> Tous les forums > Forum Sécurité
 Cheval de troie
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
sa.niceman
  Posté le 04/06/2010 @ 12:18 
Aller en bas de la page 
Petit astucien

Hello

L'antivirus avast dans mon pc a détecté un cheval de troie : awb3ryk.exe mais impossible de le supprimer avec cet antivirus ; que dois je faire pour le supprimer?

Merci d'avance



Modifié par sa.niceman le 04/06/2010 12:21
Publicité
no.ppp
 Posté le 04/06/2010 à 12:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Bonjour sa.niceman,

Regardons tout çà.

Télécharge OTL sur ton Bureau.

  • Fais un double clic sur l'icône pour le lancer. Vérifie que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.
  • Quand la fenêtre apparaît, sous Rapport en haut, coche Rapport minimal.
  • Sous Registre: standard coche Tousl.
  • Coche les cases à coté de Recherche Lop et Recherche Purity.
  • Clique sur le bouton Analyse. Ne modifie aucun paramètre sans qu'on t'ait dit de le faire. L'analyse ne va pas durer longtemps.
  • Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
  • Copie (Edition->Sélectionner tout, Edition->Copier) le contenu de ces fichiers, l'un après l'autre, et envoie-les dans ta prochaine réponse.

sa.niceman
 Posté le 04/06/2010 à 15:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

OTL Extras logfile created on: 04/06/2010 11:26:43 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\good\Mes documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

383,00 Mb Total Physical Memory | 148,00 Mb Available Physical Memory | 38,00% Memory free
922,00 Mb Paging File | 621,00 Mb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,31 Gb Total Space | 1,54 Gb Free Space | 16,49% Space Free | Partition Type: NTFS
Drive D: | 4,00 Gb Total Space | 0,99 Gb Free Space | 24,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POSTE
Current User Name: good
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.5 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{43DB077F-C85F-42CC-8302-17CBEE4A6BC6}" = Modem LG LDU-1900D
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5
"{6EF953B4-DB16-4E59-87CF-B61783DE6988}" = Foxit Reader
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{BAFD3C1E-03EC-11DA-BFBD-00065BBDC0B5}" = MSN Messenger 7.5 pour W2k/XP
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Audacity_is1" = Audacity 1.2.6
"avast5" = avast! Free Antivirus
"AxCrypt" = AxCrypt (Désinstaller uniquement)
"FLV to AVI MPEG WMV 3GP MP4 iPod Converter_is1" = FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.2.0603
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.3.4
"Mozilla Firefox (3.0.3)" = Mozilla Firefox (3.0.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"PCI Audio Driver" = PCI Audio Driver
"QuicktimeAlt_is1" = QuickTime Alternative 2.7.0
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Switch" = Switch Uninstall
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"YInstHelper" = Yahoo! Install Manager

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 24/05/2010 20:32:27 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.5730.13, module
défaillant urlmon.dll, version 7.0.5730.13, adresse de défaillance 0x00017074.

Error - 25/05/2010 07:41:24 | Computer Name = POSTE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : The server name or address could not be resolved

Error - 25/05/2010 07:41:25 | Computer Name = POSTE | Source = crypt32 | ID = 131080
Description = Échec de la récupération de la mise à jour automatique du numéro de
séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
avec l'erreur : Cette connexion réseau n'existe pas.

Error - 28/05/2010 08:46:53 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 7.5.324.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x39313831.

Error - 28/05/2010 19:19:49 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 7.5.324.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x32333531.

Error - 28/05/2010 19:24:08 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 7.5.324.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x05ae0a70.

Error - 30/05/2010 15:41:06 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 7.5.324.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x38313539.

Error - 30/05/2010 16:50:20 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 7.5.324.0, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x6d746f68.

Error - 30/05/2010 16:50:33 | Computer Name = POSTE | Source = Application Error | ID = 1001
Description = Détecteur d'erreurs 269229077.

Error - 03/06/2010 07:46:42 | Computer Name = POSTE | Source = Application Error | ID = 1000
Description = Application défaillante yahoomessenger.exe, version 8.1.0.421, module
défaillant ntdll.dll, version 5.1.2600.5512, adresse de défaillance 0x00010cae.

[ System Events ]
Error - 04/06/2010 07:07:40 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll. Message d'erreur de référence : Opération réussie. .

Error - 04/06/2010 07:12:40 | Computer Name = POSTE | Source = SideBySide | ID = 16842784
Description = L'assemblage dépendant Microsoft.VC80.CRT ne peut pas être trouvé.
La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.


Error - 04/06/2010 07:12:40 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT. Message
d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Error - 04/06/2010 07:12:40 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll. Message d'erreur de référence : Opération réussie. .

Error - 04/06/2010 07:22:03 | Computer Name = POSTE | Source = SideBySide | ID = 16842784
Description = L'assemblage dépendant Microsoft.VC80.CRT ne peut pas être trouvé.
La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.


Error - 04/06/2010 07:22:03 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT. Message
d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Error - 04/06/2010 07:22:03 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll. Message d'erreur de référence : Opération réussie. .

Error - 04/06/2010 07:24:50 | Computer Name = POSTE | Source = SideBySide | ID = 16842784
Description = L'assemblage dépendant Microsoft.VC80.CRT ne peut pas être trouvé.
La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.


Error - 04/06/2010 07:24:50 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly a échoué pour Microsoft.VC80.CRT. Message
d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.

Error - 04/06/2010 07:24:50 | Computer Name = POSTE | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPlugin.dll. Message d'erreur de référence : Opération réussie. .


< End of report >

sa.niceman
 Posté le 04/06/2010 à 16:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

1 partie de 2 rapport :

OTL logfile created on: 04/06/2010 11:26:43 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\good\Mes documents\Downloads\Programs
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

383,00 Mb Total Physical Memory | 148,00 Mb Available Physical Memory | 38,00% Memory free
922,00 Mb Paging File | 621,00 Mb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,31 Gb Total Space | 1,54 Gb Free Space | 16,49% Space Free | Partition Type: NTFS
Drive D: | 4,00 Gb Total Space | 0,99 Gb Free Space | 24,85% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: POSTE
Current User Name: good
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Documents and Settings\good\Mes documents\Downloads\Programs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
PRC - C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe (Speedbit Ltd.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\IEUM.exe (LG Electronics)
PRC - C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe (LG Electronics)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMan.exe (Tonec Inc.)
PRC - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEMonitor.exe (Tonec Inc.)
PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Documents and Settings\good\Mes documents\Downloads\Programs\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\idmmkb.dll (Tonec Inc.)


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (VideoAcceleratorService) -- C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Speedbit Ltd.)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (USBEVDOmModem) -- C:\WINDOWS\system32\drivers\lgevdommodem.sys (LG Electronics Inc.)
DRV - (UsbEvdomDiag) -- C:\WINDOWS\system32\drivers\lgevdomdiag.sys (LG Electronics Inc.)
DRV - (usbevdombus) -- C:\WINDOWS\system32\drivers\lgevdombus.sys (LG Electronics Inc.)
DRV - (UsbEvdomAtc) -- C:\WINDOWS\system32\drivers\lgevdomatc.sys (LG Electronics Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (hwusbser) -- C:\WINDOWS\system32\drivers\ewusbser.sys (QUALCOMM Incorporated)
DRV - (hwcdcmdm0) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (QUALCOMM Incorporated)
DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc)
DRV - (MadgeTRN) -- C:\WINDOWS\system32\drivers\mdgndis5.sys (Madge Networks Ltd)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox [2010/05/28 10:27:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/17 17:50:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/17 17:51:42 | 000,000,000 | ---D | M]

[2010/05/17 17:49:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/17 17:47:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/05/17 17:49:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2008/09/25 13:42:53 | 000,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008/09/25 13:42:53 | 000,134,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/30 16:29:22 | 000,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2008/09/25 13:42:53 | 000,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003/07/15 06:56:52 | 000,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2008/09/10 19:56:44 | 000,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008/09/09 21:53:00 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2008/09/09 21:53:02 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2008/09/09 21:53:02 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2008/09/09 21:53:02 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2008/09/09 21:53:02 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2008/09/10 19:37:54 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2006/09/10 11:35:08 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2006/06/04 18:56:02 | 000,001,055 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2008/04/16 04:08:20 | 000,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2006/09/10 11:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2008/03/29 13:59:44 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2006/09/12 18:49:04 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2001/08/28 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [dso32] C:\Documents and Settings\good\Local Settings\Temp\dsoqq.exe ()
O4 - HKCU..\Run: [IDMan] C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [REVAService] C:\Program Files\LG Electronics\LG EV-DO Rev.A USB Modem\Modem Software\REVAService.exe (LG Electronics)
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe (Speedbit Ltd.)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O8 - Extra context menu item: Download all links with IDM - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IEExt.htm ()
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\SpeedBit Video Accelerator\sblsp.dll (Speedbit Ltd.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-chargeur Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Démon de cache des catégories de composant - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\good\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\good\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/05/17 17:42:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/06/04 11:27:32 | 000,000,061 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/06/04 11:27:34 | 000,000,061 | RHS- | M] () - D:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{8082c80e-61da-11df-bde8-0000831784f2}\Shell\AutoRun\command - "" = G:\awb3ryk.exe -- File not found
O33 - MountPoints2\{8082c80e-61da-11df-bde8-0000831784f2}\Shell\open\Command - "" = G:\awb3ryk.exe -- File not found
O33 - MountPoints2\{eef9e2a3-61d7-11df-997d-806d6172696f}\Shell\AutoRun\command - "" = awb3ryk.exe
O33 - MountPoints2\{eef9e2a3-61d7-11df-997d-806d6172696f}\Shell\open\Command - "" = awb3ryk.exe
O33 - MountPoints2\{eef9e2a4-61d7-11df-997d-806d6172696f}\Shell\AutoRun\command - "" = awb3ryk.exe
O33 - MountPoints2\{eef9e2a4-61d7-11df-997d-806d6172696f}\Shell\open\Command - "" = awb3ryk.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

sa.niceman
 Posté le 04/06/2010 à 16:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

2 partie de 2 rapport ;

2010/06/04 00:02:44 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/06/04 00:02:43 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/06/04 00:02:42 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/06/04 00:02:40 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/06/04 00:02:39 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/06/04 00:02:39 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/06/04 00:02:38 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/06/04 00:00:43 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/06/04 00:00:43 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/06/03 17:49:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\PhotoFiltre
[2010/06/03 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre
[2010/05/30 11:09:27 | 000,000,000 | ---D | C] -- C:\video_output
[2010/05/30 11:06:29 | 000,000,000 | ---D | C] -- C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
[2010/05/28 10:27:33 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2010/05/28 10:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Accelerator
[2010/05/28 10:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Toolbar4
[2010/05/28 10:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/05/28 10:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\SearchPredict
[2010/05/28 10:27:21 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedBit Video Downloader
[2010/05/26 14:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2010/05/26 10:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Local Settings\Application Data\Ares
[2010/05/25 22:13:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Media Player Classic
[2010/05/25 11:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/05/25 11:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/24 18:31:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Bureau\Nouveau dossier
[2010/05/23 14:47:49 | 000,021,632 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgevdommodem.sys
[2010/05/23 14:47:48 | 000,019,840 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgevdomdiag.sys
[2010/05/23 14:47:48 | 000,019,840 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgevdomatc.sys
[2010/05/23 14:47:48 | 000,013,696 | ---- | C] (LG Electronics Inc.) -- C:\WINDOWS\System32\drivers\lgevdombus.sys
[2010/05/23 14:47:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/05/23 14:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010/05/23 14:47:38 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2010/05/23 14:47:12 | 000,000,000 | ---D | C] -- C:\LG Electronics
[2010/05/20 23:44:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010/05/20 23:43:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010/05/20 23:43:54 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010/05/20 23:43:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010/05/20 23:43:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010/05/20 23:43:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010/05/20 23:43:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2010/05/20 18:13:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\ESET
[2010/05/20 18:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/05/19 16:27:42 | 000,000,000 | ---D | C] -- C:\Program Files\Axon Data
[2010/05/19 16:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Swift Sound
[2010/05/19 15:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010/05/19 15:39:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Local Settings\Application Data\Ahead
[2010/05/19 15:39:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\good\Application Data\yahoo!
[2010/05/19 10:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Skype
[2010/05/18 18:51:09 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/18 18:33:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Mes documents\Downloads
[2010/05/18 18:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\IDM
[2010/05/18 18:33:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\DMCache
[2010/05/17 18:33:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Contacts
[2010/05/17 18:13:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Mes documents\Mes fichiers reçus
[2010/05/17 18:10:50 | 000,065,152 | ---- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\ewusbser.sys
[2010/05/17 18:10:50 | 000,065,152 | ---- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys
[2010/05/17 18:10:50 | 000,065,152 | ---- | C] (QUALCOMM Incorporated) -- C:\WINDOWS\System32\drivers\ewusbapp.sys
[2010/05/17 18:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Huawei technologies
[2010/05/17 18:07:11 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2010/05/17 18:07:06 | 000,139,264 | R--- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\cmuninst.exe
[2010/05/17 18:07:06 | 000,135,168 | R--- | C] (C-Media Electronics Inc.) -- C:\WINDOWS\cmuninst.dat
[2010/05/17 18:07:05 | 001,581,056 | R--- | C] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe
[2010/05/17 18:07:05 | 000,712,704 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2010/05/17 18:07:05 | 000,712,704 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2010/05/17 18:07:05 | 000,032,768 | R--- | C] (C-Media Corporation) -- C:\WINDOWS\System32\cmnprop.dll
[2010/05/17 18:07:04 | 000,765,952 | R--- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2010/05/17 18:07:04 | 000,379,726 | R--- | C] (C-Media Inc) -- C:\WINDOWS\System32\drivers\cmaudio.sys
[2010/05/17 18:07:01 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/05/17 18:07:01 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010/05/17 18:07:01 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/05/17 18:07:01 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010/05/17 18:01:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/05/17 18:00:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Mes documents\Mes vidéos
[2010/05/17 17:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Identities
[2010/05/17 17:55:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Mes documents\Ma musique
[2010/05/17 17:55:23 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/05/17 17:55:22 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Mes documents\Mes images
[2010/05/17 17:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DESIGNER
[2010/05/17 17:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010/05/17 17:53:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2010/05/17 17:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/05/17 17:51:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo!
[2010/05/17 17:51:14 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010/05/17 17:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2010/05/17 17:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Skype
[2010/05/17 17:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/05/17 17:50:44 | 000,090,112 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2010/05/17 17:50:44 | 000,057,344 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
[2010/05/17 17:50:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/05/17 17:50:32 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime Alternative
[2010/05/17 17:50:17 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010/05/17 17:50:17 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010/05/17 17:50:17 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010/05/17 17:50:17 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010/05/17 17:50:12 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2010/05/17 17:50:12 | 000,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010/05/17 17:50:10 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010/05/17 17:50:08 | 000,684,032 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2010/05/17 17:50:08 | 000,081,920 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2010/05/17 17:50:02 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010/05/17 17:50:02 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010/05/17 17:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Local Settings\Application Data\Real
[2010/05/17 17:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Real
[2010/05/17 17:50:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Real
[2010/05/17 17:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010/05/17 17:49:56 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/17 17:49:56 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/17 17:49:56 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/17 17:49:56 | 000,069,632 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/05/17 17:49:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/17 17:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Java
[2010/05/17 17:49:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Sun
[2010/05/17 17:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2010/05/17 17:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/05/17 17:48:12 | 000,125,184 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\imagesrv.sys
[2010/05/17 17:48:12 | 000,005,504 | ---- | C] (Ahead Software AG) -- C:\WINDOWS\System32\drivers\imagedrv.sys
[2010/05/17 17:47:43 | 000,476,320 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXpr7.dll
[2010/05/17 17:47:43 | 000,471,040 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXRA7.dll
[2010/05/17 17:47:43 | 000,262,144 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagXR7.dll
[2010/05/17 17:47:43 | 000,106,496 | ---- | C] (Pegasus Software) -- C:\WINDOWS\System32\TwnLib20.dll
[2010/05/17 17:47:42 | 001,568,768 | ---- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\ImagX7.dll
[2010/05/17 17:47:42 | 000,155,648 | ---- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2010/05/17 17:47:42 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Ahead
[2010/05/17 17:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2010/05/17 17:47:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/17 17:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/05/17 17:46:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\good\Local Settings\Application Data\Microsoft
[2010/05/17 17:46:44 | 000,000,000 | --SD | C] -- C:\Documents and Settings\good\Application Data\Microsoft
[2010/05/17 17:46:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\good\SendTo
[2010/05/17 17:46:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\good\Recent
[2010/05/17 17:46:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\good\Application Data
[2010/05/17 17:46:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Mes documents
[2010/05/17 17:46:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Menu Démarrer
[2010/05/17 17:46:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\good\Favoris
[2010/05/17 17:46:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\good\Cookies
[2010/05/17 17:46:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\good\Voisinage réseau
[2010/05/17 17:46:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\good\Voisinage d'impression
[2010/05/17 17:46:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\good\Modèles
[2010/05/17 17:46:44 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\good\Local Settings
[2010/05/17 17:46:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Bureau
[2010/05/17 17:46:35 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2010/05/17 17:46:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/05/17 17:46:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/05/17 17:46:31 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/05/17 17:46:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/05/17 17:46:28 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/05/17 17:44:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010/05/17 17:43:57 | 000,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/05/17 17:43:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\umdf
[2010/05/17 17:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2010/05/17 17:42:53 | 000,023,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2010/05/17 17:41:45 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2010/05/17 17:41:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache
[2010/05/17 17:39:59 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010/05/17 17:39:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Macromedia
[2010/05/17 17:39:11 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2010/05/17 17:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Services en ligne
[2010/05/17 17:38:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2010/05/17 17:38:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2010/05/17 17:38:10 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2010/05/17 17:38:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2010/05/17 17:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Services
[2010/05/17 17:38:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2010/05/17 17:38:05 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2010/05/17 17:38:03 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MSSoap
[2010/05/17 17:37:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2010/05/17 17:37:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/05/17 17:37:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2010/05/17 17:37:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2010/05/17 17:37:51 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2010/05/17 17:37:51 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2010/05/17 17:37:51 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2010/05/17 17:37:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010/05/17 17:37:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010/05/17 17:37:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2010/05/17 17:37:50 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010/05/17 17:37:45 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010/05/17 17:37:45 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2010/05/17 17:37:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010/05/17 17:37:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010/05/17 17:37:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010/05/17 17:37:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2010/05/17 17:37:38 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010/05/17 17:37:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2010/05/17 17:37:37 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010/05/17 17:37:37 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010/05/17 17:37:37 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010/05/17 17:37:37 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010/05/17 17:37:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010/05/17 17:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2010/05/17 17:37:33 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010/05/17 17:37:33 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010/05/17 17:37:31 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010/05/17 17:37:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010/05/17 17:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2010/05/17 17:37:28 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010/05/17 17:37:28 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010/05/17 17:37:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010/05/17 17:37:28 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010/05/17 17:37:20 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\System
[2010/05/17 17:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2010/05/17 17:37:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes images
[2010/05/17 17:37:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2010/05/17 17:36:00 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Messenger
[2010/05/17 17:35:37 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2010/05/17 17:35:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2010/05/17 17:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2010/05/17 17:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\good\Application Data\Adobe
[2010/05/17 17:34:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2010/05/17 17:34:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2010/05/17 17:34:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010/05/17 17:34:42 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2010/05/17 17:34:42 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2010/05/17 17:34:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2010/05/17 17:34:42 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2010/05/17 17:34:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2010/05/17 17:34:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2010/05/17 17:34:33 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2010/05/17 17:34:32 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2010/05/17 17:34:32 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2010/05/17 17:34:32 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2010/05/17 17:34:31 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2010/05/17 17:34:31 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2010/05/17 17:34:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2010/05/17 17:34:30 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2010/05/17 17:34:30 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2010/05/17 17:34:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2010/05/17 17:34:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2010/05/17 17:34:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2010/05/17 17:34:30 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2010/05/17 17:34:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2010/05/17 17:34:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2010/05/17 17:34:29 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2010/05/17 17:34:29 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2010/05/17 17:34:29 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2010/05/17 17:34:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2010/05/17 17:34:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2010/05/17 17:34:29 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2010/05/17 17:34:19 | 000,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010/05/17 17:34:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010/05/17 17:34:19 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010/05/17 17:34:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010/05/17 17:34:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010/05/17 17:34:18 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010/05/17 17:34:18 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010/05/17 17:34:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2010/05/17 17:34:17 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010/05/17 17:34:16 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2010/05/17 17:34:16 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010/05/17 17:34:16 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2010/05/17 17:34:15 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2010/05/17 17:34:14 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010/05/17 17:34:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010/05/17 17:34:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010/05/17 17:34:13 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010/05/17 17:34:13 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010/05/17 17:34:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010/05/17 17:34:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010/05/17 17:34:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010/05/17 17:34:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010/05/17 17:34:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2010/05/17 17:34:12 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010/05/17 17:34:12 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010/05/17 17:34:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010/05/17 17:34:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010/05/17 17:34:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2010/05/17 17:34:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010/05/17 17:34:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010/05/17 17:34:10 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010/05/17 17:34:10 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010/05/17 17:34:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010/05/17 17:34:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010/05/17 17:34:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010/05/17 17:34:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010/05/17 17:34:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2010/05/17 17:34:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010/05/17 17:34:09 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010/05/17 17:34:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010/05/17 17:34:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010/05/17 17:34:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010/05/17 17:34:08 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010/05/17 17:34:08 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010/05/17 17:34:07 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010/05/17 17:33:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010/05/17 17:33:58 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010/05/17 17:33:58 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010/05/17 17:33:58 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010/05/17 17:33:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2010/05/17 17:31:28 | 001,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010/05/17 17:31:27 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010/05/17 17:30:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2010/05/17 17:30:29 | 000,165,066 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\drivers\mdgndis5.sys
[2010/05/17 17:28:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2010/05/17 17:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2010/05/17 17:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2010/05/17 17:27:57 | 000,000,000 | R--D | C] -- C:\Program Files
[2010/05/17 17:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2010/05/17 17:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2010/05/17 17:27:53 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll
[2010/05/17 17:27:53 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll
[2010/05/17 17:27:53 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll
[2010/05/17 17:27:53 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll
[2010/05/17 17:27:53 | 000,005,120 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll
[2010/05/17 17:27:52 | 000,007,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vgasys.fon
[2010/05/17 17:27:52 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll
[2010/05/17 17:27:52 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll
[2010/05/17 17:27:52 | 000,005,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vgafix.fon
[2010/05/17 17:27:51 | 000,089,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sseriff.fon
[2010/05/17 17:27:51 | 000,064,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sserife.fon
[2010/05/17 17:27:51 | 000,010,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\8514fix.fon
[2010/05/17 17:27:51 | 000,009,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\8514sys.fon
[2010/05/17 17:27:51 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll
[2010/05/17 17:27:47 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll
[2010/05/17 17:27:46 | 000,036,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dosapp.fon
[2010/05/17 17:27:46 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll
[2010/05/17 17:27:46 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll
[2010/05/17 17:27:46 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll
[2010/05/17 17:27:46 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll
[2010/05/17 17:27:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll
[2010/05/17 17:27:45 | 000,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\seriff.fon
[2010/05/17 17:27:45 | 000,057,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serife.fon
[2010/05/17 17:27:45 | 000,036,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\app850.fon
[2010/05/17 17:27:45 | 000,031,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\courf.fon
[2010/05/17 17:27:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smalle.fon
[2010/05/17 17:27:45 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\coure.fon
[2010/05/17 17:27:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smallf.fon
[2010/05/17 17:27:45 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\8514oem.fon
[2010/05/17 17:27:45 | 000,008,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ega40850.fon
[2010/05/17 17:27:45 | 000,006,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cga40850.fon
[2010/05/17 17:27:45 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll
[2010/05/17 17:27:45 | 000,005,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ega80850.fon
[2010/05/17 17:27:45 | 000,005,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga850.fon
[2010/05/17 17:27:45 | 000,004,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cga80850.fon
[2010/05/17 17:27:44 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll
[2010/05/17 17:27:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll
[2010/05/17 17:27:44 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll
[2010/05/17 17:27:42 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2010/05/17 17:27:42 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2010/05/17 17:27:42 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2010/05/17 17:27:41 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2010/05/17 17:27:41 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2010/05/17 17:27:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2010/05/17 17:27:41 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2010/05/17 17:27:41 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2010/05/17 17:27:40 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2010/05/17 17:27:40 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2010/05/17 17:27:40 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2010/05/17 17:27:40 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2010/05/17 17:27:40 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2010/05/17 17:27:38 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2010/05/17 17:27:38 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2010/05/17 17:27:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2010/05/17 17:27:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2010/05/17 17:27:38 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2010/05/17 17:27:29 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2010/05/17 17:27:29 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2010/05/17 17:27:29 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2010/05/17 17:27:29 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2010/05/17 17:27:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2010/05/17 17:27:28 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2010/05/17 17:27:28 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2010/05/17 17:27:28 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2010/05/17 17:27:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2010/05/17 17:27:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2010/05/17 17:27:28 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2010/05/17 17:27:28 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2010/05/17 17:27:28 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2010/05/17 17:27:27 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2010/05/17 17:27:27 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2010/05/17 17:27:27 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2010/05/17 17:27:27 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2010/05/17 17:27:27 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2010/05/17 17:27:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2010/05/17 17:27:27 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2010/05/17 17:27:27 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2010/05/17 17:27:27 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2010/05/17 17:27:27 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2010/05/17 17:27:26 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2010/05/17 17:27:26 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2010/05/17 17:27:26 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2010/05/17 17:27:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2010/05/17 17:27:25 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2010/05/17 17:27:25 | 000,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2010/05/17 17:27:25 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010/05/17 17:27:23 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010/05/17 17:27:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2010/05/17 17:27:06 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2010/05/17 17:27:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2010/05/17 17:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2010/05/17 17:27:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2010/05/17 17:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2010/05/17 17:26:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2010/05/17 17:26:37 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010/05/17 17:26:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2010/05/17 17:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2010/05/17 17:26:07 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/05/17 17:17:15 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2010/05/17 17:17:15 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2010/05/17 17:17:15 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2010/05/17 17:17:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Offline Web Pages
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2010/05/17 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]



Modifié par sa.niceman le 04/06/2010 18:44
sa.niceman
 Posté le 04/06/2010 à 16:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

3 partie de 2 rapport :

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010/06/04 11:32:33 | 000,000,061 | RHS- | M] () -- C:\autorun.inf
[2010/06/04 10:51:43 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2010/06/04 10:47:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/04 10:47:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 10:47:21 | 402,182,144 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/04 02:22:20 | 003,670,016 | -H-- | M] () -- C:\Documents and Settings\good\NTUSER.DAT
[2010/06/04 02:22:20 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\good\ntuser.ini
[2010/06/04 02:22:11 | 005,858,436 | -H-- | M] () -- C:\Documents and Settings\good\Local Settings\Application Data\IconCache.db
[2010/06/04 00:02:45 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/06/04 00:02:40 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/06/03 17:49:09 | 000,000,718 | ---- | M] () -- C:\Documents and Settings\good\Bureau\PhotoFiltre.lnk
[2010/06/02 22:20:07 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/05/30 19:57:20 | 000,026,368 | ---- | M] () -- C:\Documents and Settings\good\Mes documents\hurt-love.jpg
[2010/05/30 15:24:25 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/05/30 11:06:35 | 000,000,970 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
[2010/05/28 10:27:33 | 000,172,032 | ---- | M] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2010/05/28 09:58:30 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/27 00:48:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\good\Bureau\Media Player Classic.lnk
[2010/05/24 00:45:25 | 000,230,176 | ---- | M] () -- C:\Documents and Settings\good\Bureau\FC_Bayern_Munich_Logo.JPG
[2010/05/23 14:47:44 | 000,001,699 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Modem LG LDU-1900D.lnk
[2010/05/19 16:09:50 | 002,302,120 | ---- | M] () -- C:\Documents and Settings\good\Mes documents\05. Khaled & Arabesk - Besslama.mp3
[2010/05/19 16:08:57 | 000,000,732 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Switch.lnk
[2010/05/19 16:07:14 | 012,687,100 | ---- | M] () -- C:\Documents and Settings\good\Bureau\05. Khaled & Arabesk - Besslama.wav
[2010/05/19 15:59:26 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\good\Bureau\Audacity.lnk
[2010/05/19 15:41:46 | 000,004,608 | ---- | M] () -- C:\Documents and Settings\good\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/18 18:31:22 | 000,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Yahoo! Messenger.lnk
[2010/05/17 18:30:29 | 000,000,025 | ---- | M] () -- C:\WINDOWS\mixerdef.ini
[2010/05/17 18:29:05 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2010/05/17 18:29:05 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010/05/17 18:12:24 | 000,775,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/17 18:12:24 | 000,368,076 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/05/17 18:12:24 | 000,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/17 18:12:24 | 000,048,856 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/05/17 18:12:24 | 000,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/17 18:12:22 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2010/05/17 17:57:16 | 000,223,224 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/17 17:55:18 | 000,000,385 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/05/17 17:49:07 | 000,002,018 | ---- | M] () -- C:\Documents and Settings\good\Bureau\Foxit Reader.lnk
[2010/05/17 17:48:31 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MSN Messenger 7.5.lnk
[2010/05/17 17:48:25 | 000,001,325 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart.lnk
[2010/05/17 17:47:11 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/05/17 17:45:19 | 000,001,442 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010/05/17 17:44:11 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2010/05/17 17:43:11 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/17 17:43:11 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/17 17:42:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010/05/17 17:42:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/05/17 17:42:15 | 000,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2010/05/17 17:42:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/05/17 17:42:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/05/17 17:42:14 | 000,000,507 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/17 17:42:02 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/05/17 17:41:45 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/05/17 17:39:34 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/05/17 17:39:34 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/05/17 17:35:52 | 000,021,892 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/05/17 17:35:34 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/05/17 17:35:34 | 000,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/05/17 17:32:30 | 000,000,212 | -HS- | M] () -- C:\boot.ini
[2010/05/17 17:28:15 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2010/05/17 17:27:55 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/06 20:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/05/06 20:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 20:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 20:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 20:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 20:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 20:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 20:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 20:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010/06/04 00:02:45 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/06/03 23:48:22 | 000,000,061 | RHS- | C] () -- C:\autorun.inf
[2010/06/03 17:49:09 | 000,000,718 | ---- | C] () -- C:\Documents and Settings\good\Bureau\PhotoFiltre.lnk
[2010/06/03 15:11:59 | 000,026,368 | ---- | C] () -- C:\Documents and Settings\good\Mes documents\hurt-love.jpg
[2010/05/30 11:06:35 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\FLV to AVI MPEG WMV 3GP MP4 iPod Converter.lnk
[2010/05/29 19:39:28 | 006,126,992 | ---- | C] () -- C:\Documents and Settings\good\Bureau\Bilal (20).MP3
[2010/05/27 00:48:11 | 000,000,950 | ---- | C] () -- C:\Documents and Settings\good\Bureau\Media Player Classic.lnk
[2010/05/24 00:45:47 | 000,230,176 | ---- | C] () -- C:\Documents and Settings\good\Bureau\FC_Bayern_Munich_Logo.JPG
[2010/05/23 14:47:44 | 000,001,699 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Modem LG LDU-1900D.lnk
[2010/05/21 23:37:02 | 000,000,790 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2010/05/21 14:42:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010/05/19 16:09:22 | 002,302,120 | ---- | C] () -- C:\Documents and Settings\good\Mes documents\05. Khaled & Arabesk - Besslama.mp3
[2010/05/19 16:08:57 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Switch.lnk
[2010/05/19 16:07:05 | 012,687,100 | ---- | C] () -- C:\Documents and Settings\good\Bureau\05. Khaled & Arabesk - Besslama.wav
[2010/05/19 15:59:26 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\good\Bureau\Audacity.lnk
[2010/05/19 15:40:43 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\good\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/18 18:31:22 | 000,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Yahoo! Messenger.lnk
[2010/05/17 18:30:29 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2010/05/17 18:29:05 | 000,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2010/05/17 18:29:05 | 000,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2010/05/17 18:12:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010/05/17 18:10:50 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\E600CoInstaller.dll
[2010/05/17 18:07:06 | 000,036,924 | R--- | C] () -- C:\WINDOWS\cmijack.dat
[2010/05/17 18:07:06 | 000,020,333 | R--- | C] () -- C:\WINDOWS\cmaudio.dat
[2010/05/17 18:00:47 | 000,001,632 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/05/17 17:55:18 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/05/17 17:51:07 | 000,002,257 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Skype.lnk
[2010/05/17 17:50:15 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/05/17 17:50:14 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010/05/17 17:50:12 | 000,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2010/05/17 17:50:10 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/05/17 17:50:09 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/05/17 17:50:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/05/17 17:50:05 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/05/17 17:50:05 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/05/17 17:49:07 | 000,002,018 | ---- | C] () -- C:\Documents and Settings\good\Bureau\Foxit Reader.lnk
[2010/05/17 17:48:25 | 000,001,325 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart.lnk
[2010/05/17 17:47:11 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/05/17 17:46:45 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\good\ntuser.ini
[2010/05/17 17:46:44 | 003,670,016 | -H-- | C] () -- C:\Documents and Settings\good\NTUSER.DAT
[2010/05/17 17:46:44 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\good\NTUSER.DAT.LOG
[2010/05/17 17:46:30 | 402,182,144 | -HS- | C] () -- C:\hiberfil.sys
[2010/05/17 17:45:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/05/17 17:44:11 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
[2010/05/17 17:42:15 | 000,003,121 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/17 17:42:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010/05/17 17:42:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010/05/17 17:42:15 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010/05/17 17:42:15 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010/05/17 17:42:06 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/05/17 17:42:06 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/05/17 17:42:02 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010/05/17 17:39:34 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010/05/17 17:39:34 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010/05/17 17:39:24 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010/05/17 17:38:18 | 000,049,102 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010/05/17 17:38:18 | 000,049,102 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010/05/17 17:36:02 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MSN Messenger 7.5.lnk
[2010/05/17 17:35:52 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010/05/17 17:34:35 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Mur de Santa Fe.bmp
[2010/05/17 17:34:35 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Rivière Sumida.bmp
[2010/05/17 17:34:35 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2010/05/17 17:34:35 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010/05/17 17:34:34 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Bulles de savon.bmp
[2010/05/17 17:34:34 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Vent de prairie.bmp
[2010/05/17 17:34:34 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit vert.bmp
[2010/05/17 17:34:34 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Jour de pêche.bmp
[2010/05/17 17:34:34 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Tasse à café.bmp
[2010/05/17 17:34:34 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Plume.bmp
[2010/05/17 17:34:34 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Rosace bleue 16.bmp
[2010/05/17 17:34:33 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010/05/17 17:34:33 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010/05/17 17:34:33 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010/05/17 17:34:33 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010/05/17 17:34:33 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010/05/17 17:34:33 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010/05/17 17:34:32 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010/05/17 17:34:32 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010/05/17 17:34:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010/05/17 17:34:30 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010/05/17 17:34:28 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010/05/17 17:34:20 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2010/05/17 17:28:15 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010/05/17 17:27:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls
[2010/05/17 17:27:46 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls
[2010/05/17 17:27:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls
[2010/05/17 17:27:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS
[2010/05/17 17:27:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls
[2010/05/17 17:27:45 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls
[2010/05/17 17:27:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls
[2010/05/17 17:27:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2010/05/17 17:27:43 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010/05/17 17:27:42 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010/05/17 17:27:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010/05/17 17:27:42 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010/05/17 17:27:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010/05/17 17:27:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010/05/17 17:27:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010/05/17 17:27:41 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010/05/17 17:27:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010/05/17 17:27:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010/05/17 17:27:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010/05/17 17:27:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010/05/17 17:27:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010/05/17 17:27:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010/05/17 17:27:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010/05/17 17:27:37 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2010/05/17 17:27:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010/05/17 17:27:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010/05/17 17:27:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010/05/17 17:27:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010/05/17 17:27:26 | 000,001,896 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010/05/17 17:26:07 | 000,223,224 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/17 17:25:17 | 000,000,212 | -HS- | C] () -- C:\boot.ini
[2010/05/17 17:25:11 | 000,001,442 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

[color=#E56717]========== LOP Check ==========[/color]

[2010/05/25 11:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/05/20 18:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010/05/28 10:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit
[2010/06/04 10:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\good\Application Data\DMCache
[2010/05/20 18:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\good\Application Data\ESET
[2010/05/25 00:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\good\Application Data\IDM
[2010/06/03 18:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\good\Application Data\PhotoFiltre
[2010/05/28 10:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\good\Application Data\Toolbar4

[color=#E56717]========== Purity Check ==========[/color]


< End of report >



Modifié par sa.niceman le 04/06/2010 18:46
no.ppp
 Posté le 04/06/2010 à 19:49 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Salut,

Tu as chopé une infection USB entre autres. Quelques infos ici : http://forum.malekal.com/explications-infections-disques-amovibles-clefs-usb-etc-t5544.html

Télécharge ce fichier OTL.txt et ouvre-le.

  • Relance OTL
  • Copie-colle le contenu de OTL.txt dans la fenêtre personnalisation
  • Clique ensuite sur Correction et laisse l'outil travailler.
  • Poste le contenu du nouveau rapport.

Télécharge UsbFix sur ton Bureau

  • Désactive temporairement ton antivirus.
  • Double-clique sur UsbFix sur ton Bureau (Pour Vista, clic droit -> exécuter en tant qu'administrateur). L'installation est automatique.
  • Clique sur Recherche.
  • Cette fenêtre apparaît :
  • Branche tes supports externes ! Clique sur OK
  • Poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Télécharge LopS&D sur ton Bureau

  • Double-clique sur le fichier téléchargé
  • Choisis la langue
  • Une fenêtre apparaît, clique sur OK
  • Sélectionne l'option 1.
  • Le Bloc-note va s'ouvrir. Poste son contenu dans ta prochaine réponse.



Modifié par no.ppp le 04/06/2010 19:51
no.ppp
 Posté le 04/06/2010 à 20:47 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Je ne sais pas ce que tu as fait mais ce n'est absolument pas çà. Ça n'a rien produit sur ton PC mais ça aurait pu être bien plus désastreux.

Merci de relire mon post précédent.

Tu télécharges OTL.txt tu l'ouvres et tu copies colles son contenu dans personnalisation

sa.niceman
 Posté le 04/06/2010 à 21:07 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
no.ppp a écrit :

Je ne sais pas ce que tu as fait mais ce n'est absolument pas çà. Ça n'a rien produit sur ton PC mais ça aurait pu être bien plus désastreux.

Merci de relire mon post précédent.

Tu télécharges OTL.txt tu l'ouvres et tu copies colles son contenu dans personnalisatio

Desole je voici le rapport j'ai telecharger otl.txt et j'ai fait ton demarche :

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dso32 deleted successfully.
File C:\Documents and Settings\good\Local Settings\Temp\dsoqq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8082c80e-61da-11df-bde8-0000831784f2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8082c80e-61da-11df-bde8-0000831784f2}\ not found.
File G:\awb3ryk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8082c80e-61da-11df-bde8-0000831784f2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8082c80e-61da-11df-bde8-0000831784f2}\ not found.
File G:\awb3ryk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eef9e2a3-61d7-11df-997d-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eef9e2a3-61d7-11df-997d-806d6172696f}\ not found.
File awb3ryk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eef9e2a3-61d7-11df-997d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eef9e2a3-61d7-11df-997d-806d6172696f}\ not found.
File awb3ryk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eef9e2a4-61d7-11df-997d-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eef9e2a4-61d7-11df-997d-806d6172696f}\ not found.
File awb3ryk.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eef9e2a4-61d7-11df-997d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eef9e2a4-61d7-11df-997d-806d6172696f}\ not found.
File awb3ryk.exe not found.
C:\WINDOWS\system32\drivers\etc\hosts.msn moved successfully.
========== FILES ==========
File\Folder C:\Documents and Settings\good\Local Settings\Temp\dsoqq.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 5638283 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: good
->Temp folder emptied: 4925285318 bytes
->Temporary Internet Files folder emptied: 40059575 bytes
->Java cache emptied: 1254383 bytes
->Flash cache emptied: 2713 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33214 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2432940 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 616448 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 155012 bytes

Total Files Cleaned = 4 745,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: good
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.5.3 log created on 06042010_195731

Files\Folders moved on Reboot...
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\downlWithIDM.dll moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\idmmkb.dll moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\POCD382G\adf5ef[1].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\POCD382G\cheval_de_troie-f25s55145[1].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\PJJGIVGO\ads[10].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\PJJGIVGO\ads[9].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\DWGJU8MB\ads[9].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\55FQ18US\ads[7].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\Content.IE5\26QYIKV6\ads[5].htm moved successfully.
C:\Documents and Settings\good\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File\Folder C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

sa.niceman
 Posté le 04/06/2010 à 21:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

le rapport de usbfix

############################## | Usbfix 7.004 | [Recherche]

Utilisateur: good (Administrateur) # POSTE [ ]
Mis à jour le 04/06/10 par El Desaparecido / C_XX
Lancé à 20:15:14 | 04/06/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 7.0.5730.13

Pare-feu Windows: Désactivé /!\
Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]

RAM -> 383 Mo
C:\ (%systemdrive%) -> Disque fixe # 9 Go (6 Go libre(s) - 66%) [] # NTFS
D:\ -> Disque fixe # 4 Go (1018 Mo libre(s) - 25%) [STOCK] # FAT32
E:\ -> CD-ROM
F:\ -> CD-ROM

################## | Éléments infectieux |

Présent! C:\Autorun.inf
Présent! D:\Autorun.inf
Présent! C:\Recycler\S-1-5-21-1214440339-1343024091-842925246-1003
Présent! D:\a.jpg
Présent! D:\c.jpg

################## | Registre |


################## | Mountpoints2 |


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |



Modifié par sa.niceman le 04/06/2010 21:18
sa.niceman
 Posté le 04/06/2010 à 21:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

le rapport de lop S&D


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Processeur Intel Pentium III )
BIOS : Award Modular BIOS v4.51PG
USER : good ( Administrator )
BOOT : Normal boot
Antivirus : avast! Antivirus 5.0.83886625 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:9 Go (Free:6 Go)
D:\ (Local Disk) - FAT32 - Total:3 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 04/06/2010|20:20 )

--------------------\\ Listing des dossiers dans APPLIC~1

[25/05/2010|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Alwil Software
[17/05/2010|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[20/05/2010|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
[21/05/2010|00:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[17/05/2010|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[17/05/2010|17:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[28/05/2010|10:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SpeedBit
[18/05/2010|18:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

[17/05/2010|17:42] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[17/05/2010|17:35] C:\DOCUME~1\good\APPLIC~1\Adobe
[04/06/2010|17:41] C:\DOCUME~1\good\APPLIC~1\DMCache
[20/05/2010|18:13] C:\DOCUME~1\good\APPLIC~1\ESET
[17/05/2010|17:55] C:\DOCUME~1\good\APPLIC~1\Identities
[25/05/2010|00:19] C:\DOCUME~1\good\APPLIC~1\IDM
[17/05/2010|17:39] C:\DOCUME~1\good\APPLIC~1\Macromedia
[25/05/2010|22:13] C:\DOCUME~1\good\APPLIC~1\Media Player Classic
[19/05/2010|01:10] C:\DOCUME~1\good\APPLIC~1\Microsoft
[03/06/2010|18:08] C:\DOCUME~1\good\APPLIC~1\PhotoFiltre
[18/05/2010|17:49] C:\DOCUME~1\good\APPLIC~1\Real
[04/06/2010|11:51] C:\DOCUME~1\good\APPLIC~1\Skype
[17/05/2010|17:49] C:\DOCUME~1\good\APPLIC~1\Sun
[28/05/2010|10:27] C:\DOCUME~1\good\APPLIC~1\Toolbar4
[19/05/2010|15:39] C:\DOCUME~1\good\APPLIC~1\yahoo!

[17/05/2010|17:46] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[17/05/2010|17:46] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[04/06/2010 20:00][--ah-----] C:\WINDOWS\tasks\SA.DAT
[28/08/2001 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[17/05/2010|17:47] C:\Program Files\Ahead
[25/05/2010|11:44] C:\Program Files\Alwil Software
[19/05/2010|15:59] C:\Program Files\Audacity
[19/05/2010|16:27] C:\Program Files\Axon Data
[17/05/2010|17:35] C:\Program Files\ComPlus Applications
[23/05/2010|14:47] C:\Program Files\Fichiers communs
[30/05/2010|11:09] C:\Program Files\FLV to AVI MPEG WMV 3GP MP4 iPod Converter
[17/05/2010|17:49] C:\Program Files\Foxit Software
[17/05/2010|18:10] C:\Program Files\Huawei technologies
[23/05/2010|14:47] C:\Program Files\InstallShield Installation Information
[17/05/2010|17:38] C:\Program Files\Internet Explorer
[17/05/2010|17:49] C:\Program Files\Java
[17/05/2010|17:50] C:\Program Files\K-Lite Codec Pack
[23/05/2010|14:47] C:\Program Files\LG Electronics
[17/05/2010|17:53] C:\Program Files\Microsoft Office
[17/05/2010|17:53] C:\Program Files\Microsoft Works
[17/05/2010|17:37] C:\Program Files\Movie Maker
[17/05/2010|17:47] C:\Program Files\Mozilla Firefox
[17/05/2010|17:34] C:\Program Files\MSN Gaming Zone
[17/05/2010|17:48] C:\Program Files\MSN Messenger
[19/05/2010|16:08] C:\Program Files\NCH Swift Sound
[17/05/2010|17:38] C:\Program Files\NetMeeting
[17/05/2010|17:38] C:\Program Files\Outlook Express
[03/06/2010|17:49] C:\Program Files\PhotoFiltre
[17/05/2010|17:50] C:\Program Files\QuickTime Alternative
[28/05/2010|10:27] C:\Program Files\SearchPredict
[17/05/2010|17:39] C:\Program Files\Services en ligne
[17/05/2010|17:51] C:\Program Files\Skype
[28/05/2010|10:28] C:\Program Files\SpeedBit Video Accelerator
[28/05/2010|10:27] C:\Program Files\SpeedBit Video Downloader
[17/05/2010|17:55] C:\Program Files\Uninstall Information
[17/05/2010|17:42] C:\Program Files\Windows Media Connect 2
[17/05/2010|17:43] C:\Program Files\Windows Media Player
[17/05/2010|17:34] C:\Program Files\Windows NT
[17/05/2010|17:39] C:\Program Files\WindowsUpdate
[17/05/2010|17:46] C:\Program Files\WinRAR
[18/05/2010|18:31] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[17/05/2010|17:47] C:\Program Files\Fichiers communs\Ahead
[17/05/2010|17:53] C:\Program Files\Fichiers communs\DESIGNER
[23/05/2010|14:47] C:\Program Files\Fichiers communs\InstallShield
[17/05/2010|17:49] C:\Program Files\Fichiers communs\Java
[25/05/2010|11:44] C:\Program Files\Fichiers communs\Microsoft Shared
[17/05/2010|17:38] C:\Program Files\Fichiers communs\MSSoap
[17/05/2010|17:28] C:\Program Files\Fichiers communs\ODBC
[17/05/2010|17:38] C:\Program Files\Fichiers communs\Services
[17/05/2010|17:51] C:\Program Files\Fichiers communs\Skype
[17/05/2010|17:27] C:\Program Files\Fichiers communs\SpeechEngines
[17/05/2010|17:37] C:\Program Files\Fichiers communs\System

--------------------\\ Process

( 30 Processes )

iexplore.exe ~ [PID:2264]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\good\Cookies\good@advertstream[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-04 20:23:33
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:306][D:0]-> C:\DOCUME~1\good\Cookies
[F:249][D:9]-> C:\DOCUME~1\good\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 04/06/2010|20:24 - Option : [1]

--------------------\\ Fin du rapport a 20:24:37

no.ppp
 Posté le 04/06/2010 à 21:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Re,

Supprime : C:\Lop SD et son raccourci sur le Bureau.

Relance UsbFix sur ton Bureau (Pour Vista, clic droit -> exécuter en tant qu'administrateur).

  • Clique sur Suppression.
  • Cette fenêtre apparaît :
  • Branche tes supports externes ! Clique sur OK.
  • Cela va lancer la procédure de nettoyage des lecteurs amovibles branchés.
  • Ton bureau va disparaïtre, c'est normal.
  • Poste le rapport UsbFix.txt (C:\UsbFix.txt)

Télécharge et installe Malwarebyte's Anti-Malware

  • A la fin de l'installation, coche Mettre à jour Malwarebytes' Anti-Malware si ce n'est déjà fait.
  • Clique sur "Terminer".
  • Lance MBAM en double-cliquant sur l'icône sur le Bureau.
  • Au premier lancement, une fenêtre t'annonce que la version est Free. Clique alors sur ok.
  • Les Mises à jour se téléchargent, patiente.
  • Lance Malwarebyte's Anti-Malware.
  • Choisis ceci Onglet "Recherche". Coche Exécuter un examen complet puis Rechercher.
  • Sélectionne ton disque dur et clique clic sur "lancer l'examen".
  • A la fin du scan, clique sur Afficher les résultats.
  • Suppression des éléments détectés : Clique sur Supprimer la sélection.
  • Si un redémarrage est demandé, clique sur "Yes".
  • Un rapport de scan s'ouvre, poste le rapport.
  • Si tu as besoin d'aide, rends-toi ici : https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)


sa.niceman
 Posté le 05/06/2010 à 13:14 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
no.ppp a écrit :

Re,

Supprime : C:\Lop SD et son raccourci sur le Bureau.

Relance UsbFix sur ton Bureau (Pour Vista, clic droit -> exécuter en tant qu'administrateur).

  • Clique sur Suppression.
  • Cette fenêtre apparaît :
  • Branche tes supports externes ! Clique sur OK.
  • Cela va lancer la procédure de nettoyage des lecteurs amovibles branchés.
  • Ton bureau va disparaïtre, c'est normal.
  • Poste le rapport UsbFix.txt (C:\UsbFix.txt)

Télécharge et installe Malwarebyte's Anti-Malware

  • A la fin de l'installation, coche Mettre à jour Malwarebytes' Anti-Malware si ce n'est déjà fait.
  • Clique sur "Terminer".
  • Lance MBAM en double-cliquant sur l'icône sur le Bureau.
  • Au premier lancement, une fenêtre t'annonce que la version est Free. Clique alors sur ok.
  • Les Mises à jour se téléchargent, patiente.
  • Lance Malwarebyte's Anti-Malware.
  • Choisis ceci Onglet "Recherche". Coche Exécuter un examen complet puis Rechercher.
  • Sélectionne ton disque dur et clique clic sur "lancer l'examen".
  • A la fin du scan, clique sur Afficher les résultats.
  • Suppression des éléments détectés : Clique sur Supprimer la sélection.
  • Si un redémarrage est demandé, clique sur "Yes".
  • Un rapport de scan s'ouvre, poste le rapport.
  • Si tu as besoin d'aide, rends-toi ici : https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.
(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

Salut et voici le rapport :

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4170

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

05/06/2010 12:07:12
mbam-log-2010-06-05 (12-07-12).txt

Type d'examen: Examen complet (C:\|D:\|)
Elément(s) analysé(s): 125559
Temps écoulé: 23 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055c089-8582-441b-a0bf-17b458c2a3a8} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0055c089-8582-441b-a0bf-17b458c2a3a8} (Trojan.BHO.H) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Documents and Settings\Default User\Local Settings\Temp\bsasee3y5d\IDMIECC.dll (Trojan.BHO.H) -> Quarantined and deleted successfully.
C:\Program Files\SpeedBit Video Downloader\SPFireFox\chrome\content\speedbitvideodownloader\SpeedBitVideoDownloader.dll (Adware.EcoBar) -> Quarantined and deleted successfully.
C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll (Adware.EcoBar) -> Quarantined and deleted successfully.

no.ppp
 Posté le 05/06/2010 à 13:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Salut,

Il manque UsbFix.

sa.niceman
 Posté le 05/06/2010 à 16:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
no.ppp a écrit :

Salut,

Il manque UsbFix.

salut je ne sais pas

no.ppp
 Posté le 05/06/2010 à 17:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

C'est écrit juste au-dessus...

sa.niceman
 Posté le 05/06/2010 à 20:43 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
no.ppp a écrit :

C'est écrit juste au-dessus...

salut

Apres la demarche suivies mon pc se plante que dois je faire?

no.ppp
 Posté le 05/06/2010 à 22:31 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Astucien

Des explications peut-être ...

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
149,79 €SSD Interne M.2 NVMe PCIe 4.0 Samsung 980 PRO 1 To (avec dissipateur) à 149,79 € livré
Valable jusqu'au 27 Mai

Amazon Allemagne fait une promotion sur le SSD Interne M.2 NVMe PCIe 4.0 Samsung 980 PRO 1 To avec son dissipateur de chaleur qui passe 145,20 € (avec la TVA ajustée). Comptez 4,59 € pour la livraison en France soit un total de 149,79 €. On le trouve ailleurs à partir de 200 €. Ce SSD offre des taux de transfert de 7000 Mo /s en lecture et 5100 Mo/s en écriture. Une excellente affaire. 

Notez qu'il est compatible avec la console de jeux PS5.


> Voir l'offre
168,99 €SSD Crucial MX500 2 To à 168,99 €
Valable jusqu'au 27 Mai

Amazon propose actuellement le SSD Crucial MX500 2 To à 168,99 € livré gratuitement. On le trouve ailleurs à partir de 190 €. Ce SSD salué par la critique par son rapport qualité prix imbattable offre des débits de 560 Mo/s en lecture et 510 Mo/s en écriture. Il est garanti 5 ans. Une bonne affaire.


> Voir l'offre
20,46 €Jeu PS4 / Xbox GTA The Trilogy - The Definitive Edition à 20,46 €
Valable jusqu'au 27 Mai

Amazon fait une promotion sur le jeu GTA The Trilogy - The Definitive Edition sur PS4 et Xbox One / Series X qui passe à 20,46 € alors qu'on le trouve ailleurs à partir de 38,99 €. Jouez aux classiques de la trilogie originale de GTA qui ont ouvert la voie au genre : GTA III, GTA: Vice City et GTA: San Andreas avec des mises à jour : nouvel éclairage, environnements optimisés, textures HD, horizon amélioré, commandes et visée inspirées de GTA V.


> Voir l'offre

Sujets relatifs
comment supprimer Un cheval de troie ks/kryptyk.l
pc infecte par cheval de troie et autres
infection cheval de troie
Divers adwares, cheval de Troie
une variante de Win32/Agent.SZW cheval de troie
Cheval de Troie bloqué invisible dans la quarantaine
cheval de troie pour cameyo
Cheval de Troie : Generic_s.ABP
question sur cheval de troie
cheval de troie
cheval de troie a l'ouverture IE
Plus de sujets relatifs à Cheval de troie
 > Tous les forums > Forum Sécurité