Résolu : generic sdbot W32/Sdbot.ftp.worm

[Thanos]

salut

 

Ok! c'est vrai qu'il faut faire le tri

Est ce que tu veux bien faire analyser des deux fichiers stp >

 

C:\Winnt\System32\drivers\cirrus_det.sys

C:\Winnt\System32\drivers\mchInjDrv.sys

 

Clique sur cette adresse => http://www.virustotal.com/flash/index_en.html

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> parcours ton disque dur , et recherche le fichier cirrus_det.sys que tu trouveras en allant dans le dossier C:\Winnt\System32\drivers

 

Tu cliques une fois sur le fichier cirrus_det.sys (il prend une couleur bleue!) puis tu cliques sur "ouvrir" en bas de la fenêtre puis sur "send" .Le scan de ce fichier va débuter.Tu n'as plus qu'à sélectionner puis copier /coller l'analyse .

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ce prendra pour faire analyser)

Fais pareiml pour l'autre stp et poste les rapports.

Modifié le 5 avril 2007 par charles ingals

[Lutino]

Re,

 

je suis un peu vert car aucune trace des 2 fichiers ds le dossier c:\winnt\system32\drivers alors que tout est coché ds les proprietés des dossiers?!?!?

 

c'est le même style que csrss.exe!

 

je déprime...

[Thanos]

ok c'est pas grave! je te prépare un script pour nettoyer!

 

@ toute à l'heure...

[Lutino]

ok je l'attends avec impatience!

t'es vraiment une star charles ingals (pas que du petit écran) merki pour tout c'est moi qui vais te payer le voyage (mais pas trop loin!!!)

 

@ +

[Thanos]

lol! de retour!

 

On continue comme ceci >

 

1.Copier tout le texte de la boîte ci-dessous(sans le mot "code") : mettre en surbrillance et appuyer sur les touches(Ctrl+C):

drivers to unload:
mchInjDrv

registry keys to delete:
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_EVENT
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_EVENT
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EVENT
HKLM\SYSTEM\ControlSet001\Services\Event
HKLM\SYSTEM\ControlSet002\Services\Event
HKLM\SYSTEM\CurrentControlSet\Services\Event

Files to Delete:
C:\Winnt\System32\drivers\mchInjDrv.sys
C:\WINNT\System32\tj 
C:\WINNT\System32\.exe

Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

2. Maintenant, lancer The Avenger en cliquant sur son icône du bureau.

• Sous "Script file to execute" choisir "Input Script Manually".
  
• Puis cliquer sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
  
• Dans cette fenêtre, coller le texte précedemment copié sur le bureau par les touches (Ctrl+V).
  
• Cliquer Done
  
• ensuite cliquer sur l'icône en forme de Feu Vert pour démarrer l'exécution du script
  
• Répondre "Yes" deux fois quand demandé.
  

3. The Avenger va automatiquement faire ce qui suit:

• Il va Re-démarrer le système. ( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger re-démarrera votre système 2 fois.)
  
• Pendant le re-démarrage, il apparaitra brièvement une fenêtre de commande de windows noire sur votre bureau, ceci est NORMAL.
  
• Après le re-démarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
  
• The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et tranféré l'archive zip ici C:\avenger\backup.zip.
  

Poste ce rapport stp > C:\avenger.txt

Poste aussi un nouveau rapport DiagHelp stp

[Lutino]

salut charles ingals

 

merci pour le script voila ce qu'il a generé

 

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\ywfigpvw

 

*******************

 

Script file located at: \??\C:\WINNT\csvacnnh.txt

Script file opened successfully.

 

Script file read successfully

 

Backups directory opened successfully at C:\Avenger

 

*******************

 

Beginning to process script file:

 

 

 

Registry key \Registry\Machine\System\CurrentControlSet\Services\mchInjDrv not found!

Unload of driver mchInjDrv failed!

 

Could not process line:

mchInjDrv

Status: 0xc0000034

 

Registry key HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_EVENT deleted successfully.

Registry key HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_EVENT deleted successfully.

 

 

Registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EVENT not found!

Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EVENT failed!

 

Could not process line:

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_EVENT

Status: 0xc0000034

 

Registry key HKLM\SYSTEM\ControlSet001\Services\Event deleted successfully.

Registry key HKLM\SYSTEM\ControlSet002\Services\Event deleted successfully.

 

 

Registry key HKLM\SYSTEM\CurrentControlSet\Services\Event not found!

Deletion of registry key HKLM\SYSTEM\CurrentControlSet\Services\Event failed!

 

Could not process line:

HKLM\SYSTEM\CurrentControlSet\Services\Event

Status: 0xc0000034

 

 

 

File C:\Winnt\System32\drivers\mchInjDrv.sys not found!

Deletion of file C:\Winnt\System32\drivers\mchInjDrv.sys failed!

 

Could not process line:

C:\Winnt\System32\drivers\mchInjDrv.sys

Status: 0xc0000034

 

File C:\WINNT\System32\tj deleted successfully.

File C:\WINNT\System32\.exe deleted successfully.

 

Completed script processing.

 

*******************

 

Finished! Terminate.

 

encore des fichiers qu'il ne peut effacer ou trouver. normal?

 

à + je lance diaghelp

[Lutino]

et diaghelp

 

C:\WINNT\System32/drivers\nwlnkcr.sys -->05/04/2007 07:22:09

C:\WINNT\System32/drivers\gmer.sys -->03/04/2007 23:34:19

C:\WINNT\System32/drivers\atksgt.sys -->03/02/2007 14:29:45

C:\WINNT\System32/drivers\lirsgt.sys -->03/02/2007 14:29:44

C:\WINNT\System32/drivers\npf.sys -->25/01/2007 19:31:34

C:\WINNT\System32/drivers\SECDRV.SYS -->25/01/2007 09:18:32

C:\WINNT\System32/drivers\vaxscsi.sys -->25/01/2007 09:10:44

 

C:\WINNT\System32\nvapps.xml -->06/04/2007 07:25:02

C:\WINNT\System32\asfiles.txt -->04/04/2007 07:17:35

C:\WINNT\System32\Uninstall.ico -->04/04/2007 07:11:45

C:\WINNT\System32\pavas.ico -->04/04/2007 07:11:45

C:\WINNT\System32\Help.ico -->04/04/2007 07:11:45

C:\WINNT\System32\FNTCACHE.DAT -->03/04/2007 23:22:42

C:\WINNT\System32\jupdate-1.5.0_11-b03.log -->31/03/2007 08:47:54

C:\WINNT\System32\tmp.txt -->30/03/2007 18:51:34

C:\WINNT\System32\tmp.reg -->30/03/2007 18:51:34

C:\WINNT\System32\Perflib_Perfdata_310.dat -->29/03/2007 19:19:26

C:\WINNT\System32\Perflib_Perfdata_314.dat -->28/03/2007 20:46:52

C:\WINNT\System32\dp.exe -->28/03/2007 12:12:16

C:\WINNT\System32\Perflib_Perfdata_234.dat -->27/03/2007 23:31:49

C:\WINNT\System32\Perflib_Perfdata_1c0.dat -->26/03/2007 18:53:43

C:\WINNT\System32\sfc.dll -->26/03/2007 18:35:49

C:\WINNT\System32\Perflib_Perfdata_31c.dat -->25/03/2007 20:22:28

C:\WINNT\System32\Perflib_Perfdata_5c8.dat -->25/03/2007 20:06:27

C:\WINNT\System32\Perflib_Perfdata_57c.dat -->25/03/2007 19:45:43

C:\WINNT\System32\Perflib_Perfdata_17c.dat -->25/03/2007 19:29:07

C:\WINNT\System32\Perflib_Perfdata_188.dat -->25/03/2007 19:24:49

C:\WINNT\System32\Perflib_Perfdata_5d8.dat -->22/03/2007 20:38:05

C:\WINNT\System32\Perflib_Perfdata_60c.dat -->22/03/2007 20:30:23

C:\WINNT\System32\irxgskvw.PIF -->22/03/2007 00:23:32

C:\WINNT\System32\bedgsly.bat -->20/03/2007 18:48:25

C:\WINNT\System32\xdll.bat -->20/03/2007 18:48:14

 

C:\WINNT\ntbtlog.txt -->06/04/2007 07:27:27

C:\WINNT\WindowsUpdate.log -->06/04/2007 07:24:12

C:\WINNT\SchedLgU.Txt -->06/04/2007 07:22:37

C:\WINNT\ShellIconCache -->06/04/2007 00:43:42

C:\WINNT\win.ini -->05/04/2007 22:07:00

C:\WINNT\system.ini -->05/04/2007 18:54:26

C:\WINNT\setupapi.log -->04/04/2007 07:12:32

C:\WINNT\gmer.ini -->03/04/2007 23:35:15

C:\WINNT\gmer_uninstall.cmd -->03/04/2007 23:34:19

C:\WINNT\gmer.dll -->03/04/2007 23:34:19

C:\WINNT\iis5.log -->03/04/2007 22:57:56

C:\WINNT\KB925902.log -->03/04/2007 22:57:55

C:\WINNT\imsins.log -->03/04/2007 22:57:55

C:\WINNT\comsetup.log -->03/04/2007 22:57:55

C:\WINNT\ockodak.log -->03/04/2007 22:57:54

 

C:\WINNT\alcrmv.exe |24/01/2007 21:00:18

C:\WINNT\alcupd.exe |24/01/2007 21:00:18

C:\WINNT\bdoscandel.exe |04/03/2005 15:10:36

C:\WINNT\gmer.exe |03/04/2007 23:34:18

C:\WINNT\IsUn040c.exe |02/02/2007 10:14:04

C:\WINNT\IsUninst.exe |24/01/2007 20:55:54

C:\WINNT\meta4.exe |25/02/2007 13:35:09

C:\WINNT\MOTA113.exe |25/02/2007 13:35:09

C:\WINNT\PATCH.EXE |27/01/2007 13:25:04

C:\WINNT\runtsckl.exe |02/11/2005 19:07:12

C:\WINNT\tsc.exe |27/01/2007 13:30:15

C:\WINNT\twunk_16.exe |16/12/1999 10:00:00

C:\WINNT\twunk_32.exe |16/12/1999 10:00:00

C:\WINNT\War3Unin.exe |10/02/2007 18:12:03

C:\WINNT\x2.64.exe |25/02/2007 13:35:09

C:\WINNT\AuHCcup1.dll |23/07/1999 11:53:20

C:\WINNT\BPMNT.dll |27/01/2007 13:30:14

C:\WINNT\gmer.dll |03/04/2007 23:34:19

C:\WINNT\hcextoutput.dll |27/01/2007 13:30:15

C:\WINNT\loadhttp.dll |15/10/2002 15:29:40

C:\WINNT\patchw32.dll |14/12/2001 14:34:46

C:\WINNT\TMUPDATE.DLL |27/01/2007 13:25:04

C:\WINNT\twain.dll |16/12/1999 10:00:00

C:\WINNT\twain_32.dll |16/12/1999 10:00:00

C:\WINNT\UNZIP.DLL |27/01/2007 13:25:04

C:\WINNT\vsapi32.dll |27/01/2007 13:30:14

C:\WINNT\system32\append.exe |16/12/1999 10:00:00

C:\WINNT\system32\asuninst.exe |04/04/2007 07:12:22

C:\WINNT\system32\CNDNDlg.exe |07/03/2007 15:18:10

C:\WINNT\system32\debug.exe |16/12/1999 10:00:00

C:\WINNT\system32\dfrgfat.exe |19/06/2003 12:05:04

C:\WINNT\system32\dfrgntfs.exe |19/06/2003 12:05:04

C:\WINNT\system32\dmadmin.exe |19/06/2003 12:05:04

C:\WINNT\system32\dmremote.exe |19/06/2003 12:05:04

C:\WINNT\system32\dosx.exe |16/12/1999 10:00:00

C:\WINNT\system32\dp.exe |28/03/2007 12:12:16

C:\WINNT\system32\dumphive.exe |27/03/2007 19:14:13

C:\WINNT\system32\dvdplay.exe |15/12/1999 01:30:38

C:\WINNT\system32\edlin.exe |16/12/1999 10:00:00

C:\WINNT\system32\exe2bin.exe |16/12/1999 10:00:00

C:\WINNT\system32\fastopen.exe |16/12/1999 10:00:00

C:\WINNT\system32\java.exe |31/03/2007 08:47:58

C:\WINNT\system32\javaw.exe |31/03/2007 08:47:58

C:\WINNT\system32\javaws.exe |31/03/2007 08:47:58

C:\WINNT\system32\keystone.exe |22/10/2006 13:22:00

C:\WINNT\system32\massvc32.exe |18/03/2007 13:34:52

C:\WINNT\system32\mem.exe |16/12/1999 10:00:00

C:\WINNT\system32\mscdexnt.exe |16/12/1999 10:00:00

C:\WINNT\system32\msswchx.exe |19/06/2003 12:05:04

C:\WINNT\system32\NeroCheck.exe |29/01/2007 20:12:00

C:\WINNT\system32\nlsfunc.exe |16/12/1999 10:00:00

C:\WINNT\system32\nvappbar.exe |22/10/2006 13:22:00

C:\WINNT\system32\nvcolor.exe |22/10/2006 13:22:00

C:\WINNT\system32\nvcplui.exe |22/10/2006 13:22:00

C:\WINNT\system32\nvdspsch.exe |22/10/2006 13:22:00

C:\WINNT\system32\nvsvc32.exe |22/10/2006 13:22:00

C:\WINNT\system32\nvudisp.exe |24/01/2007 21:04:47

C:\WINNT\system32\NVUNINST.EXE |24/01/2007 21:04:39

C:\WINNT\system32\nw16.exe |16/12/1999 10:00:00

C:\WINNT\system32\nwiz.exe |22/10/2006 13:22:00

C:\WINNT\system32\Process.exe |27/03/2007 19:14:13

C:\WINNT\system32\PSDrvCheck.exe |23/02/2007 15:25:18

C:\WINNT\system32\pxhpinst.exe |11/03/2007 20:17:53

C:\WINNT\system32\redir.exe |16/12/1999 10:00:00

C:\WINNT\system32\setver.exe |16/12/1999 10:00:00

C:\WINNT\system32\share.exe |16/12/1999 10:00:00

C:\WINNT\system32\Shutdown.exe |24/03/2007 19:35:56

C:\WINNT\system32\SrchSTS.exe |27/03/2007 19:14:13

C:\WINNT\system32\swreg.exe |27/03/2007 19:14:13

C:\WINNT\system32\swsc.exe |27/03/2007 19:14:13

C:\WINNT\system32\swxcacls.exe |27/03/2007 19:14:13

C:\WINNT\system32\vwipxspx.exe |16/12/1999 10:00:00

C:\WINNT\system32\x.264.exe |25/02/2007 13:35:08

C:\WINNT\system32\amstream.dll |29/01/2007 21:22:26

C:\WINNT\system32\atmfd.dll |19/06/2003 12:05:04

C:\WINNT\system32\atmlib.dll |19/06/2003 12:05:04

C:\WINNT\system32\avisynth.dll |25/02/2007 13:35:08

C:\WINNT\system32\AVSredirect.dll |25/02/2007 13:35:09

C:\WINNT\system32\cbrowser.dll |24/01/2007 21:53:26

C:\WINNT\system32\CNDCK170.dll |07/03/2007 15:18:10

C:\WINNT\system32\CNDUK170.dll |07/03/2007 15:18:10

C:\WINNT\system32\ComLib.dll |24/01/2007 21:53:26

C:\WINNT\system32\devil.dll |25/02/2007 13:35:08

C:\WINNT\system32\dfrgres.dll |16/12/1999 10:00:00

C:\WINNT\system32\dfrgsnap.dll |19/06/2003 12:05:04

C:\WINNT\system32\dfrgui.dll |16/12/1999 10:00:00

C:\WINNT\system32\dgrpsetu.dll |24/01/2007 20:34:06

C:\WINNT\system32\dgsetup.dll |24/01/2007 20:34:06

C:\WINNT\system32\dmconfig.dll |19/06/2003 12:05:04

C:\WINNT\system32\dmintf.dll |19/06/2003 12:05:04

C:\WINNT\system32\dmserver.dll |19/06/2003 12:05:04

C:\WINNT\system32\dmutil.dll |19/06/2003 12:05:04

C:\WINNT\system32\efsadu.dll |16/12/1999 10:00:00

C:\WINNT\system32\EqnClass.Dll |24/01/2007 20:34:06

C:\WINNT\system32\flvDX.dll |25/02/2007 13:32:52

C:\WINNT\system32\hpzcoi08.dll |26/03/2003 08:21:58

C:\WINNT\system32\hpzcon08.dll |26/03/2003 08:23:10

C:\WINNT\system32\hpzlnt08.dll |26/03/2003 08:32:24

C:\WINNT\system32\hticons.dll |24/01/2007 20:40:35

C:\WINNT\system32\hypertrm.dll |24/01/2007 20:40:35

C:\WINNT\system32\i420vfw.dll |25/02/2007 13:35:08

C:\WINNT\system32\iccvid.dll |16/12/1999 10:00:00

C:\WINNT\system32\imagr5.dll |29/01/2007 20:12:05

C:\WINNT\system32\imagx5.dll |29/01/2007 20:12:05

C:\WINNT\system32\ImagXpr5.dll |29/01/2007 20:12:05

C:\WINNT\system32\imgcmn.dll |24/01/2007 20:40:37

C:\WINNT\system32\imgshl.dll |24/01/2007 20:40:37

C:\WINNT\system32\ir32_32.dll |16/12/1999 10:00:00

C:\WINNT\system32\ir41_qc.dll |16/12/1999 10:00:00

C:\WINNT\system32\ir41_qcx.dll |16/12/1999 10:00:00

C:\WINNT\system32\ir50_32.dll |16/12/1999 10:00:00

C:\WINNT\system32\ir50_qc.dll |16/12/1999 10:00:00

C:\WINNT\system32\ir50_qcx.dll |16/12/1999 10:00:00

C:\WINNT\system32\jpeg1x32.dll |24/01/2007 20:40:37

C:\WINNT\system32\jpeg2x32.dll |24/01/2007 20:40:37

C:\WINNT\system32\mciqtz32.dll |29/01/2007 21:22:26

C:\WINNT\system32\meter.dll |11/07/2002 11:38:14

C:\WINNT\system32\msdmo.dll |29/01/2007 21:22:27

C:\WINNT\system32\msencode.dll |30/08/2002 19:24:06

C:\WINNT\system32\msswch.dll |19/06/2003 12:05:04

C:\WINNT\system32\MusInputMod.dll |11/07/2002 11:39:36

C:\WINNT\system32\N067UFW.dll |24/01/2007 21:12:14

C:\WINNT\system32\NMOCOD.DLL |25/01/2007 09:27:08

C:\WINNT\system32\NMORENU.DLL |25/01/2007 09:27:09

C:\WINNT\system32\NMSCKN.DLL |25/01/2007 09:27:09

C:\WINNT\system32\NMW3VWN.DLL |25/01/2007 09:27:09

C:\WINNT\system32\nsp.dll |23/02/2007 15:25:13

C:\WINNT\system32\nspa6.dll |23/02/2007 15:25:17

C:\WINNT\system32\nspm5.dll |23/02/2007 15:25:19

C:\WINNT\system32\nspm6.dll |23/02/2007 15:25:19

C:\WINNT\system32\nspp6.dll |23/02/2007 15:25:18

C:\WINNT\system32\nsppx.dll |23/02/2007 15:25:16

C:\WINNT\system32\nspw7.dll |23/02/2007 15:25:13

C:\WINNT\system32\nv4_disp.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvapi.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvcod.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvcodins.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvcpl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvcpluir.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvdisps.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvdispsr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvexpbar.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvgames.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvgamesr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvhwvid.dll |22/10/2006 13:22:00

C:\WINNT\system32\nview.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmccs.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmccsrs.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmccss.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmccssr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmctray.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmobls.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvmoblsr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvnt4cpl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvoglnt.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsar.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrscs.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsda.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsde.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsel.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrseng.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrses.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsesm.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsfi.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsfr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrshe.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrshu.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsit.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsja.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsko.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsnl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsno.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrspl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrspt.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsptb.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrsru.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrssk.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrssl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrssv.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrstr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrszhc.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvrszht.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvshell.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvvitvs.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvvitvsr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwddi.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwdmcpl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwimg.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsar.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrscs.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsda.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsde.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsel.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrseng.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrses.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsesm.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsfi.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsfr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrshe.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrshu.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsit.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsja.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsko.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsnl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsno.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrspl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrspt.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsptb.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrsru.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrssk.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrssl.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrssv.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrstr.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrszhc.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwrszht.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwss.dll |22/10/2006 13:22:00

C:\WINNT\system32\nvwssr.dll |22/10/2006 13:22:00

C:\WINNT\system32\oieng400.dll |24/01/2007 20:40:34

C:\WINNT\system32\oiprt400.dll |24/01/2007 20:40:37

C:\WINNT\system32\oislb400.dll |24/01/2007 20:40:37

C:\WINNT\system32\oissq400.dll |24/01/2007 20:40:37

C:\WINNT\system32\oitwa400.dll |24/01/2007 20:40:37

C:\WINNT\system32\oiui400.dll |24/01/2007 20:40:34

C:\WINNT\system32\Packet.dll |25/01/2007 19:31:34

C:\WINNT\system32\picn20.dll |29/01/2007 20:12:05

C:\WINNT\system32\pncrt.dll |02/02/2007 10:34:38

C:\WINNT\system32\pndx5016.dll |02/02/2007 10:34:38

C:\WINNT\system32\pndx5032.dll |02/02/2007 10:34:38

C:\WINNT\system32\PSCLK170.dll |07/03/2007 15:18:10

C:\WINNT\system32\psisdecd.dll |02/02/2007 20:06:12

C:\WINNT\system32\pthreadVC.dll |25/01/2007 19:31:36

C:\WINNT\system32\px.dll |11/03/2007 20:17:53

C:\WINNT\system32\pxdrv.dll |11/03/2007 20:17:53

C:\WINNT\system32\pxmas.dll |11/03/2007 20:17:53

C:\WINNT\system32\pxwave.dll |11/03/2007 20:17:53

C:\WINNT\system32\qcut.dll |16/12/1999 10:00:00

C:\WINNT\system32\qedwipes.dll |29/01/2007 21:22:28

C:\WINNT\system32\rmoc3260.dll |02/02/2007 10:34:38

C:\WINNT\system32\SG62CPL.DLL |24/01/2007 21:12:14

C:\WINNT\system32\SG62UUD.DLL |24/01/2007 21:12:14

C:\WINNT\system32\Smab.dll |25/02/2007 13:35:07

C:\WINNT\system32\sockspy.dll |24/01/2007 21:32:13

C:\WINNT\system32\spxcoins.dll |24/01/2007 20:34:06

C:\WINNT\system32\tifflt.dll |24/01/2007 20:40:37

C:\WINNT\system32\tsbyuv.dll |15/12/1999 01:30:06

C:\WINNT\system32\tsd32.dll |16/12/1999 10:00:00

C:\WINNT\system32\UCS32P.DLL |24/01/2007 21:12:15

C:\WINNT\system32\vxblock.dll |11/03/2007 20:17:53

C:\WINNT\system32\WanPacket.dll |25/01/2007 19:31:34

C:\WINNT\system32\wavdest.dll |02/09/1998 10:24:30

C:\WINNT\system32\WBCustomizer.dll |08/01/2001 14:47:44

C:\WINNT\system32\win87em.dll |16/12/1999 10:00:00

C:\WINNT\system32\wpcap.dll |25/01/2007 19:31:36

C:\WINNT\system32\xcomm.dll |02/10/2003 13:15:34

C:\WINNT\system32\xiffr3_0.dll |24/01/2007 20:40:37

C:\WINNT\system32\xreglib.dll |06/12/2002 18:37:06

C:\WINNT\system32\yv12vfw.dll |25/02/2007 13:35:08

C:\WINNT\system32\ZPORT4AS.dll |04/04/2007 07:12:21

 

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\WINNT\system32

 

19/06/2003 12:05 5 392 csrss.exe

1 fichier(s) 5 392 octets

0 Rép(s) 4 936 925 184 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\WINNT\Downloaded Program Files

 

04/04/2007 09:30 <DIR> .

04/04/2007 09:30 <DIR> ..

24/08/2006 08:28 141 424 asinst.dll

22/08/2006 09:06 537 asinst.inf

13/11/2006 20:48 946 296 asquared.ocx

07/12/2004 17:07 32 bdcore.dll

01/03/2005 15:08 118 784 bdupd.dll

25/02/2007 13:31 65 desktop.ini

01/03/2005 15:08 53 248 ipsupd.dll

08/08/2006 12:45 576 kavwebscan.inf

16/03/2005 12:34 7 407 lang.ini

07/12/2004 17:07 32 libfn.dll

14/03/2005 14:38 126 live.ini

01/03/2005 12:15 1 246 oscan8.inf

16/03/2005 12:31 475 136 oscan8.ocx

14/03/2005 14:58 7 073 scanoptions.tsi

26/05/2005 05:19 291 wuweb.inf

02/11/2005 19:01 1 777 xscan.inf

02/11/2005 19:07 435 712 xscan53.ocx

17 fichier(s) 2 189 762 octets

 

Total des fichiers listés :

17 fichier(s) 2 189 762 octets

2 Rép(s) 4 936 859 648 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

 

 

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006

http://www.gmer.net

 

scanning hidden processes ...

 

scanning hidden services ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\Program Files

 

04/04/2007 23:08 <DIR> .

04/04/2007 23:08 <DIR> ..

24/01/2007 20:40 <DIR> Accessoires

11/02/2007 13:23 <DIR> AddOnsOO2

25/01/2007 13:32 <DIR> Adobe

25/02/2007 13:35 <DIR> AviSynth 2.5

24/02/2007 20:44 <DIR> Common Files

24/01/2007 20:41 <DIR> ComPlus Applications

28/01/2007 20:21 <DIR> directx

20/03/2007 23:42 <DIR> Fichiers communs

11/03/2007 20:17 <DIR> Google

02/02/2007 10:16 <DIR> Hewlett-Packard

04/04/2007 08:02 <DIR> Internet Explorer

31/03/2007 08:47 <DIR> Java

24/01/2007 20:40 <DIR> Lecteur Windows Media

02/02/2007 10:39 <DIR> Media Player Classic

24/01/2007 23:20 <DIR> microsoft frontpage

24/01/2007 23:34 <DIR> Microsoft Office

28/03/2007 14:50 <DIR> NetMeeting

11/02/2007 13:24 <DIR> OOoHG

11/02/2007 13:19 <DIR> OpenOffice.org 2.0

30/03/2007 13:33 <DIR> Optimisation Windows

29/03/2007 20:07 <DIR> Outlook Express

14/03/2007 22:02 <DIR> Picasa2

23/02/2007 15:25 <DIR> Pinnacle

24/01/2007 21:22 <DIR> Softwin

23/02/2007 15:25 <DIR> VOB

29/03/2007 20:08 <DIR> Windows Media Player

24/01/2007 20:40 <DIR> Windows NT

21/02/2007 14:41 <DIR> WinPcap

26/02/2007 19:52 <DIR> Yahoo!

0 fichier(s) 0 octets

31 Rép(s) 4 936 806 400 octets libres

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\Program Files\fichiers communs

 

20/03/2007 23:42 <DIR> .

20/03/2007 23:42 <DIR> ..

25/01/2007 09:00 <DIR> Adobe

29/01/2007 20:12 <DIR> Ahead

07/03/2007 15:11 <DIR> InstallShield

11/02/2007 13:14 <DIR> Java

25/02/2007 13:31 <DIR> Microsoft Shared

02/02/2007 10:15 <DIR> MSSoap

24/01/2007 20:34 <DIR> ODBC

25/02/2007 13:31 <DIR> Services

24/01/2007 21:21 <DIR> Softwin

29/03/2007 20:07 <DIR> System

0 fichier(s) 0 octets

12 Rép(s) 4 936 806 400 octets libres

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

 

04/04/2007 08:01 <DIR> .

04/04/2007 08:01 <DIR> ..

04/11/1999 02:38 561 210 MSONSEXT.DLL

03/06/1999 21:09 122 937 MSOWS409.DLL

07/03/2001 16:00 127 033 MSOWS40c.DLL

3 fichier(s) 811 180 octets

2 Rép(s) 4 936 740 864 octets libres

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\Program Files\common files

 

24/02/2007 20:44 <DIR> .

24/02/2007 20:44 <DIR> ..

24/02/2007 20:53 <DIR> System

0 fichier(s) 0 octets

3 Rép(s) 4 936 802 304 octets libres

Le volume dans le lecteur C s'appelle Vingt Doses

Le numéro de série du volume est F06D-02CC

 

Répertoire de C:\

 

11/11/2001 00:00 68 096 diff.exe

27/08/2006 14:10 103 424 grep.exe

2 fichier(s) 171 520 octets

0 Rép(s) 4 936 802 304 octets libres

c:\Documents and Settings\Administrateur\.housecall6.6\getMac.exe

c:\Documents and Settings\Administrateur\.housecall6.6\patch.exe

c:\Documents and Settings\Administrateur\.housecall6.6\tsc.exe

c:\Documents and Settings\Administrateur\Bureau\a2AntiMalwareSetup.exe

c:\Documents and Settings\Administrateur\Bureau\Antisasser-FR.exe

c:\Documents and Settings\Administrateur\Bureau\ATF-Cleaner.exe

c:\Documents and Settings\Administrateur\Bureau\avg-anti-spyware_avg_anti-spyware_francais_27645.exe

c:\Documents and Settings\Administrateur\Bureau\BattleLANv04.exe

c:\Documents and Settings\Administrateur\Bureau\BigFix1.6b.exe

c:\Documents and Settings\Administrateur\Bureau\blbeta.exe

c:\Documents and Settings\Administrateur\Bureau\clamwin-0.90.1-setup.exe

c:\Documents and Settings\Administrateur\Bureau\ComboFix.exe

c:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

c:\Documents and Settings\Administrateur\Bureau\mwav.exe

c:\Documents and Settings\Administrateur\Bureau\sd4hide.exe

c:\Documents and Settings\Administrateur\Bureau\spywarefighter.exe

c:\Documents and Settings\Administrateur\Bureau\URLSnooper.exe

c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB828028-x86-FRA.EXE

c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB835732-x86-FRA(2).EXE

c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB835732-x86-FRA.EXE

c:\Documents and Settings\Administrateur\Bureau\Windows2000-KB891861-v2-x86-FRA.EXE

c:\Documents and Settings\Administrateur\Bureau\Arret_Demarrage\Arrêt programmé.exe

c:\Documents and Settings\Administrateur\Bureau\avenger\avenger.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\catchme.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\diff.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\dumphive.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\Fport.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\grep.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LFiles.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\pslist.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\streams.exe

c:\Documents and Settings\Administrateur\Bureau\DiagHelp\DiagHelp\swreg.exe

c:\Documents and Settings\Administrateur\Bureau\gmer\gmer.exe

c:\Documents and Settings\Administrateur\Bureau\OptimisationWindows3-0-4\setup.exe

c:\Documents and Settings\Administrateur\Bureau\regsearch\regsearch.exe

c:\Documents and Settings\Administrateur\Bureau\RootkitRevealer\RootkitRevealer.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\Catchme.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\cliptext.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\download.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\LS.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\MD5File.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\MoveEx.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\RegDACL.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\RestartIt!.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\sc.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\SF.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\swreg.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\swsc.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\unzip.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\zip.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\Replace\W2K.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\apps\Replace\XP.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\attrib.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\find.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\findstr.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups\regedit.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\attrib.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\find.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\findstr.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old1\regedit.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\attrib.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\find.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\findstr.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old2\regedit.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\attrib.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\find.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\findstr.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old3\regedit.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\attrib.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\find.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\findstr.exe

c:\Documents and Settings\Administrateur\Bureau\SDFix\backups_old4\regedit.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q318089_W2K_IE5_5218\vbs51nfr.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q330994_OEPatch31_IE55SP2\q330994.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer50x\x86win2k\com_microsoft.Q822925_IE501_SP4\q822925.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer55x\x86win2k\com_microsoft.Q330994_OEPatch31_IE55SP2\q330994.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer55x\x86win2k\com_microsoft.Q822925_IE_55SP2\q822925.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.813951_urlmon_5995\q813951.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q318089_W2K_XP_IE6_5226\vbs56nfr.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q330994_OEPatch_IE6SP1_32\q330994.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.internetexplorer6x\x86win2k\com_microsoft.Q822925_IE6_SP1\q822925.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.817787_WMZ_MSRC_1640_WMP71\WindowsMedia71-KB817787-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.819696_nonDirectX_9_0B_CRITICAL\DirectX9-KB819696-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.823559_W2K_SP5_WinSE_48630\Windows2000-KB823559-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.823980_W2K_SP5_WinSE_48715_Critical\Windows2000-KB823980-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.824105_W2K_SP5_WinSE_48089_Critical\Windows2000-KB824105-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.824146_W2K_SP5_WinSE_49650\Windows2000-KB824146-x86-FRA.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.IIS_SecPatch_IIS5_5415\Q321599_W2K.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_ win2K_55_6001\js55nfr.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_ win2K_XP_56_6003\js56nfr.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Jscript_Win2K_51_5999\js51nfr.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q261255_SP1_4094\q261255.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q270676_SP2_CORP_4127\Q270676.EXE

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q274372_SP2_W2k_CORP_4280\Q274372.EXE

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q280838_SP2_W2k_4305\Q280838.EXE

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q296185_W2K_SP3_CORP_4594\q296185_W2K.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q299553_W2K_SP3_CORP_4674\Q299553.EXE

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q311967_W2K_SP3_5304\Q311967.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q312897_VS_NET_JA_5433\NDP10_SP_Q321897_Ja.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q313450_W2K_Cons_5256\Q313450SP3.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q313829_W2K_5282\Q313829.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q314147_W2K_5265\Q314147_W2K.exe

c:\Documents and Settings\Administrateur\Bureau\Util\Wu\Win2k\1_Maj critiques\Fr\WU\Software\fr\com_microsoft.windows2000\x86win2k\com_microsoft.Q317244_XML40_5255\Q317244.exe

c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\QuickTime 7.1.3.100\QuickTimeInstallerAdmin.exe

 

bonne journée et à plus

[Lutino]

salut charles ingals

 

et rebelote avec le fichier csrss.exe bloqué par bitdefender ainsi qu'un nouveau du nom de c:\winnt\eraseme0589.exe.

ces bebettes se réactivent à chaque fois et je commence à déprimer sévèrement.

Faut il que je commence à sauvegarder ce que je veux garder de mon disque? ou y a t il encore un espoir?

 

merci doc.

[Thanos]

salut

 

Désolé pour l'attente! Collant ce malware!! Stp, poste moi un rapport comme ceci >

 

Télécharge WinPFind3U.exesur ton bureau.

• Double clique sur le fichier téléchargé : un dossier nommé WinPFind3U va apparaitre sur ton bureau.
  
• Ouvre le dossier et double clique sur le fichier WinPFind3U.exe pour lancer le programme.
  
• Sous le groupe Files Created Within sélectionne 90 days
  
• Sous le groupe Files Modified Within sélectionne 90 days
  
• Sous le groupe String Search sélectionne Non-Microsoft
  
• Sous Additional Scan (à droite) coche la case Reg- Security Settings
  
• A présent clique sur le bouton Run Scan dans la barre d'outils
  
• Lorsque le scan est terminé,le bloc-notes s'ouvre et affiche le rapport.
  
• Clique sur le menu "Format" et assure toi que la case "Retour automatique à la ligne" ne soit pas cochée.
  
• Copie/Colle le contenu du rapport dans ta prochaine réponse.
  

On parlait des partages plus haut: regarde et dis moi quels sont les dossiers en partage restants stp?

 

Edit: fais stp ce scan rapide des ports ici et dis moi ce qu'il en est (ports ouverts) > http://www.zebulon.fr/outils/scanports/test-securite.php

Modifié le 10 avril 2007 par charles ingals

[Lutino]

salut charles ingals

 

en ce qui concerne les dossiers partagés il n'y en a plus sur mon disque c (j'ai plusieurs partitions et celle nommée c: abrite windows) j'ai donc pas trop regardé sur les autres disques car j'imagine que les malwares et autres bebettes se greffent plus volontiers sur le disque hébergeant win daube.

 

d'autre part j'avais regardé il y a un moment de ça la configuration de mes ports et plusieurs étaient carrément ouverts je vais essayer de poster un rapport...

 

sinon voici le winpfind3u

 

WinPFind3 logfile created on: 10/04/2007 14:20:26

WinPFind3U by OldTimer - Version 1.0.34 Folder = C:\Documents and Settings\Administrateur\Bureau\winpfind3u\WinPFind3u\

Microsoft Windows 2000 Service Pack 4 (Version = 5.0.2195)

Internet Explorer (Version = 6.0.2800.1106)

 

383,48 Mb Total Physical Memory | 12,50 Mb Available Physical Memory | 3,26% Memory free

920,11 Mb Paging File | 480,67 Mb Available in Paging File | 52,24% Paging File free

Paging file location(s): C:\pagefile.sys 576 1152;

 

%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Program Files

Drive C: | 11,46 Gb Total Space | 4,82 Gb Free Space | 42,04% Space Free

Drive D: | 11,35 Gb Total Space | 0,66 Gb Free Space | 5,81% Space Free

Drive E: | 11,35 Gb Total Space | 1,64 Gb Free Space | 14,44% Space Free

Drive F: | 11,67 Gb Total Space | 3,41 Gb Free Space | 29,21% Space Free

 

Computer Name: HOULALA

Current User Name: Administrateur

Logged in as Administrator.

Current Boot Mode: Normal

 

 

[Processes - Non-Microsoft Only]

a2guard.exe -> D:\a-squared Anti-Malware\a2guard.exe -> Emsi Software GmbH [Ver = 2.1.0.73 | Size = 1164896 bytes | Modified Date = 28/03/2007 12:03:22 | Attr = ]

acrord32.exe -> D:\Acrobat 5.0\Reader\AcroRd32.exe -> Adobe Systems Incorporated [Ver = 5.0.5.2001092400 | Size = 3891268 bytes | Modified Date = 24/09/2001 17:15:58 | Attr = ]

alert.exe -> D:\PC Alert III\alert.exe -> MICRO-STAR INT'L CO., LTD. [Ver = 3.4.3.8 | Size = 1774080 bytes | Modified Date = 15/11/2001 16:04:58 | Attr = ]

avgas.exe -> D:\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 07/10/2006 14:20:00 | Attr = ]

bdmcon.exe -> %ProgramFiles%\Softwin\BitDefender8\bdmcon.exe -> SOFTWIN S.R.L. [Ver = 8.1.0.3 | Size = 421888 bytes | Modified Date = 24/01/2007 21:31:38 | Attr = ]

bdnagent.exe -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 8192 bytes | Modified Date = 24/01/2007 21:31:40 | Attr = ]

bdoesrv.exe -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> SOFTWIN SRL [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:31:48 | Attr = ]

bdss.exe -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 24/01/2007 21:32:16 | Attr = ]

firefox.exe -> D:\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.3: 2007030919 | Size = 7633008 bytes | Modified Date = 05/04/2007 23:35:40 | Attr = ]

guard.exe -> d:\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 16:13:20 | Attr = ]

jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15/12/2006 03:23:28 | Attr = ]

nvsvc32.exe -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ]

soffice.bin -> %ProgramFiles%\OpenOffice.org 2.0\program\soffice.bin -> OpenOffice.org [Ver = 1.09.9005 | Size = 2478080 bytes | Modified Date = 24/02/2006 18:29:20 | Attr = ]

soffice.exe -> %ProgramFiles%\OpenOffice.org 2.0\program\soffice.exe -> OpenOffice.org [Ver = 1.09.9005 | Size = 2334720 bytes | Modified Date = 24/02/2006 18:29:12 | Attr = ]

starwindservice.exe -> d:\Alcohol 120\StarWind\StarWindService.exe -> Rocket Division Software [Ver = 2.6.1 Build 0x20050401 | Size = 217600 bytes | Modified Date = 01/04/2005 19:51:48 | Attr = ]

teatimer.exe -> D:\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 31/05/2005 02:04:00 | Attr = ]

vsserv.exe -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> SOFTWIN S.R.L. [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

winpfind3u.exe -> %UserDesktop%\winpfind3u\WinPFind3u\WinPFind3U.exe -> OldTimer Tools [Ver = 1.0.34.0 | Size = 318976 bytes | Modified Date = 08/04/2007 19:02:38 | Attr = ]

xcommsvr.exe -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 17:36:48 | Attr = ]

 

[Win32 Services - Non-Microsoft Only]

(AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> d:\AVG Anti-Spyware 7.5\guard.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 204800 bytes | Modified Date = 28/09/2006 16:13:20 | Attr = ]

(bdss) BitDefender Scan Server [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Scan Server\bdss.exe -> [Ver = | Size = 69632 bytes | Modified Date = 24/01/2007 21:32:16 | Attr = ]

(dmadmin) Service d'administration du Gestionnaire de disque logique [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> VERITAS Software Corp. [Ver = 2195.6624.297.3 | Size = 147728 bytes | Modified Date = 19/06/2003 12:05:04 | Attr = ]

(Event) Events Log [Win32_Own | Auto | Stopped] -> %System32%\drivers\csrss.exe -> File not found

(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.711.37800.beta | Size = 136120 bytes | Modified Date = 04/01/2007 03:40:22 | Attr = ]

(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %System32%\nvsvc32.exe -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 159810 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ]

(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> CACE Technologies [Ver = 4.0.0.755 | Size = 93048 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ]

(StarWindService) StarWind iSCSI Service [Win32_Own | Auto | Running] -> d:\Alcohol 120\StarWind\StarWindService.exe -> Rocket Division Software [Ver = 2.6.1 Build 0x20050401 | Size = 217600 bytes | Modified Date = 01/04/2005 19:51:48 | Attr = ]

(VSSERV) BitDefender Virus Shield [Win32_Own | Auto | Running] -> %ProgramFiles%\Softwin\BitDefender8\vsserv.exe -> SOFTWIN S.R.L. [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

(XCOMM) BitDefender Communicator [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Softwin\BitDefender Communicator\xcommsvr.exe -> Softwin [Ver = 1, 7, 0, 6 | Size = 69632 bytes | Modified Date = 24/02/2004 17:36:48 | Attr = ]

 

[Registry - Non-Microsoft Only]

< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

!AVG Anti-Spyware -> D:\AVG Anti-Spyware 7.5\avgas.exe -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 50 | Size = 6266880 bytes | Modified Date = 07/10/2006 14:20:00 | Attr = ]

a-squared -> D:\a-squared Anti-Malware\a2guard.exe -> Emsi Software GmbH [Ver = 2.1.0.73 | Size = 1164896 bytes | Modified Date = 28/03/2007 12:03:22 | Attr = ]

BDMCon -> %ProgramFiles%\Softwin\BitDefender8\bdmcon.exe -> SOFTWIN S.R.L. [Ver = 8.1.0.3 | Size = 421888 bytes | Modified Date = 24/01/2007 21:31:38 | Attr = ]

BDNewsAgent -> %ProgramFiles%\Softwin\BitDefender8\bdnagent.exe -> [Ver = | Size = 8192 bytes | Modified Date = 24/01/2007 21:31:40 | Attr = ]

BDOESRV -> %ProgramFiles%\Softwin\BitDefender8\bdoesrv.exe -> SOFTWIN SRL [Ver = 8, 1, 0, 0 | Size = 90112 bytes | Modified Date = 24/01/2007 21:31:48 | Attr = ]

NvCplDaemon -> %System32%\nvcpl.dll [RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 7700480 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ]

NvMediaCenter -> %System32%\nvmctray.dll [RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit] -> NVIDIA Corporation [Ver = 6.14.10.9371 | Size = 86016 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ]

nwiz -> %System32%\nwiz.exe -> [Ver = | Size = 1622016 bytes | Modified Date = 22/10/2006 13:22:00 | Attr = ]

PSDrvCheck -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.56 | Size = 396800 bytes | Modified Date = 28/08/2003 12:47:40 | Attr = ]

SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15/12/2006 03:23:28 | Attr = ]

< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

SpybotSD TeaTimer -> d:\Spybot - Search & Destroy\TeaTimer.exe -> Safer Networking Limited [Ver = 1, 4, 0, 2 | Size = 1415824 bytes | Modified Date = 31/05/2005 02:04:00 | Attr = ]

< User Startup > -> C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage

%UserStartup%\Raccourci vers alert.lnk -> D:\PC Alert III\alert.exe -> MICRO-STAR INT'L CO., LTD. [Ver = 3.4.3.8 | Size = 1774080 bytes | Modified Date = 15/11/2001 16:04:58 | Attr = ]

< AppInit_DLLs [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

< ShellExecuteHooks [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

{57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKLM] -> d:\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> Anti-Malware Development a.s. [Ver = 7, 5, 0, 47 | Size = 73728 bytes | Modified Date = 28/09/2006 16:13:28 | Attr = ]

< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders

< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

< HOSTS File > (790 bytes) -> C:\WINNT\System32\drivers\etc\Hosts

127.0.0.1 localhost -> ->

< Internet Explorer Settings > ->

HKLM: Default_Page_URL -> http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome ->

HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Local Page -> C:\WINNT\SYSTEM32\blank.htm ->

HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ->

HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->

HKLM: Search\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->

HKCU: Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Local Page -> C:\WINNT\SYSTEM32\blank.htm ->

HKCU: Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->

HKCU: Start Page -> about:blank ->

HKCU: ProxyEnable -> 0 ->

< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [sSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 03:23:24 | Attr = ]

< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\

WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> Reg Data - Key not found [Yahoo! Toolbar] -> File not found

< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15/12/2006 03:23:26 | Attr = ]

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Console Java (Sun)] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15/12/2006 03:23:24 | Attr = ]

{85d1f590-48f4-11d9-9669-0800200c9a66} [HKLM] -> Reg Data - Key not found [MenuText: Uninstall BitDefender Online Scanner v8] -> File not found

< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\

{571270EB-7A29-4CAF-AEF7-090D7346D530} -> () ->

{63B72289-F0CD-4594-A305-4F81567A1A30} -> (Carte de bus ND010 Ethernet/Fast Ethernet PCI) ->

< Default Protocols [HKCU] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults

shell -> shell protocol not assigned ->

< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\

ipp -> Reg Data - Key not found -> File not found

msdaipp -> Reg Data - Key not found -> File not found

< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\

{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} -> BDSCANONLINE Control - CodeBase = http://bitdefender.bwm-mediasoft.com/scan8/oscan8.cab ->

{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/...b?1169836031859 ->

{74D05D43-3236-11D4-BDCD-00C04F9A3B61} -> HouseCall Control - CodeBase = http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab ->

{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -> ActiveScan Installer Class - CodeBase = http://acs.pandasoftware.com/activescan/as5free/asinst.cab ->

{BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} -> a-squared Scanner - CodeBase = http://ax.emsisoft.com/asquared.cab ->

{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab ->

 

 

[Registry - Additional Scans - Non-Microsoft Only]

< Security Settings > ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 1 ->

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\firewalldisableoverride -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ImagePath -> %SystemRoot%\system32\svchost.exe -k BITSgroup ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DisplayName -> Service de transfert intelligent en arrière-plan ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnService -> Rpcss;SENS;Wmi; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\\Description -> Transfère des fichiers en tâche de fond en utilisant la bande passante du réseau lors de ses périodes d'inactivité. Si le service est arrêté, des fonctionnalités qui dépendent de BITS, telles que Windows Update et MSN Explorer ne pourront plus télécharger automatiquement des programmes et d'autres informations. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Parameters\\ServiceDll -> %SystemRoot%\System32\qmgr.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\ -> Root\LEGACY_BITS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> %SystemRoot%\system32\svchost.exe -k netsvcs ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 3 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> Root\LEGACY_SHAREDACCESS00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 11477 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> %SystemRoot%\System32\ipnathlp.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> %systemroot%\system32\svchost.exe -k wugroup ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Mises à jour automatiques ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Active le téléchargement et l'installation des mises à jour Windows. Si ce service est désactivé, cet ordinateur ne pourra pas utiliser la fonctionnalité des mises à jour automatiques ou le site Windows Update. ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINNT\system32\wuauserv.dll ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> Root\LEGACY_WUAUSERV00 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->

 

[Files/Folders - Created Within 90 days]

!Submit -> %SystemDrive%\!Submit -> [Folder | Created Date = 28/01/2007 17:26:22 | Attr = ]

AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ]

avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 06/04/2007 06:25:33 | Attr = ]

b48da1ca53575bea94a6b53607 -> %SystemDrive%\b48da1ca53575bea94a6b53607 -> [Folder | Created Date = 28/03/2007 13:49:02 | Attr = ]

Bases -> %SystemDrive%\Bases -> [Folder | Created Date = 24/03/2007 17:58:10 | Attr = ]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 202 bytes | Created Date = 24/01/2007 20:32:10 | Attr = HS]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 24/01/2007 21:06:18 | Attr = HS]

CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = H ]

diff.exe -> %SystemDrive%\diff.exe -> [Ver = | Size = 68096 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ]

Directx -> %SystemDrive%\Directx -> [Folder | Created Date = 28/01/2007 19:19:15 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Created Date = 24/01/2007 19:33:45 | Attr = ]

Downloads -> %SystemDrive%\Downloads -> [Folder | Created Date = 24/03/2007 17:58:10 | Attr = ]

getfile.dat -> %SystemDrive%\getfile.dat -> [Ver = | Size = 14 bytes | Created Date = 24/01/2007 20:37:35 | Attr = ]

grep.exe -> %SystemDrive%\grep.exe -> [Ver = | Size = 103424 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ]

IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = RHS]

Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Created Date = 24/03/2007 17:57:22 | Attr = ]

MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = RHS]

Myst V End Of Ages -> %SystemDrive%\Myst V End Of Ages -> [Folder | Created Date = 22/02/2007 19:57:57 | Attr = ]

Nvidia Driver Geforce fx5200 -> %SystemDrive%\Nvidia Driver Geforce fx5200 -> [Folder | Created Date = 24/01/2007 20:04:23 | Attr = ]

Program Files -> %ProgramFiles% -> [Folder | Created Date = 24/01/2007 19:34:09 | Attr = R ]

reboot.cmd -> %SystemDrive%\reboot.cmd -> [Ver = | Size = 853 bytes | Created Date = 25/03/2007 13:05:33 | Attr = ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Created Date = 24/01/2007 20:41:49 | Attr = HS]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Created Date = 08/11/1833 19:50:52 | Attr = HS]

WINNT -> %SystemRoot% -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

$NtUpdateRollupPackUninstall$ -> %SystemRoot%\$NtUpdateRollupPackUninstall$ -> [Folder | Created Date = 28/03/2007 13:49:37 | Attr = H ]

$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> %SystemRoot%\$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> [Folder | Created Date = 29/03/2007 19:09:06 | Attr = H ]

addins -> %SystemRoot%\addins -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

alcrmv.exe -> %SystemRoot%\alcrmv.exe -> Avance Logic, Inc. [Ver = 1, 6, 0, 0 | Size = 151552 bytes | Created Date = 24/01/2007 20:00:18 | Attr = ]

alcupd.exe -> %SystemRoot%\alcupd.exe -> Avance Logic, Inc. [Ver = 1, 6, 1, 0 | Size = 217088 bytes | Created Date = 24/01/2007 20:00:18 | Attr = ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Created Date = 27/01/2007 12:30:16 | Attr = ]

AU_Log -> %SystemRoot%\AU_Log -> [Folder | Created Date = 27/01/2007 12:25:10 | Attr = ]

AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Created Date = 15/03/2007 20:14:53 | Attr = ]

avrack.ini -> %SystemRoot%\avrack.ini -> [Ver = | Size = 164 bytes | Created Date = 24/01/2007 20:00:19 | Attr = ]

bdinit.ini -> %SystemRoot%\bdinit.ini -> [Ver = | Size = 10 bytes | Created Date = 16/03/2007 20:40:15 | Attr = ]

BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Created Date = 20/03/2007 22:54:58 | Attr = ]

BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Created Date = 27/01/2007 12:30:14 | Attr = ]

Bulles de savon.bmp -> %SystemRoot%\Bulles de savon.bmp -> [Ver = | Size = 65978 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

Config -> %SystemRoot%\Config -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ]

Cookies -> %SystemRoot%\Cookies -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S]

CSC -> %SystemRoot%\CSC -> [Folder | Created Date = 24/01/2007 19:51:32 | Attr = HS]

Cursors -> %SystemRoot%\Cursors -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 271 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ]

Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Created Date = 22/02/2007 20:19:08 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Created Date = 24/01/2007 19:42:11 | Attr = S]

Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Fichiers d'installation de Windows Update -> %SystemRoot%\Fichiers d'installation de Windows Update -> [Folder | Created Date = 24/02/2007 20:03:03 | Attr = ]

folder.htt -> %SystemRoot%\folder.htt -> [Ver = | Size = 21844 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ]

Fonts -> %SystemRoot%\Fonts -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = R S]

GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Created Date = 27/01/2007 12:25:11 | Attr = ]

gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ]

gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Created Date = 03/04/2007 22:34:18 | Attr = ]

gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Created Date = 03/04/2007 22:34:20 | Attr = ]

gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ]

Granit vert.bmp -> %SystemRoot%\Granit vert.bmp -> [Ver = | Size = 26582 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Historique -> %SystemRoot%\Historique -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S]

hpdj5100.his -> %SystemRoot%\hpdj5100.his -> [Ver = | Size = 180248 bytes | Created Date = 02/02/2007 09:09:32 | Attr = ]

hpdj5100.ini -> %SystemRoot%\hpdj5100.ini -> [Ver = | Size = 11413 bytes | Created Date = 02/02/2007 09:09:32 | Attr = ]

ime -> %SystemRoot%\ime -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ]

imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1418 bytes | Created Date = 20/03/2007 22:34:52 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Created Date = 24/01/2007 19:51:36 | Attr = HS]

IsUn040c.exe -> %SystemRoot%\IsUn040c.exe -> InstallShield Software Corporation [Ver = 5, 50, 137, 0 | Size = 327168 bytes | Created Date = 02/02/2007 09:14:04 | Attr = ]

IsUninst.exe -> %SystemRoot%\IsUninst.exe -> InstallShield Software Corporation [Ver = 5, 51, 138, 0 | Size = 306688 bytes | Created Date = 24/01/2007 19:55:54 | Attr = ]

Jour de pêche.bmp -> %SystemRoot%\Jour de pêche.bmp -> [Ver = | Size = 17336 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

LPT$VPN.219 -> %SystemRoot%\LPT$VPN.219 -> [Ver = | Size = 25798821 bytes | Created Date = 27/01/2007 12:31:31 | Attr = ]

Media -> %SystemRoot%\Media -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

meta4.exe -> %SystemRoot%\meta4.exe -> [Ver = | Size = 217073 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ]

Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 28/02/2007 19:16:45 | Attr = ]

MOTA113.exe -> %SystemRoot%\MOTA113.exe -> [Ver = | Size = 66560 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ]

mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 4243 bytes | Created Date = 24/01/2007 23:14:09 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

msapps -> %SystemRoot%\msapps -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Created Date = 24/02/2007 20:16:53 | Attr = H ]

msiinst.tmp -> %SystemRoot%\msiinst.tmp -> [Folder | Created Date = 28/03/2007 13:49:33 | Attr = ]

Mur de Santa Fe.bmp -> %SystemRoot%\Mur de Santa Fe.bmp -> [Ver = | Size = 65832 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

mww32 -> %SystemRoot%\mww32 -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ]

NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 49 bytes | Created Date = 30/01/2007 18:47:33 | Attr = ]

nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Created Date = 24/01/2007 21:41:47 | Attr = ]

nview -> %SystemRoot%\nview -> [Folder | Created Date = 24/01/2007 20:04:47 | Attr = ]

ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 207 bytes | Created Date = 29/01/2007 20:26:15 | Attr = ]

ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4429 bytes | Created Date = 24/01/2007 19:34:12 | Attr = ]

Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Created Date = 24/01/2007 19:42:11 | Attr = R ]

OpPrintServer.INI -> %SystemRoot%\OpPrintServer.INI -> [Ver = | Size = 0 bytes | Created Date = 07/03/2007 14:16:52 | Attr = ]

PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Created Date = 21/03/2007 00:15:07 | Attr = H ]

Plume.bmp -> %SystemRoot%\Plume.bmp -> [Ver = | Size = 16730 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

pss -> %SystemRoot%\pss -> [Folder | Created Date = 27/01/2007 13:08:31 | Attr = ]

QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 08/04/2007 18:27:29 | Attr = ]

QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 08/04/2007 18:27:29 | Attr = H ]

RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Created Date = 29/01/2007 20:24:23 | Attr = ]

Registration -> %SystemRoot%\Registration -> [Folder | Created Date = 24/01/2007 19:41:12 | Attr = ]

REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Created Date = 07/03/2007 14:24:41 | Attr = ]

repair -> %SystemRoot%\repair -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

report -> %SystemRoot%\report -> [Folder | Created Date = 27/01/2007 12:31:37 | Attr = ]

Rhododendron.bmp -> %SystemRoot%\Rhododendron.bmp -> [Ver = | Size = 17362 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

Rivière Sumida.bmp -> %SystemRoot%\Rivière Sumida.bmp -> [Ver = | Size = 26680 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

Rosace bleue 16.bmp -> %SystemRoot%\Rosace bleue 16.bmp -> [Ver = | Size = 1272 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

RUNAWAY.INI -> %SystemRoot%\RUNAWAY.INI -> [Ver = | Size = 40 bytes | Created Date = 28/01/2007 19:27:38 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

SET29.tmp -> %SystemRoot%\SET29.tmp -> [Ver = | Size = 14816 bytes | Created Date = 24/01/2007 19:33:58 | Attr = R ]

SET51.tmp -> %SystemRoot%\SET51.tmp -> [Ver = | Size = 1135628 bytes | Created Date = 24/01/2007 19:33:59 | Attr = R ]

setup.inf -> %SystemRoot%\setup.inf -> [Ver = | Size = 957 bytes | Created Date = 29/03/2007 18:27:38 | Attr = ]

setup.rpt -> %SystemRoot%\setup.rpt -> [Ver = | Size = 283 bytes | Created Date = 29/03/2007 18:27:38 | Attr = ]

ShellNew -> %SystemRoot%\ShellNew -> [Folder | Created Date = 24/01/2007 22:43:59 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Created Date = 26/01/2007 19:27:22 | Attr = ]

Speech -> %SystemRoot%\Speech -> [Folder | Created Date = 24/01/2007 19:34:10 | Attr = ]

Sun -> %SystemRoot%\Sun -> [Folder | Created Date = 14/02/2007 13:58:36 | Attr = ]

super.chm -> %SystemRoot%\super.chm -> [Ver = | Size = 9292 bytes | Created Date = 25/02/2007 12:32:51 | Attr = H ]

system -> %SystemRoot%\system -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

system32 -> %System32% -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Tasks -> %SystemRoot%\Tasks -> [Folder | Created Date = 24/01/2007 19:41:59 | Attr = S]

Tasse à café.bmp -> %SystemRoot%\Tasse à café.bmp -> [Ver = | Size = 17062 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

temp -> %SystemRoot%\temp -> [Folder | Created Date = 27/03/2007 18:46:09 | Attr = ]

Temporary Internet Files -> %SystemRoot%\Temporary Internet Files -> [Folder | Created Date = 04/02/2007 17:41:36 | Attr = S]

TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ]

tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ]

tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ]

tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1992471 bytes | Created Date = 27/01/2007 12:30:15 | Attr = ]

twain_32 -> %SystemRoot%\twain_32 -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Created Date = 27/01/2007 12:25:04 | Attr = ]

vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Created Date = 24/01/2007 19:41:10 | Attr = ]

vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Created Date = 24/01/2007 19:41:10 | Attr = ]

Vent de prairie.bmp -> %SystemRoot%\Vent de prairie.bmp -> [Ver = | Size = 65954 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

vpd.properties -> %SystemRoot%\vpd.properties -> [Ver = | Size = 4508 bytes | Created Date = 22/02/2007 20:02:51 | Attr = ]

VPTNFILE.219 -> %SystemRoot%\VPTNFILE.219 -> [Ver = | Size = 25798821 bytes | Created Date = 27/01/2007 12:30:10 | Attr = ]

vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Created Date = 27/01/2007 12:30:14 | Attr = ]

War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 15095 bytes | Created Date = 10/02/2007 17:12:07 | Attr = ]

War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 126976 bytes | Created Date = 10/02/2007 17:12:03 | Attr = ]

War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Created Date = 10/02/2007 17:12:03 | Attr = ]

Web -> %SystemRoot%\Web -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = S]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Created Date = 23/02/2007 14:25:22 | Attr = ]

x2.64.exe -> %SystemRoot%\x2.64.exe -> [Ver = | Size = 502784 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ]

Zapotec.bmp -> %SystemRoot%\Zapotec.bmp -> [Ver = | Size = 9522 bytes | Created Date = 24/01/2007 19:40:41 | Attr = ]

~TempMui.inf -> %SystemRoot%\~TempMui.inf -> [Ver = | Size = 5538 bytes | Created Date = 29/01/2007 20:26:18 | Attr = ]

desktop.ini -> %SystemRoot%\tasks\desktop.ini -> [Ver = | Size = 65 bytes | Created Date = 24/01/2007 19:41:59 | Attr = RH ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Created Date = 24/01/2007 19:42:37 | Attr = H ]

$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 341 bytes | Created Date = 24/01/2007 20:32:06 | Attr = ]

12520437.cpx -> %System32%\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ]

12520850.cpx -> %System32%\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ]

ac3DX.ax -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

ActiveScan -> %System32%\ActiveScan -> [Folder | Created Date = 04/04/2007 06:11:40 | Attr = ]

amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Created Date = 24/01/2007 19:42:49 | Attr = ]

amstream.dll -> %System32%\amstream.dll -> [Ver = | Size = 64512 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

appmgmt -> %System32%\appmgmt -> [Folder | Created Date = 02/02/2007 09:16:46 | Attr = ]

asuninst.exe -> %System32%\asuninst.exe -> Panda Software [Ver = 1, 0, 0, 2 | Size = 73728 bytes | Created Date = 04/04/2007 06:12:22 | Attr = ]

AUTOEXEC.NT -> %System32%\AUTOEXEC.NT -> [Ver = | Size = 531 bytes | Created Date = 24/01/2007 19:34:04 | Attr = ]

AVCDX.ax -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

avisynth.dll -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 306688 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ]

AVSredirect.dll -> %System32%\AVSredirect.dll -> [Ver = | Size = 27648 bytes | Created Date = 25/02/2007 12:35:09 | Attr = ]

bedgsly.bat -> %System32%\bedgsly.bat -> [Ver = | Size = 129 bytes | Created Date = 20/03/2007 17:48:25 | Attr = ]

BITS -> %System32%\BITS -> [Folder | Created Date = 28/03/2007 19:49:32 | Attr = ]

bopomofo.uce -> %System32%\bopomofo.uce -> [Ver = | Size = 22984 bytes | Created Date = 24/01/2007 19:40:38 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Created Date = 24/01/2007 19:33:57 | Attr = ]

cbrowser.dll -> %System32%\cbrowser.dll -> Sound Vision, Inc. [Ver = 1, 2, 0, 18 | Size = 126976 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ]

cliconf.chm -> %System32%\cliconf.chm -> [Ver = | Size = 71859 bytes | Created Date = 29/01/2007 20:26:08 | Attr = ]

CNDCK170.dll -> %System32%\CNDCK170.dll -> Canon, Inc. [Ver = 2003, 7, 23, 1 | Size = 81920 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ]

CNDNDlg.exe -> %System32%\CNDNDlg.exe -> Canon Inc. [Ver = 2003, 4, 14, 1 | Size = 40960 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ]

CNDUK170.dll -> %System32%\CNDUK170.dll -> Canon, Inc. [Ver = 2003, 7, 23, 1 | Size = 159744 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ]

Com -> %System32%\Com -> [Folder | Created Date = 24/01/2007 19:40:32 | Attr = ]

ComLib.dll -> %System32%\ComLib.dll -> Sound Vision [Ver = .0013x05 | Size = 40960 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ]

config -> %System32%\config -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Created Date = 24/01/2007 19:42:54 | Attr = ]

CONFIG.TMP -> %System32%\CONFIG.TMP -> [Ver = | Size = 3072 bytes | Created Date = 24/01/2007 19:34:05 | Attr = ]

CoreAAC.ax -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

c_20127.nls -> %System32%\c_20127.nls -> [Ver = | Size = 66082 bytes | Created Date = 24/01/2007 19:34:07 | Attr = ]

d3d9caps.dat -> %System32%\d3d9caps.dat -> [Ver = | Size = 664 bytes | Created Date = 29/01/2007 20:27:31 | Attr = ]

desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 271 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ]

devil.dll -> %System32%\devil.dll -> Abysmal Software [Ver = 1.6.6 | Size = 719872 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ]

dgrpsetu.dll -> %System32%\dgrpsetu.dll -> Digi [Ver = 2.2.1 | Size = 123904 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

dgsetup.dll -> %System32%\dgsetup.dll -> Digi International [Ver = v3.7.1.10 | Size = 86288 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

dhcp -> %System32%\dhcp -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

DiracSplitter.ax -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

DirectX -> %System32%\DirectX -> [Folder | Created Date = 28/01/2007 19:21:51 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = RHS]

DonationCoder_urlsnooper_InstallInfo.dat -> %System32%\DonationCoder_urlsnooper_InstallInfo.dat -> [Ver = | Size = 46 bytes | Created Date = 21/02/2007 13:44:11 | Attr = ]

dp.exe -> %System32%\dp.exe -> [Ver = | Size = 0 bytes | Created Date = 28/03/2007 11:12:16 | Attr = ]

drivers -> %System32%\drivers -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

dsound.vxd -> %System32%\dsound.vxd -> [Ver = | Size = 49666 bytes | Created Date = 02/02/2007 19:06:09 | Attr = ]

DTCLog -> %System32%\DTCLog -> [Folder | Created Date = 24/01/2007 19:41:01 | Attr = ]

dumphive.exe -> %System32%\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 15204 bytes | Created Date = 24/01/2007 19:41:40 | Attr = ]

EqnClass.Dll -> %System32%\EqnClass.Dll -> Equinox Systems Inc. [Ver = 3.0d | Size = 176400 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

export -> %System32%\export -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

flvDX.dll -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 126112 bytes | Created Date = 24/01/2007 19:33:44 | Attr = ]

folder.htt -> %System32%\folder.htt -> [Ver = | Size = 21844 bytes | Created Date = 24/01/2007 19:42:12 | Attr = H ]

gb2312.uce -> %System32%\gb2312.uce -> [Ver = | Size = 24006 bytes | Created Date = 24/01/2007 19:40:38 | Attr = ]

GroupPolicy -> %System32%\GroupPolicy -> [Folder | Created Date = 24/01/2007 19:51:33 | Attr = H ]

Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Created Date = 04/04/2007 06:11:45 | Attr = ]

hticons.dll -> %System32%\hticons.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.6684 | Size = 21776 bytes | Created Date = 24/01/2007 19:40:35 | Attr = ]

HTML.OCX -> %System32%\HTML.OCX -> NetManage Inc. [Ver = 6.02.1194 | Size = 169472 bytes | Created Date = 25/01/2007 08:27:08 | Attr = ]

hypertrm.dll -> %System32%\hypertrm.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.7000 | Size = 583440 bytes | Created Date = 24/01/2007 19:40:35 | Attr = ]

i420vfw.dll -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ]

ias -> %System32%\ias -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

ideograf.uce -> %System32%\ideograf.uce -> [Ver = | Size = 60458 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ]

ie_de -> %System32%\ie_de -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

ImageDrive.cpl -> %System32%\ImageDrive.cpl -> Ahead Software AG [Ver = 2, 23, 0, 14 | Size = 57344 bytes | Created Date = 29/01/2007 19:12:23 | Attr = ]

imagr5.dll -> %System32%\imagr5.dll -> Pegasus Software,LLC [Ver = 5.00.304 | Size = 569344 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ]

imagx5.dll -> %System32%\imagx5.dll -> Pegasus Software, LLC [Ver = 5.00.014 | Size = 544768 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ]

ImagXpr5.dll -> %System32%\ImagXpr5.dll -> Pegasus Software, LLC [Ver = 5.00.009 | Size = 283920 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ]

imgadmin.ocx -> %System32%\imgadmin.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 104208 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

imgcmn.dll -> %System32%\imgcmn.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 63760 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

imgedit.ocx -> %System32%\imgedit.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 311056 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ]

imgscan.ocx -> %System32%\imgscan.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 119568 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

imgshl.dll -> %System32%\imgshl.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13584 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

imgthumb.ocx -> %System32%\imgthumb.ocx -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 108816 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Created Date = 24/01/2007 19:43:23 | Attr = ]

instcat.sql -> %System32%\instcat.sql -> [Ver = | Size = 766934 bytes | Created Date = 29/01/2007 20:26:10 | Attr = ]

IOSUBSYS -> %System32%\IOSUBSYS -> [Folder | Created Date = 11/03/2007 19:17:43 | Attr = ]

irxgskvw.PIF -> %System32%\irxgskvw.PIF -> [Ver = | Size = 2855 bytes | Created Date = 21/03/2007 23:23:32 | Attr = ]

java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ]

javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ]

javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 31/03/2007 07:47:58 | Attr = ]

jpeg1x32.dll -> %System32%\jpeg1x32.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 27920 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

jpeg2x32.dll -> %System32%\jpeg2x32.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 38160 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

jpicpl32.cpl -> %System32%\jpicpl32.cpl -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49265 bytes | Created Date = 11/02/2007 12:15:23 | Attr = ]

kanji_1.uce -> %System32%\kanji_1.uce -> [Ver = | Size = 6948 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ]

kanji_2.uce -> %System32%\kanji_2.uce -> [Ver = | Size = 8484 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Created Date = 16/03/2007 20:49:37 | Attr = ]

korean.uce -> %System32%\korean.uce -> [Ver = | Size = 12876 bytes | Created Date = 24/01/2007 19:40:39 | Attr = ]

l3codeca.acm -> %System32%\l3codeca.acm -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 9, 0, 0305 | Size = 290816 bytes | Created Date = 23/02/2007 14:26:59 | Attr = ]

l3codecx.ax -> %System32%\l3codecx.ax -> Fraunhofer Institut Integrierte Schaltungen IIS [Ver = 1, 5, 0, 50 | Size = 83456 bytes | Created Date = 29/01/2007 20:22:27 | Attr = ]

Macromed -> %System32%\Macromed -> [Folder | Created Date = 24/01/2007 22:35:41 | Attr = ]

mapisvc.inf -> %System32%\mapisvc.inf -> [Ver = | Size = 725 bytes | Created Date = 24/01/2007 19:41:47 | Attr = ]

massvc32.exe -> %System32%\massvc32.exe -> [Ver = | Size = 0 bytes | Created Date = 18/03/2007 12:34:52 | Attr = ]

MatroskaDX.ax -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

mciqtz32.dll -> %System32%\mciqtz32.dll -> [Ver = | Size = 34304 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

Microsoft -> %System32%\Microsoft -> [Folder | Created Date = 24/01/2007 19:49:12 | Attr = ]

mpeg2data.ax -> %System32%\mpeg2data.ax -> [Ver = | Size = 57856 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ]

mpg2splt.ax -> %System32%\mpg2splt.ax -> [Ver = | Size = 136192 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

msconfig.chm -> %System32%\msconfig.chm -> [Ver = | Size = 18069 bytes | Created Date = 27/01/2007 13:06:03 | Attr = ]

msdmo.dll -> %System32%\msdmo.dll -> [Ver = | Size = 13312 bytes | Created Date = 29/01/2007 20:22:27 | Attr = ]

msdtcprf.h -> %System32%\msdtcprf.h -> [Ver = | Size = 768 bytes | Created Date = 24/01/2007 19:40:36 | Attr = ]

msdtcprf.ini -> %System32%\msdtcprf.ini -> [Ver = | Size = 3863 bytes | Created Date = 24/01/2007 19:40:36 | Attr = ]

msdvbnp.ax -> %System32%\msdvbnp.ax -> [Ver = | Size = 52224 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ]

mui -> %System32%\mui -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

N067UFW.dll -> %System32%\N067UFW.dll -> CANON INC. [Ver = 1.010 | Size = 339968 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ]

n2k.bmp -> %System32%\n2k.bmp -> [Ver = | Size = 2048 bytes | Created Date = 24/01/2007 19:40:47 | Attr = ]

NeroCheck.exe -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Created Date = 29/01/2007 19:12:00 | Attr = ]

NMOCOD.DLL -> %System32%\NMOCOD.DLL -> [Ver = | Size = 240640 bytes | Created Date = 25/01/2007 08:27:08 | Attr = ]

NMORENU.DLL -> %System32%\NMORENU.DLL -> NetManage Inc. [Ver = 6.02.1198 | Size = 66560 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ]

NMSCKN.DLL -> %System32%\NMSCKN.DLL -> NetManage Inc. [Ver = 6.02.1194 | Size = 48128 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ]

NMW3VWN.DLL -> %System32%\NMW3VWN.DLL -> NetManage Inc. [Ver = 6.02.1194 | Size = 462848 bytes | Created Date = 25/01/2007 08:27:09 | Attr = ]

npp -> %System32%\npp -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Created Date = 24/01/2007 19:42:49 | Attr = ]

nsp.dll -> %System32%\nsp.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 114688 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ]

nspa6.dll -> %System32%\nspa6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1429504 bytes | Created Date = 23/02/2007 14:25:17 | Attr = ]

nspm5.dll -> %System32%\nspm5.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1335296 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ]

nspm6.dll -> %System32%\nspm6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1404928 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ]

nspp6.dll -> %System32%\nspp6.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1318912 bytes | Created Date = 23/02/2007 14:25:18 | Attr = ]

nsppx.dll -> %System32%\nsppx.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1306624 bytes | Created Date = 23/02/2007 14:25:16 | Attr = ]

nspw7.dll -> %System32%\nspw7.dll -> Intel Corp. [Ver = 4, 5, 2, 2 | Size = 1441792 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ]

NtmsData -> %System32%\NtmsData -> [Folder | Created Date = 24/01/2007 19:49:57 | Attr = ]

nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Created Date = 24/01/2007 20:04:49 | Attr = ]

nvdisp.nvu -> %System32%\nvdisp.nvu -> [Ver = | Size = 17056 bytes | Created Date = 24/01/2007 20:04:47 | Attr = ]

nvudisp.exe -> %System32%\nvudisp.exe -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 24/01/2007 20:04:47 | Attr = ]

NVUNINST.EXE -> %System32%\NVUNINST.EXE -> NVIDIA Corporation [Ver = 1 , 0 , 1 , 55 | Size = 208896 bytes | Created Date = 24/01/2007 20:04:39 | Attr = ]

odbcconf.rsp -> %System32%\odbcconf.rsp -> [Ver = | Size = 28 bytes | Created Date = 29/01/2007 20:25:50 | Attr = ]

oieng400.dll -> %System32%\oieng400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 444176 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ]

oiprt400.dll -> %System32%\oiprt400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13072 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

oislb400.dll -> %System32%\oislb400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 21776 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

oissq400.dll -> %System32%\oissq400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 13072 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

oitwa400.dll -> %System32%\oitwa400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 25872 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

oiui400.dll -> %System32%\oiui400.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2195.6601 | Size = 63760 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ]

os2 -> %System32%\os2 -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

Packet.dll -> %System32%\Packet.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 88952 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ]

pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Created Date = 04/04/2007 06:11:44 | Attr = ]

Perflib_Perfdata_17c.dat -> %System32%\Perflib_Perfdata_17c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:29:07 | Attr = ]

Perflib_Perfdata_188.dat -> %System32%\Perflib_Perfdata_188.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:24:49 | Attr = ]

Perflib_Perfdata_1c0.dat -> %System32%\Perflib_Perfdata_1c0.dat -> [Ver = | Size = 16384 bytes | Created Date = 26/03/2007 17:53:43 | Attr = ]

Perflib_Perfdata_234.dat -> %System32%\Perflib_Perfdata_234.dat -> [Ver = | Size = 16384 bytes | Created Date = 27/03/2007 22:31:49 | Attr = ]

Perflib_Perfdata_2c0.dat -> %System32%\Perflib_Perfdata_2c0.dat -> [Ver = | Size = 16384 bytes | Created Date = 13/02/2007 11:02:22 | Attr = ]

Perflib_Perfdata_310.dat -> %System32%\Perflib_Perfdata_310.dat -> [Ver = | Size = 16384 bytes | Created Date = 29/03/2007 18:19:26 | Attr = ]

Perflib_Perfdata_314.dat -> %System32%\Perflib_Perfdata_314.dat -> [Ver = | Size = 16384 bytes | Created Date = 28/03/2007 19:46:52 | Attr = ]

Perflib_Perfdata_31c.dat -> %System32%\Perflib_Perfdata_31c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 19:22:28 | Attr = ]

Perflib_Perfdata_4d8.dat -> %System32%\Perflib_Perfdata_4d8.dat -> [Ver = | Size = 16384 bytes | Created Date = 28/02/2007 18:33:52 | Attr = ]

Perflib_Perfdata_57c.dat -> %System32%\Perflib_Perfdata_57c.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 18:45:43 | Attr = ]

Perflib_Perfdata_5b8.dat -> %System32%\Perflib_Perfdata_5b8.dat -> [Ver = | Size = 16384 bytes | Created Date = 19/03/2007 20:25:03 | Attr = ]

Perflib_Perfdata_5c8.dat -> %System32%\Perflib_Perfdata_5c8.dat -> [Ver = | Size = 16384 bytes | Created Date = 25/03/2007 19:06:27 | Attr = ]

Perflib_Perfdata_5d8.dat -> %System32%\Perflib_Perfdata_5d8.dat -> [Ver = | Size = 16384 bytes | Created Date = 22/03/2007 19:38:05 | Attr = ]

Perflib_Perfdata_60c.dat -> %System32%\Perflib_Perfdata_60c.dat -> [Ver = | Size = 16384 bytes | Created Date = 22/03/2007 19:30:23 | Attr = ]

Perflib_Perfdata_640.dat -> %System32%\Perflib_Perfdata_640.dat -> [Ver = | Size = 16384 bytes | Created Date = 20/03/2007 17:43:27 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 742792 bytes | Created Date = 24/01/2007 19:34:13 | Attr = ]

picn20.dll -> %System32%\picn20.dll -> Pegasus Imaging Corp. [Ver = 1.0.0.54 | Size = 38912 bytes | Created Date = 29/01/2007 19:12:05 | Attr = ]

pncrt.dll -> %System32%\pncrt.dll -> Real Networks, Inc [Ver = 6.0.0.0 | Size = 278528 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ]

pndx5016.dll -> %System32%\pndx5016.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 6656 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ]

pndx5032.dll -> %System32%\pndx5032.dll -> RealNetworks, Inc. [Ver = 5.0.0.0 | Size = 5632 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ]

Process.exe -> %System32%\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

PROTOCOL.INI -> %System32%\PROTOCOL.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:47 | Attr = ]

PSCLK170.dll -> %System32%\PSCLK170.dll -> Canon. Inc [Ver = 2003, 7, 24, 1 | Size = 81920 bytes | Created Date = 07/03/2007 14:18:10 | Attr = ]

PSDrvCheck.CHS -> %System32%\PSDrvCheck.CHS -> [Ver = 1.0.0.56 | Size = 16384 bytes | Created Date = 23/02/2007 14:25:15 | Attr = ]

PSDrvCheck.CHT -> %System32%\PSDrvCheck.CHT -> [Ver = 1.0.0.56 | Size = 26112 bytes | Created Date = 23/02/2007 14:25:15 | Attr = ]

PSDrvCheck.DE -> %System32%\PSDrvCheck.DE -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:16 | Attr = ]

PSDrvCheck.DEU -> %System32%\PSDrvCheck.DEU -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ]

PSDrvCheck.ES -> %System32%\PSDrvCheck.ES -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:13 | Attr = ]

PSDrvCheck.ESP -> %System32%\PSDrvCheck.ESP -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:19 | Attr = ]

PSDrvCheck.exe -> %System32%\PSDrvCheck.exe -> [Ver = 1.0.0.56 | Size = 396800 bytes | Created Date = 23/02/2007 14:25:18 | Attr = ]

PSDrvCheck.FR -> %System32%\PSDrvCheck.FR -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:12 | Attr = ]

PSDrvCheck.FRA -> %System32%\PSDrvCheck.FRA -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:21 | Attr = ]

PSDrvCheck.IT -> %System32%\PSDrvCheck.IT -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:11 | Attr = ]

PSDrvCheck.ITA -> %System32%\PSDrvCheck.ITA -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:09 | Attr = ]

PSDrvCheck.KOR -> %System32%\PSDrvCheck.KOR -> [Ver = 1.0.0.56 | Size = 16896 bytes | Created Date = 23/02/2007 14:25:14 | Attr = ]

PSDrvCheck.NL -> %System32%\PSDrvCheck.NL -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:14 | Attr = ]

PSDrvCheck.NLD -> %System32%\PSDrvCheck.NLD -> [Ver = 1.0.0.56 | Size = 26624 bytes | Created Date = 23/02/2007 14:25:21 | Attr = ]

psisdecd.dll -> %System32%\psisdecd.dll -> [Ver = | Size = 354816 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ]

psisrndr.ax -> %System32%\psisrndr.ax -> [Ver = | Size = 30208 bytes | Created Date = 02/02/2007 19:06:12 | Attr = ]

pthreadVC.dll -> %System32%\pthreadVC.dll -> [Ver = | Size = 53299 bytes | Created Date = 25/01/2007 18:31:36 | Attr = ]

px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 514808 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.95a | Size = 477944 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 3.00.41a | Size = 68344 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 183032 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 3.2.46.500 | Size = 379640 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

qedwipes.dll -> %System32%\qedwipes.dll -> [Ver = | Size = 733184 bytes | Created Date = 29/01/2007 20:22:28 | Attr = ]

qkiiw.bat -> %System32%\qkiiw.bat -> [Ver = | Size = 121 bytes | Created Date = 19/03/2007 21:36:24 | Attr = ]

ras -> %System32%\ras -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

RealMediaDX.ax -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

RLAPEDec.ax -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

RLMPCDec.ax -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

RLOgg.ax -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Created Date = 25/02/2007 12:32:52 | Attr = RHS]

RLSpeexDec.ax -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS]

RLTheoraDec.ax -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS]

RLVorbisDec.ax -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Created Date = 25/02/2007 12:32:53 | Attr = RHS]

rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Created Date = 02/02/2007 09:34:38 | Attr = ]

rocket -> %System32%\rocket -> [Folder | Created Date = 24/01/2007 19:43:24 | Attr = ]

rpcproxy -> %System32%\rpcproxy -> [Folder | Created Date = 24/01/2007 19:43:23 | Attr = ]

rtl70.bpl -> %System32%\rtl70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 778240 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ]

rxwas.bat -> %System32%\rxwas.bat -> [Ver = | Size = 121 bytes | Created Date = 18/03/2007 11:18:58 | Attr = ]

sczihu.bat -> %System32%\sczihu.bat -> [Ver = | Size = 116 bytes | Created Date = 16/03/2007 23:37:42 | Attr = ]

Setup -> %System32%\Setup -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

SG62CPL.DLL -> %System32%\SG62CPL.DLL -> CANON INC. [Ver = 6.2.2 | Size = 28720 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ]

SG62UUD.DLL -> %System32%\SG62UUD.DLL -> CANON INC. [Ver = 1.0.0.3 | Size = 114688 bytes | Created Date = 24/01/2007 20:12:14 | Attr = R ]

ShellDHCP -> %System32%\ShellDHCP -> [Folder | Created Date = 25/02/2007 12:35:06 | Attr = ]

ShellExt -> %System32%\ShellExt -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

shiftjis.uce -> %System32%\shiftjis.uce -> [Ver = | Size = 16740 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

Shutdown.exe -> %System32%\Shutdown.exe -> [Ver = | Size = 35600 bytes | Created Date = 24/03/2007 18:35:56 | Attr = ]

Smab.dll -> %System32%\Smab.dll -> [Ver = | Size = 845312 bytes | Created Date = 25/02/2007 12:35:07 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Created Date = 24/01/2007 20:32:13 | Attr = ]

spool -> %System32%\spool -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

spxcoins.dll -> %System32%\spxcoins.dll -> Specialix International Ltd. [Ver = 1.0.0.0004 | Size = 150528 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

sqlsodbc.chm -> %System32%\sqlsodbc.chm -> [Ver = | Size = 46133 bytes | Created Date = 29/01/2007 20:26:13 | Attr = ]

SrchSTS.exe -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

subrange.uce -> %System32%\subrange.uce -> [Ver = | Size = 93702 bytes | Created Date = 24/01/2007 19:40:40 | Attr = ]

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

swsc.exe -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 27/03/2007 18:14:13 | Attr = ]

SYSTEM.INI -> %System32%\SYSTEM.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:46 | Attr = ]

tifflt.dll -> %System32%\tifflt.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2920.0000 | Size = 33552 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 1422 bytes | Created Date = 26/03/2007 18:33:16 | Attr = ]

tunes.bmp -> %System32%\tunes.bmp -> [Ver = | Size = 1584 bytes | Created Date = 24/01/2007 19:40:47 | Attr = ]

UCS32P.DLL -> %System32%\UCS32P.DLL -> Canon [Ver = 1.9.1 | Size = 323644 bytes | Created Date = 24/01/2007 20:12:15 | Attr = R ]

Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Created Date = 04/04/2007 06:11:45 | Attr = ]

vcl70.bpl -> %System32%\vcl70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 1381376 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ]

vclx70.bpl -> %System32%\vclx70.bpl -> Borland Software Corporation [Ver = 7.0.4.453 | Size = 215040 bytes | Created Date = 23/02/2007 14:24:33 | Attr = ]

vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.72a | Size = 39672 bytes | Created Date = 11/03/2007 19:17:53 | Attr = ]

WanPacket.dll -> %System32%\WanPacket.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 68480 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

WIN.INI -> %System32%\WIN.INI -> [Ver = | Size = 8 bytes | Created Date = 29/01/2007 20:26:46 | Attr = ]

Windows Media -> %System32%\Windows Media -> [Folder | Created Date = 28/03/2007 13:50:25 | Attr = ]

wins -> %System32%\wins -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

wpcap.dll -> %System32%\wpcap.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 240496 bytes | Created Date = 25/01/2007 18:31:36 | Attr = ]

x.264.exe -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ]

xdll.bat -> %System32%\xdll.bat -> [Ver = | Size = 114 bytes | Created Date = 20/03/2007 17:48:14 | Attr = ]

xiffr3_0.dll -> %System32%\xiffr3_0.dll -> Scansoft [Ver = 3. 0. 0. 18 | Size = 641808 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

yv12vfw.dll -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Created Date = 25/02/2007 12:35:08 | Attr = ]

ZPORT4AS.dll -> %System32%\ZPORT4AS.dll -> [Ver = | Size = 11776 bytes | Created Date = 04/04/2007 06:12:21 | Attr = ]

12520437.cpx -> %System32%\dllcache\12520437.cpx -> [Ver = | Size = 2151 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ]

12520850.cpx -> %System32%\dllcache\12520850.cpx -> [Ver = | Size = 2233 bytes | Created Date = 29/01/2007 20:25:52 | Attr = ]

amstream.dll -> %System32%\dllcache\amstream.dll -> [Ver = | Size = 64512 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

dgrpsetu.dll -> %System32%\dllcache\dgrpsetu.dll -> Digi [Ver = 2.2.1 | Size = 123904 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

dgsetup.dll -> %System32%\dllcache\dgsetup.dll -> Digi International [Ver = v3.7.1.10 | Size = 86288 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

eqnclass.dll -> %System32%\dllcache\eqnclass.dll -> Equinox Systems Inc. [Ver = 3.0d | Size = 176400 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

fpencode.dll -> %System32%\dllcache\fpencode.dll -> [Ver = | Size = 94208 bytes | Created Date = 24/01/2007 19:43:46 | Attr = ]

htrn_jis.dll -> %System32%\dllcache\htrn_jis.dll -> Hilgraeve, Inc. [Ver = 5.00.2195.6684 | Size = 11536 bytes | Created Date = 24/01/2007 19:40:34 | Attr = ]

mciqtz32.dll -> %System32%\dllcache\mciqtz32.dll -> [Ver = | Size = 34304 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

mei32api.dll -> %System32%\dllcache\mei32api.dll -> IBM Corporation [Ver = 2.60.35 | Size = 31232 bytes | Created Date = 24/01/2007 19:44:03 | Attr = ]

meiw0439.dll -> %System32%\dllcache\meiw0439.dll -> IBM Corporation [Ver = 2.60.35 | Size = 83968 bytes | Created Date = 24/01/2007 19:44:03 | Attr = ]

mpg2splt.ax -> %System32%\dllcache\mpg2splt.ax -> [Ver = | Size = 136192 bytes | Created Date = 29/01/2007 20:22:26 | Attr = ]

mwave.dll -> %System32%\dllcache\mwave.dll -> IBM Corporation [Ver = 2.60.35 | Size = 50688 bytes | Created Date = 24/01/2007 19:44:14 | Attr = ]

mwavesrv.dll -> %System32%\dllcache\mwavesrv.dll -> IBM Corporation [Ver = 2.60.35 | Size = 129024 bytes | Created Date = 24/01/2007 19:44:14 | Attr = ]

mwblw32.dll -> %System32%\dllcache\mwblw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 56832 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ]

mwci32.dll -> %System32%\dllcache\mwci32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 51712 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ]

mwcicore.dll -> %System32%\dllcache\mwcicore.dll -> IBM Corporation [Ver = 2.60.35 | Size = 71680 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ]

mwcload.exe -> %System32%\dllcache\mwcload.exe -> IBM Corporation [Ver = 2.60.35 | Size = 56832 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ]

mwcloadw.exe -> %System32%\dllcache\mwcloadw.exe -> IBM Corporation [Ver = 2.60.35 | Size = 60928 bytes | Created Date = 24/01/2007 19:44:15 | Attr = ]

mwclw32.dll -> %System32%\dllcache\mwclw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 90624 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwcnam32.dll -> %System32%\dllcache\mwcnam32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 33280 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwcpa32.cpl -> %System32%\dllcache\mwcpa32.cpl -> IBM Corporation [Ver = 2.60.35 | Size = 94208 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwcpyrt.exe -> %System32%\dllcache\mwcpyrt.exe -> IBM Corporation [Ver = 2.60.35 | Size = 26112 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwcsw32.exe -> %System32%\dllcache\mwcsw32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 160256 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwmdmsvc.exe -> %System32%\dllcache\mwmdmsvc.exe -> IBM Corporation [Ver = 2.60.35 | Size = 50688 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwmlw32.dll -> %System32%\dllcache\mwmlw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 262144 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwmmw32.dll -> %System32%\dllcache\mwmmw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 40448 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwmpw32.dll -> %System32%\dllcache\mwmpw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 164352 bytes | Created Date = 24/01/2007 19:44:16 | Attr = ]

mwmw32.dll -> %System32%\dllcache\mwmw32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 121344 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwrcov16.exe -> %System32%\dllcache\mwrcov16.exe -> IBM Corporation [Ver = 2.60:35 | Size = 42496 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwremind.exe -> %System32%\dllcache\mwremind.exe -> IBM Corporation [Ver = 2.60.35 | Size = 202752 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwsetupk.sys -> %System32%\dllcache\mwsetupk.sys -> IBM Corporation [Ver = 2.60.01.0 | Size = 5376 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwssw32.exe -> %System32%\dllcache\mwssw32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 29184 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwwdm.sys -> %System32%\dllcache\mwwdm.sys -> IBM Corporation [Ver = 2.60.05.0 | Size = 39200 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwwdmhlp.dll -> %System32%\dllcache\mwwdmhlp.dll -> IBM Corporation [Ver = 2.60.35 | Size = 30720 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

mwwtt32.dll -> %System32%\dllcache\mwwtt32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 108032 bytes | Created Date = 24/01/2007 19:44:17 | Attr = ]

nt5.cat -> %System32%\dllcache\nt5.cat -> [Ver = | Size = 1847411 bytes | Created Date = 24/01/2007 19:33:57 | Attr = ]

nt5inf.cat -> %System32%\dllcache\nt5inf.cat -> [Ver = | Size = 97252 bytes | Created Date = 24/01/2007 19:33:57 | Attr = ]

odbcconf.rsp -> %System32%\dllcache\odbcconf.rsp -> [Ver = | Size = 28 bytes | Created Date = 29/01/2007 20:25:50 | Attr = ]

pinball.exe -> %System32%\dllcache\pinball.exe -> Cinematronics [Ver = 5.00.2134.1 | Size = 305424 bytes | Created Date = 24/01/2007 19:40:51 | Attr = ]

qtest32.exe -> %System32%\dllcache\qtest32.exe -> IBM Corporation [Ver = 2.60.35 | Size = 155648 bytes | Created Date = 24/01/2007 19:44:29 | Attr = ]

qtestm32.dll -> %System32%\dllcache\qtestm32.dll -> IBM Corporation [Ver = 2.60.35 | Size = 31744 bytes | Created Date = 24/01/2007 19:44:29 | Attr = ]

rtl8139.sys -> %System32%\dllcache\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.366.0818.1999 | Size = 18704 bytes | Created Date = 15/03/2007 19:12:18 | Attr = ]

spxcoins.dll -> %System32%\dllcache\spxcoins.dll -> Specialix International Ltd. [Ver = 1.0.0.0004 | Size = 150528 bytes | Created Date = 24/01/2007 19:34:06 | Attr = ]

srgb.icm -> %System32%\dllcache\srgb.icm -> [Ver = | Size = 3144 bytes | Created Date = 02/02/2007 09:12:39 | Attr = ]

tcarc.sys -> %System32%\dllcache\tcarc.sys -> Thomas-Conrad Corporation [Ver = 1.10.0.0 | Size = 10800 bytes | Created Date = 24/01/2007 19:44:46 | Attr = ]

tifflt.dll -> %System32%\dllcache\tifflt.dll -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2920.0000 | Size = 33552 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

wangimg.exe -> %System32%\dllcache\wangimg.exe -> Eastman Software, Inc., A Kodak Business [Ver = 5.00.2134.1 | Size = 7440 bytes | Created Date = 24/01/2007 19:44:52 | Attr = ]

xiffr3_0.dll -> %System32%\dllcache\xiffr3_0.dll -> Scansoft [Ver = 3. 0. 0. 18 | Size = 641808 bytes | Created Date = 24/01/2007 19:40:37 | Attr = ]

xilinxit.dll -> %System32%\dllcache\xilinxit.dll -> IBM Corporation [Ver = 2.60.35 | Size = 36352 bytes | Created Date = 24/01/2007 19:44:55 | Attr = ]

ALCXWDM.SYS -> %System32%\drivers\ALCXWDM.SYS -> Avance Logic, Inc. [Ver = 5.10.3610 | Size = 285533 bytes | Created Date = 24/01/2007 20:00:19 | Attr = ]

asapiW2k.sys -> %System32%\drivers\asapiW2k.sys -> VOB Computersysteme GmbH [Ver = 6, 0, 0, 1 | Size = 11264 bytes | Created Date = 23/02/2007 14:25:12 | Attr = ]

atksgt.sys -> %System32%\drivers\atksgt.sys -> [Ver = | Size = 271360 bytes | Created Date = 03/02/2007 13:29:45 | Attr = ]

AvgAsCln.sys -> %System32%\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Created Date = 19/03/2007 18:40:07 | Attr = ]

cdr4_2k.sys -> %System32%\drivers\cdr4_2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2432 bytes | Created Date = 11/03/2007 19:17:54 | Attr = ]

cdralw2k.sys -> %System32%\drivers\cdralw2k.sys -> Sonic Solutions [Ver = 8.0.0.212 | Size = 2560 bytes | Created Date = 11/03/2007 19:17:54 | Attr = ]

disdn -> %System32%\drivers\disdn -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Created Date = 24/01/2007 20:29:55 | Attr = ]

fbxusb32.sys -> %System32%\drivers\fbxusb32.sys -> FreeBox SA [Ver = 1.3.0.0 | Size = 21344 bytes | Created Date = 24/01/2007 20:09:40 | Attr = R ]

gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Created Date = 03/04/2007 22:34:19 | Attr = ]

imagedrv.sys -> %System32%\drivers\imagedrv.sys -> Ahead Software AG and its licensors [Ver = 2.23.0.0 | Size = 89184 bytes | Created Date = 29/01/2007 19:12:23 | Attr = ]

lirsgt.sys -> %System32%\drivers\lirsgt.sys -> [Ver = | Size = 18048 bytes | Created Date = 03/02/2007 13:29:44 | Attr = ]

npf.sys -> %System32%\drivers\npf.sys -> CACE Technologies [Ver = 4.0.0.755 | Size = 42000 bytes | Created Date = 25/01/2007 18:31:34 | Attr = ]

nwlnkcr.sys -> %System32%\drivers\nwlnkcr.sys -> [Ver = | Size = 18 bytes | Created Date = 31/03/2007 11:53:31 | Attr = ]

rob_a.sys -> %System32%\drivers\rob_a.sys -> Pinnacle Systems GmbH [Ver = 1.0.2.8 | Size = 17664 bytes | Created Date = 02/02/2007 09:07:53 | Attr = R ]

rob_v.sys -> %System32%\drivers\rob_v.sys -> Pinnacle Systems GmbH [Ver = 1.0.2.35 | Size = 125568 bytes | Created Date = 24/01/2007 20:20:32 | Attr = R ]

RTL8139.sys -> %System32%\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.366.0818.1999 | Size = 18704 bytes | Created Date = 15/03/2007 19:12:18 | Attr = ]

SECDRV.SYS -> %System32%\drivers\SECDRV.SYS -> Macrovision Europe Ltd [Ver = 3.18.000 | Size = 12400 bytes | Created Date = 25/01/2007 08:18:33 | Attr = ]

sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 642560 bytes | Created Date = 25/01/2007 08:07:32 | Attr = ]

sptd5725.sys -> %System32%\drivers\sptd5725.sys -> [Ver = | Size = 74192 bytes | Created Date = 25/01/2007 08:07:32 | Attr = ]

SvStream.sys -> %System32%\drivers\SvStream.sys -> Sound Vision Inc. [Ver = 1, 1, 0, 9 | Size = 93144 bytes | Created Date = 24/01/2007 20:53:26 | Attr = ]

vaxscsi.sys -> %System32%\drivers\vaxscsi.sys -> [Ver = | Size = 223128 bytes | Created Date = 25/01/2007 08:10:44 | Attr = ]

VIAAGP1.SYS -> %System32%\drivers\VIAAGP1.SYS -> VIA Technologies, Inc. [Ver = 5.00.00.0405 | Size = 23730 bytes | Created Date = 24/01/2007 19:56:20 | Attr = R ]

viaide.sys -> %System32%\drivers\viaide.sys -> VIA Technologies, Inc. [Ver = 5.00.2195.5110 | Size = 4795 bytes | Created Date = 24/01/2007 19:56:22 | Attr = R ]

VIAPFD.SYS -> %System32%\drivers\VIAPFD.SYS -> VIA Technologies. Inc. [Ver = 5.00.2195.100 | Size = 3033 bytes | Created Date = 24/01/2007 19:55:55 | Attr = ]

viausb.sys -> %System32%\drivers\viausb.sys -> VIA Technologies, Inc. [Ver = 1.08 | Size = 9038 bytes | Created Date = 24/01/2007 19:55:55 | Attr = ]

 

[Files/Folders - Modified Within 90 days]

!Submit -> %SystemDrive%\!Submit -> [Folder | Modified Date = 15/03/2007 20:38:30 | Attr = ]

AUTOEXEC.BAT -> %SystemDrive%\AUTOEXEC.BAT -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = ]

avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 06/04/2007 07:25:34 | Attr = ]

b48da1ca53575bea94a6b53607 -> %SystemDrive%\b48da1ca53575bea94a6b53607 -> [Folder | Modified Date = 28/03/2007 14:49:14 | Attr = ]

Bases -> %SystemDrive%\Bases -> [Folder | Modified Date = 24/03/2007 19:12:56 | Attr = ]

boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 202 bytes | Modified Date = 05/04/2007 18:54:28 | Attr = HS]

Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 31/03/2007 08:48:10 | Attr = HS]

CONFIG.SYS -> %SystemDrive%\CONFIG.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = H ]

Directx -> %SystemDrive%\Directx -> [Folder | Modified Date = 28/01/2007 20:19:36 | Attr = ]

Documents and Settings -> %SystemDrive%\Documents and Settings -> [Folder | Modified Date = 26/02/2007 16:07:24 | Attr = ]

Downloads -> %SystemDrive%\Downloads -> [Folder | Modified Date = 24/03/2007 19:12:38 | Attr = ]

getfile.dat -> %SystemDrive%\getfile.dat -> [Ver = | Size = 14 bytes | Modified Date = 19/03/2007 21:12:34 | Attr = ]

IO.SYS -> %SystemDrive%\IO.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = RHS]

Kaspersky -> %SystemDrive%\Kaspersky -> [Folder | Modified Date = 25/03/2007 14:16:48 | Attr = ]

MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = RHS]

Myst V End Of Ages -> %SystemDrive%\Myst V End Of Ages -> [Folder | Modified Date = 28/03/2007 10:45:22 | Attr = ]

Nvidia Driver Geforce fx5200 -> %SystemDrive%\Nvidia Driver Geforce fx5200 -> [Folder | Modified Date = 24/01/2007 21:04:34 | Attr = ]

Program Files -> %ProgramFiles% -> [Folder | Modified Date = 04/04/2007 23:08:46 | Attr = R ]

RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 24/01/2007 21:41:50 | Attr = HS]

System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 24/01/2007 20:49:16 | Attr = HS]

WINNT -> %SystemRoot% -> [Folder | Modified Date = 08/04/2007 19:27:30 | Attr = ]

$NtUpdateRollupPackUninstall$ -> %SystemRoot%\$NtUpdateRollupPackUninstall$ -> [Folder | Modified Date = 28/03/2007 14:50:02 | Attr = H ]

$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> %SystemRoot%\$SQLUninstallMDAC27SP1-KB927779-x86-FRA$ -> [Folder | Modified Date = 29/03/2007 20:09:10 | Attr = H ]

addins -> %SystemRoot%\addins -> [Folder | Modified Date = 24/01/2007 21:30:32 | Attr = ]

AppPatch -> %SystemRoot%\AppPatch -> [Folder | Modified Date = 08/04/2007 13:20:34 | Attr = ]

AU_Backup -> %SystemRoot%\AU_Backup -> [Folder | Modified Date = 27/01/2007 13:30:18 | Attr = ]

AU_Log -> %SystemRoot%\AU_Log -> [Folder | Modified Date = 27/01/2007 13:25:12 | Attr = ]

AU_Temp -> %SystemRoot%\AU_Temp -> [Folder | Modified Date = 15/03/2007 21:15:00 | Attr = ]

avrack.ini -> %SystemRoot%\avrack.ini -> [Ver = | Size = 164 bytes | Modified Date = 24/01/2007 21:47:52 | Attr = ]

Awm4midi.ini -> %SystemRoot%\Awm4midi.ini -> [Ver = | Size = 276 bytes | Modified Date = 29/01/2007 21:29:58 | Attr = ]

bdinit.ini -> %SystemRoot%\bdinit.ini -> [Ver = | Size = 10 bytes | Modified Date = 16/03/2007 21:40:16 | Attr = ]

BDOSCAN8 -> %SystemRoot%\BDOSCAN8 -> [Folder | Modified Date = 20/03/2007 23:55:02 | Attr = ]

BPMNT.dll -> %SystemRoot%\BPMNT.dll -> Trend Micro Inc. [Ver = 8.000-1001 | Size = 86094 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

Config -> %SystemRoot%\Config -> [Folder | Modified Date = 24/01/2007 21:30:48 | Attr = ]

Connection Wizard -> %SystemRoot%\Connection Wizard -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

control.ini -> %SystemRoot%\control.ini -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 20:42:56 | Attr = ]

Cookies -> %SystemRoot%\Cookies -> [Folder | Modified Date = 17/03/2007 19:27:50 | Attr = S]

CSC -> %SystemRoot%\CSC -> [Folder | Modified Date = 10/04/2007 09:03:02 | Attr = HS]

Cursors -> %SystemRoot%\Cursors -> [Folder | Modified Date = 25/02/2007 13:26:38 | Attr = ]

Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 10/04/2007 09:03:34 | Attr = ]

desktop.ini -> %SystemRoot%\desktop.ini -> [Ver = | Size = 271 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ]

Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 22/02/2007 21:19:10 | Attr = ]

Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 08/04/2007 13:20:14 | Attr = S]

Driver Cache -> %SystemRoot%\Driver Cache -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

Fichiers d'installation de Windows Update -> %SystemRoot%\Fichiers d'installation de Windows Update -> [Folder | Modified Date = 24/02/2007 21:16:52 | Attr = ]

folder.htt -> %SystemRoot%\folder.htt -> [Ver = | Size = 21844 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ]

Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 23/02/2007 15:25:24 | Attr = R S]

GetServer.ini -> %SystemRoot%\GetServer.ini -> [Ver = | Size = 170 bytes | Modified Date = 15/03/2007 21:15:00 | Attr = ]

gmer.dll -> %SystemRoot%\gmer.dll -> [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ]

gmer.exe -> %SystemRoot%\gmer.exe -> [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Modified Date = 07/03/2007 15:52:36 | Attr = ]

gmer.ini -> %SystemRoot%\gmer.ini -> [Ver = | Size = 250 bytes | Modified Date = 03/04/2007 23:35:16 | Attr = ]

gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [Ver = | Size = 80 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ]

hcextoutput.dll -> %SystemRoot%\hcextoutput.dll -> [Ver = | Size = 71749 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

Help -> %SystemRoot%\Help -> [Folder | Modified Date = 31/03/2007 18:44:28 | Attr = ]

Historique -> %SystemRoot%\Historique -> [Folder | Modified Date = 04/02/2007 18:41:38 | Attr = S]

hpdj5100.his -> %SystemRoot%\hpdj5100.his -> [Ver = | Size = 180248 bytes | Modified Date = 02/02/2007 10:16:08 | Attr = ]

hpdj5100.ini -> %SystemRoot%\hpdj5100.ini -> [Ver = | Size = 11413 bytes | Modified Date = 02/02/2007 10:16:08 | Attr = ]

ime -> %SystemRoot%\ime -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ]

imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1418 bytes | Modified Date = 29/03/2007 21:33:04 | Attr = ]

inf -> %SystemRoot%\inf -> [Folder | Modified Date = 08/04/2007 00:59:36 | Attr = H ]

Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 31/03/2007 08:48:10 | Attr = HS]

LPT$VPN.219 -> %SystemRoot%\LPT$VPN.219 -> [Ver = | Size = 25798821 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

Media -> %SystemRoot%\Media -> [Folder | Modified Date = 24/01/2007 23:44:10 | Attr = ]

Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 17/03/2007 19:24:54 | Attr = ]

mozver.dat -> %SystemRoot%\mozver.dat -> [Ver = | Size = 4243 bytes | Modified Date = 31/03/2007 08:48:16 | Attr = ]

msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 29/03/2007 20:00:44 | Attr = ]

msapps -> %SystemRoot%\msapps -> [Folder | Modified Date = 24/01/2007 23:20:32 | Attr = ]

msdownld.tmp -> %SystemRoot%\msdownld.tmp -> [Folder | Modified Date = 25/02/2007 13:28:36 | Attr = H ]

msiinst.tmp -> %SystemRoot%\msiinst.tmp -> [Folder | Modified Date = 28/03/2007 15:02:42 | Attr = ]

mww32 -> %SystemRoot%\mww32 -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ]

NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 49 bytes | Modified Date = 07/04/2007 23:52:24 | Attr = ]

nsreg.dat -> %SystemRoot%\nsreg.dat -> [Ver = | Size = 0 bytes | Modified Date = 24/01/2007 22:41:48 | Attr = ]

nview -> %SystemRoot%\nview -> [Folder | Modified Date = 24/01/2007 21:05:56 | Attr = ]

ODBC.INI -> %SystemRoot%\ODBC.INI -> [Ver = | Size = 207 bytes | Modified Date = 11/03/2007 17:25:40 | Attr = ]

ODBCINST.INI -> %SystemRoot%\ODBCINST.INI -> [Ver = | Size = 4429 bytes | Modified Date = 29/01/2007 21:26:16 | Attr = ]

Offline Web Pages -> %SystemRoot%\Offline Web Pages -> [Folder | Modified Date = 24/01/2007 20:42:12 | Attr = R ]

OpPrintServer.INI -> %SystemRoot%\OpPrintServer.INI -> [Ver = | Size = 0 bytes | Modified Date = 07/03/2007 15:16:54 | Attr = ]

PATCH.EXE -> %SystemRoot%\PATCH.EXE -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 286720 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ]

PIF -> %SystemRoot%\PIF -> [Folder | Modified Date = 21/03/2007 01:15:08 | Attr = H ]

pss -> %SystemRoot%\pss -> [Folder | Modified Date = 27/01/2007 15:06:58 | Attr = ]

QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 08/04/2007 19:27:30 | Attr = ]

QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 08/04/2007 19:27:30 | Attr = H ]

RegisteredPackages -> %SystemRoot%\RegisteredPackages -> [Folder | Modified Date = 24/02/2007 21:18:34 | Attr = ]

Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 24/01/2007 20:41:42 | Attr = ]

REGLOCS.OLD -> %SystemRoot%\REGLOCS.OLD -> [Ver = | Size = 8192 bytes | Modified Date = 07/03/2007 15:24:42 | Attr = ]

repair -> %SystemRoot%\repair -> [Folder | Modified Date = 24/01/2007 20:43:16 | Attr = ]

report -> %SystemRoot%\report -> [Folder | Modified Date = 15/03/2007 21:15:18 | Attr = ]

RUNAWAY.INI -> %SystemRoot%\RUNAWAY.INI -> [Ver = | Size = 40 bytes | Modified Date = 28/01/2007 20:27:40 | Attr = ]

security -> %SystemRoot%\security -> [Folder | Modified Date = 08/04/2007 22:09:06 | Attr = ]

setup.inf -> %SystemRoot%\setup.inf -> [Ver = | Size = 957 bytes | Modified Date = 29/03/2007 19:27:42 | Attr = ]

setup.rpt -> %SystemRoot%\setup.rpt -> [Ver = | Size = 283 bytes | Modified Date = 29/03/2007 19:27:42 | Attr = ]

ShellNew -> %SystemRoot%\ShellNew -> [Folder | Modified Date = 24/01/2007 23:44:00 | Attr = ]

SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 04/04/2007 09:48:32 | Attr = ]

Speech -> %SystemRoot%\Speech -> [Folder | Modified Date = 24/01/2007 20:34:12 | Attr = ]

Sun -> %SystemRoot%\Sun -> [Folder | Modified Date = 14/02/2007 14:58:38 | Attr = ]

system -> %SystemRoot%\system -> [Folder | Modified Date = 28/03/2007 17:04:00 | Attr = ]

system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 05/04/2007 18:54:28 | Attr = ]

system32 -> %System32% -> [Folder | Modified Date = 10/04/2007 09:03:50 | Attr = ]

Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 08/04/2007 14:47:20 | Attr = S]

temp -> %SystemRoot%\temp -> [Folder | Modified Date = 10/04/2007 09:14:26 | Attr = ]

Temporary Internet Files -> %SystemRoot%\Temporary Internet Files -> [Folder | Modified Date = 04/02/2007 18:41:38 | Attr = S]

TMUPDATE.DLL -> %SystemRoot%\TMUPDATE.DLL -> Trend Micro Inc. [Ver = 1,81,0,1011 | Size = 507904 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ]

tsc.exe -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

tsc.ini -> %SystemRoot%\tsc.ini -> [Ver = | Size = 823 bytes | Modified Date = 15/03/2007 22:37:30 | Attr = ]

tsc.ptn -> %SystemRoot%\tsc.ptn -> [Ver = | Size = 1992471 bytes | Modified Date = 27/01/2007 13:30:18 | Attr = ]

twain_32 -> %SystemRoot%\twain_32 -> [Folder | Modified Date = 07/03/2007 15:22:42 | Attr = ]

UNZIP.DLL -> %SystemRoot%\UNZIP.DLL -> Trend Micro Inc. [Ver = 1.32.0.1000 | Size = 69689 bytes | Modified Date = 27/01/2007 13:25:06 | Attr = ]

vb.ini -> %SystemRoot%\vb.ini -> [Ver = | Size = 36 bytes | Modified Date = 24/01/2007 20:41:12 | Attr = ]

vbaddin.ini -> %SystemRoot%\vbaddin.ini -> [Ver = | Size = 37 bytes | Modified Date = 24/01/2007 20:41:12 | Attr = ]

vpd.properties -> %SystemRoot%\vpd.properties -> [Ver = | Size = 4508 bytes | Modified Date = 22/02/2007 21:02:52 | Attr = ]

VPTNFILE.219 -> %SystemRoot%\VPTNFILE.219 -> [Ver = | Size = 25798821 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

vsapi32.dll -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

War3Unin.dat -> %SystemRoot%\War3Unin.dat -> [Ver = | Size = 15095 bytes | Modified Date = 10/02/2007 18:22:56 | Attr = ]

War3Unin.exe -> %SystemRoot%\War3Unin.exe -> Blizzard Entertainment [Ver = 1, 0, 0, 0 | Size = 126976 bytes | Modified Date = 10/02/2007 18:12:04 | Attr = ]

War3Unin.pif -> %SystemRoot%\War3Unin.pif -> [Ver = | Size = 2829 bytes | Modified Date = 10/02/2007 18:12:04 | Attr = ]

Web -> %SystemRoot%\Web -> [Folder | Modified Date = 29/03/2007 20:07:12 | Attr = S]

win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 877 bytes | Modified Date = 10/04/2007 09:14:00 | Attr = ]

WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 23/02/2007 15:26:58 | Attr = ]

~TempMui.inf -> %SystemRoot%\~TempMui.inf -> [Ver = | Size = 5538 bytes | Modified Date = 29/01/2007 21:26:20 | Attr = ]

SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 10/04/2007 09:03:00 | Attr = H ]

$winnt$.inf -> %System32%\$winnt$.inf -> [Ver = | Size = 341 bytes | Modified Date = 24/01/2007 20:33:56 | Attr = ]

ActiveScan -> %System32%\ActiveScan -> [Folder | Modified Date = 08/04/2007 13:20:14 | Attr = ]

amcompat.tlb -> %System32%\amcompat.tlb -> [Ver = | Size = 16832 bytes | Modified Date = 24/01/2007 20:42:50 | Attr = ]

appmgmt -> %System32%\appmgmt -> [Folder | Modified Date = 02/02/2007 10:16:48 | Attr = ]

bedgsly.bat -> %System32%\bedgsly.bat -> [Ver = | Size = 129 bytes | Modified Date = 20/03/2007 18:48:26 | Attr = ]

BITS -> %System32%\BITS -> [Folder | Modified Date = 28/03/2007 20:49:34 | Attr = ]

CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 28/01/2007 20:20:22 | Attr = ]

Com -> %System32%\Com -> [Folder | Modified Date = 29/03/2007 20:04:24 | Attr = ]

config -> %System32%\config -> [Folder | Modified Date = 04/04/2007 09:49:26 | Attr = ]

CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 3072 bytes | Modified Date = 27/01/2007 19:29:26 | Attr = ]

d3d9caps.dat -> %System32%\d3d9caps.dat -> [Ver = | Size = 664 bytes | Modified Date = 29/01/2007 21:27:32 | Attr = ]

desktop.ini -> %System32%\desktop.ini -> [Ver = | Size = 271 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ]

dfrg.msc -> %System32%\dfrg.msc -> [Ver = | Size = 101376 bytes | Modified Date = 02/02/2007 20:01:52 | Attr = ]

dhcp -> %System32%\dhcp -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

DirectX -> %System32%\DirectX -> [Folder | Modified Date = 22/02/2007 21:08:56 | Attr = ]

dllcache -> %System32%\dllcache -> [Folder | Modified Date = 03/04/2007 23:22:30 | Attr = RHS]

DonationCoder_urlsnooper_InstallInfo.dat -> %System32%\DonationCoder_urlsnooper_InstallInfo.dat -> [Ver = | Size = 46 bytes | Modified Date = 21/02/2007 14:44:12 | Attr = ]

dp.exe -> %System32%\dp.exe -> [Ver = | Size = 0 bytes | Modified Date = 28/03/2007 12:12:18 | Attr = ]

drivers -> %System32%\drivers -> [Folder | Modified Date = 10/04/2007 09:04:56 | Attr = ]

DTCLog -> %System32%\DTCLog -> [Folder | Modified Date = 24/01/2007 20:41:04 | Attr = ]

emptyregdb.dat -> %System32%\emptyregdb.dat -> [Ver = | Size = 15204 bytes | Modified Date = 24/01/2007 20:41:42 | Attr = ]

export -> %System32%\export -> [Folder | Modified Date = 24/01/2007 20:34:14 | Attr = ]

FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 126112 bytes | Modified Date = 03/04/2007 23:22:44 | Attr = ]

folder.htt -> %System32%\folder.htt -> [Ver = | Size = 21844 bytes | Modified Date = 24/01/2007 20:42:14 | Attr = H ]

GroupPolicy -> %System32%\GroupPolicy -> [Folder | Modified Date = 24/01/2007 20:51:34 | Attr = H ]

Help.ico -> %System32%\Help.ico -> [Ver = | Size = 1406 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ]

ias -> %System32%\ias -> [Folder | Modified Date = 24/01/2007 21:31:28 | Attr = ]

ie_de -> %System32%\ie_de -> [Folder | Modified Date = 24/01/2007 21:31:30 | Attr = ]

inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 24/01/2007 20:43:24 | Attr = ]

IOSUBSYS -> %System32%\IOSUBSYS -> [Folder | Modified Date = 08/04/2007 00:59:36 | Attr = ]

irxgskvw.PIF -> %System32%\irxgskvw.PIF -> [Ver = | Size = 2855 bytes | Modified Date = 22/03/2007 00:23:34 | Attr = ]

Kaspersky Lab -> %System32%\Kaspersky Lab -> [Folder | Modified Date = 16/03/2007 21:49:38 | Attr = ]

Macromed -> %System32%\Macromed -> [Folder | Modified Date = 24/01/2007 23:35:42 | Attr = ]

mapisvc.inf -> %System32%\mapisvc.inf -> [Ver = | Size = 725 bytes | Modified Date = 24/01/2007 20:41:48 | Attr = ]

massvc32.exe -> %System32%\massvc32.exe -> [Ver = | Size = 0 bytes | Modified Date = 18/03/2007 13:34:54 | Attr = ]

Microsoft -> %System32%\Microsoft -> [Folder | Modified Date = 27/03/2007 23:52:58 | Attr = ]

mui -> %System32%\mui -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

npp -> %System32%\npp -> [Folder | Modified Date = 24/01/2007 21:30:52 | Attr = ]

nscompat.tlb -> %System32%\nscompat.tlb -> [Ver = | Size = 23392 bytes | Modified Date = 24/01/2007 20:42:50 | Attr = ]

NtmsData -> %System32%\NtmsData -> [Folder | Modified Date = 09/04/2007 10:02:58 | Attr = ]

nvapps.xml -> %System32%\nvapps.xml -> [Ver = | Size = 88566 bytes | Modified Date = 10/04/2007 09:03:24 | Attr = ]

os2 -> %System32%\os2 -> [Folder | Modified Date = 24/01/2007 21:31:18 | Attr = ]

Packet.dll -> %System32%\Packet.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 88952 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ]

pavas.ico -> %System32%\pavas.ico -> [Ver = | Size = 30590 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ]

perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 38036 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ]

perfc00C.dat -> %System32%\perfc00C.dat -> [Ver = | Size = 45514 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ]

perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 300378 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ]

perfh00C.dat -> %System32%\perfh00C.dat -> [Ver = | Size = 354448 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ]

Perflib_Perfdata_17c.dat -> %System32%\Perflib_Perfdata_17c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:29:08 | Attr = ]

Perflib_Perfdata_188.dat -> %System32%\Perflib_Perfdata_188.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:24:50 | Attr = ]

Perflib_Perfdata_1c0.dat -> %System32%\Perflib_Perfdata_1c0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 26/03/2007 18:53:44 | Attr = ]

Perflib_Perfdata_234.dat -> %System32%\Perflib_Perfdata_234.dat -> [Ver = | Size = 16384 bytes | Modified Date = 27/03/2007 23:31:50 | Attr = ]

Perflib_Perfdata_2c0.dat -> %System32%\Perflib_Perfdata_2c0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 13/02/2007 12:02:26 | Attr = ]

Perflib_Perfdata_310.dat -> %System32%\Perflib_Perfdata_310.dat -> [Ver = | Size = 16384 bytes | Modified Date = 29/03/2007 19:19:28 | Attr = ]

Perflib_Perfdata_314.dat -> %System32%\Perflib_Perfdata_314.dat -> [Ver = | Size = 16384 bytes | Modified Date = 28/03/2007 20:46:54 | Attr = ]

Perflib_Perfdata_31c.dat -> %System32%\Perflib_Perfdata_31c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 20:22:30 | Attr = ]

Perflib_Perfdata_4d8.dat -> %System32%\Perflib_Perfdata_4d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 28/02/2007 19:33:54 | Attr = ]

Perflib_Perfdata_57c.dat -> %System32%\Perflib_Perfdata_57c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 19:45:44 | Attr = ]

Perflib_Perfdata_5b8.dat -> %System32%\Perflib_Perfdata_5b8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 19/03/2007 21:25:04 | Attr = ]

Perflib_Perfdata_5c8.dat -> %System32%\Perflib_Perfdata_5c8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 25/03/2007 20:06:28 | Attr = ]

Perflib_Perfdata_5d8.dat -> %System32%\Perflib_Perfdata_5d8.dat -> [Ver = | Size = 16384 bytes | Modified Date = 22/03/2007 20:38:06 | Attr = ]

Perflib_Perfdata_60c.dat -> %System32%\Perflib_Perfdata_60c.dat -> [Ver = | Size = 16384 bytes | Modified Date = 22/03/2007 20:30:24 | Attr = ]

Perflib_Perfdata_640.dat -> %System32%\Perflib_Perfdata_640.dat -> [Ver = | Size = 16384 bytes | Modified Date = 20/03/2007 18:43:28 | Attr = ]

PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 742792 bytes | Modified Date = 24/01/2007 21:44:50 | Attr = ]

PROTOCOL.INI -> %System32%\PROTOCOL.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ]

pthreadVC.dll -> %System32%\pthreadVC.dll -> [Ver = | Size = 53299 bytes | Modified Date = 25/01/2007 19:31:36 | Attr = ]

qkiiw.bat -> %System32%\qkiiw.bat -> [Ver = | Size = 121 bytes | Modified Date = 19/03/2007 22:36:26 | Attr = ]

ras -> %System32%\ras -> [Folder | Modified Date = 24/01/2007 21:31:04 | Attr = ]

rocket -> %System32%\rocket -> [Folder | Modified Date = 24/01/2007 20:43:26 | Attr = ]

rpcproxy -> %System32%\rpcproxy -> [Folder | Modified Date = 24/01/2007 20:43:24 | Attr = ]

rxwas.bat -> %System32%\rxwas.bat -> [Ver = | Size = 121 bytes | Modified Date = 18/03/2007 12:19:00 | Attr = ]

sczihu.bat -> %System32%\sczihu.bat -> [Ver = | Size = 116 bytes | Modified Date = 17/03/2007 00:37:44 | Attr = ]

Setup -> %System32%\Setup -> [Folder | Modified Date = 29/03/2007 20:04:24 | Attr = ]

ShellDHCP -> %System32%\ShellDHCP -> [Folder | Modified Date = 04/03/2007 12:51:26 | Attr = ]

ShellExt -> %System32%\ShellExt -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

sockspy.dll -> %System32%\sockspy.dll -> [Ver = | Size = 61440 bytes | Modified Date = 24/01/2007 21:32:14 | Attr = ]

spool -> %System32%\spool -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

SYSTEM.INI -> %System32%\SYSTEM.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ]

tmp.reg -> %System32%\tmp.reg -> [Ver = | Size = 1422 bytes | Modified Date = 30/03/2007 18:51:36 | Attr = ]

Uninstall.ico -> %System32%\Uninstall.ico -> [Ver = | Size = 2550 bytes | Modified Date = 08/04/2007 13:18:20 | Attr = ]

WanPacket.dll -> %System32%\WanPacket.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 68480 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ]

wbem -> %System32%\wbem -> [Folder | Modified Date = 08/04/2007 13:20:48 | Attr = ]

WIN.INI -> %System32%\WIN.INI -> [Ver = | Size = 8 bytes | Modified Date = 29/01/2007 21:26:48 | Attr = ]

Windows Media -> %System32%\Windows Media -> [Folder | Modified Date = 28/03/2007 14:50:26 | Attr = ]

wins -> %System32%\wins -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

wpcap.dll -> %System32%\wpcap.dll -> CACE Technologies [Ver = 4.0.0.755 | Size = 240496 bytes | Modified Date = 25/01/2007 19:31:36 | Attr = ]

xdll.bat -> %System32%\xdll.bat -> [Ver = | Size = 114 bytes | Modified Date = 20/03/2007 18:48:16 | Attr = ]

tftp.exe -> %System32%\dllcache\tftp.exe -> [Ver = | Size = 18704 bytes | Modified Date = 26/03/2007 18:35:52 | Attr = ]

atksgt.sys -> %System32%\drivers\atksgt.sys -> [Ver = | Size = 271360 bytes | Modified Date = 03/02/2007 14:29:46 | Attr = ]

disdn -> %System32%\drivers\disdn -> [Folder | Modified Date = 24/01/2007 21:29:56 | Attr = ]

etc -> %System32%\drivers\etc -> [Folder | Modified Date = 28/03/2007 16:14:44 | Attr = ]

gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Modified Date = 03/04/2007 23:34:20 | Attr = ]

lirsgt.sys -> %System32%\drivers\lirsgt.sys -> [Ver = | Size = 18048 bytes | Modified Date = 03/02/2007 14:29:46 | Attr = ]

npf.sys -> %System32%\drivers\npf.sys -> CACE Technologies [Ver = 4.0.0.755 | Size = 42000 bytes | Modified Date = 25/01/2007 19:31:34 | Attr = ]

nwlnkcr.sys -> %System32%\drivers\nwlnkcr.sys -> [Ver = | Size = 18 bytes | Modified Date = 08/04/2007 12:48:06 | Attr = ]

SECDRV.SYS -> %System32%\drivers\SECDRV.SYS -> Macrovision Europe Ltd [Ver = 3.18.000 | Size = 12400 bytes | Modified Date = 25/01/2007 09:18:34 | Attr = ]

sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 642560 bytes | Modified Date = 25/01/2007 09:07:34 | Attr = ]

sptd5725.sys -> %System32%\drivers\sptd5725.sys -> [Ver = | Size = 74192 bytes | Modified Date = 25/01/2007 09:07:34 | Attr = ]

vaxscsi.sys -> %System32%\drivers\vaxscsi.sys -> [Ver = | Size = 223128 bytes | Modified Date = 25/01/2007 09:10:46 | Attr = ]

 

[File String Scan - Non-Microsoft Only]

UPX0 , -> %SystemRoot%\SET51.tmp -> [Ver = | Size = 1135628 bytes | Modified Date = 19/06/2003 12:05:04 | Attr = R ]

UPX! , UPX0 , -> %SystemRoot%\tsc.exe -> Trend Micro Inc. [Ver = 5.0.0.1107 | Size = 229957 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

UPX! , aspack , -> %SystemRoot%\vsapi32.dll -> Trend Micro Inc. [Ver = 8.310-1002 | Size = 1101904 bytes | Modified Date = 27/01/2007 13:30:16 | Attr = ]

UPX! , UPX0 , -> %System32%\ac3DX.ax -> [Ver = 1.01a | Size = 227328 bytes | Modified Date = 12/09/2006 13:46:24 | Attr = RHS]

UPX! , UPX0 , -> %System32%\AVCDX.ax -> CoreCodec [Ver = 0, 0, 0, 4 | Size = 123904 bytes | Modified Date = 13/01/2006 01:23:26 | Attr = RHS]

UPX! , UPX0 , -> %System32%\avisynth.dll -> The Public [Ver = 2, 5, 7, 0 | Size = 306688 bytes | Modified Date = 12/11/2006 14:44:10 | Attr = ]

UPX! , UPX0 , -> %System32%\CoreAAC.ax -> [Ver = 1, 2, 0, 575 | Size = 175104 bytes | Modified Date = 16/08/2006 16:53:32 | Attr = RHS]

UPX! , UPX0 , -> %System32%\DiracSplitter.ax -> Gabest [Ver = 1, 0, 0, 0 | Size = 179200 bytes | Modified Date = 18/01/2005 01:26:36 | Attr = RHS]

UPX! , UPX0 , -> %System32%\flvDX.dll -> Gabest [Ver = 1, 0, 0, 1 | Size = 163328 bytes | Modified Date = 03/05/2006 12:06:54 | Attr = RHS]

UPX! , UPX0 , -> %System32%\i420vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 01:08:00 | Attr = ]

UPX! , UPX0 , -> %System32%\MatroskaDX.ax -> Gabest [Ver = 1, 0, 2, 9 | Size = 169472 bytes | Modified Date = 10/03/2006 23:48:48 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RealMediaDX.ax -> Gabest [Ver = 1, 0, 1, 1 | Size = 161792 bytes | Modified Date = 25/11/2005 22:46:34 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLAPEDec.ax -> RadLight [Ver = 1, 0, 0, 0 | Size = 54784 bytes | Modified Date = 21/11/2003 01:00:00 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLMPCDec.ax -> RadLight [Ver = 1, 0, 0, 4 | Size = 37888 bytes | Modified Date = 27/04/2004 01:00:00 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLOgg.ax -> RadLight [Ver = 1.0.0.2 | Size = 186880 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLSpeexDec.ax -> [Ver = 1, 0, 0, 0 | Size = 51712 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLTheoraDec.ax -> RadLight, LLC [Ver = 1, 0, 0, 3 | Size = 67584 bytes | Modified Date = 13/02/2005 01:00:00 | Attr = RHS]

UPX! , UPX0 , -> %System32%\RLVorbisDec.ax -> RadLight [Ver = 1, 0, 1, 1 | Size = 92672 bytes | Modified Date = 06/02/2005 01:00:00 | Attr = RHS]

Thawte Consulting , -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2568 | Size = 185952 bytes | Modified Date = 07/10/2006 06:18:32 | Attr = ]

UPX! , UPX0 , -> %System32%\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Modified Date = 27/04/2006 17:49:30 | Attr = ]

UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.0 | Size = 135168 bytes | Modified Date = 29/08/2006 19:43:54 | Attr = ]

UPX! , UPX0 , -> %System32%\swsc.exe -> [Ver = | Size = 40960 bytes | Modified Date = 09/01/2006 10:36:06 | Attr = ]

UPX! , UPX0 , -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Modified Date = 01/12/2006 06:20:34 | Attr = ]

winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 16/12/1999 10:00:00 | Attr = ]

UPX! , UPX0 , -> %System32%\x.264.exe -> [Ver = | Size = 240128 bytes | Modified Date = 10/11/2005 14:16:02 | Attr = ]

UPX! , UPX0 , -> %System32%\yv12vfw.dll -> www.helixcommunity.org [Ver = R1.02 | Size = 70656 bytes | Modified Date = 03/01/2004 01:08:00 | Attr = ]

 

< End of report >

 

 

merci et à bientôt