Aller au contenu

strictmaximum

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    11

  • Inscription

  • Dernière visite

Profile Information

  • Sexe
    Male

Autres informations

  • Mes langues
    Français

strictmaximum's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. strictmaximum
    Coucou, je suis super content l'explorateur fonctionne !!! Comment ? et bien j'avais un trojan horse WG sur mon disque dur externe, depuis que j'ai supprimé ce virus sur mon disque dur externe l'explorateur fonctionne ! mais ce que je ne comprends pas c'est que même aprés avoir débranché le disque externe et fait un CCleaner l'explorateur plantait quand même ! Est-ce que cela venait de là ? Ou alors c'est une opération du saint Esprit qui m'a réparé l'ordi ? J'aimerais comprendre quand même ! Strictmaximum
  2. strictmaximum
    non j'ai acheté un ordi ave lequel au début il fallait créer son disque de vista, ils ne donnent plus le cd maintenant!!!! (les salauds) mon ordi à 15 jours! dès le bébut à la premiere utilisation j'ai créé un disque comme ils le demandaient, mon ordi c'est un ACER Nom du produit Aspire M3201 Système d’exploitation Microsoft® Windows Vista™ Édition Familiale Premium , Service Pack 1 Chipset ATI RS780+SB700 Processeur AMD Phenom 9550 Quad-Core Processor Mémoire Système 4096 MB Disque Dur WDC WD5000AAJS-22A8B0 ATA Device, 465,76 GB Brother DCP-153C USB Device, 0 Bytes Generic- Compact Flash USB Device, 0 Bytes Generic- MS/MS-Pro USB Device, 0 Bytes Generic- SD/MMC USB Device, 0 Bytes Generic- SM/xD-Picture USB Device, 0 Bytes Lecteur CD/DVD HL-DT-ST DVDRAM GH15F ATA Device Vidéo ATI Radeon HD 3200 Graphics ATI Radeon HD 3650 Mémoire graphique totale disponible? 1791 MB Audio Périphérique High Definition Audio Périphérique High Definition Audio Realtek High Definition Audio ADS Instant HDTV PCI Réseau Marvell Yukon 88E8071 PCI-E Gigabit Ethernet Controller NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter UUID 001FE201315720080605081325000000 Version du BIOS R01-B0 Date de diffusion du BIOS 04/23/2008
  3. strictmaximum
    je n'ai pas pu faire "exécuter" de toolbar S&D en mode administrateur clic droit : "l'explorateur windows a cesser de fonctionner" (mon probleme au départ) mais quand l'annalyse se faisait en haut y'avait marqué "administrateur S&D...////..." aussi quand je vais cliquer droit sur un fichier d'un dossier sur le bureau cela fait pareil, je ne peux pas non-plus acceder à "configurer le profil d'utilisateur avancé" dans le volet gauche du panneau de configuration, l'explorateur plante encore.... j'ai desinstallé syware terminator, sptybot et j'ai desactivé superspyware terminator, autre chose, j'ai changé d'anti virus je suis passé à AVG 8 qui me semble plus efficace! Merci encore! strictmaximum le log toolbar S&D: -----------\\ ToolBar S&D 1.2.0 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Phenom 9550 Quad-Core Processor ) BIOS : Default System BIOS USER : Wam ( Administrator ) BOOT : Normal boot Antivirus : AVG Anti-Virus Free 8.0 (Activated) C:\ (Local Disk) - NTFS - Total : 180 Go Free : 103 Go D:\ (Local Disk) - NTFS - Total : 270 Go Free : 267 Go E:\ (CD or DVD) - UDF - Total : 7 Go Free : 0 Go F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) "C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 ) Option : [2] ( 21/09/2008|12:20 ) [ UAC => 1 ] -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\windows\\system32\\blank.htm" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\windows\\system32\\blank.htm" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 17/09/2008|21:52 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 17/09/2008|22:02 - Option : [1] 3 - "C:\ToolBar SD\TB_3.txt" - 21/09/2008|12:20 - Option : [2] -----------\\ Fin du rapport a 12:20:37,00 le fait de desactiver ou desinstaller les outils residents ne change rien! (j'avais oublié pardon!) strictmaximum
  4. strictmaximum
    quand je suis dans le panneau de config l'explorateur plante quand je veux acceder à "configurer les proprietes d'utilisateur avancé" !!!! j'en ai marre... et j'ai vraiment pas envie de tout réinstaller... et qui me dit que le disque que j'ai gravé au début (de vista) n'est pas corrompu lui aussi? merci encore de répondre strictmaximum
  5. strictmaximum
    quand l'explorateur plante comme explication j'ai ça: Signature du problème : Nom d’événement de problème: APPCRASH Nom de l’application: Explorer.exe Version de l’application: 6.0.6001.18000 Horodatage de l'application: 47918e5d Nom du module par défaut: StackHash_47e1 Version du module par défaut: 6.0.6001.18000 Horodateur du module par défaut: 4791a7a6 Code de l’exception: c0000374 Décalage de l’exception: 000b015d Version du système: 6.0.6001.2.1.0.768.3 Identificateur de paramètres régionaux: 1036 Information supplémentaire n° 1: 47e1 Information supplémentaire n° 2: 8f6fc9ea277ed5422b58dfa488178fb3 Information supplémentaire n° 3: 4c3f Information supplémentaire n° 4: 3706be1a2f9d98439fedaa6521756600 Lire notre déclaration de confidentialité : http://go.microsoft.com/fwlink/?linkid=501...mp;clcid=0x040c si ça peut aider.... merci
  6. strictmaximum
    ah, en lisant le dernier log ça dit "wam not administrator" (wam c'est moi), et quand je suis allé voir dans les compte utilisateurs, je suis bien administrateur!?!? merci de m'expliquer strictmaximum
  7. strictmaximum
    et voilà (encore merci) -----------\\ ToolBar S&D 1.2.0 XP/Vista Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1 X86-based PC ( Multiprocessor Free : AMD Phenom 9550 Quad-Core Processor ) BIOS : Default System BIOS USER : Wam ( Not Administrator ! ) BOOT : Normal boot Antivirus : avast! antivirus 4.8.1229 [VPS 080916-0] 4.8.1229 (Activated) C:\ (Local Disk) - NTFS - Total : 180 Go Free : 103 Go D:\ (Local Disk) - NTFS - Total : 270 Go Free : 270 Go E:\ (CD or DVD) - UDF - Total : 7 Go Free : 0 Go F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) J:\ (USB) "C:\ToolBar SD" ( MAJ : 14-09-2008|23:30 ) Option : [1] ( 17/09/2008|21:52 ) [ UAC => 1 ] -----------\\ Recherche de Fichiers / Dossiers ... C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler C:\Program Files\Crawler C:\Program Files\Crawler\CMail.exe C:\Program Files\Crawler\CMailDll.dll C:\Program Files\Crawler\CPhoto.dll C:\Program Files\Crawler\Download C:\Program Files\Crawler\libeay32.dll C:\Program Files\Crawler\ssleay32.dll C:\Program Files\Crawler\Toolbar -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\windows\\system32\\blank.htm" "Url"="http://go.microsoft.com/fwlink/?LinkId=75720" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\windows\\system32\\blank.htm" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! [ UAC => 1 ] 1 - "C:\ToolBar SD\TB_1.txt" - 17/09/2008|21:52 - Option : [1] -----------\\ Fin du rapport a 21:52:45,15 ah oui en temps j'avais désinstallé spybot, je ne sais pas si c'est bien encore merci strictmaximum
  8. strictmaximum
    voilà, le log fait avec hijackis merci encore... j'ai le cd fournit avec le pc , je n'aimerais pas devoir tout ré-installer, j'ai mis des heures pour tout mettre! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:04:43, on 10/09/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Acer\Empowering Technology\SysMonitor.exe C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\Vista Start Menu\VistaStartMenu.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe c:\PROGRA~1\Crawler\CMail.exe C:\Windows\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Wam\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Barre d'outils &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Program Files\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Windows\TEMP\E_S7EF0.tmp" /EF "HKCU" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resou...NPUpldfr-fr.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 9696 bytes
  9. strictmaximum
    En fait j'en ai fait plusieurs à la suite....Voilà les 2 et 3 merci pour votre aide, le 2: ComboFix 08-09-05.02 - Wam 2008-09-06 10:53:14.5 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1896 [GMT 2:00] Endroit: C:\Users\Wam\Desktop\Poste de contrôle\Maintenance\ComboFix.exe * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))))))) . 2008-09-04 10:33 . 2008-09-04 10:33 <REP> dr-h----- C:\Users\Wam\AppData\Roaming\SecuROM 2008-09-04 10:33 . 2008-09-04 10:35 <REP> d-------- C:\Users\Wam\AppData\Roaming\Red Alert 3 Beta 2008-09-04 10:30 . 2008-09-04 10:30 <REP> d-------- C:\Program Files\EA Games 2008-09-04 10:30 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll 2008-09-04 10:30 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll 2008-09-04 10:30 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll 2008-09-04 01:07 . 2008-09-04 01:07 <REP> d-------- C:\Windows\Sun 2008-09-04 01:06 . 2008-09-04 01:06 <REP> d-------- C:\Program Files\Java 2008-09-04 01:05 . 2008-09-04 01:05 <REP> d-------- C:\Program Files\Common Files\Java 2008-09-03 13:25 . 2008-09-03 13:26 <REP> d-------- C:\Users\All Users\EPSON 2008-09-03 13:25 . 2008-09-03 13:26 <REP> d-------- C:\ProgramData\EPSON 2008-09-03 13:25 . 2006-08-10 02:02 75,264 --a------ C:\Windows\System32\E_FLBBEE.DLL 2008-09-03 13:25 . 2006-04-19 02:00 62,976 --a------ C:\Windows\System32\E_FD4BBEE.DLL 2008-09-03 13:25 . 2004-09-10 20:12 49,152 --a------ C:\Windows\System32\E_DCINST.DLL 2008-09-03 13:24 . 2008-09-03 13:24 <REP> d-------- C:\Users\Wam\AppData\Roaming\InstallShield 2008-09-03 13:18 . 2008-09-03 13:25 <REP> d-------- C:\Program Files\epson 2008-09-03 13:18 . 2006-10-13 00:00 61,952 --a------ C:\Windows\System32\escwiad.dll 2008-09-03 13:18 . 2005-02-25 00:00 46,080 --a------ C:\Windows\System32\escimgd.dll 2008-09-03 13:18 . 2005-02-25 00:00 22,016 --a------ C:\Windows\System32\esccmd.dll 2008-09-03 13:17 . 2008-09-03 13:17 27 --a------ C:\Windows\CDE DX4000DEFGIPS.ini 2008-09-03 12:25 . 2008-09-03 12:25 691 --a------ C:\Users\Wam\AppData\Roaming\GetValue.vbs 2008-09-03 12:25 . 2008-09-03 12:25 35 --a------ C:\Users\Wam\AppData\Roaming\SetValue.bat 2008-09-03 12:23 . 2008-09-03 12:25 3,194 --a------ C:\Windows\System32\tmp.reg 2008-09-03 12:16 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe 2008-09-03 12:16 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe 2008-09-03 12:16 . 2008-09-02 23:58 88,576 --a------ C:\Windows\System32\AntiXPVSTFix.exe 2008-09-03 12:16 . 2008-09-02 16:51 86,528 --a------ C:\Windows\System32\VACFix.exe 2008-09-03 12:16 . 2008-05-18 21:40 82,944 --a------ C:\Windows\System32\IEDFix.exe 2008-09-03 12:16 . 2008-08-28 22:36 82,432 --a------ C:\Windows\System32\IEDFix.C.exe 2008-09-03 12:16 . 2008-08-18 12:19 82,432 --a------ C:\Windows\System32\404Fix.exe 2008-09-03 12:16 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe 2008-09-03 12:16 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe 2008-09-03 12:16 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe 2008-09-03 08:52 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-09-03 08:52 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-09-03 08:52 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-09-03 08:52 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-09-03 08:52 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-09-03 08:52 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-09-03 08:52 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll 2008-09-03 08:52 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll 2008-09-03 08:52 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-09-03 00:43 . 2008-09-03 00:43 <REP> d-------- C:\Program Files\Cheatbook 09.2008 2008-09-01 20:54 . 2008-09-01 20:54 <REP> d-------- C:\Users\Valérie\AppData\Roaming\vlc 2008-09-01 20:48 . 2008-09-01 20:48 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Mozilla 2008-09-01 20:47 . 2008-09-05 17:56 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Vista Start Menu 2008-08-31 18:25 . 2008-08-31 19:01 <REP> d-------- C:\Users\All Users\TrackMania 2008-08-31 18:25 . 2008-08-31 19:01 <REP> d-------- C:\ProgramData\TrackMania 2008-08-31 18:21 . 2008-08-31 18:23 <REP> d-------- C:\Program Files\TmNationsForever 2008-08-31 11:24 . 2008-09-03 13:58 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-09-03 13:58 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:41 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-31 10:24 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll 2008-08-31 10:24 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml 2008-08-31 10:24 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml 2008-08-31 10:20 . 2008-09-04 12:02 <REP> d-------- C:\Users\Wam\AppData\Roaming\Vista Start Menu 2008-08-31 10:20 . 2008-08-31 10:21 <REP> d-------- C:\Program Files\Vista Start Menu 2008-08-31 10:13 . 2008-08-31 10:17 <REP> d-------- C:\Windows\UltraDefrag 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Users\Wam\AppData\Roaming\FreeCommander 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Program Files\FreeCommander 2008-08-30 13:43 . 2008-08-30 13:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\eSobi 2008-08-30 00:44 . 2008-08-30 00:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\PeerNetworking 2008-08-29 23:16 . 2008-08-29 23:16 <REP> d-------- C:\Users\Wam\AppData\Roaming\Template 2008-08-29 23:16 . 2008-09-02 12:07 618 --a------ C:\Users\Wam\AppData\Roaming\wklnhst.dat 2008-08-29 20:07 . 2008-08-29 20:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Auslogics 2008-08-29 20:05 . 2008-08-29 20:05 <REP> d-------- C:\Program Files\Auslogics 2008-08-29 16:13 . 2008-08-29 16:13 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-08-29 15:14 . 2008-08-29 15:14 <REP> d-------- C:\Users\Wam\Option 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\Users\All Users\Lavasoft 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\ProgramData\Lavasoft 2008-08-28 23:07 . 2008-08-28 23:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Grisoft 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\Users\All Users\TEMP 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\ProgramData\TEMP 2008-08-28 22:58 . 2008-08-31 19:46 <REP> d-------- C:\Program Files\Sophos 2008-08-28 22:41 . 2008-08-28 22:49 <REP> d----c--- C:\Windows\System32\DRVSTORE 2008-08-28 21:44 . 2008-08-30 19:56 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-28 17:38 . 2008-08-28 17:38 <REP> d-------- C:\Program Files\GameTop.com 2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\FreeGamePick.com 2008-08-28 12:58 . 2008-08-28 12:58 <REP> d-------- C:\Program Files\Monte Cristo 2008-08-28 11:14 . 2008-08-28 11:14 <REP> d-------- C:\Program Files\Nouvelle Cible 2008-08-28 11:14 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Cheatbook 12.2004 2008-08-28 11:12 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Audacity 2008-08-28 11:11 . 2008-08-28 11:11 <REP> d-------- C:\Program Files\IVCsoft 2008-08-28 09:49 . 2008-08-28 09:49 56 --ah----- C:\Windows\System32\ezsidmv.dat 2008-08-28 08:49 . 2008-08-28 08:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\Command & Conquer 3 La Fureur de Kane 2008-08-28 08:49 . 2008-08-28 08:49 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-08-28 08:33 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll 2008-08-28 08:33 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll 2008-08-28 08:33 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll 2008-08-28 08:33 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll 2008-08-28 08:33 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll 2008-08-28 08:02 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-08-28 07:47 . 2008-08-28 08:20 <REP> d-------- C:\Program Files\Electronic Arts 2008-08-28 01:28 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-08-28 00:51 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\Picasa2 2008-08-28 00:51 . 2006-10-05 04:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys 2008-08-28 00:51 . 2006-10-05 04:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys 2008-08-27 23:18 . 2008-09-01 11:06 <REP> d-------- C:\Users\All Users\WinZip 2008-08-27 23:18 . 2008-09-01 11:06 <REP> d-------- C:\ProgramData\WinZip 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\FLEXnet 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\FLEXnet 2008-08-27 22:56 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\NFO viewer 2008-08-27 22:56 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Bonjour 2008-08-27 22:52 . 2008-08-27 22:52 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\QuickTime 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\vlc 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Program Files\VideoLAN 2008-08-27 21:52 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-27 21:39 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\IrfanView 2008-08-27 21:39 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\IrfanView 2008-08-27 21:39 . 2008-09-03 11:53 <REP> d-------- C:\Program Files\Google 2008-08-27 17:13 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\PhotoDeluxe EE 1.1 2008-08-27 17:11 . 1997-04-18 11:49 298,496 --a------ C:\Windows\unin040c.exe 2008-08-27 16:51 . 2008-08-29 01:18 900 --ahs---- C:\Windows\System32\KGyGaAvL.sys 2008-08-27 16:27 . 2008-08-27 16:27 <REP> d-------- C:\Users\Wam\AppData\Roaming\Corel 2008-08-27 16:24 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Corel® Painter IX TBYB FR 2008-08-27 15:39 . 2008-09-06 08:43 <REP> d-------- C:\Users\Wam\AppData\Roaming\OpenOffice.org2 2008-08-27 15:37 . 2008-08-27 15:37 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-27 15:21 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\CCleaner 2008-08-27 15:18 . 2008-09-01 00:18 <REP> d-------- C:\Users\Wam\AppData\Roaming\Spyware Terminator 2008-08-27 15:18 . 2008-09-01 00:18 <REP> d-------- C:\Users\All Users\Spyware Terminator . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-06 08:53 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-09-06 08:53 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-09-05 15:56 --------- d-----w C:\Users\Valérie\AppData\Roaming\Vista Start Menu 2008-09-03 23:21 --------- d-----w C:\Program Files\Common Files\Adobe 2008-09-01 18:54 --------- d-----w C:\Users\Valérie\AppData\Roaming\vlc 2008-09-01 18:48 --------- d-----w C:\Users\Valérie\AppData\Roaming\Mozilla 2008-08-31 07:13 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-31 07:12 --------- d-----w C:\Program Files\Microsoft Works 2008-08-30 11:46 --------- d-----w C:\ProgramData\eSobi 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPRR____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLV____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLST___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLEV___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLED___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLC____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPC_____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPAJ____.FOT 2008-08-27 12:06 --------- d-s---w C:\Users\Valérie\AppData\Roaming\Microsoft 2008-08-27 12:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-27 11:10 --------- d-----w C:\ProgramData\SiteAdvisor 2008-08-27 10:46 --------- d-----w C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 09:48 --------- d-----w C:\Program Files\Windows Mail 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 09:25 --------- d-----w C:\Users\Valérie\AppData\Roaming\Identities 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Modèles 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Favoris 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Bureau 2008-08-27 07:53 --------- d-sh--w C:\Program Files\Fichiers communs 2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini 2007-04-23 12:21 269,824 ----a-w C:\Windows\inf\WG111v3\Vista64\wg111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\WG111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\Vista\wg111v3.sys 2006-12-15 09:30 98,304 ----a-w C:\Windows\inf\WG111v3\UScanM.exe 2006-12-15 09:30 315,392 ----a-w C:\Windows\inf\WG111v3\InstallDriver.exe 2006-12-15 09:30 28,672 ----a-w C:\Windows\inf\WG111v3\SetDrv.exe 2006-12-15 09:30 212,992 ----a-w C:\Windows\inf\WG111v3\CopyWHQLDriver.exe 2006-12-15 09:30 20,480 ----a-w C:\Windows\inf\WG111v3\RTWUPath.exe 2006-12-15 09:30 19,968 ----a-w C:\Windows\inf\WG111v3\RTWREFU.EXE . ((((((((((((((((((((((((((((( snapshot_2008-08-31_12.27.22.25 ))))))))))))))))))))))))))))))))))))))))) . - 2008-08-28 11:00:13 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-08-31 16:23:58 53,248 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll - 2008-08-28 11:00:13 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-08-31 16:23:59 12,800 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll - 2008-08-28 11:00:13 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-08-31 16:23:59 473,600 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll - 2008-08-28 11:00:06 2,676,224 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:52 2,676,224 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:06 2,846,720 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:53 2,846,720 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:07 563,712 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:54 563,712 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:08 567,296 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:55 567,296 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:09 576,000 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:55 576,000 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:09 577,024 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:56 577,024 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:10 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:56 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:10 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:57 577,536 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:11 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:23:57 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:13 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-08-31 16:24:00 578,560 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll - 2008-08-28 11:00:13 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-08-31 16:24:01 145,920 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll - 2008-08-28 11:00:14 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-08-31 16:24:01 159,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll - 2008-08-28 11:00:14 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-08-31 16:24:01 364,544 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll - 2008-08-28 11:00:14 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-08-31 16:24:01 178,176 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll - 2008-08-28 11:00:12 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-08-31 16:23:58 223,232 ----a-w C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2006-11-20 09:04:16 57,344 ----a-w C:\Windows\Downloaded Program Files\lfbmp13n.dll + 2006-11-20 09:04:16 401,408 ----a-w C:\Windows\Downloaded Program Files\lfcmp13n.dll + 2006-11-20 09:04:16 65,536 ----a-w C:\Windows\Downloaded Program Files\lfeps13n.dll + 2006-11-20 09:04:16 98,304 ----a-w C:\Windows\Downloaded Program Files\lffax13n.dll + 2006-11-20 09:04:16 69,632 ----a-w C:\Windows\Downloaded Program Files\lfgif13n.dll + 2006-11-20 09:04:16 49,152 ----a-w C:\Windows\Downloaded Program Files\lfpcd13n.dll + 2006-11-20 09:04:16 53,248 ----a-w C:\Windows\Downloaded Program Files\lfpcx13n.dll + 2006-11-20 09:04:16 159,744 ----a-w C:\Windows\Downloaded Program Files\lfpng13n.dll + 2006-11-20 09:04:16 55,808 ----a-w C:\Windows\Downloaded Program Files\lfpsd13n.dll + 2006-11-20 09:04:16 53,248 ----a-w C:\Windows\Downloaded Program Files\lftga13n.dll + 2006-11-20 09:04:16 155,648 ----a-w C:\Windows\Downloaded Program Files\lftif13n.dll + 2006-11-20 09:04:16 1,693,696 ----a-w C:\Windows\Downloaded Program Files\ltclr13n.dll + 2006-11-20 09:04:16 299,008 ----a-w C:\Windows\Downloaded Program Files\ltdis13n.dll + 2006-11-20 09:04:16 206,336 ----a-w C:\Windows\Downloaded Program Files\ltefx13n.dll + 2006-11-20 09:04:16 163,840 ----a-w C:\Windows\Downloaded Program Files\ltfil13n.dll + 2006-11-20 09:04:16 450,560 ----a-w C:\Windows\Downloaded Program Files\ltimg13n.dll + 2006-11-20 09:04:16 462,848 ----a-w C:\Windows\Downloaded Program Files\ltkrn13n.dll + 2006-11-20 09:04:16 543,544 ----a-w C:\Windows\Downloaded Program Files\MsnPUpld.dll + 2007-01-09 06:30:14 110,592 ----a-w C:\Windows\Downloaded Program Files\PURfr-fr.dll - 2008-08-27 23:32:18 51,200 ----a-w C:\Windows\inf\infpub.dat + 2008-09-03 11:27:21 51,200 ----a-w C:\Windows\inf\infpub.dat - 2008-08-27 23:32:18 86,016 ----a-w C:\Windows\inf\infstor.dat + 2008-09-03 11:27:21 86,016 ----a-w C:\Windows\inf\infstor.dat - 2008-08-27 23:32:18 86,016 ----a-w C:\Windows\inf\infstrng.dat + 2008-09-03 11:27:20 86,016 ----a-w C:\Windows\inf\infstrng.dat + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ARPPRODUCTICON.exe + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2008-09-03 09:53:53 26,694 ----a-r C:\Windows\Installer\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe + 2008-09-03 23:22:02 295,606 ----a-r C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-A81200000003}\SC_Reader.exe + 2008-09-04 08:32:47 33,982 ----a-r C:\Windows\Installer\{C1F97FD4-1BD9-45BE-A580-0174BBA8B7F5}\ra3.exe - 1995-07-31 11:44:46 212,480 ----a-w C:\Windows\pcdlib32.dll + 2006-11-20 09:04:16 212,480 ----a-w C:\Windows\pcdlib32.dll - 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-09-06 06:43:08 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-09-06 06:43:08 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-08-31 09:38:55 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-09-06 06:44:32 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-09-06 06:44:32 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-08-31 09:38:50 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-09-06 06:44:27 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-09-06 06:44:27 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 + 2008-07-18 20:08:20 72,256 ------w C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupV.exe - 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-08-31 22:18:00 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008090120080902\index.dat - 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-08-31 10:25:24 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-09-06 08:53:09 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-09-06 08:53:09 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2008-08-17 13:01:14 17,144 ----a-w C:\Windows\System32\drivers\mbam.sys + 2008-09-01 22:16:40 17,200 ----a-w C:\Windows\System32\drivers\mbam.sys - 2008-08-17 13:01:18 38,472 ----a-w C:\Windows\System32\drivers\mbamswissarmy.sys + 2008-09-01 22:16:46 38,528 ----a-w C:\Windows\System32\drivers\mbamswissarmy.sys - 2006-11-02 09:14:58 18,944 ----a-w C:\Windows\System32\drivers\usbprint.sys + 2008-01-21 02:23:22 18,944 ----a-w C:\Windows\System32\drivers\usbprint.sys + 2008-01-21 02:23:27 35,328 ----a-w C:\Windows\System32\drivers\usbscan.sys + 2006-09-21 03:01:00 2,913 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_A7X0E1.DAT + 2006-09-13 23:00:00 20,480 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DAUDF1.DLL + 2004-09-10 18:12:28 49,152 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DCINST.DLL + 2006-09-13 02:00:00 450,048 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DCON04.DLL + 2006-09-26 03:00:00 65,024 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DDSP30.DLL + 2005-11-30 02:20:00 212,992 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DHA730.DLL + 2006-01-23 02:20:00 325,632 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DHMM6A.DLL + 2006-01-12 02:01:00 456,192 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DI1BFE.DLL + 2006-10-25 02:00:00 349,184 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DJB722.DLL + 2006-09-29 03:00:00 102,912 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DMAI30.DLL + 2005-04-18 16:10:02 258,114 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DOKA01.DLL + 2006-09-06 02:00:00 196,608 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DPPE06.EXE + 2006-10-12 02:00:00 626,688 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DPUI04.DLL + 2006-02-21 02:20:00 1,327,616 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DSB0EE.DLL + 2006-10-10 04:00:00 883,200 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DU1BFE.DLL + 2006-01-11 02:20:00 49,664 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_DUMWF5.DLL + 2006-09-21 23:10:00 120,320 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_H48UIA.DLL + 2006-02-20 23:00:00 495,104 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_H790E1.DLL + 2006-03-20 02:01:00 151,552 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S30MT1.EXE + 2006-03-20 02:02:00 118,784 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S30RN1.EXE + 2006-04-18 02:00:00 102,400 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S30RP1.EXE + 2006-09-25 02:06:00 253,952 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S3T0A1.EXE + 2006-11-01 02:02:00 585,728 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S790E1.DLL + 2006-09-21 02:01:00 548,864 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S7B0E1.DLL + 2006-09-21 02:01:00 139,264 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_S7I0E1.EXE + 2006-04-24 00:00:00 110,592 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_SAGSET.DLL + 2006-09-13 23:01:00 155,648 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_SIACS1.EXE + 2006-09-05 01:05:00 126,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\E_SKU321.DLL + 2006-04-27 03:11:00 167,936 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBAPI4.DLL + 2006-04-27 03:11:00 167,936 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBAPI5.DLL + 2006-05-09 04:00:00 32,768 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBAPI6.DLL + 2006-04-19 04:00:00 34,304 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPBIDI.DLL + 2006-07-25 04:01:00 33,792 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPBIDI6.DLL + 2000-06-06 23:01:00 34,304 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPCHP.DLL + 2005-09-02 03:07:00 192,512 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPLPT5.DLL + 2006-08-10 03:12:00 82,939 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPMON25.DLL + 2006-08-10 00:02:00 75,264 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPMONB.DLL + 2005-11-16 23:03:00 94,208 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EBPSHRE4.DLL + 2003-05-21 00:27:00 64,000 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\ECBTEG.DLL + 2006-04-19 00:00:00 62,976 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\ECBTEGB.DLL + 2006-04-25 23:00:00 36,864 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPIBSR50.EXE + 2006-09-21 01:04:00 18,432 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPIPGI20.DLL + 2006-11-21 00:16:00 114,688 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPSET32.DLL + 2006-09-08 04:18:00 723,144 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPUPDATE.EXE + 2006-10-16 07:50:00 174,592 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPUTIX27.DLL + 2006-10-16 07:50:00 84,480 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\EPUTIX27.EXE + 2006-02-13 23:11:00 131,072 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\COMMON\SAGENT4.EXE + 2006-11-06 02:03:00 222,720 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\FRANCAIS\E_DI0BFE.DLL + 2006-11-08 23:03:00 65,536 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\FRANCAIS\E_H7E0E1.DLL + 2006-11-14 02:03:00 106,496 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\FRANCAIS\E_S7E0E1.DLL + 2005-04-05 22:01:00 6,400 ----a-w C:\Windows\System32\DriverStore\FileRepository\e_df1bee_fr.inf_fa5d113a\FRANCAIS\EPUPDATE.DAT + 1999-12-07 00:03:00 73,216 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\ade.dll + 1999-04-26 22:17:00 3,136 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\ade001.bin + 2005-12-15 22:00:00 73,728 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epbmp.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epbmpres.dll + 2006-02-14 22:00:00 98,304 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epipd.dll + 2005-12-15 22:00:00 147,456 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epjpg.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epjpgres.dll + 2005-12-15 22:00:00 90,112 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epmtf.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\epmtfres.dll + 2006-02-14 22:00:00 102,400 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppdf.dll + 2006-01-22 22:00:00 49,152 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppdfres.dll + 2005-12-15 22:00:00 86,016 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppij.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppijres.dll + 2005-12-15 22:00:00 81,920 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppit.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eppitres.dll + 2005-12-15 22:00:00 90,112 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eptif.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\eptifres.dll + 2005-12-15 22:00:00 118,784 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\escndv.exe + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\escndvrs.dll + 2006-10-12 22:00:00 61,952 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\escwiad.dll + 2006-02-21 22:00:00 188,416 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esdevcl.dll + 2006-02-21 22:00:00 131,072 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esdevif.dll + 2005-12-15 22:00:00 49,152 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esdscl.dll + 2006-10-15 22:00:00 425,984 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esdtr.dll + 2006-08-29 22:00:00 94,208 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esdtr2.dll + 2005-08-28 22:00:00 143,360 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esexf.dll + 2005-09-26 22:00:00 163,840 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esfit.dll + 2005-09-26 22:00:00 53,248 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esicm.dll + 2006-07-04 22:00:00 561,152 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esimfl.dll + 2006-01-22 22:00:00 229,376 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esimgctl.dll + 2006-07-31 22:00:00 1,658,880 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esimgdet.dll + 2005-12-15 22:00:00 348,261 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esmps.dll + 2005-12-15 22:00:00 561,272 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esmpsres.dll + 2005-08-28 22:00:00 98,304 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\espimtif.dll + 2006-02-13 22:00:00 3,559,424 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esres.dll + 2006-02-06 22:00:00 323,584 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esscncl.dll + 2005-12-15 22:00:00 40,960 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\estwm.exe + 2006-02-20 22:00:00 241,664 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\estwpmg.dll + 2006-02-13 22:00:00 663,552 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esui.dll + 2005-12-15 22:00:00 122,880 ----a-w C:\Windows\System32\DriverStore\FileRepository\es6b.inf_0b39f50d\esutwb.dll + 2006-10-30 22:10:00 71,840 ----a-w C:\Windows\System32\EPPicMgr.dll + 2004-03-03 04:10:00 26,154 ----a-w C:\Windows\System32\EPPICPattern1.dat + 2004-03-03 04:10:00 27,417 ----a-w C:\Windows\System32\EPPICPattern121.dat + 2004-03-03 04:10:00 31,053 ----a-w C:\Windows\System32\EPPICPattern131.dat + 2004-03-03 04:10:00 20,148 ----a-w C:\Windows\System32\EPPICPattern2.dat + 2004-03-03 04:10:00 24,903 ----a-w C:\Windows\System32\EPPICPattern3.dat + 2004-03-03 04:10:00 11,811 ----a-w C:\Windows\System32\EPPICPattern4.dat + 2004-03-03 04:10:00 21,390 ----a-w C:\Windows\System32\EPPICPattern5.dat + 2004-03-03 04:10:00 4,943 ----a-w C:\Windows\System32\EPPICPattern6.dat + 2005-05-31 22:20:00 111,932 ----a-w C:\Windows\System32\EPPICPrinterDB.dat + 2006-10-30 22:10:00 120,992 ----a-w C:\Windows\System32\EpPicPrt.dll + 2008-01-21 02:23:08 37,376 ----a-w C:\Windows\System32\HPZLLLHN.DLL + 2008-06-09 23:21:01 135,168 ----a-w C:\Windows\System32\java.exe + 2008-06-09 23:21:04 135,168 ----a-w C:\Windows\System32\javaw.exe + 2008-06-10 00:32:34 139,264 ----a-w C:\Windows\System32\javaws.exe - 2008-08-31 09:42:02 101,052 ----a-w C:\Windows\System32\perfc009.dat + 2008-09-06 06:47:37 101,052 ----a-w C:\Windows\System32\perfc009.dat - 2008-08-31 09:42:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat + 2008-09-06 06:47:37 123,350 ----a-w C:\Windows\System32\perfc00C.dat - 2008-08-31 09:42:02 586,980 ----a-w C:\Windows\System32\perfh009.dat + 2008-09-06 06:47:37 586,980 ----a-w C:\Windows\System32\perfh009.dat - 2008-08-31 09:42:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat + 2008-09-06 06:47:37 669,328 ----a-w C:\Windows\System32\perfh00C.dat + 2006-10-19 22:10:00 108,704 ----a-w C:\Windows\System32\PICEntry.dll + 2006-10-19 22:10:00 80,024 ----a-w C:\Windows\System32\PICSDK.dll + 2006-10-19 22:10:00 501,912 ----a-w C:\Windows\System32\PICSDK2.dll - 2008-08-31 08:32:01 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat + 2008-09-03 12:30:05 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat + 2006-09-21 02:01:00 548,864 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FABRBEE.DLL + 2006-09-21 03:01:00 2,913 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAIFBEE.DAT + 2006-09-21 23:10:00 120,320 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAIRBEE.DLL + 2006-09-25 02:06:00 253,952 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAMDBEE.EXE + 2006-03-20 02:01:00 151,552 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAMTBEE.EXE + 2006-11-01 02:02:00 585,728 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAPRBEE.DLL + 2006-03-20 02:02:00 118,784 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FARNBEE.EXE + 2006-09-05 01:05:00 126,976 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FASKBEE.DLL + 2006-11-14 02:03:00 106,496 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FASRBEE.DLL + 2006-09-21 02:01:00 139,264 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBEE.EXE + 2006-09-13 23:00:00 20,480 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FAUDBEE.DLL + 2006-05-09 04:00:00 32,768 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FBA6BEE.DLL + 2006-04-27 03:11:00 167,936 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FBAPBEE.DLL + 2006-09-13 23:01:00 155,648 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FBCSBEE.EXE + 2006-07-25 04:01:00 33,792 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FBL6BEE.DLL + 2006-04-25 23:00:00 36,864 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FBSRBEE.EXE + 2006-09-13 02:00:00 450,048 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FCONBEE.DLL + 2006-09-26 03:00:00 65,024 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FDSPBEE.DLL + 2006-09-21 01:04:00 18,432 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FGRCBEE.DLL + 2006-02-20 23:00:00 495,104 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHBRBEE.DLL + 2006-01-23 02:20:00 325,632 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHM0BEE.DLL + 2006-11-08 23:03:00 65,536 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHSRBEE.DLL + 2005-11-30 02:20:00 212,992 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHT0BEE.DLL + 2006-10-16 07:50:00 174,592 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHUTBEE.DLL + 2006-10-16 07:50:00 84,480 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FHUTBEE.EXE + 2006-10-25 02:00:00 349,184 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FJBCBEE.DLL + 2006-09-29 03:00:00 102,912 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FMAI1BEE.DLL + 2006-01-11 02:20:00 49,664 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FMW0BEE.DLL + 2005-04-18 16:10:02 258,114 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FOKABEE.DLL + 2006-09-06 02:00:00 196,608 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FPREBEE.EXE + 2006-10-12 02:00:00 626,688 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FPRUBEE.DLL + 2006-02-21 02:20:00 1,327,616 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FSR0BEE.DLL + 2006-01-12 02:01:00 456,192 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FUI1BEE.DLL + 2006-10-10 04:00:00 883,200 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FUIC1BEE.DLL + 2006-11-06 02:03:00 222,720 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_FUIRBEE.DLL + 2006-04-18 02:00:00 102,400 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\E_S30RP1.EXE + 2006-04-27 03:11:00 167,936 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\EBAPI4.DLL + 2006-04-19 04:00:00 34,304 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\EBPBIDI.DLL + 2006-11-21 00:16:00 114,688 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\EPSET32.DLL + 2005-04-05 22:01:00 6,400 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\EPUPDATE.DAT + 2006-09-08 04:18:00 723,144 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\EPUPDATE.EXE + 2008-01-21 02:23:11 363,520 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPCDMCLH.DLL + 2008-01-21 02:23:09 5,387,776 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFIGLHN.DLL + 2008-01-21 02:23:06 280,064 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFIME50.DLL + 2008-01-21 02:23:11 19,968 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPFRES50.DLL + 2008-01-21 02:23:07 1,253,888 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZ3RLHN.DLL + 2008-01-21 02:23:05 365,568 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZEVLHN.DLL + 2008-01-21 02:23:08 4,930,560 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZLALHN.DLL + 2008-01-21 02:23:08 663,552 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZLELHN.DLL + 2008-01-21 02:23:14 79,872 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZPRLHN.DLL + 2008-01-21 02:23:10 562,176 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZSSLHN.DLL + 2008-01-21 02:23:10 3,447,808 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZSTLHN.DLL + 2008-01-21 02:23:14 2,725,376 ----a-w C:\Windows\System32\spool\drivers\w32x86\3\HPZUILHN.DLL + 2005-04-05 22:01:00 6,400 ----a-w C:\Windows\System32\spool\drivers\w32x86\EPUPDATE.DAT + 2006-09-08 04:18:00 723,144 ----a-w C:\Windows\System32\spool\drivers\w32x86\EPUPDATE.EXE + 2008-01-21 02:23:14 89,600 ----a-w C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - 2008-08-31 09:39:05 6,104 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin + 2008-09-06 06:45:13 6,520 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin + 2008-09-05 15:26:42 1,982 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1001_UserData.bin - 2008-08-31 09:39:05 74,118 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-09-06 06:45:13 74,254 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-08-31 09:39:04 52,236 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-09-06 06:45:12 53,752 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 1999-12-07 00:03:00 73,216 ----a-w C:\Windows\twain_32\escndv\es006b\ade.dll + 1999-04-26 22:17:00 3,136 ----a-w C:\Windows\twain_32\escndv\es006b\ade001.bin + 2006-02-21 22:00:00 188,416 ----a-w C:\Windows\twain_32\escndv\es006b\esdevcl.dll + 2006-02-21 22:00:00 131,072 ----a-w C:\Windows\twain_32\escndv\es006b\esdevif.dll + 2005-12-15 22:00:00 49,152 ----a-w C:\Windows\twain_32\escndv\es006b\esdscl.dll + 2006-10-15 22:00:00 425,984 ----a-w C:\Windows\twain_32\escndv\es006b\esdtr.dll + 2006-08-29 22:00:00 94,208 ----a-w C:\Windows\twain_32\escndv\es006b\esdtr2.dll + 2005-09-26 22:00:00 163,840 ----a-w C:\Windows\twain_32\escndv\es006b\esfit.dll + 2005-09-26 22:00:00 53,248 ----a-w C:\Windows\twain_32\escndv\es006b\esicm.dll + 2006-07-04 22:00:00 561,152 ----a-w C:\Windows\twain_32\escndv\es006b\esimfl.dll + 2006-01-22 22:00:00 229,376 ----a-w C:\Windows\twain_32\escndv\es006b\esimgctl.dll + 2006-07-31 22:00:00 1,658,880 ----a-w C:\Windows\twain_32\escndv\es006b\esimgdet.dll + 2005-12-15 22:00:00 348,261 ----a-w C:\Windows\twain_32\escndv\es006b\esmps.dll + 2005-12-15 22:00:00 561,272 ----a-w C:\Windows\twain_32\escndv\es006b\esmpsres.dll + 2006-02-13 22:00:00 3,559,424 ----a-w C:\Windows\twain_32\escndv\es006b\esres.dll + 2006-02-06 22:00:00 323,584 ----a-w C:\Windows\twain_32\escndv\es006b\esscncl.dll + 2005-12-15 22:00:00 40,960 ----a-w C:\Windows\twain_32\escndv\es006b\estwm.exe + 2006-02-20 22:00:00 241,664 ----a-w C:\Windows\twain_32\escndv\es006b\estwpmg.dll + 2006-02-13 22:00:00 663,552 ----a-w C:\Windows\twain_32\escndv\es006b\esui.dll + 2005-12-15 22:00:00 122,880 ----a-w C:\Windows\twain_32\escndv\es006b\esutwb.dll + 2005-12-15 22:00:00 73,728 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epbmp.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epbmpres.dll + 2006-02-14 22:00:00 98,304 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epipd.dll + 2005-12-15 22:00:00 147,456 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epjpg.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epjpgres.dll + 2005-12-15 22:00:00 90,112 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epmtf.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\epmtfres.dll + 2006-02-14 22:00:00 102,400 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppdf.dll + 2006-01-22 22:00:00 49,152 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppdfres.dll + 2005-12-15 22:00:00 86,016 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppij.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppijres.dll + 2005-12-15 22:00:00 81,920 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppit.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eppitres.dll + 2005-12-15 22:00:00 90,112 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eptif.dll + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\eptifres.dll + 2005-08-28 22:00:00 143,360 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\esexf.dll + 2005-08-28 22:00:00 98,304 ----a-w C:\Windows\twain_32\escndv\es006b\ffmt\espimtif.dll + 2005-12-15 22:00:00 118,784 ----a-w C:\Windows\twain_32\escndv\escndv.exe + 2005-12-15 22:00:00 45,056 ----a-w C:\Windows\twain_32\escndv\escndvrs.dll + 2005-12-15 22:00:00 40,960 ----a-w C:\Windows\twain_32\escndv\estwm.exe - 2008-08-31 08:23:51 175,166 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-09-03 11:32:22 1,175,593 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-07-19 05:09:42 563,912 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.784_none_10766c5d7a4348db\wuapi.dll + 2008-07-19 03:44:12 83,456 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.784_none_10766c5d7a4348db\wudriver.dll + 2008-07-19 05:10:18 36,552 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.2.6001.784_none_10766c5d7a4348db\wups.dll + 2008-07-18 18:44:32 31,232 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.2.6001.784_none_ba812c9e1ffa7ad7\wuapp.exe + 2008-07-18 20:08:18 163,904 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.2.6001.784_none_ba812c9e1ffa7ad7\wuwebv.dll + 2008-07-19 05:10:40 53,448 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.784_none_2a6532116682efd8\wuauclt.exe + 2008-07-19 05:09:40 1,811,656 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.784_none_2a6532116682efd8\wuaueng.dll + 2008-07-19 05:10:39 45,768 ----a-w C:\Windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.784_none_2a6532116682efd8\wups2.dll + 2008-07-19 03:44:52 1,524,736 ----a-w C:\Windows\winsxs\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.2.6001.784_none_a81255bc06873289\wucltux.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 2136064] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272] "EPSON Stylus DX4000 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE" [2006-09-21 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488] "EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488] "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908] "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 34040] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 29744] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 C:\Windows\RtHDVCpl.exe] C:\Users\Wam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2007-09-14 1695744] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"="0x00000000" "UpdatesDisableNotify"="0x00000000" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{71601132-DFFE-4DCE-95B3-5900799EEB1D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{203193B0-DC74-4F91-B57A-E4676324A6C0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "TCP Query User{1700F0E7-0C4A-48EF-B683-39EA20456A31}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "UDP Query User{88B1733F-727D-4D99-A5CE-67D908A41F11}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "{EBDF6D30-E9D1-47A5-8CD1-1CDF9514292E}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A9E1E3A8-D134-4FF3-8D7B-2198638C0508}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "TCP Query User{91B2DB49-F98D-4878-9CF8-8A78E27EFB8B}C:\\program files\\tmnationsforever\\tmforever.exe"= UDP:C:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{34C3EC7B-1EB3-4ED4-9BB1-B4EC856B22A3}C:\\program files\\tmnationsforever\\tmforever.exe"= TCP:C:\program files\tmnationsforever\tmforever.exe:TmForever "{95F0C6D7-0EC8-4EB9-B8F5-9AFE75CE08D8}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{77CF3FE0-D087-4054-AC3C-6052515A366C}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 49152] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824] R3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 161792] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 29744] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656] S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{490aa8b8-32a8-11dd-97bb-806e6f6e6963}] \shell\AutoRun\command - E:\autorun.exe . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\ FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll FF -: plugin - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 10:55:45 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-09-06 10:56:58 ComboFix-quarantined-files.txt 2008-09-06 08:56:55 ComboFix2.txt 2008-08-31 10:28:11 ComboFix3.txt 2008-08-29 22:13:20 ComboFix4.txt 2008-08-29 22:01:16 Pre-Run: 115,810,127,872 octets libres Post-Run: 115,775,627,264 octets libres 641 --- E O F --- 2008-09-06 06:48:02 Le 3 ComboFix 08-08-30.03 - Wam 2008-08-31 12:25:28.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1926 [GMT 2:00] Endroit: C:\Users\Wam\Desktop\Poste de contrôle\Maintenance\ComboFix.exe * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-28 to 2008-08-31 )))))))))))))))))))))))))))))))))))) . 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:41 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-31 10:24 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll 2008-08-31 10:24 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml 2008-08-31 10:24 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml 2008-08-31 10:20 . 2008-08-31 11:36 <REP> d-------- C:\Users\Wam\AppData\Roaming\Vista Start Menu 2008-08-31 10:20 . 2008-08-31 10:21 <REP> d-------- C:\Program Files\Vista Start Menu 2008-08-31 10:13 . 2008-08-31 10:17 <REP> d-------- C:\Windows\UltraDefrag 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Users\Wam\AppData\Roaming\FreeCommander 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Program Files\FreeCommander 2008-08-30 13:43 . 2008-08-30 13:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\eSobi 2008-08-30 00:44 . 2008-08-30 00:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\PeerNetworking 2008-08-29 23:16 . 2008-08-29 23:16 <REP> d-------- C:\Users\Wam\AppData\Roaming\Template 2008-08-29 23:16 . 2008-08-30 12:24 438 --a------ C:\Users\Wam\AppData\Roaming\wklnhst.dat 2008-08-29 20:07 . 2008-08-29 20:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Auslogics 2008-08-29 20:05 . 2008-08-29 20:05 <REP> d-------- C:\Program Files\Auslogics 2008-08-29 16:13 . 2008-08-29 16:13 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-08-29 15:14 . 2008-08-29 15:14 <REP> d-------- C:\Users\Wam\Option 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\Users\All Users\Lavasoft 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\ProgramData\Lavasoft 2008-08-28 23:07 . 2008-08-28 23:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Grisoft 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\Users\All Users\TEMP 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\ProgramData\TEMP 2008-08-28 22:58 . 2008-08-28 22:58 <REP> d-------- C:\Program Files\Sophos 2008-08-28 22:41 . 2008-08-28 22:49 <REP> d----c--- C:\Windows\System32\DRVSTORE 2008-08-28 21:44 . 2008-08-30 19:56 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-28 17:38 . 2008-08-28 17:38 <REP> d-------- C:\Program Files\GameTop.com 2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\FreeGamePick.com 2008-08-28 12:58 . 2008-08-28 12:58 <REP> d-------- C:\Program Files\Monte Cristo 2008-08-28 11:14 . 2008-08-28 11:14 <REP> d-------- C:\Program Files\Nouvelle Cible 2008-08-28 11:14 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Cheatbook 12.2004 2008-08-28 11:12 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Audacity 2008-08-28 11:11 . 2008-08-28 11:11 <REP> d-------- C:\Program Files\IVCsoft 2008-08-28 09:49 . 2008-08-28 09:49 56 --ah----- C:\Windows\System32\ezsidmv.dat 2008-08-28 08:49 . 2008-08-28 08:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\Command & Conquer 3 La Fureur de Kane 2008-08-28 08:49 . 2008-08-28 08:49 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-08-28 08:33 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll 2008-08-28 08:33 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll 2008-08-28 08:33 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll 2008-08-28 08:33 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll 2008-08-28 08:33 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll 2008-08-28 08:02 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-08-28 07:47 . 2008-08-28 08:20 <REP> d-------- C:\Program Files\Electronic Arts 2008-08-28 01:28 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-08-28 00:51 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\Picasa2 2008-08-28 00:51 . 2006-10-05 04:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys 2008-08-28 00:51 . 2006-10-05 04:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys 2008-08-28 00:42 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Defraggler 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\Users\All Users\WinZip 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\ProgramData\WinZip 2008-08-27 23:16 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\WinZip 8.1 Fr 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\FLEXnet 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\FLEXnet 2008-08-27 22:56 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\NFO viewer 2008-08-27 22:56 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Bonjour 2008-08-27 22:52 . 2008-08-27 22:52 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\QuickTime 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\vlc 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Program Files\VideoLAN 2008-08-27 21:52 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-27 21:39 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\IrfanView 2008-08-27 21:39 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\IrfanView 2008-08-27 21:39 . 2008-08-28 00:51 <REP> d-------- C:\Program Files\Google 2008-08-27 17:13 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\PhotoDeluxe EE 1.1 2008-08-27 17:11 . 1997-04-18 11:49 298,496 --a------ C:\Windows\unin040c.exe 2008-08-27 16:51 . 2008-08-29 01:18 900 --ahs---- C:\Windows\System32\KGyGaAvL.sys 2008-08-27 16:27 . 2008-08-27 16:27 <REP> d-------- C:\Users\Wam\AppData\Roaming\Corel 2008-08-27 16:24 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Corel® Painter IX TBYB FR 2008-08-27 15:39 . 2008-08-31 11:37 <REP> d-------- C:\Users\Wam\AppData\Roaming\OpenOffice.org2 2008-08-27 15:37 . 2008-08-27 15:37 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-27 15:21 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\CCleaner 2008-08-27 15:18 . 2008-08-27 15:20 <REP> d-------- C:\Users\Wam\AppData\Roaming\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Crawler 2008-08-27 15:18 . 2008-08-27 15:18 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\Wam\AppData\Roaming\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\All Users\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\ProgramData\Malwarebytes 2008-08-27 15:15 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-27 15:15 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys 2008-08-27 15:15 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys 2008-08-27 14:57 . 2008-08-28 09:49 <REP> d-------- C:\Users\Wam\AppData\Roaming\skypePM 2008-08-27 14:55 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\Skype 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Users\All Users\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\ProgramData\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Program Files\Skype 2008-08-27 14:55 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Common Files\Skype 2008-08-27 14:50 . 2008-08-27 14:50 0 --a------ C:\Windows\nsreg.dat 2008-08-27 14:19 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\MSN Messenger 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\Users\All Users\ma-config.com 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\ProgramData\ma-config.com 2008-08-27 13:37 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\ma-config.com 2008-08-27 13:10 . 2008-08-27 13:10 <REP> d-------- C:\Users\Wam\AppData\Roaming\SiteAdvisor 2008-08-27 12:39 . 2008-08-27 12:46 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 12:26 . 2008-08-27 12:26 <REP> d-------- C:\Users\Wam\AppData\Roaming\Yahoo! 2008-08-27 12:16 . 2008-08-27 12:20 <REP> d-------- C:\Program Files\Windows Live 2008-08-27 12:16 . 2008-08-27 13:17 <REP> d----c--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\Users\All Users\WLInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\ProgramData\WLInstaller 2008-08-27 11:55 . 2008-08-27 11:55 <REP> d-------- C:\Program Files\Hercules 2008-08-27 11:54 . 2008-08-27 14:02 <REP> d-------- C:\Windows\OvtCam 2008-08-27 11:54 . 2005-03-15 17:04 161,792 --a------ C:\Windows\System32\drivers\ov530vid.sys 2008-08-27 11:54 . 2004-08-05 17:34 61,440 --a------ C:\Windows\ov530dib.dll 2008-08-27 11:54 . 2005-09-30 09:42 40,960 --a------ C:\Windows\System32\ov530ext.dll 2008-08-27 11:54 . 2004-11-09 00:37 25,177 --a------ C:\Windows\System32\drivers\ov530cmd.sys 2008-08-27 11:54 . 2005-09-30 09:56 18,972 --a------ C:\Windows\System32\ov530ext.ax 2008-08-27 11:54 . 2004-07-20 01:50 16,440 --a------ C:\Windows\System32\ov530usd.dll 2008-08-27 11:46 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll 2008-08-27 11:42 . 2008-08-27 11:42 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-27 11:41 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll 2008-08-27 11:39 . 2008-04-26 10:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Searches . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 07:13 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-31 07:12 --------- d-----w C:\Program Files\Microsoft Works 2008-08-30 11:46 --------- d-----w C:\ProgramData\eSobi 2008-08-28 22:08 --------- d-----w C:\Program Files\Yahoo! 2008-08-27 20:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPRR____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLV____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLST___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLEV___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLED___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLC____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPC_____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPAJ____.FOT 2008-08-27 12:06 --------- d-s---w C:\Users\Valérie\AppData\Roaming\Microsoft 2008-08-27 12:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-27 11:22 --------- d-----w C:\Program Files\McAfee 2008-08-27 11:10 --------- d-----w C:\ProgramData\SiteAdvisor 2008-08-27 10:46 --------- d-----w C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 09:48 --------- d-----w C:\Program Files\Windows Mail 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 09:25 --------- d-----w C:\Users\Valérie\AppData\Roaming\Identities 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Modèles 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Favoris 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Bureau 2008-08-27 07:53 --------- d-sh--w C:\Program Files\Fichiers communs 2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-06-05 02:42 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll 2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll 2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll 2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll 2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll 2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll 2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll 2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll 2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll 2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll 2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll 2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll 2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll 2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin 2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin 2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll 2008-05-08 21:59 90,112 ----a-w C:\Windows\System32\wshext.dll 2008-05-08 21:59 430,080 ----a-w C:\Windows\System32\vbscript.dll 2008-05-08 21:59 180,224 ----a-w C:\Windows\System32\scrobj.dll 2008-05-08 21:59 172,032 ----a-w C:\Windows\System32\scrrun.dll 2008-05-08 21:59 155,648 ----a-w C:\Windows\System32\wscript.exe 2008-05-08 21:58 135,168 ----a-w C:\Windows\System32\cscript.exe 2008-05-06 02:10 749,568 ----a-w C:\Windows\AcerStore.exe 2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini 2007-04-23 12:21 269,824 ----a-w C:\Windows\inf\WG111v3\Vista64\wg111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\WG111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\Vista\wg111v3.sys 2006-12-15 09:30 98,304 ----a-w C:\Windows\inf\WG111v3\UScanM.exe 2006-12-15 09:30 315,392 ----a-w C:\Windows\inf\WG111v3\InstallDriver.exe 2006-12-15 09:30 28,672 ----a-w C:\Windows\inf\WG111v3\SetDrv.exe 2006-12-15 09:30 212,992 ----a-w C:\Windows\inf\WG111v3\CopyWHQLDriver.exe 2006-12-15 09:30 20,480 ----a-w C:\Windows\inf\WG111v3\RTWUPath.exe 2006-12-15 09:30 19,968 ----a-w C:\Windows\inf\WG111v3\RTWREFU.EXE . ((((((((((((((((((((((((((((( snapshot@2008-08-30_ 0.00.29.11 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-05 02:57:20 23,558 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe + 2008-08-30 11:46:56 247,638 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-08-29 21:30:03 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-08-29 21:30:08 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-08-29 21:58:09 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2008-08-27 20:59:33 1,661,272 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-08-31 07:14:39 1,658,936 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2008-08-29 21:35:02 101,052 ----a-w C:\Windows\System32\perfc009.dat + 2008-08-31 09:42:02 101,052 ----a-w C:\Windows\System32\perfc009.dat - 2008-08-29 21:35:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat + 2008-08-31 09:42:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat - 2008-08-29 21:35:02 586,980 ----a-w C:\Windows\System32\perfh009.dat + 2008-08-31 09:42:02 586,980 ----a-w C:\Windows\System32\perfh009.dat - 2008-08-29 21:35:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat + 2008-08-31 09:42:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat - 2008-08-29 21:27:57 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat + 2008-08-31 08:32:01 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat - 2008-08-29 21:30:48 5,380 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin + 2008-08-31 09:39:05 6,104 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin - 2008-08-29 21:30:48 73,984 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:05 74,118 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-08-29 21:30:47 51,058 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:04 52,236 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-08-29 14:12:19 86,315 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-08-31 08:23:51 175,166 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-05-10 03:30:49 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.16687_none_863728a999516b76\RacEngn.dll + 2008-05-10 03:13:37 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.20832_none_86f1d584b24afdff\RacEngn.dll + 2008-05-10 03:35:20 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.18069_none_883507bb9665f733\RacEngn.dll + 2008-05-10 03:21:35 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.22176_none_88b0d3bcaf8e66e9\RacEngn.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:23 1233920] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 04:25 125952] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 03:18 443968] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 13:43 2136064] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 13:31 319488] "EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 13:31 319488] "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 23:38 526896] "PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 19:49 204908] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048] "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 19:57 34040] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 21:39 29744] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 07:21 5369856 C:\Windows\RtHDVCpl.exe] C:\Users\Wam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 16:41:28 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2007-09-14 10:24:06 1695744] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00 394856] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{71601132-DFFE-4DCE-95B3-5900799EEB1D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{203193B0-DC74-4F91-B57A-E4676324A6C0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "TCP Query User{1700F0E7-0C4A-48EF-B683-39EA20456A31}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "UDP Query User{88B1733F-727D-4D99-A5CE-67D908A41F11}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "{EBDF6D30-E9D1-47A5-8CD1-1CDF9514292E}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A9E1E3A8-D134-4FF3-8D7B-2198638C0508}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{137680FD-D621-4F63-B3FD-DAC52CFC22E8}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{6657B234-CB7A-4E77-90CA-BE121A3BE73D}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 05:23] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 19:49] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 19:57] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 13:30] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 03:02] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 19:53] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 16:58] R3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 17:04] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\system32\DRIVERS\wg111v3.sys [2007-04-23 14:19] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 04:51] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 21:39] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 20:57] S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 08:45] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:23] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:23] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\ FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-31 12:27:00 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-31 12:28:11 ComboFix-quarantined-files.txt 2008-08-31 10:28:08 ComboFix2.txt 2008-08-29 22:13:20 ComboFix3.txt 2008-08-29 22:01:16 Pre-Run: 132,663,820,288 octets libres Post-Run: 132,639,662,080 octets libres 373 --- E O F --- 2008-08-31 08:24:27 et un dernier aujourd'hui: ComboFix 08-09-05.02 - Wam 2008-09-06 11:06:29.6 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1823 [GMT 2:00] Endroit: C:\Users\Wam\Desktop\Poste de contrôle\Maintenance\ComboFix.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-08-06 to 2008-09-06 )))))))))))))))))))))))))))))))))))) . 2008-09-04 10:33 . 2008-09-04 10:33 <REP> dr-h----- C:\Users\Wam\AppData\Roaming\SecuROM 2008-09-04 10:33 . 2008-09-04 10:35 <REP> d-------- C:\Users\Wam\AppData\Roaming\Red Alert 3 Beta 2008-09-04 10:30 . 2008-09-04 10:30 <REP> d-------- C:\Program Files\EA Games 2008-09-04 10:30 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll 2008-09-04 10:30 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll 2008-09-04 10:30 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll 2008-09-04 01:07 . 2008-09-04 01:07 <REP> d-------- C:\Windows\Sun 2008-09-04 01:06 . 2008-09-04 01:06 <REP> d-------- C:\Program Files\Java 2008-09-04 01:05 . 2008-09-04 01:05 <REP> d-------- C:\Program Files\Common Files\Java 2008-09-03 13:25 . 2008-09-03 13:26 <REP> d-------- C:\Users\All Users\EPSON 2008-09-03 13:25 . 2008-09-03 13:26 <REP> d-------- C:\ProgramData\EPSON 2008-09-03 13:25 . 2006-08-10 02:02 75,264 --a------ C:\Windows\System32\E_FLBBEE.DLL 2008-09-03 13:25 . 2006-04-19 02:00 62,976 --a------ C:\Windows\System32\E_FD4BBEE.DLL 2008-09-03 13:25 . 2004-09-10 20:12 49,152 --a------ C:\Windows\System32\E_DCINST.DLL 2008-09-03 13:24 . 2008-09-03 13:24 <REP> d-------- C:\Users\Wam\AppData\Roaming\InstallShield 2008-09-03 13:18 . 2008-09-03 13:25 <REP> d-------- C:\Program Files\epson 2008-09-03 13:18 . 2006-10-13 00:00 61,952 --a------ C:\Windows\System32\escwiad.dll 2008-09-03 13:18 . 2005-02-25 00:00 46,080 --a------ C:\Windows\System32\escimgd.dll 2008-09-03 13:18 . 2005-02-25 00:00 22,016 --a------ C:\Windows\System32\esccmd.dll 2008-09-03 13:17 . 2008-09-03 13:17 27 --a------ C:\Windows\CDE DX4000DEFGIPS.ini 2008-09-03 12:25 . 2008-09-03 12:25 691 --a------ C:\Users\Wam\AppData\Roaming\GetValue.vbs 2008-09-03 12:25 . 2008-09-03 12:25 35 --a------ C:\Users\Wam\AppData\Roaming\SetValue.bat 2008-09-03 12:23 . 2008-09-03 12:25 3,194 --a------ C:\Windows\System32\tmp.reg 2008-09-03 12:16 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe 2008-09-03 12:16 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe 2008-09-03 12:16 . 2008-09-02 23:58 88,576 --a------ C:\Windows\System32\AntiXPVSTFix.exe 2008-09-03 12:16 . 2008-09-02 16:51 86,528 --a------ C:\Windows\System32\VACFix.exe 2008-09-03 12:16 . 2008-05-18 21:40 82,944 --a------ C:\Windows\System32\IEDFix.exe 2008-09-03 12:16 . 2008-08-28 22:36 82,432 --a------ C:\Windows\System32\IEDFix.C.exe 2008-09-03 12:16 . 2008-08-18 12:19 82,432 --a------ C:\Windows\System32\404Fix.exe 2008-09-03 12:16 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe 2008-09-03 12:16 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe 2008-09-03 12:16 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe 2008-09-03 08:52 . 2008-07-19 07:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll 2008-09-03 08:52 . 2008-07-19 05:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll 2008-09-03 08:52 . 2008-07-19 07:09 563,912 --a------ C:\Windows\System32\wuapi.dll 2008-09-03 08:52 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll 2008-09-03 08:52 . 2008-07-19 05:44 83,456 --a------ C:\Windows\System32\wudriver.dll 2008-09-03 08:52 . 2008-07-19 07:10 53,448 --a------ C:\Windows\System32\wuauclt.exe 2008-09-03 08:52 . 2008-07-19 07:10 45,768 --a------ C:\Windows\System32\wups2.dll 2008-09-03 08:52 . 2008-07-19 07:10 36,552 --a------ C:\Windows\System32\wups.dll 2008-09-03 08:52 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe 2008-09-03 00:43 . 2008-09-03 00:43 <REP> d-------- C:\Program Files\Cheatbook 09.2008 2008-09-01 20:54 . 2008-09-01 20:54 <REP> d-------- C:\Users\Valérie\AppData\Roaming\vlc 2008-09-01 20:48 . 2008-09-01 20:48 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Mozilla 2008-09-01 20:47 . 2008-09-05 17:56 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Vista Start Menu 2008-08-31 18:25 . 2008-08-31 19:01 <REP> d-------- C:\Users\All Users\TrackMania 2008-08-31 18:25 . 2008-08-31 19:01 <REP> d-------- C:\ProgramData\TrackMania 2008-08-31 18:21 . 2008-08-31 18:23 <REP> d-------- C:\Program Files\TmNationsForever 2008-08-31 11:24 . 2008-09-03 13:58 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-09-03 13:58 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:41 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-31 10:24 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll 2008-08-31 10:24 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml 2008-08-31 10:24 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml 2008-08-31 10:20 . 2008-09-04 12:02 <REP> d-------- C:\Users\Wam\AppData\Roaming\Vista Start Menu 2008-08-31 10:20 . 2008-08-31 10:21 <REP> d-------- C:\Program Files\Vista Start Menu 2008-08-31 10:13 . 2008-08-31 10:17 <REP> d-------- C:\Windows\UltraDefrag 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Users\Wam\AppData\Roaming\FreeCommander 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Program Files\FreeCommander 2008-08-30 13:43 . 2008-08-30 13:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\eSobi 2008-08-30 00:44 . 2008-08-30 00:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\PeerNetworking 2008-08-29 23:16 . 2008-08-29 23:16 <REP> d-------- C:\Users\Wam\AppData\Roaming\Template 2008-08-29 23:16 . 2008-09-02 12:07 618 --a------ C:\Users\Wam\AppData\Roaming\wklnhst.dat 2008-08-29 20:07 . 2008-08-29 20:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Auslogics 2008-08-29 20:05 . 2008-08-29 20:05 <REP> d-------- C:\Program Files\Auslogics 2008-08-29 16:13 . 2008-08-29 16:13 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-08-29 15:14 . 2008-08-29 15:14 <REP> d-------- C:\Users\Wam\Option 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\Users\All Users\Lavasoft 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\ProgramData\Lavasoft 2008-08-28 23:07 . 2008-08-28 23:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Grisoft 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\Users\All Users\TEMP 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\ProgramData\TEMP 2008-08-28 22:58 . 2008-08-31 19:46 <REP> d-------- C:\Program Files\Sophos 2008-08-28 22:41 . 2008-08-28 22:49 <REP> d----c--- C:\Windows\System32\DRVSTORE 2008-08-28 21:44 . 2008-08-30 19:56 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-28 17:38 . 2008-08-28 17:38 <REP> d-------- C:\Program Files\GameTop.com 2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\FreeGamePick.com 2008-08-28 12:58 . 2008-08-28 12:58 <REP> d-------- C:\Program Files\Monte Cristo 2008-08-28 11:14 . 2008-08-28 11:14 <REP> d-------- C:\Program Files\Nouvelle Cible 2008-08-28 11:14 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Cheatbook 12.2004 2008-08-28 11:12 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Audacity 2008-08-28 11:11 . 2008-08-28 11:11 <REP> d-------- C:\Program Files\IVCsoft 2008-08-28 09:49 . 2008-08-28 09:49 56 --ah----- C:\Windows\System32\ezsidmv.dat 2008-08-28 08:49 . 2008-08-28 08:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\Command & Conquer 3 La Fureur de Kane 2008-08-28 08:49 . 2008-08-28 08:49 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-08-28 08:33 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll 2008-08-28 08:33 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll 2008-08-28 08:33 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll 2008-08-28 08:33 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll 2008-08-28 08:33 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll 2008-08-28 08:02 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-08-28 07:47 . 2008-08-28 08:20 <REP> d-------- C:\Program Files\Electronic Arts 2008-08-28 01:28 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-08-28 00:51 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\Picasa2 2008-08-28 00:51 . 2006-10-05 04:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys 2008-08-28 00:51 . 2006-10-05 04:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys 2008-08-27 23:18 . 2008-09-01 11:06 <REP> d-------- C:\Users\All Users\WinZip 2008-08-27 23:18 . 2008-09-01 11:06 <REP> d-------- C:\ProgramData\WinZip 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\FLEXnet 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\FLEXnet 2008-08-27 22:56 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\NFO viewer 2008-08-27 22:56 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Bonjour 2008-08-27 22:52 . 2008-08-27 22:52 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\QuickTime 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\vlc 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Program Files\VideoLAN 2008-08-27 21:52 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-27 21:39 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\IrfanView 2008-08-27 21:39 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\IrfanView 2008-08-27 21:39 . 2008-09-03 11:53 <REP> d-------- C:\Program Files\Google 2008-08-27 17:13 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\PhotoDeluxe EE 1.1 2008-08-27 17:11 . 1997-04-18 11:49 298,496 --a------ C:\Windows\unin040c.exe 2008-08-27 16:51 . 2008-08-29 01:18 900 --ahs---- C:\Windows\System32\KGyGaAvL.sys 2008-08-27 16:27 . 2008-08-27 16:27 <REP> d-------- C:\Users\Wam\AppData\Roaming\Corel 2008-08-27 16:24 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Corel® Painter IX TBYB FR 2008-08-27 15:39 . 2008-09-06 08:43 <REP> d-------- C:\Users\Wam\AppData\Roaming\OpenOffice.org2 2008-08-27 15:37 . 2008-08-27 15:37 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-27 15:21 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\CCleaner 2008-08-27 15:18 . 2008-09-01 00:18 <REP> d-------- C:\Users\Wam\AppData\Roaming\Spyware Terminator 2008-08-27 15:18 . 2008-09-01 00:18 <REP> d-------- C:\Users\All Users\Spyware Terminator . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-06 08:53 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-09-06 08:53 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-09-05 15:56 --------- d-----w C:\Users\Valérie\AppData\Roaming\Vista Start Menu 2008-09-03 23:21 --------- d-----w C:\Program Files\Common Files\Adobe 2008-09-01 18:54 --------- d-----w C:\Users\Valérie\AppData\Roaming\vlc 2008-09-01 18:48 --------- d-----w C:\Users\Valérie\AppData\Roaming\Mozilla 2008-08-31 07:13 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-31 07:12 --------- d-----w C:\Program Files\Microsoft Works 2008-08-30 11:46 --------- d-----w C:\ProgramData\eSobi 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPRR____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLV____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLST___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLEV___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLED___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLC____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPC_____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPAJ____.FOT 2008-08-27 12:06 --------- d-s---w C:\Users\Valérie\AppData\Roaming\Microsoft 2008-08-27 12:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-27 11:10 --------- d-----w C:\ProgramData\SiteAdvisor 2008-08-27 10:46 --------- d-----w C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 09:48 --------- d-----w C:\Program Files\Windows Mail 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 09:25 --------- d-----w C:\Users\Valérie\AppData\Roaming\Identities 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Modèles 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Favoris 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Bureau 2008-08-27 07:53 --------- d-sh--w C:\Program Files\Fichiers communs 2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini 2007-04-23 12:21 269,824 ----a-w C:\Windows\inf\WG111v3\Vista64\wg111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\WG111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\Vista\wg111v3.sys 2006-12-15 09:30 98,304 ----a-w C:\Windows\inf\WG111v3\UScanM.exe 2006-12-15 09:30 315,392 ----a-w C:\Windows\inf\WG111v3\InstallDriver.exe 2006-12-15 09:30 28,672 ----a-w C:\Windows\inf\WG111v3\SetDrv.exe 2006-12-15 09:30 212,992 ----a-w C:\Windows\inf\WG111v3\CopyWHQLDriver.exe 2006-12-15 09:30 20,480 ----a-w C:\Windows\inf\WG111v3\RTWUPath.exe 2006-12-15 09:30 19,968 ----a-w C:\Windows\inf\WG111v3\RTWREFU.EXE . ((((((((((((((((((((((((((((( snapshot_2008-09-06_10.56.08.13 ))))))))))))))))))))))))))))))))))))))))) . - 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-09-06 09:00:45 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-09-06 09:00:45 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-09-06 06:43:56 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-06 09:00:45 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 125952] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 443968] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 2136064] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272] "EPSON Stylus DX4000 Series"="C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE" [2006-09-21 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 319488] "EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 319488] "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 204908] "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 34040] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 29744] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 C:\Windows\RtHDVCpl.exe] C:\Users\Wam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2007-09-14 1695744] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"="0x00000000" "UpdatesDisableNotify"="0x00000000" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{71601132-DFFE-4DCE-95B3-5900799EEB1D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{203193B0-DC74-4F91-B57A-E4676324A6C0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "TCP Query User{1700F0E7-0C4A-48EF-B683-39EA20456A31}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "UDP Query User{88B1733F-727D-4D99-A5CE-67D908A41F11}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "{EBDF6D30-E9D1-47A5-8CD1-1CDF9514292E}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A9E1E3A8-D134-4FF3-8D7B-2198638C0508}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "TCP Query User{91B2DB49-F98D-4878-9CF8-8A78E27EFB8B}C:\\program files\\tmnationsforever\\tmforever.exe"= UDP:C:\program files\tmnationsforever\tmforever.exe:TmForever "UDP Query User{34C3EC7B-1EB3-4ED4-9BB1-B4EC856B22A3}C:\\program files\\tmnationsforever\\tmforever.exe"= TCP:C:\program files\tmnationsforever\tmforever.exe:TmForever "{95F0C6D7-0EC8-4EB9-B8F5-9AFE75CE08D8}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{77CF3FE0-D087-4054-AC3C-6052515A366C}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 7680] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 269448] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 21752] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 49152] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 131072] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 3533824] R3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 161792] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\system32\DRIVERS\wg111v3.sys [2007-04-23 227328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 29744] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656] S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 170000] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{490aa8b8-32a8-11dd-97bb-806e6f6e6963}] \shell\AutoRun\command - E:\autorun.exe . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\ FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll FF -: plugin - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-06 11:07:51 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-09-06 11:09:02 ComboFix-quarantined-files.txt 2008-09-06 09:08:59 ComboFix2.txt 2008-09-06 08:56:59 ComboFix3.txt 2008-08-31 10:28:11 ComboFix4.txt 2008-08-29 22:13:20 ComboFix5.txt 2008-09-06 09:06:20 Pre-Run: 115,387,248,640 octets libres Post-Run: 115,349,667,840 octets libres 313 --- E O F --- 2008-09-06 06:48:02 Merci de m'expliquer un peu comment lire les résultats informatiquement vôtre strictmaximum
  10. strictmaximum
    Bonjour tous, Au départ en fait j'ai un probleme avec l'explorateur windows qui s'arrête dès que je fais un clic droit... J'ai éffectué des restaurations du systeme, j'ai essayé les combines de chez microsoft, j'ai parcouru des dizaines de forum sans trouver l'ombre d'une solution efficace, j'ai fait plusieurs scans avec spyware terminator, spybot, malwarebytes et Avast. Avast m'a trouvé un fichier cab corrompu...Mais ne propose rien... Aujourd'hui je me tourne vers vous en espérant que vous aurez une soluce... je vous poste le "log" de "combofix" que je viens d'effectuer. Si ce n'est pas un probleme de malware avez-vous une idée de comment faire pour évier ce message? "l'explorateur windows a cessé de fonctionner" merci d'avance Informatiquement vôtre, Strictmaximum Le log ComboFix: ComboFix 08-08-30.03 - Wam 2008-08-31 12:25:28.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1926 [GMT 2:00] Endroit: C:\Users\Wam\Desktop\Poste de contrôle\Maintenance\ComboFix.exe * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-28 to 2008-08-31 )))))))))))))))))))))))))))))))))))) . 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:41 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-31 10:24 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll 2008-08-31 10:24 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml 2008-08-31 10:24 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml 2008-08-31 10:20 . 2008-08-31 11:36 <REP> d-------- C:\Users\Wam\AppData\Roaming\Vista Start Menu 2008-08-31 10:20 . 2008-08-31 10:21 <REP> d-------- C:\Program Files\Vista Start Menu 2008-08-31 10:13 . 2008-08-31 10:17 <REP> d-------- C:\Windows\UltraDefrag 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Users\Wam\AppData\Roaming\FreeCommander 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Program Files\FreeCommander 2008-08-30 13:43 . 2008-08-30 13:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\eSobi 2008-08-30 00:44 . 2008-08-30 00:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\PeerNetworking 2008-08-29 23:16 . 2008-08-29 23:16 <REP> d-------- C:\Users\Wam\AppData\Roaming\Template 2008-08-29 23:16 . 2008-08-30 12:24 438 --a------ C:\Users\Wam\AppData\Roaming\wklnhst.dat 2008-08-29 20:07 . 2008-08-29 20:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Auslogics 2008-08-29 20:05 . 2008-08-29 20:05 <REP> d-------- C:\Program Files\Auslogics 2008-08-29 16:13 . 2008-08-29 16:13 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-08-29 15:14 . 2008-08-29 15:14 <REP> d-------- C:\Users\Wam\Option 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\Users\All Users\Lavasoft 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\ProgramData\Lavasoft 2008-08-28 23:07 . 2008-08-28 23:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Grisoft 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\Users\All Users\TEMP 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\ProgramData\TEMP 2008-08-28 22:58 . 2008-08-28 22:58 <REP> d-------- C:\Program Files\Sophos 2008-08-28 22:41 . 2008-08-28 22:49 <REP> d----c--- C:\Windows\System32\DRVSTORE 2008-08-28 21:44 . 2008-08-30 19:56 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-28 17:38 . 2008-08-28 17:38 <REP> d-------- C:\Program Files\GameTop.com 2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\FreeGamePick.com 2008-08-28 12:58 . 2008-08-28 12:58 <REP> d-------- C:\Program Files\Monte Cristo 2008-08-28 11:14 . 2008-08-28 11:14 <REP> d-------- C:\Program Files\Nouvelle Cible 2008-08-28 11:14 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Cheatbook 12.2004 2008-08-28 11:12 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Audacity 2008-08-28 11:11 . 2008-08-28 11:11 <REP> d-------- C:\Program Files\IVCsoft 2008-08-28 09:49 . 2008-08-28 09:49 56 --ah----- C:\Windows\System32\ezsidmv.dat 2008-08-28 08:49 . 2008-08-28 08:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\Command & Conquer 3 La Fureur de Kane 2008-08-28 08:49 . 2008-08-28 08:49 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-08-28 08:33 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll 2008-08-28 08:33 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll 2008-08-28 08:33 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll 2008-08-28 08:33 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll 2008-08-28 08:33 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll 2008-08-28 08:02 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-08-28 07:47 . 2008-08-28 08:20 <REP> d-------- C:\Program Files\Electronic Arts 2008-08-28 01:28 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-08-28 00:51 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\Picasa2 2008-08-28 00:51 . 2006-10-05 04:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys 2008-08-28 00:51 . 2006-10-05 04:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys 2008-08-28 00:42 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Defraggler 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\Users\All Users\WinZip 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\ProgramData\WinZip 2008-08-27 23:16 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\WinZip 8.1 Fr 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\FLEXnet 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\FLEXnet 2008-08-27 22:56 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\NFO viewer 2008-08-27 22:56 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Bonjour 2008-08-27 22:52 . 2008-08-27 22:52 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\QuickTime 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\vlc 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Program Files\VideoLAN 2008-08-27 21:52 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-27 21:39 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\IrfanView 2008-08-27 21:39 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\IrfanView 2008-08-27 21:39 . 2008-08-28 00:51 <REP> d-------- C:\Program Files\Google 2008-08-27 17:13 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\PhotoDeluxe EE 1.1 2008-08-27 17:11 . 1997-04-18 11:49 298,496 --a------ C:\Windows\unin040c.exe 2008-08-27 16:51 . 2008-08-29 01:18 900 --ahs---- C:\Windows\System32\KGyGaAvL.sys 2008-08-27 16:27 . 2008-08-27 16:27 <REP> d-------- C:\Users\Wam\AppData\Roaming\Corel 2008-08-27 16:24 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Corel® Painter IX TBYB FR 2008-08-27 15:39 . 2008-08-31 11:37 <REP> d-------- C:\Users\Wam\AppData\Roaming\OpenOffice.org2 2008-08-27 15:37 . 2008-08-27 15:37 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-27 15:21 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\CCleaner 2008-08-27 15:18 . 2008-08-27 15:20 <REP> d-------- C:\Users\Wam\AppData\Roaming\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Crawler 2008-08-27 15:18 . 2008-08-27 15:18 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\Wam\AppData\Roaming\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\All Users\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\ProgramData\Malwarebytes 2008-08-27 15:15 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-27 15:15 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys 2008-08-27 15:15 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys 2008-08-27 14:57 . 2008-08-28 09:49 <REP> d-------- C:\Users\Wam\AppData\Roaming\skypePM 2008-08-27 14:55 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\Skype 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Users\All Users\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\ProgramData\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Program Files\Skype 2008-08-27 14:55 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Common Files\Skype 2008-08-27 14:50 . 2008-08-27 14:50 0 --a------ C:\Windows\nsreg.dat 2008-08-27 14:19 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\MSN Messenger 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\Users\All Users\ma-config.com 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\ProgramData\ma-config.com 2008-08-27 13:37 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\ma-config.com 2008-08-27 13:10 . 2008-08-27 13:10 <REP> d-------- C:\Users\Wam\AppData\Roaming\SiteAdvisor 2008-08-27 12:39 . 2008-08-27 12:46 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 12:26 . 2008-08-27 12:26 <REP> d-------- C:\Users\Wam\AppData\Roaming\Yahoo! 2008-08-27 12:16 . 2008-08-27 12:20 <REP> d-------- C:\Program Files\Windows Live 2008-08-27 12:16 . 2008-08-27 13:17 <REP> d----c--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\Users\All Users\WLInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\ProgramData\WLInstaller 2008-08-27 11:55 . 2008-08-27 11:55 <REP> d-------- C:\Program Files\Hercules 2008-08-27 11:54 . 2008-08-27 14:02 <REP> d-------- C:\Windows\OvtCam 2008-08-27 11:54 . 2005-03-15 17:04 161,792 --a------ C:\Windows\System32\drivers\ov530vid.sys 2008-08-27 11:54 . 2004-08-05 17:34 61,440 --a------ C:\Windows\ov530dib.dll 2008-08-27 11:54 . 2005-09-30 09:42 40,960 --a------ C:\Windows\System32\ov530ext.dll 2008-08-27 11:54 . 2004-11-09 00:37 25,177 --a------ C:\Windows\System32\drivers\ov530cmd.sys 2008-08-27 11:54 . 2005-09-30 09:56 18,972 --a------ C:\Windows\System32\ov530ext.ax 2008-08-27 11:54 . 2004-07-20 01:50 16,440 --a------ C:\Windows\System32\ov530usd.dll 2008-08-27 11:46 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll 2008-08-27 11:42 . 2008-08-27 11:42 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-27 11:41 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll 2008-08-27 11:39 . 2008-04-26 10:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Searches . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 07:13 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-31 07:12 --------- d-----w C:\Program Files\Microsoft Works 2008-08-30 11:46 --------- d-----w C:\ProgramData\eSobi 2008-08-28 22:08 --------- d-----w C:\Program Files\Yahoo! 2008-08-27 20:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPRR____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLV____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLST___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLEV___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLED___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLC____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPC_____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPAJ____.FOT 2008-08-27 12:06 --------- d-s---w C:\Users\Valérie\AppData\Roaming\Microsoft 2008-08-27 12:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-27 11:22 --------- d-----w C:\Program Files\McAfee 2008-08-27 11:10 --------- d-----w C:\ProgramData\SiteAdvisor 2008-08-27 10:46 --------- d-----w C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 09:48 --------- d-----w C:\Program Files\Windows Mail 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 09:25 --------- d-----w C:\Users\Valérie\AppData\Roaming\Identities 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Modèles 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Favoris 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Bureau 2008-08-27 07:53 --------- d-sh--w C:\Program Files\Fichiers communs 2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-06-05 02:42 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll 2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll 2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll 2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll 2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll 2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll 2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll 2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll 2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll 2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll 2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll 2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll 2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll 2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin 2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin 2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll 2008-05-08 21:59 90,112 ----a-w C:\Windows\System32\wshext.dll 2008-05-08 21:59 430,080 ----a-w C:\Windows\System32\vbscript.dll 2008-05-08 21:59 180,224 ----a-w C:\Windows\System32\scrobj.dll 2008-05-08 21:59 172,032 ----a-w C:\Windows\System32\scrrun.dll 2008-05-08 21:59 155,648 ----a-w C:\Windows\System32\wscript.exe 2008-05-08 21:58 135,168 ----a-w C:\Windows\System32\cscript.exe 2008-05-06 02:10 749,568 ----a-w C:\Windows\AcerStore.exe 2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini 2007-04-23 12:21 269,824 ----a-w C:\Windows\inf\WG111v3\Vista64\wg111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\WG111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\Vista\wg111v3.sys 2006-12-15 09:30 98,304 ----a-w C:\Windows\inf\WG111v3\UScanM.exe 2006-12-15 09:30 315,392 ----a-w C:\Windows\inf\WG111v3\InstallDriver.exe 2006-12-15 09:30 28,672 ----a-w C:\Windows\inf\WG111v3\SetDrv.exe 2006-12-15 09:30 212,992 ----a-w C:\Windows\inf\WG111v3\CopyWHQLDriver.exe 2006-12-15 09:30 20,480 ----a-w C:\Windows\inf\WG111v3\RTWUPath.exe 2006-12-15 09:30 19,968 ----a-w C:\Windows\inf\WG111v3\RTWREFU.EXE . ((((((((((((((((((((((((((((( snapshot@2008-08-30_ 0.00.29.11 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-05 02:57:20 23,558 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe + 2008-08-30 11:46:56 247,638 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-08-29 21:30:03 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-08-29 21:30:08 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-08-29 21:58:09 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2008-08-27 20:59:33 1,661,272 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-08-31 07:14:39 1,658,936 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2008-08-29 21:35:02 101,052 ----a-w C:\Windows\System32\perfc009.dat + 2008-08-31 09:42:02 101,052 ----a-w C:\Windows\System32\perfc009.dat - 2008-08-29 21:35:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat + 2008-08-31 09:42:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat - 2008-08-29 21:35:02 586,980 ----a-w C:\Windows\System32\perfh009.dat + 2008-08-31 09:42:02 586,980 ----a-w C:\Windows\System32\perfh009.dat - 2008-08-29 21:35:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat + 2008-08-31 09:42:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat - 2008-08-29 21:27:57 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat + 2008-08-31 08:32:01 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat - 2008-08-29 21:30:48 5,380 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin + 2008-08-31 09:39:05 6,104 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin - 2008-08-29 21:30:48 73,984 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:05 74,118 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-08-29 21:30:47 51,058 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:04 52,236 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-08-29 14:12:19 86,315 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-08-31 08:23:51 175,166 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-05-10 03:30:49 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.16687_none_863728a999516b76\RacEngn.dll + 2008-05-10 03:13:37 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.20832_none_86f1d584b24afdff\RacEngn.dll + 2008-05-10 03:35:20 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.18069_none_883507bb9665f733\RacEngn.dll + 2008-05-10 03:21:35 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.22176_none_88b0d3bcaf8e66e9\RacEngn.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:23 1233920] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 04:25 125952] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 03:18 443968] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 13:43 2136064] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 13:31 319488] "EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 13:31 319488] "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 23:38 526896] "PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 19:49 204908] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048] "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 19:57 34040] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 21:39 29744] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 07:21 5369856 C:\Windows\RtHDVCpl.exe] C:\Users\Wam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 16:41:28 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2007-09-14 10:24:06 1695744] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00 394856] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{71601132-DFFE-4DCE-95B3-5900799EEB1D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{203193B0-DC74-4F91-B57A-E4676324A6C0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "TCP Query User{1700F0E7-0C4A-48EF-B683-39EA20456A31}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "UDP Query User{88B1733F-727D-4D99-A5CE-67D908A41F11}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "{EBDF6D30-E9D1-47A5-8CD1-1CDF9514292E}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A9E1E3A8-D134-4FF3-8D7B-2198638C0508}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{137680FD-D621-4F63-B3FD-DAC52CFC22E8}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{6657B234-CB7A-4E77-90CA-BE121A3BE73D}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 05:23] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 19:49] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 19:57] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 13:30] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 03:02] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 19:53] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 16:58] R3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 17:04] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\system32\DRIVERS\wg111v3.sys [2007-04-23 14:19] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 04:51] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 21:39] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 20:57] S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 08:45] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:23] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:23] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\ FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-31 12:27:00 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-31 12:28:11 ComboFix-quarantined-files.txt 2008-08-31 10:28:08 ComboFix2.txt 2008-08-29 22:13:20 ComboFix3.txt 2008-08-29 22:01:16 Pre-Run: 132,663,820,288 octets libres Post-Run: 132,639,662,080 octets libres 373 --- E O F --- 2008-08-31 08:24:27
  11. strictmaximum
    Bonjour tous, Au départ en fait j'ai un probleme avec l'explorateur windows qui s'arrête dès que je fais un clic droit... J'ai éffectué des restaurations du systeme, j'ai essayé les combines de chez microsoft, j'ai parcouru des dizaines de forum sans trouver l'ombre d'une solution efficace, j'ai fait plusieurs scans avec spyware terminator, spybot, malwarebytes et Avast. Avast m'a trouvé un fichier cab corrompu...Mais ne propose rien... Aujourd'hui je me tourne vers vous en espérant que vous aurez une soluce... je vous poste le "log" de "combofix" que je viens d'effectuer. Si ce n'est pas un probleme de malware avez-vous une idée de comment faire pour évier ce message? "l'explorateur windows a cessé de fonctionner" merci d'avance Informatiquement vôtre, Strictmaximum Le log ComboFix: ComboFix 08-08-30.03 - Wam 2008-08-31 12:25:28.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1926 [GMT 2:00] Endroit: C:\Users\Wam\Desktop\Poste de contrôle\Maintenance\ComboFix.exe * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-28 to 2008-08-31 )))))))))))))))))))))))))))))))))))) . 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:38 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy 2008-08-31 11:24 . 2008-08-31 11:41 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-31 10:24 . 2008-05-10 05:35 885,248 --a------ C:\Windows\System32\RacEngn.dll 2008-08-31 10:24 . 2008-05-10 00:22 9,127 --a------ C:\Windows\System32\RacUR.xml 2008-08-31 10:24 . 2008-05-10 00:22 153 --a------ C:\Windows\System32\RacUREx.xml 2008-08-31 10:20 . 2008-08-31 11:36 <REP> d-------- C:\Users\Wam\AppData\Roaming\Vista Start Menu 2008-08-31 10:20 . 2008-08-31 10:21 <REP> d-------- C:\Program Files\Vista Start Menu 2008-08-31 10:13 . 2008-08-31 10:17 <REP> d-------- C:\Windows\UltraDefrag 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Users\Wam\AppData\Roaming\FreeCommander 2008-08-30 20:05 . 2008-08-30 20:05 <REP> d-------- C:\Program Files\FreeCommander 2008-08-30 13:43 . 2008-08-30 13:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\eSobi 2008-08-30 00:44 . 2008-08-30 00:44 <REP> d-------- C:\Users\Wam\AppData\Roaming\PeerNetworking 2008-08-29 23:16 . 2008-08-29 23:16 <REP> d-------- C:\Users\Wam\AppData\Roaming\Template 2008-08-29 23:16 . 2008-08-30 12:24 438 --a------ C:\Users\Wam\AppData\Roaming\wklnhst.dat 2008-08-29 20:07 . 2008-08-29 20:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Auslogics 2008-08-29 20:05 . 2008-08-29 20:05 <REP> d-------- C:\Program Files\Auslogics 2008-08-29 16:13 . 2008-08-29 16:13 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-08-29 15:14 . 2008-08-29 15:14 <REP> d-------- C:\Users\Wam\Option 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\Users\All Users\Lavasoft 2008-08-29 13:30 . 2008-08-29 13:31 <REP> d-------- C:\ProgramData\Lavasoft 2008-08-28 23:07 . 2008-08-28 23:07 <REP> d-------- C:\Users\Wam\AppData\Roaming\Grisoft 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\Users\All Users\TEMP 2008-08-28 23:01 . 2008-08-28 23:30 <REP> d-a------ C:\ProgramData\TEMP 2008-08-28 22:58 . 2008-08-28 22:58 <REP> d-------- C:\Program Files\Sophos 2008-08-28 22:41 . 2008-08-28 22:49 <REP> d----c--- C:\Windows\System32\DRVSTORE 2008-08-28 21:44 . 2008-08-30 19:56 <REP> d-------- C:\Program Files\Windows Live Safety Center 2008-08-28 17:38 . 2008-08-28 17:38 <REP> d-------- C:\Program Files\GameTop.com 2008-08-28 17:37 . 2008-08-28 17:37 <REP> d-------- C:\Program Files\FreeGamePick.com 2008-08-28 12:58 . 2008-08-28 12:58 <REP> d-------- C:\Program Files\Monte Cristo 2008-08-28 11:14 . 2008-08-28 11:14 <REP> d-------- C:\Program Files\Nouvelle Cible 2008-08-28 11:14 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Cheatbook 12.2004 2008-08-28 11:12 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Audacity 2008-08-28 11:11 . 2008-08-28 11:11 <REP> d-------- C:\Program Files\IVCsoft 2008-08-28 09:49 . 2008-08-28 09:49 56 --ah----- C:\Windows\System32\ezsidmv.dat 2008-08-28 08:49 . 2008-08-28 08:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\Command & Conquer 3 La Fureur de Kane 2008-08-28 08:49 . 2008-08-28 08:49 107,888 --a------ C:\Windows\System32\CmdLineExt.dll 2008-08-28 08:33 . 2007-10-12 15:14 3,734,536 --a------ C:\Windows\System32\d3dx9_36.dll 2008-08-28 08:33 . 2007-10-12 15:14 1,374,232 --a------ C:\Windows\System32\D3DCompiler_36.dll 2008-08-28 08:33 . 2007-10-02 09:56 444,776 --a------ C:\Windows\System32\d3dx10_36.dll 2008-08-28 08:33 . 2007-10-22 03:39 267,272 --a------ C:\Windows\System32\xactengine2_10.dll 2008-08-28 08:33 . 2007-10-22 03:37 17,928 --a------ C:\Windows\System32\X3DAudio1_2.dll 2008-08-28 08:02 . 2006-11-29 13:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll 2008-08-28 07:47 . 2008-08-28 08:20 <REP> d-------- C:\Program Files\Electronic Arts 2008-08-28 01:28 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\AIDA32 - Personal System Information 2008-08-28 00:51 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\Picasa2 2008-08-28 00:51 . 2006-10-05 04:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys 2008-08-28 00:51 . 2006-10-05 04:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys 2008-08-28 00:42 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Defraggler 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\Users\All Users\WinZip 2008-08-27 23:18 . 2008-08-27 23:18 <REP> d-------- C:\ProgramData\WinZip 2008-08-27 23:16 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\WinZip 8.1 Fr 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\FLEXnet 2008-08-27 23:01 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\FLEXnet 2008-08-27 22:56 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\NFO viewer 2008-08-27 22:56 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Bonjour 2008-08-27 22:52 . 2008-08-27 22:52 <REP> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple Computer 2008-08-27 21:53 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\QuickTime 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Users\Wam\AppData\Roaming\vlc 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Apple 2008-08-27 21:52 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Apple 2008-08-27 21:52 . 2008-08-27 21:52 <REP> d-------- C:\Program Files\VideoLAN 2008-08-27 21:52 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-27 21:39 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\IrfanView 2008-08-27 21:39 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\IrfanView 2008-08-27 21:39 . 2008-08-28 00:51 <REP> d-------- C:\Program Files\Google 2008-08-27 17:13 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\PhotoDeluxe EE 1.1 2008-08-27 17:11 . 1997-04-18 11:49 298,496 --a------ C:\Windows\unin040c.exe 2008-08-27 16:51 . 2008-08-29 01:18 900 --ahs---- C:\Windows\System32\KGyGaAvL.sys 2008-08-27 16:27 . 2008-08-27 16:27 <REP> d-------- C:\Users\Wam\AppData\Roaming\Corel 2008-08-27 16:24 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Corel® Painter IX TBYB FR 2008-08-27 15:39 . 2008-08-31 11:37 <REP> d-------- C:\Users\Wam\AppData\Roaming\OpenOffice.org2 2008-08-27 15:37 . 2008-08-27 15:37 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-08-27 15:21 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\CCleaner 2008-08-27 15:18 . 2008-08-27 15:20 <REP> d-------- C:\Users\Wam\AppData\Roaming\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Users\All Users\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\ProgramData\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:04 <REP> d-------- C:\Program Files\Spyware Terminator 2008-08-27 15:18 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Crawler 2008-08-27 15:18 . 2008-08-27 15:18 141,312 --a------ C:\Windows\System32\drivers\sp_rsdrv2.sys 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\Wam\AppData\Roaming\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\Users\All Users\Malwarebytes 2008-08-27 15:15 . 2008-08-27 15:15 <REP> d-------- C:\ProgramData\Malwarebytes 2008-08-27 15:15 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-27 15:15 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys 2008-08-27 15:15 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys 2008-08-27 14:57 . 2008-08-28 09:49 <REP> d-------- C:\Users\Wam\AppData\Roaming\skypePM 2008-08-27 14:55 . 2008-08-29 01:04 <REP> d-------- C:\Users\Wam\AppData\Roaming\Skype 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-30 21:02 <REP> d-------- C:\Users\Valérie\Documents de valérie 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Users\All Users\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\ProgramData\Skype 2008-08-27 14:55 . 2008-08-27 14:55 <REP> d-------- C:\Program Files\Skype 2008-08-27 14:55 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\Common Files\Skype 2008-08-27 14:50 . 2008-08-27 14:50 0 --a------ C:\Windows\nsreg.dat 2008-08-27 14:19 . 2008-08-29 01:08 <REP> d-------- C:\Program Files\MSN Messenger 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\Users\All Users\ma-config.com 2008-08-27 13:37 . 2008-08-27 13:37 <REP> d-------- C:\ProgramData\ma-config.com 2008-08-27 13:37 . 2008-08-29 01:03 <REP> d-------- C:\Program Files\ma-config.com 2008-08-27 13:10 . 2008-08-27 13:10 <REP> d-------- C:\Users\Wam\AppData\Roaming\SiteAdvisor 2008-08-27 12:39 . 2008-08-27 12:46 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 12:26 . 2008-08-27 12:26 <REP> d-------- C:\Users\Wam\AppData\Roaming\Yahoo! 2008-08-27 12:16 . 2008-08-27 12:20 <REP> d-------- C:\Program Files\Windows Live 2008-08-27 12:16 . 2008-08-27 13:17 <REP> d----c--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\Users\All Users\WLInstaller 2008-08-27 12:15 . 2008-08-27 12:15 <REP> d-------- C:\ProgramData\WLInstaller 2008-08-27 11:55 . 2008-08-27 11:55 <REP> d-------- C:\Program Files\Hercules 2008-08-27 11:54 . 2008-08-27 14:02 <REP> d-------- C:\Windows\OvtCam 2008-08-27 11:54 . 2005-03-15 17:04 161,792 --a------ C:\Windows\System32\drivers\ov530vid.sys 2008-08-27 11:54 . 2004-08-05 17:34 61,440 --a------ C:\Windows\ov530dib.dll 2008-08-27 11:54 . 2005-09-30 09:42 40,960 --a------ C:\Windows\System32\ov530ext.dll 2008-08-27 11:54 . 2004-11-09 00:37 25,177 --a------ C:\Windows\System32\drivers\ov530cmd.sys 2008-08-27 11:54 . 2005-09-30 09:56 18,972 --a------ C:\Windows\System32\ov530ext.ax 2008-08-27 11:54 . 2004-07-20 01:50 16,440 --a------ C:\Windows\System32\ov530usd.dll 2008-08-27 11:46 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll 2008-08-27 11:42 . 2008-08-27 11:42 <REP> d-------- C:\Program Files\MSXML 4.0 2008-08-27 11:41 . 2008-06-26 03:45 12,240,896 --a------ C:\Windows\System32\NlsLexicons0007.dll 2008-08-27 11:39 . 2008-04-26 10:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 11:26 . 2008-08-27 11:26 <REP> d-------- C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Videos 2008-08-27 11:25 . 2008-08-29 01:04 <REP> dr------- C:\Users\Valérie\Searches . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 10:25 1,048,576 --sha-w C:\Users\Valérie\ntuser.dat 2008-08-31 07:13 --------- d-----w C:\ProgramData\Microsoft Help 2008-08-31 07:12 --------- d-----w C:\Program Files\Microsoft Works 2008-08-30 11:46 --------- d-----w C:\ProgramData\eSobi 2008-08-28 22:08 --------- d-----w C:\Program Files\Yahoo! 2008-08-27 20:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPRR____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLV____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLST___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLEV___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLED___.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPLC____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPC_____.FOT 2008-08-27 15:13 1,409 ----a-w C:\Windows\Fonts\MPAJ____.FOT 2008-08-27 12:06 --------- d-s---w C:\Users\Valérie\AppData\Roaming\Microsoft 2008-08-27 12:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-27 11:22 --------- d-----w C:\Program Files\McAfee 2008-08-27 11:10 --------- d-----w C:\ProgramData\SiteAdvisor 2008-08-27 10:46 --------- d-----w C:\Users\Valérie\AppData\Roaming\Adobe 2008-08-27 09:48 --------- d-----w C:\Program Files\Windows Mail 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\Macromedia 2008-08-27 09:26 --------- d-----w C:\Users\Valérie\AppData\Roaming\ATI 2008-08-27 09:25 --------- d-----w C:\Users\Valérie\AppData\Roaming\Identities 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Modèles 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Favoris 2008-08-27 07:53 --------- d-sh--w C:\ProgramData\Bureau 2008-08-27 07:53 --------- d-sh--w C:\Program Files\Fichiers communs 2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll 2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll 2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll 2008-06-19 03:31 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL 2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll 2008-06-05 02:42 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll 2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe 2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll 2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll 2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll 2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll 2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll 2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll 2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll 2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll 2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll 2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll 2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll 2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll 2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin 2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin 2008-05-10 03:35 564,736 ----a-w C:\Windows\System32\emdmgmt.dll 2008-05-08 21:59 90,112 ----a-w C:\Windows\System32\wshext.dll 2008-05-08 21:59 430,080 ----a-w C:\Windows\System32\vbscript.dll 2008-05-08 21:59 180,224 ----a-w C:\Windows\System32\scrobj.dll 2008-05-08 21:59 172,032 ----a-w C:\Windows\System32\scrrun.dll 2008-05-08 21:59 155,648 ----a-w C:\Windows\System32\wscript.exe 2008-05-08 21:58 135,168 ----a-w C:\Windows\System32\cscript.exe 2008-05-06 02:10 749,568 ----a-w C:\Windows\AcerStore.exe 2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini 2007-04-23 12:21 269,824 ----a-w C:\Windows\inf\WG111v3\Vista64\wg111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\WG111v3.sys 2007-04-23 12:19 227,328 ----a-w C:\Windows\inf\WG111v3\Vista\wg111v3.sys 2006-12-15 09:30 98,304 ----a-w C:\Windows\inf\WG111v3\UScanM.exe 2006-12-15 09:30 315,392 ----a-w C:\Windows\inf\WG111v3\InstallDriver.exe 2006-12-15 09:30 28,672 ----a-w C:\Windows\inf\WG111v3\SetDrv.exe 2006-12-15 09:30 212,992 ----a-w C:\Windows\inf\WG111v3\CopyWHQLDriver.exe 2006-12-15 09:30 20,480 ----a-w C:\Windows\inf\WG111v3\RTWUPath.exe 2006-12-15 09:30 19,968 ----a-w C:\Windows\inf\WG111v3\RTWREFU.EXE . ((((((((((((((((((((((((((((( snapshot@2008-08-30_ 0.00.29.11 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-05 02:57:20 23,558 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe + 2008-08-30 11:46:56 247,638 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-06-05 02:57:20 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe + 2008-08-30 11:46:56 290,816 ----a-r C:\Windows\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-08-29 21:28:41 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-08-31 09:37:21 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-08-29 21:30:03 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-08-31 09:38:55 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-08-29 21:30:08 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-08-31 09:38:50 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-08-29 21:28:42 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-08-31 09:38:11 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-08-29 21:58:09 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-08-31 10:25:24 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2008-08-27 20:59:33 1,661,272 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-08-31 07:14:39 1,658,936 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2008-08-29 21:35:02 101,052 ----a-w C:\Windows\System32\perfc009.dat + 2008-08-31 09:42:02 101,052 ----a-w C:\Windows\System32\perfc009.dat - 2008-08-29 21:35:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat + 2008-08-31 09:42:02 123,350 ----a-w C:\Windows\System32\perfc00C.dat - 2008-08-29 21:35:02 586,980 ----a-w C:\Windows\System32\perfh009.dat + 2008-08-31 09:42:02 586,980 ----a-w C:\Windows\System32\perfh009.dat - 2008-08-29 21:35:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat + 2008-08-31 09:42:02 669,328 ----a-w C:\Windows\System32\perfh00C.dat - 2008-08-29 21:27:57 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat + 2008-08-31 08:32:01 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat - 2008-08-29 21:30:48 5,380 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin + 2008-08-31 09:39:05 6,104 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2571914964-1430876280-426546182-1000_UserData.bin - 2008-08-29 21:30:48 73,984 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:05 74,118 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-08-29 21:30:47 51,058 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-08-31 09:39:04 52,236 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-08-29 14:12:19 86,315 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-08-31 08:23:51 175,166 ----a-w C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-05-10 03:30:49 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.16687_none_863728a999516b76\RacEngn.dll + 2008-05-10 03:13:37 858,112 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6000.20832_none_86f1d584b24afdff\RacEngn.dll + 2008-05-10 03:35:20 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.18069_none_883507bb9665f733\RacEngn.dll + 2008-05-10 03:21:35 885,248 ----a-w C:\Windows\winsxs\x86_microsoft-windows-r..ilityanalysisengine_31bf3856ad364e35_6.0.6001.22176_none_88b0d3bcaf8e66e9\RacEngn.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 23:38 121392 --a------ C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 04:23 1233920] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-21 04:25 125952] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-08-21 03:18 443968] "VistaStartMenu"="C:\Program Files\Vista Start Menu\VistaStartMenu.exe" [2008-07-09 13:43 2136064] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 18:41 1832272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acer Empowering Technology Monitor"="C:\Program Files\Acer\Empowering Technology\SysMonitor.exe" [2008-04-25 13:31 319488] "EmpoweringTechnology"="C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe" [2008-04-25 13:31 319488] "eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 23:38 526896] "PCMMediaSharing"="C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe" [2008-01-25 19:49 204908] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048] "BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-02-25 19:57 34040] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440] "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-27 21:39 29744] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 07:21 5369856 C:\Windows\RtHDVCpl.exe] C:\Users\Wam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 16:41:28 393216] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe [2007-09-14 10:24:06 1695744] WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00 394856] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "LogonHoursAction"= 2 (0x2) "DontDisplayLogonHoursWarnings"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{39483AF4-6277-434A-8C81-EEA2C2461D24}"= C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live "{8719D5E1-793E-4F9D-88DD-78C00BCDF5D7}"= C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician "{4D7E353C-F160-4D1E-B45D-FBAF340ED2ED}"= C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD "{3F1AC602-C49C-4B07-AAC9-F573A6DE6DDB}"= C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician "{366F7CF6-4D0E-4110-8DF8-4D6586841F01}"= C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine "{BD637667-56BC-43ED-9884-B9B585628618}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia "{01FF3703-8975-429B-875A-AB12919BCBC8}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect "{473DFFBF-F989-48BF-8937-0650C5A6DB8B}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service "{E2448DCF-9832-4280-BA97-EF6465FCD0C1}"= C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe:Acer HomeMedia Trial Creator "{2FB1E4DC-655B-4D66-BC5F-35F864C3CAF8}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{4801CD5B-F558-4808-9CD9-4DFB2F24AC55}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe "{616AABAB-E816-4AAD-8898-F38B1255D749}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{FD0915E6-9BAD-4C0E-98F8-71A181A5E87C}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe "{EAC16019-5FFD-4479-9BD1-FF44C6A1B94C}"= UDP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{41BD57FF-08B7-4BBF-9C4D-841047B98225}"= TCP:C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe "{71601132-DFFE-4DCE-95B3-5900799EEB1D}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{203193B0-DC74-4F91-B57A-E4676324A6C0}"= C:\Program Files\Skype\Phone\Skype.exe:Skype "TCP Query User{1700F0E7-0C4A-48EF-B683-39EA20456A31}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= UDP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "UDP Query User{88B1733F-727D-4D99-A5CE-67D908A41F11}C:\\users\\wam\\appdata\\local\\temp\\electronicarts_patcher_000.exe"= TCP:C:\users\wam\appdata\local\temp\electronicarts_patcher_000.exe:electronicarts_patcher_000.exe "{EBDF6D30-E9D1-47A5-8CD1-1CDF9514292E}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp "{A9E1E3A8-D134-4FF3-8D7B-2198638C0508}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp "{137680FD-D621-4F63-B3FD-DAC52CFC22E8}"= UDP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice "{6657B234-CB7A-4E77-90CA-BE121A3BE73D}"= TCP:C:\Program Files\ma-config.com\maconfservice.exe:maconfservice R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 05:23] R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35] R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2008-01-25 19:49] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37] R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-02-25 19:57] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-04-25 13:30] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-02-25 03:02] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-02-25 19:53] R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-09 16:58] R3 ovt530;Webcam Classic;C:\Windows\system32\Drivers\ov530vid.sys [2005-03-15 17:04] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;C:\Windows\system32\DRIVERS\wg111v3.sys [2007-04-23 14:19] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 04:51] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-27 21:39] S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-07-25 20:57] S4 ahcix86s;ahcix86s;C:\Windows\system32\drivers\ahcix86s.sys [2007-12-19 08:45] S4 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 04:23] S4 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 04:23] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Users\Wam\AppData\Roaming\Mozilla\Firefox\Profiles\nb924ai7.default\ FF -: plugin - C:\Program Files\ma-config.com\nphardwaredetection.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-31 12:27:00 Windows 6.0.6001 Service Pack 1 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-31 12:28:11 ComboFix-quarantined-files.txt 2008-08-31 10:28:08 ComboFix2.txt 2008-08-29 22:13:20 ComboFix3.txt 2008-08-29 22:01:16 Pre-Run: 132,663,820,288 octets libres Post-Run: 132,639,662,080 octets libres 373 --- E O F --- 2008-08-31 08:24:27
×
×
  • Créer...