Date = 25/02/2007 13:28:36 | Attr = H ] msiinst.tmp -> %SystemRoot%\msiinst.tmp -> [Folder | Modified Date = 28/03/2007 15:02:42 | Attr = ] mww32 -> %SystemRoot%\mww32 -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ] NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 49 bytes | Modified Date = 07/04/2007 23:52:24 | Attr = ] nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 22:41:48 | Attr = ] nview -> %SystemRoot%\nview -> [Folder | Modified Date = 24/01/2007 21:05:56 | Attr = ] ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 207 bytes | Modified Date = 11/03/2007 17:25:40 | Attr = ] ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4429 bytes | Modified Date = 29/01/2007 21:26:16 | Attr = ] Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 24/01/2007 20:42:12 | Attr = R ] OpPrintServer.INI -> %SystemRoot%\OpPrintServer.INI -> [Ver = | Size = 0 bytes | Modified Date = 07/03/2007 15:16:54 | Attr = ] PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ] PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 21/03/2007 01:15:08 | Attr = H ] pss -> %SystemRoot%\pss -> [Folder | Modified Date = 27/01/2007 15:06:58 | Attr = ] QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 08/04/2007 19:27:30 | Attr = ] QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 08/04/2007 19:27:30 | Attr = H ] RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 24/02/2007 21:18:34 | Attr = ] Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/01/2007 20:41:42 | Attr = ] REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 07/03/2007 15:24:42 | Attr = ] repair -> %SystemRoot%\repair -> [Folder | Modified Date = 24/01/2007 20:43:16 | Attr = ] report -> %SystemRoot%\report -> [Folder | Modified Date = 15/03/2007 21:15:18 | Attr = ] RUNAWAY.INI -> %SystemRoot%\RUNAWAY.INI -> [Ver = | Size = 40 bytes | Modified Date = 28/01/2007 20:27:40 | Attr = ] security -> %SystemRoot%\security -> [Folder | Modified Date = 08/04/2007 22:09:06 | Attr = ] setup.inf -> %SystemRoot%\setup.inf -> [Ver = | Size = 957 bytes | Modified Date = 29/03/2007 19:27:42 | Attr = ] setup.rpt -> %SystemRoot%\setup.rpt -> [Ver = | Size = 283 bytes | Modified Date = 29/03/2007 19:27:42 | Attr = ] ShellNew -> %SystemRoot%\ShellNew -> [Folder | Modified Date = 24/01/2007 23:44:00 | Attr = ] SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 04/04/2007 09:48:32 | Attr = ] Speech -> %SystemRoot%\Speech -> [Folder | Modified Date = 24/01/2007 20:34:12 | Attr = ] Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 14/02/2007 14:58:38 | Attr = ] system -> %SystemRoot%\system -> [Folder | Modified Date = 28/03/2007 17:04:00 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 05/04/2007 18:54:28 | Attr = ] system32 -> %System32% -> [Folder | Modified Date = 10/04/2007 09:03:50 | Attr = ] Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 08/04/2007 14:47:20 | Attr = S] temp -> %SystemRoot%\temp -> [Folder | Modified Date = 10/04/2007 09:14:26 | Attr = ] Temporary Internet Files -> %SystemRoot%\Temporary Internet Files -> [Folder | Modified Date = 04/02/2007 18:41:38 | Attr = S] TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ] tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Modified Date = 15/03/2007 22:37:30 | Attr = ] tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1992471 bytes | Modified Date = 27/01/2007 13:30:18 | Attr = ] twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 07/03/2007 15:22:42 | Attr = ] UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ] vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 24/01/2007 20:41:12 | Attr = ] vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 24/01/2007 20:41:12 | Attr = ] vpd.properties -> %SystemRoot%\vpd.properties -> [Ver = | Size = 4508 bytes | Modified Date = 22/02/2007 21:02:52 | Attr = ] VPTNFILE.219 -> %SystemRoot%\VPTNFILE.219 -> [Ver = | Size = 25798821 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 15095 bytes | Modified Date = 10/02/2007 18:22:56 | Attr = ] War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 126976 bytes | Modified Date = 10/02/2007 18:12:04 | Attr = ] War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Modified Date = 10/02/2007 18:12:04 | Attr = ] Web -> %SystemRoot%\Web -> [Folder | Modified Date = 29/03/2007 20:07:12 | Attr = S] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 877 bytes | Modified Date = 10/04/2007 09:14:00 | Attr = ] WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 23/02/2007 15:26:58 | Attr = ] ~TempMui.inf -> %SystemRoot%\~TempMui.inf -> [Ver = | Size = 5538 bytes | Modified Date = 29/01/2007 21:26:20 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 10/04/2007 09:03:00 | Attr = H ] $winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 341 bytes | Modified Date = 24/01/2007 20:33:56 | Attr = ] ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 08/04/2007 13:20:14 | Attr = ] amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 24/01/2007 20:42:50 | Attr = ] appmgmt -> %System32%\appmgmt -> [Folder | Modified Date = 02/02/2007 10:16:48 | Attr = ] bedgsly.bat -> %System32%\bedgsly.bat -> [Ver = | Size = 129 bytes | Modified Date = 20/03/2007 18:48:26 | Attr = ] BITS -> %System32%\BITS -> [Folder | Modified Date = 28/03/2007 20:49:34 | Attr = ] CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 28/01/2007 20:20:22 | Attr = ] Com -> %System32%\Com -> [Folder | Modified Date = 29/03/2007 20:04:24 | Attr = ] config -> %System32%\config -> [Folder | Modified Date = 04/04/2007 09:49:26 | Attr = ] CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Modified Date = 27/01/2007 19:29:26 | Attr = ] d3d9caps.dat -> %System32%\d3d9caps.dat -> [Ver = | Size = 664 bytes | Modified Date = 29/01/2007 21:27:32 | Attr = ] desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 271 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ] dfrg.msc -> %System32%\dfrg.msc -> [Ver = | Size = 101376 bytes | Modified Date = 02/02/2007 20:01:52 | Attr = ] dhcp -> %System32%\dhcp -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] DirectX -> %System32%\DirectX -> [Folder | Modified Date = 22/02/2007 21:08:56 | Attr = ] dllcache -> %System32%\dllcache -> [Folder | Modified Date = 03/04/2007 23:22:30 | Attr = RHS] DonationCoder_urlsnooper_InstallInfo.dat -> %System32%\DonationCoder_urlsnooper_InstallInfo.dat -> [Ver = | Size = 46 bytes | Modified Date = 21/02/2007 14:44:12 | Attr = ] dp.exe -> %System32%\dp.exe -> [Ver = | Size = 0 bytes | Modified Date = 28/03/2007 12:12:18 | Attr = ] drivers -> %System32%\drivers -> [Folder | Modified Date = 10/04/2007 09:04:56 | Attr = ] DTCLog -> %System32%\DTCLog -> [Folder | Modified Date = 24/01/2007 20:41:04 | Attr = ] emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 15204 bytes | Modified Date = 24/01/2007 20:41:42 | Attr = ] export -> %System32%\export -> [Folder | Modified Date = 24/01/2007 20:34:14 | Attr = ] FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 126112 bytes | Modified Date = 03/04/2007 23:22:44 | Attr = ] folder.htt -> %System32%\folder.htt -> [Ver = | Size = 21844 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ] GroupPolicy -> %System32%\GroupPolicy -> [Folder | Modified Date = 24/01/2007 20:51:34 | Attr = H ] Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ] ias -> %System32%\ias -> [Folder | Modified Date = 24/01/2007 21:31:28 | Attr = ] ie_de -> %System32%\ie_de -> [Folder | Modified Date = 24/01/2007 21:31:30 | Attr = ] inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 24/01/2007 20:43:24 | Attr = ] IOSUBSYS -> %System32%\IOSUBSYS -> [Folder | Modified Date = 08/04/2007 00:59:36 | Attr = ] irxgskvw.PIF -> %System32%\irxgskvw.PIF -> [Ver = | Size = 2855 bytes | Modified Date = 22/03/2007 00:23:34 | Attr = ] Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 16/03/2007 21:49:38 | Attr = ] Macromed -> %System32%\Macromed -> [Folder | Modified Date = 24/01/2007 23:35:42 | Attr = ] mapisvc.inf -> %System32%\mapisvc.inf -> [Ver = | Size = 725 bytes | Modified Date = 24/01/2007 20:41:48 | Attr = ] massvc32.exe -> %System32%\massvc32.exe -> [Ver = | Size = 0 bytes | Modified Date = 18/03/2007 13:34:54 | Attr = ] Microsoft -> %System32%\Microsoft -> [Folder | Modified Date = 27/03/2007 23:52:58 | Attr = ] mui -> %System32%\mui -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] npp -> %System32%\npp -> [Folder | Modified Date = 24/01/2007 21:30:52 | Attr = ] nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 24/01/2007 20:42:50 | Attr = ] NtmsData -> %System32%\NtmsData -> [Folder | Modified Date = 09/04/2007 10:02:58 | Attr = ] nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 10/04/2007 09:03:24 | Attr = ] os2 -> %System32%\os2 -> [Folder | Modified Date = 24/01/2007 21:31:18 | Attr = ] Packet.dll -> %System32%\Packet.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 88952 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ] pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ] perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 38036 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ] perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 45514 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ] perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 300378 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ] perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 354448 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ] Perflib_Perfdata_17c.dat -> %System32%\Perflib_Perfdata_17c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:29:08 | Attr = ] Perflib_Perfdata_188.dat -> %System32%\Perflib_Perfdata_188.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:24:50 | Attr = ] Perflib_Perfdata_1c0.dat -> %System32%\Perflib_Perfdata_1c0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/03/2007 18:53:44 | Attr = ] Perflib_Perfdata_234.dat -> %System32%\Perflib_Perfdata_234.dat -> [Ver = | Size = 16384 bytes | Modified Date = 27/03/2007 23:31:50 | Attr = ] Perflib_Perfdata_2c0.dat -> %System32%\Perflib_Perfdata_2c0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 13/02/2007 12:02:26 | Attr = ] Perflib_Perfdata_310.dat -> %System32%\Perflib_Perfdata_310.dat -> [Ver = | Size = 16384 bytes | Modified Date = 29/03/2007 19:19:28 | Attr = ] Perflib_Perfdata_314.dat -> %System32%\Perflib_Perfdata_314.dat -> [Ver = | Size = 16384 bytes | Modified Date = 28/03/2007 20:46:54 | Attr = ] Perflib_Perfdata_31c.dat -> %System32%\Perflib_Perfdata_31c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 20:22:30 | Attr = ] Perflib_Perfdata_4d8.dat -> %System32%\Perflib_Perfdata_4d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 28/02/2007 19:33:54 | Attr = ] Perflib_Perfdata_57c.dat -> %System32%\Perflib_Perfdata_57c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:45:44 | Attr = ] Perflib_Perfdata_5b8.dat -> %System32%\Perflib_Perfdata_5b8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 19/03/2007 21:25:04 | Attr = ] Perflib_Perfdata_5c8.dat -> %System32%\Perflib_Perfdata_5c8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 20:06:28 | Attr = ] Perflib_Perfdata_5d8.dat -> %System32%\Perflib_Perfdata_5d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 22/03/2007 20:38:06 | Attr = ] Perflib_Perfdata_60c.dat -> %System32%\Perflib_Perfdata_60c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 22/03/2007 20:30:24 | Attr = ] Perflib_Perfdata_640.dat -> %System32%\Perflib_Perfdata_640.dat -> [Ver = | Size = 16384 bytes | Modified Date = 20/03/2007 18:43:28 | Attr = ] PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 742792 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ] PROTOCOL.INI -> %System32%\PROTOCOL.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ] pthreadVC.dll -> %System32%\pthreadVC.dll -> [Ver = | Size = 53299 bytes | Modified Date = 25/01/2007 19:31:36 | Attr = ] qkiiw.bat -> %System32%\qkiiw.bat -> [Ver = | Size = 121 bytes | Modified Date = 19/03/2007 22:36:26 | Attr = ] ras -> %System32%\ras -> [Folder | Modified Date = 24/01/2007 21:31:04 | Attr = ] rocket -> %System32%\rocket -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ] rpcproxy -> %System32%\rpcproxy -> [Folder | Modified Date = 24/01/2007 20:43:24 | Attr = ] rxwas.bat -> %System32%\rxwas.bat -> [Ver = | Size = 121 bytes | Modified Date = 18/03/2007 12:19:00 | Attr = ] sczihu.bat -> %System32%\sczihu.bat -> [Ver = | Size = 116 bytes | Modified Date = 17/03/2007 00:37:44 | Attr = ] Setup -> %System32%\Setup -> [Folder | Modified Date = 29/03/2007 20:04:24 | Attr = ] ShellDHCP -> %System32%\ShellDHCP -> [Folder | Modified Date = 04/03/2007 12:51:26 | Attr = ] ShellExt -> %System32%\ShellExt -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ] spool -> %System32%\spool -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] SYSTEM.INI -> %System32%\SYSTEM.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ] tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 1422 bytes | Modified Date = 30/03/2007 18:51:36 | Attr = ] Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ] WanPacket.dll -> %System32%\WanPacket.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 68480 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ] wbem -> %System32%\wbem -> [Folder | Modified Date = 08/04/2007 13:20:48 | Attr = ] WIN.INI -> %System32%\WIN.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ] Windows Media -> %System32%\Windows Media -> [Folder | Modified Date = 28/03/2007 14:50:26 | Attr = ] wins -> %System32%\wins -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] wpcap.dll -> %System32%\wpcap.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 240496 bytes | Modified Date = 25/01/2007 19:31:36 | Attr = ] xdll.bat -> %System32%\xdll.bat -> [Ver = | Size = 114 bytes | Modified Date = 20/03/2007 18:48:16 | Attr = ] tftp.exe -> %System32%\dllcache\tftp.exe -> [Ver = | Size = 18704 bytes | Modified Date = 26/03/2007 18:35:52 | Attr = ] atksgt.sys -> %System32%\drivers\atksgt.sys -> [Ver = | Size = 271360 bytes | Modified Date = 03/02/2007 14:29:46 | Attr = ] disdn -> %System32%\drivers\disdn -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ] etc -> %System32%\drivers\etc -> [Folder | Modified Date = 28/03/2007 16:14:44 | Attr = ] gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ] lirsgt.sys -> %System32%\drivers\lirsgt.sys -> [Ver = | Size = 18048 bytes | Modified Date = 03/02/2007 14:29:46 | Attr = ] npf.sys -> %System32%\drivers\npf.sys -> CACE Technologies [Ver = 4.0.0.755 | Size = 42000 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ] nwlnkcr.sys -> %System32%\drivers\nwlnkcr.sys -> [Ver = | Size = 18 bytes | Modified Date = 08/04/2007 12:48:06 | Attr = ] SECDRV.SYS -> %System32%\drivers\SECDRV.SYS -> Macrovision Europe Ltd [Ver = 3.18.000 | Size = 12400 bytes | Modified Date = 25/01/2007 09:18:34 | Attr = ] sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 642560 bytes | Modified Date = 25/01/2007 09:07:34 | Attr = ] sptd5725.sys -> %System32%\drivers\sptd5725.sys -> [Ver = | Size = 74192 bytes | Modified Date = 25/01/2007 09:07:34 | Attr = ] vaxscsi.sys -> %System32%\drivers\vaxscsi.sys -> [Ver = | Size = 223128 bytes | Modified Date = 25/01/2007 09:10:46 | Attr = ] [File String Scan - Non-Microsoft Only] UPX0 , -> %SystemRoot%\SET51.tmp -> [Ver = | Size = 1135628 bytes | Modified Date = 19/06/2003 12:05:04 | Attr = R ] UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ] UPX! , UPX0 , -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Modified Date = 12/09/2006 13:46:24 | Attr = RHS] UPX! , UPX0 , -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Modified Date = 13/01/2006 01:23:26 | Attr = RHS] UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 306688 bytes | Modified Date = 12/11/2006 14:44:10 | Attr = ] UPX! , UPX0 , -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Modified Date = 16/08/2006 16:53:32 | Attr = RHS] UPX! , UPX0 , -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Modified Date = 18/01/2005 01:26:36 | Attr = RHS] UPX! , UPX0 , -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Modified Date = 03/05/2006 12:06:54 | Attr = RHS] UPX! , UPX0 , -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 01:08:00 | Attr = ] UPX! , UPX0 , -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Modified Date = 10/03/2006 23:48:48 | Attr = RHS] UPX! , UPX0 , -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Modified Date = 25/11/2005 22:46:34 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Modified Date = 21/11/2003 01:00:00 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Modified Date = 27/04/2004 01:00:00 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS] UPX! , UPX0 , -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Modified Date = 06/02/2005 01:00:00 | Attr = RHS] Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 07/10/2006 06:18:32 | Attr = ] UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 27/04/2006 17:49:30 | Attr = ] UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 29/08/2006 19:43:54 | Attr = ] UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 09/01/2006 10:36:06 | Attr = ] UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 01/12/2006 06:20:34 | Attr = ] winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 16/12/1999 10:00:00 | Attr = ] UPX! , UPX0 , -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Modified Date = 10/11/2005 14:16:02 | Attr = ] UPX! , UPX0 , -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 01:08:00 | Attr = ] < End of report > merci et à bientôt

salut charles ingals et rebelote avec le fichier csrss.exe bloqué par bitdefender ainsi qu'un nouveau du nom de c:\winnt\eraseme0589.exe. ces bebettes se réactivent à chaque fois et je commence à déprimer sévèrement. Faut il que je commence à sauvegarder ce que je veux garder de mon disque? ou y a t il encore un espoir? merci doc.

et diaghelp C:\WINNT\System32/drivers\nwlnkcr.sys -->05/04/2007 07:22:09 C:\WINNT\System32/drivers\gmer.sys -->03/04/2007 23:34:19 C:\WINNT\System32/drivers\atksgt.sys -->03/02/2007 14:29:45 C:\WINNT\System32/drivers\lirsgt.sys -->03/02/2007 14:29:44 C:\WINNT\System32/drivers\npf.sys -->25/01/2007 19:31:34 C:\WINNT\System32/drivers\SECDRV.SYS -->25/01/2007 09:18:32 C:\WINNT\System32/drivers\vaxscsi.sys -->25/01/2007 09:10:44 C:\WINNT\System32\nvapps.xml -->06/04/2007 07:25:02 C:\WINNT\System32\asfiles.txt -->04/04/2007 07:17:35 C:\WINNT\System32\Uninstall.ico -->04/04/2007 07:11:45 C:\WINNT\System32\pavas.ico -->04/04/2007 07:11:45 C:\WINNT\System32\Help.ico -->04/04/2007 07:11:45 C:\WINNT\System32\FNTCACHE.DAT -->03/04/2007 23:22:42 C:\WINNT\System32\jupdate-1.5.0_11-b03.log -->31/03/2007 08:47:54 C:\WINNT\System32\tmp.txt -->30/03/2007 18:51:34 C:\WINNT\System32\tmp.reg -->30/03/2007 18:51:34 C:\WINNT\System32\Perflib_Perfdata_310.dat -->29/03/2007 19:19:26 C:\WINNT\System32\Perflib_Perfdata_314.dat -->28/03/2007 20:46:52 C:\WINNT\System32\dp.exe -->28/03/2007 12:12:16 C:\WINNT\System32\Perflib_Perfdata_234.dat -->27/03/2007 23:31:49 C:\WINNT\System32\Perflib_Perfdata_1c0.dat -->26/03/2007 18:53:43 C:\WINNT\System32\sfc.dll -->26/03/2007 18:35:49 C:\WINNT\System32\Perflib_Perfdata_31c.dat -->25/03/2007 20:22:28 C:\WINNT\System32\Perflib_Perfdata_5c8.dat -->25/03/2007 20:06:27 C:\WINNT\System32\Perflib_Perfdata_57c.dat -->25/03/2007 19:45:43 C:\WINNT\System32\Perflib_Perfdata_17c.dat -->25/03/2007 19:29:07 C:\WINNT\System32\Perflib_Perfdata_188.dat -->25/03/2007 19:24:49 C:\WINNT\System32\Perflib_Perfdata_5d8.dat -->22/03/2007 20:38:05 C:\WINNT\System32\Perflib_Perfdata_60c.dat -->22/03/2007 20:30:23 C:\WINNT\System32\irxgskvw.PIF -->22/03/2007 00:23:32 C:\WINNT\System32\bedgsly.bat -->20/03/2007 18:48:25 C:\WINNT\System32\xdll.bat -->20/03/2007 18:48:14 C:\WINNT\ntbtlog.txt -->06/04/2007 07:27:27 C:\WINNT\WindowsUpdate.log -->06/04/2007 07:24:12 C:\WINNT\SchedLgU.Txt -->06/04/2007 07:22:37 C:\WINNT\ShellIconCache -->06/04/2007 00:43:42 C:\WINNT\win.ini -->05/04/2007 22:07:00 C:\WINNT\system.ini -->05/04/2007 18:54:26 C:\WINNT\setupapi.log -->04/04/2007 07:12:32 C:\WINNT\gmer.ini -->03/04/2007 23:35:15 C:\WINNT\gmer_uninstall.cmd -->03/04/2007 23:34:19 C:\WINNT\gmer.dll -->03/04/2007 23:34:19 C:\WINNT\iis5.log -->03/04/2007 22:57:56 C:\WINNT\KB925902.log -->03/04/2007 22:57:55 C:\WINNT\imsins.log -->03/04/2007 22:57:55 C:\WINNT\comsetup.log -->03/04/2007 22:57:55 C:\WINNT\ockodak.log -->03/04/2007 22:57:54 C:\WINNT\alcrmv.exe |24/01/2007 21:00:18 C:\WINNT\alcupd.exe |24/01/2007 21:00:18 C:\WINNT\bdoscandel.exe |04/03/2005 15:10:36 C:\WINNT\gmer.exe |03/04/2007 23:34:18 C:\WINNT\IsUn040c.exe |02/02/2007 10:14:04 C:\WINNT\IsUninst.exe |24/01/2007 20:55:54 C:\WINNT\meta4.exe |25/02/2007 13:35:09 C:\WINNT\MOTA113.exe |25/02/2007 13:35:09 C:\WINNT\PATCH.EXE |27/01/2007 13:25:04 C:\WINNT\runtsckl.exe |02/11/2005 19:07:12 C:\WINNT\tsc.exe |27/01/2007 13:30:15 C:\WINNT\twunk_16.exe |16/12/1999 10:00:00 C:\WINNT\twunk_32.exe |16/12/1999 10:00:00 C:\WINNT\War3Unin.exe |10/02/2007 18:12:03 C:\WINNT\x2.64.exe |25/02/2007 13:35:09 C:\WINNT\AuHCcup1.dll |23/07/1999 11:53:20 C:\WINNT\BPMNT.dll |27/01/2007 13:30:14 C:\WINNT\gmer.dll |03/04/2007 23:34:19 C:\WINNT\hcextoutput.dll |27/01/2007 13:30:15 C:\WINNT\loadhttp.dll |15/10/2002 15:29:40 C:\WINNT\patchw32.dll |14/12/2001 14:34:46 C:\WINNT\TMUPDATE.DLL |27/01/2007 13:25:04 C:\WINNT\twain.dll |16/12/1999 10:00:00 C:\WINNT\twain_32.dll |16/12/1999 10:00:00 C:\WINNT\UNZIP.DLL |27/01/2007 13:25:04 C:\WINNT\vsapi32.dll |27/01/2007 13:30:14 C:\WINNT\system32\append.exe |16/12/1999 10:00:00 C:\WINNT\system32\asuninst.exe |04/04/2007 07:12:22 C:\WINNT\system32\CNDNDlg.exe |07/03/2007 15:18:10 C:\WINNT\system32\debug.exe |16/12/1999 10:00:00 C:\WINNT\system32\dfrgfat.exe |19/06/2003 12:05:04 C:\WINNT\system32\dfrgntfs.exe |19/06/2003 12:05:04 C:\WINNT\system32\dmadmin.exe |19/06/2003 12:05:04 C:\WINNT\system32\dmremote.exe |19/06/2003 12:05:04 C:\WINNT\system32\dosx.exe |16/12/1999 10:00:00 C:\WINNT\system32\dp.exe |28/03/2007 12:12:16 C:\WINNT\system32\dumphive.exe |27/03/2007 19:14:13 C:\WINNT\system32\dvdplay.exe |15/12/1999 01:30:38 C:\WINNT\system32\edlin.exe |16/12/1999 10:00:00 C:\WINNT\system32\exe2bin.exe |16/12/1999 10:00:00 C:\WINNT\system32\fastopen.exe |16/12/1999 10:00:00 C:\WINNT\system32\java.exe |31/03/2007 08:47:58 C:\WINNT\system32\javaw.exe |31/03/2007 08:47:58 C:\WINNT\system32\javaws.exe |31/03/2007 08:47:58 C:\WINNT\system32\keystone.exe |22/10/2006 13:22:00 C:\WINNT\system32\massvc32.exe |18/03/2007 13:34:52 C:\WINNT\system32\mem.exe |16/12/1999 10:00:00 C:\WINNT\system32\mscdexnt.exe |16/12/1999 10:00:00 C:\WINNT\system32\msswchx.exe |19/06/2003 12:05:04 C:\WINNT\system32\NeroCheck.exe |29/01/2007 20:12:00 C:\WINNT\system32\nlsfunc.exe |16/12/1999 10:00:00 C:\WINNT\system32\nvappbar.exe |22/10/2006 13:22:00 C:\WINNT\system32\nvcolor.exe |22/10/2006 13:22:00 C:\WINNT\system32\nvcplui.exe |22/10/2006 13:22:00 C:\WINNT\system32\nvdspsch.exe |22/10/2006 13:22:00 C:\WINNT\system32\nvsvc32.exe |22/10/2006 13:22:00 C:\WINNT\system32\nvudisp.exe |24/01/2007 21:04:47 C:\WINNT\system32\NVUNINST.EXE |24/01/2007 21:04:39 C:\WINNT\system32\nw16.exe |16/12/1999 10:00:00 C:\WINNT\system32\nwiz.exe |22/10/2006 13:22:00 C:\WINNT\system32\Process.exe |27/03/2007 19:14:13 C:\WINNT\system32\PSDrvCheck.exe |23/02/2007 15:25:18 C:\WINNT\system32\pxhpinst.exe |11/03/2007 20:17:53 C:\WINNT\system32\redir.exe |16/12/1999 10:00:00 C:\WINNT\system32\setver.exe |16/12/1999 10:00:00 C:\WINNT\system32\share.exe |16/12/1999 10:00:00 C:\WINNT\system32\Shutdown.exe |24/03/2007 19:35:56 C:\WINNT\system32\SrchSTS.exe |27/03/2007 19:14:13 C:\WINNT\system32\swreg.exe |27/03/2007 19:14:13 C:\WINNT\system32\swsc.exe |27/03/2007 19:14:13 C:\WINNT\system32\swxcacls.exe |27/03/2007 19:14:13 C:\WINNT\system32\vwipxspx.exe |16/12/1999 10:00:00 C:\WINNT\system32\x.264.exe |25/02/2007 13:35:08 C:\WINNT\system32\amstream.dll |29/01/2007 21:22:26 C:\WINNT\system32\atmfd.dll |19/06/2003 12:05:04 C:\WINNT\system32\atmlib.dll |19/06/2003 12:05:04 C:\WINNT\system32\avisynth.dll |25/02/2007 13:35:08 C:\WINNT\system32\AVSredirect.dll |25/02/2007 13:35:09 C:\WINNT\system32\cbrowser.dll |24/01/2007 21:53:26 C:\WINNT\system32\CNDCK170.dll |07/03/2007 15:18:10 C:\WINNT\system32\CNDUK170.dll |07/03/2007 15:18:10 C:\WINNT\system32\ComLib.dll |24/01/2007 21:53:26 C:\WINNT\system32\devil.dll |25/02/2007 13:35:08 C:\WINNT\system32\dfrgres.dll |16/12/1999 10:00:00 C:\WINNT\system32\dfrgsnap.dll |19/06/2003 12:05:04 C:\WINNT\system32\dfrgui.dll |16/12/1999 10:00:00 C:\WINNT\system32\dgrpsetu.dll |24/01/2007 20:34:06 C:\WINNT\system32\dgsetup.dll |24/01/2007 20:34:06 C:\WINNT\system32\dmconfig.dll |19/06/2003 12:05:04 C:\WINNT\system32\dmintf.dll |19/06/2003 12:05:04 C:\WINNT\system32\dmserver.dll |19/06/2003 12:05:04 C:\WINNT\system32\dmutil.dll |19/06/2003 12:05:04 C:\WINNT\system32\efsadu.dll |16/12/1999 10:00:00 C:\WINNT\system32\EqnClass.Dll |24/01/2007 20:34:06 C:\WINNT\system32\flvDX.dll |25/02/2007 13:32:52 C:\WINNT\system32\hpzcoi08.dll |26/03/2003 08:21:58 C:\WINNT\system32\hpzcon08.dll |26/03/2003 08:23:10 C:\WINNT\system32\hpzlnt08.dll |26/03/2003 08:32:24 C:\WINNT\system32\hticons.dll |24/01/2007 20:40:35 C:\WINNT\system32\hypertrm.dll |24/01/2007 20:40:35 C:\WINNT\system32\i420vfw.dll |25/02/2007 13:35:08 C:\WINNT\system32\iccvid.dll |16/12/1999 10:00:00 C:\WINNT\system32\imagr5.dll |29/01/2007 20:12:05 C:\WINNT\system32\imagx5.dll |29/01/2007 20:12:05 C:\WINNT\system32\ImagXpr5.dll |29/01/2007 20:12:05 C:\WINNT\system32\imgcmn.dll |24/01/2007 20:40:37 C:\WINNT\system32\imgshl.dll |24/01/2007 20:40:37 C:\WINNT\system32\ir32_32.dll |16/12/1999 10:00:00 C:\WINNT\system32\ir41_qc.dll |16/12/1999 10:00:00 C:\WINNT\system32\ir41_qcx.dll |16/12/1999 10:00:00 C:\WINNT\system32\ir50_32.dll |16/12/1999 10:00:00 C:\WINNT\system32\ir50_qc.dll |16/12/1999 10:00:00 C:\WINNT\system32\ir50_qcx.dll |16/12/1999 10:00:00 C:\WINNT\system32\jpeg1x32.dll |24/01/2007 20:40:37 C:\WINNT\system32\jpeg2x32.dll |24/01/2007 20:40:37 C:\WINNT\system32\mciqtz32.dll |29/01/2007 21:22:26 C:\WINNT\system32\meter.dll |11/07/2002 11:38:14 C:\WINNT\system32\msdmo.dll |29/01/2007 21:22:27 C:\WINNT\system32\msencode.dll |30/08/2002 19:24:06 C:\WINNT\system32\msswch.dll |19/06/2003 12:05:04 C:\WINNT\system32\MusInputMod.dll |11/07/2002 11:39:36 C:\WINNT\system32\N067UFW.dll |24/01/2007 21:12:14 C:\WINNT\system32\NMOCOD.DLL |25/01/2007 09:27:08 C:\WINNT\system32\NMORENU.DLL |25/01/2007 09:27:09 C:\WINNT\system32\NMSCKN.DLL |25/01/2007 09:27:09 C:\WINNT\system32\NMW3VWN.DLL |25/01/2007 09:27:09 C:\WINNT\system32\nsp.dll |23/02/2007 15:25:13 C:\WINNT\system32\nspa6.dll |23/02/2007 15:25:17 C:\WINNT\system32\nspm5.dll |23/02/2007 15:25:19 C:\WINNT\system32\nspm6.dll |23/02/2007 15:25:19 C:\WINNT\system32\nspp6.dll |23/02/2007 15:25:18 C:\WINNT\system32\nsppx.dll |23/02/2007 15:25:16 C:\WINNT\system32\nspw7.dll |23/02/2007 15:25:13 C:\WINNT\system32\nv4_disp.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvapi.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvcod.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvcodins.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvcpl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvcpluir.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvdisps.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvdispsr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvexpbar.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvgames.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvgamesr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvhwvid.dll |22/10/2006 13:22:00 C:\WINNT\system32\nview.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmccs.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmccsrs.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmccss.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmccssr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmctray.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmobls.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvmoblsr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvnt4cpl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvoglnt.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsar.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrscs.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsda.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsde.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsel.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrseng.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrses.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsesm.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsfi.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsfr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrshe.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrshu.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsit.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsja.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsko.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsnl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsno.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrspl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrspt.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsptb.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrsru.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrssk.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrssl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrssv.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrstr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrszhc.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvrszht.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvshell.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvvitvs.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvvitvsr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwddi.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwdmcpl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwimg.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsar.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrscs.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsda.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsde.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsel.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrseng.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrses.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsesm.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsfi.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsfr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrshe.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrshu.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsit.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsja.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsko.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsnl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsno.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrspl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrspt.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsptb.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrsru.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrssk.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrssl.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrssv.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrstr.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrszhc.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwrszht.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwss.dll |22/10/2006 13:22:00 C:\WINNT\system32\nvwssr.dll |22/10/2006 13:22:00 C:\WINNT\system32\oieng400.dll |24/01/2007 20:40:34 C:\WINNT\system32\oiprt400.dll |24/01/2007 20:40:37 C:\WINNT\system32\oislb400.dll |24/01/2007 20:40:37 C:\WINNT\system32\oissq400.dll |24/01/2007 20:40:37 C:\WINNT\system32\oitwa400.dll |24/01/2007 20:40:37 C:\WINNT\system32\oiui400.dll |24/01/2007 20:40:34 C:\WINNT\system32\Packet.dll |25/01/2007 19:31:34 C:\WINNT\system32\picn20.dll |29/01/2007 20:12:05 C:\WINNT\system32\pncrt.dll |02/02/2007 10:34:38 C:\WINNT\system32\pndx5016.dll |02/02/2007 10:34:38 C:\WINNT\system32\pndx5032.dll |02/02/2007 10:34:38 C:\WINNT\system32\PSCLK170.dll |07/03/2007 15:18:10 C:\WINNT\system32\psisdecd.dll |02/02/2007 20:06:12 C:\WINNT\system32\pthreadVC.dll |25/01/2007 19:31:36 C:\WINNT\system32\px.dll |11/03/2007 20:17:53 C:\WINNT\system32\pxdrv.dll |11/03/2007 20:17:53 C:\WINNT\system32\pxmas.dll |11/03/2007 20:17:53 C:\WINNT\system32\pxwave.dll |11/03/2007 20:17:53 C:\WINNT\system32\qcut.dll |16/12/1999 10:00:00 C:\WINNT\system32\qedwipes.dll |29/01/2007 21:22:28 C:\WINNT\system32\rmoc3260.dll |02/02/2007 10:34:38 C:\WINNT\system32\SG62CPL.DLL |24/01/2007 21:12:14 C:\WINNT\system32\SG62UUD.DLL |24/01/2007 21:12:14 C:\WINNT\system32\Smab.dll |25/02/2007 13:35:07 C:\WINNT\system32\sockspy.dll |24/01/2007 21:32:13 C:\WINNT\system32\spxcoins.dll |24/01/2007 20:34:06 C:\WINNT\system32\tifflt.dll |24/01/2007 20:40:37 C:\WINNT\system32\tsbyuv.dll |15/12/1999 01:30:06 C:\WINNT\system32\tsd32.dll |16/12/1999 10:00:00 C:\WINNT\system32\UCS32P.DLL |24/01/2007 21:12:15 C:\WINNT\system32\vxblock.dll |11/03/2007 20:17:53 C:\WINNT\system32\WanPacket.dll |25/01/2007 19:31:34 C:\WINNT\system32\wavdest.dll |02/09/1998 10:24:30 C:\WINNT\system32\WBCustomizer.dll |08/01/2001 14:47:44 C:\WINNT\system32\win87em.dll |16/12/1999 10:00:00 C:\WINNT\system32\wpcap.dll |25/01/2007 19:31:36 C:\WINNT\system32\xcomm.dll |02/10/2003 13:15:34 C:\WINNT\system32\xiffr3_0.dll |24/01/2007 20:40:37 C:\WINNT\system32\xreglib.dll |06/12/2002 18:37:06 C:\WINNT\system32\yv12vfw.dll |25/02/2007 13:35:08 C:\WINNT\system32\ZPORT4AS.dll |04/04/2007 07:12:21 Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\WINNT\system32 19/06/2003 12:05 5 392 csrss.exe 1 fichier(s) 5 392 octets 0 Rép(s) 4 936 925 184 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\WINNT\Downloaded Program Files 04/04/2007 09:30 <DIR> . 04/04/2007 09:30 <DIR> .. 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 13/11/2006 20:48 946 296 asquared.ocx 07/12/2004 17:07 32 bdcore.dll 01/03/2005 15:08 118 784 bdupd.dll 25/02/2007 13:31 65 desktop.ini 01/03/2005 15:08 53 248 ipsupd.dll 08/08/2006 12:45 576 kavwebscan.inf 16/03/2005 12:34 7 407 lang.ini 07/12/2004 17:07 32 libfn.dll 14/03/2005 14:38 126 live.ini 01/03/2005 12:15 1 246 oscan8.inf 16/03/2005 12:31 475 136 oscan8.ocx 14/03/2005 14:58 7 073 scanoptions.tsi 26/05/2005 05:19 291 wuweb.inf 02/11/2005 19:01 1 777 xscan.inf 02/11/2005 19:07 435 712 xscan53.ocx 17 fichier(s) 2 189 762 octets Total des fichiers listés : 17 fichier(s) 2 189 762 octets 2 Rép(s) 4 936 859 648 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\Program Files 04/04/2007 23:08 <DIR> . 04/04/2007 23:08 <DIR> .. 24/01/2007 20:40 <DIR> Accessoires 11/02/2007 13:23 <DIR> AddOnsOO2 25/01/2007 13:32 <DIR> Adobe 25/02/2007 13:35 <DIR> AviSynth 2.5 24/02/2007 20:44 <DIR> Common Files 24/01/2007 20:41 <DIR> ComPlus Applications 28/01/2007 20:21 <DIR> directx 20/03/2007 23:42 <DIR> Fichiers communs 11/03/2007 20:17 <DIR> Google 02/02/2007 10:16 <DIR> Hewlett-Packard 04/04/2007 08:02 <DIR> Internet Explorer 31/03/2007 08:47 <DIR> Java 24/01/2007 20:40 <DIR> Lecteur Windows Media 02/02/2007 10:39 <DIR> Media Player Classic 24/01/2007 23:20 <DIR> microsoft frontpage 24/01/2007 23:34 <DIR> Microsoft Office 28/03/2007 14:50 <DIR> NetMeeting 11/02/2007 13:24 <DIR> OOoHG 11/02/2007 13:19 <DIR> OpenOffice.org 2.0 30/03/2007 13:33 <DIR> Optimisation Windows 29/03/2007 20:07 <DIR> Outlook Express 14/03/2007 22:02 <DIR> Picasa2 23/02/2007 15:25 <DIR> Pinnacle 24/01/2007 21:22 <DIR> Softwin 23/02/2007 15:25 <DIR> VOB 29/03/2007 20:08 <DIR> Windows Media Player 24/01/2007 20:40 <DIR> Windows NT 21/02/2007 14:41 <DIR> WinPcap 26/02/2007 19:52 <DIR> Yahoo! 0 fichier(s) 0 octets 31 Rép(s) 4 936 806 400 octets libres Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\Program Files\fichiers communs 20/03/2007 23:42 <DIR> . 20/03/2007 23:42 <DIR> .. 25/01/2007 09:00 <DIR> Adobe 29/01/2007 20:12 <DIR> Ahead 07/03/2007 15:11 <DIR> InstallShield 11/02/2007 13:14 <DIR> Java 25/02/2007 13:31 <DIR> Microsoft Shared 02/02/2007 10:15 <DIR> MSSoap 24/01/2007 20:34 <DIR> ODBC 25/02/2007 13:31 <DIR> Services 24/01/2007 21:21 <DIR> Softwin 29/03/2007 20:07 <DIR> System 0 fichier(s) 0 octets 12 Rép(s) 4 936 806 400 octets libres Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 04/04/2007 08:01 <DIR> . 04/04/2007 08:01 <DIR> .. 04/11/1999 02:38 561 210 MSONSEXT.DLL 03/06/1999 21:09 122 937 MSOWS409.DLL 07/03/2001 16:00 127 033 MSOWS40c.DLL 3 fichier(s) 811 180 octets 2 Rép(s) 4 936 740 864 octets libres Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\Program Files\common files 24/02/2007 20:44 <DIR> . 24/02/2007 20:44 <DIR> .. 24/02/2007 20:53 <DIR> System 0 fichier(s) 0 octets 3 Rép(s) 4 936 802 304 octets libres Le volume dans le lecteur C s'appelle Vingt Doses Le numéro de série du volume est F06D-02CC Répertoire de C:\ 11/11/2001 00:00 68 096 diff.exe 27/08/2006 14:10 103 424 grep.exe 2 fichier(s) 171 520 octets 0 Rép(s) 4 936 802 304 octets libres c:\Documents and Settings\Administrateur\.housecall6.6\getMac.exe c:\Documents and Settings\Administrateur\.housecall6.6\patch.exe c:\Documents and Settings\Administrateur\.housecall6.6\tsc.exe c:\Documents and Settings\Administrateur\Bureau\a2AntiMalwareSetup.exe c:\Documents and Settings\Administrateur\Bureau\Antisasser-FR.exe c:\Documents and Settings\Administrateur\Bureau\ATF-Cleaner.exe c:\Documents and Settings\Administrateur\Bureau\avg-anti-spyware_avg_anti-spyware_francais_27645.exe c:\Documents and Settings\Administrateur\Bureau\BattleLANv04.exe c:\Documents and Settings\Administrateur\Bureau\BigFix1.6b.exe c:\Documents and Settings\Administrateur\Bureau\blbeta.exe c:\Documents and Settings\Administrateur\Bureau\clamwin-0.90.1-setup.exe c:\Documents and Settings\Administrateur\Bureau\ComboFix.exe c:\Documents and Settings\Administrateur\Bureau\HijackThis.exe c:\Documents and Settings\Administrateur\Bureau\mwav.exe c:\Documents and Settings\Administrateur\Bureau\sd4hide.exe c:\Documents and Settings\Administrateur\Bureau\spywarefighter.exe c:\Documents and Settings\Administrateur\Bureau\URLSnooper.exe c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB828028-x86-FRA.EXE c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB835732-x86-FRA(2).EXE c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB835732-x86-FRA.EXE c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB891861-v2-x86-FRA.EXE c:\Documents and Settings\Administrateur\Bureau\Arret_Demarrage\Arrêt programmé.exe c:\Documents and Settings\Administrateur\Bureau\avenger\avenger.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\Administrateur\Bureau\gmer\gmer.exe c:\Documents and Settings\Administrateur\Bureau\OptimisationWindows3-0-4\setup.exe c:\Documents and Settings\Administrateur\Bureau\regsearch\regsearch.exe c:\Documents and Settings\Administrateur\Bureau\RootkitRevealer\RootkitRevealer.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\Catchme.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\cliptext.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\download.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\LS.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\MD5File.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\MoveEx.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\RegDACL.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\RestartIt!.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\sc.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\SF.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\swreg.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\swsc.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\unzip.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\zip.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\Replace\W2K.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\Replace\XP.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\attrib.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\find.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\findstr.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\regedit.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\attrib.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\find.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\findstr.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\regedit.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\attrib.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\find.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\findstr.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\regedit.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\attrib.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\find.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\findstr.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\regedit.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\attrib.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\find.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\findstr.exe c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\regedit.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q318089_W2K_IE5_5218\vbs51nfr.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q330994_OEPatch31_IE55SP2\q330994.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q822925_IE501_SP4\q822925.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer55x\x86win2k\com_microsoft.Q330994_OEPatch31_IE55SP2\q330994.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer55x\x86win2k\com_microsoft.Q822925_IE_55SP2\q822925.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.813951_urlmon_5995\q813951.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q318089_W2K_XP_IE6_5226\vbs56nfr.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q330994_OEPatch_IE6SP1_32\q330994.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q822925_IE6_SP1\q822925.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.817787_WMZ_MSRC_1640_WMP71\WindowsMedia71-KB817787-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.819696_nonDirectX_9_0B_CRITICAL\DirectX9-KB819696-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.823559_W2K_SP5_WinSE_48630\Windows2000-KB823559-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.823980_W2K_SP5_WinSE_48715_Critical\Windows2000-KB823980-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.824105_W2K_SP5_WinSE_48089_Critical\Windows2000-KB824105-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.824146_W2K_SP5_WinSE_49650\Windows2000-KB824146-x86-FRA.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.IIS_SecPatch_IIS5_5415\Q321599_W2K.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_ win2K_55_6001\js55nfr.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_ win2K_XP_56_6003\js56nfr.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_Win2K_51_5999\js51nfr.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q261255_SP1_4094\q261255.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q270676_SP2_CORP_4127\Q270676.EXE c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q274372_SP2_W2k_CORP_4280\Q274372.EXE c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q280838_SP2_W2k_4305\Q280838.EXE c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q296185_W2K_SP3_CORP_4594\q296185_W2K.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q299553_W2K_SP3_CORP_4674\Q299553.EXE c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q311967_W2K_SP3_5304\Q311967.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q312897_VS_NET_JA_5433\NDP10_SP_Q321897_Ja.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q313450_W2K_Cons_5256\Q313450SP3.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q313829_W2K_5282\Q313829.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q314147_W2K_5265\Q314147_W2K.exe c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q317244_XML40_5255\Q317244.exe c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.1.3.100\QuickTimeInstallerAdmin.exe bonne journée et à plus