Suite a un probleme avec un virus (Antivirus Live), j'ai formatté mon disque dur C: sur lequel j'avais mon Windows. Je n'ai pas formatté le D: puisqu'il contient toutes mes données (musique, jeux, programmes divers, etc.). Par le passé, j'utilisais Avast comme antivirus et maintenant j'utilise Avira. Depuis ce temps, il détecte quelque chose BOO/Sinowal.A.
Ca me dit ''Master boot sector HD1''. En dessous c'est écrit ''Contains code of the BOO/Sinowal.A boot sector virus.
Ca dit aussi plus loin après avoir appuyer sur delete et OK ''Boot sector 'D:\' contains code of the BOO/Sinowal.A boot sector virus. J'espère ne pas avoir a tout effacer mon D:.
J'ai parcouru quelques forums et le problème semble se règler individuellement. C'est pour ca que je créé un sujet.
Je ne suis pas calé en informatique alors SVP essayer de ne pas trop utiliser un dialecte trop difficile.
SVP aidez moi
Il y a actuellement 196 visiteurs
Dimanche 05 Mai 2024
       |
Infecté BOO/Sinowal.A
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...), veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...), veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel
Infecté BOO/Sinowal.A
le 06 Jan 2010 01:46
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 06 Jan 2010 15:47
Salut et bienvenue sur PC infoPratique 
espérons plutôt que ton Disque dure ne finisse pas à la poubelle, car même le formatage complet de ton disque dure ne pourra pas supprimer cette infection de MBR.
Autant te prévenir tout de suite, la procédure va être un peu longue et le résultat n'est pas toujours garantie car ce genre de trojan est très coriace
commence par cela stp...
Télécharge >> TFC.exe << impérativement sur ton bureau
Ferme tous les programmes en cour de fonctionnement...
Fait un double-clic sur l'icône de TFC pour le lancer
Une demande va apparaitre pour te demander de redémarrer ton pc, cliques sur "YES" et laisse faire TFC.
ensuite...
>télécharges >> Malwarebytes <<
>Installes le et mets le à jours avant le scan
> choisis "exécuter un examen complet" et coches toutes les partitions présente sur ton pc, et à la fin du scan , coches tous les éléments trouvés,et cliques sur supprimer la sélection.
> et ensuite postes moi le rapport stp.
et enfin...
* Télécharge >> OTL <<sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.
* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "Custom scanx/fixes"
* Cliques sur l'icône "RunScan" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
bon courage @++
J'espère ne pas avoir a tout effacer mon D:.
espérons plutôt que ton Disque dure ne finisse pas à la poubelle, car même le formatage complet de ton disque dure ne pourra pas supprimer cette infection de MBR.
Autant te prévenir tout de suite, la procédure va être un peu longue et le résultat n'est pas toujours garantie car ce genre de trojan est très coriace
commence par cela stp...
Télécharge >> TFC.exe << impérativement sur ton bureau
Ferme tous les programmes en cour de fonctionnement...
Fait un double-clic sur l'icône de TFC pour le lancer
Une demande va apparaitre pour te demander de redémarrer ton pc, cliques sur "YES" et laisse faire TFC.
ensuite...
>télécharges >> Malwarebytes <<
>Installes le et mets le à jours avant le scan
> choisis "exécuter un examen complet" et coches toutes les partitions présente sur ton pc, et à la fin du scan , coches tous les éléments trouvés,et cliques sur supprimer la sélection.
> et ensuite postes moi le rapport stp.
et enfin...
* Télécharge >> OTL <<sur ton bureau.
* Fait un double-clic sur l'icône d'OTL pour le lancer
* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.
* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "Custom scanx/fixes"
%SYSTEMDRIVE%\cdrom.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\ACPI.sys /s /md5
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
* Cliques sur l'icône "RunScan" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
bon courage @++
-
jeanmimigab - PC-Infopraticien
- Messages: 2986
- Inscription: 29 Nov 2009 12:05
Re: Infecté BOO/Sinowal.A
le 07 Jan 2010 02:24
Rapport Malwarebytes :
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3504
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-01-06 18:59:03
mbam-log-2010-01-06 (18-59-03).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 146560
Temps écoulé: 52 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.43
Version de la base de données: 3504
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-01-06 18:59:03
mbam-log-2010-01-06 (18-59-03).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 146560
Temps écoulé: 52 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 07 Jan 2010 02:29
Pour le rapport OTL, je l'envoye en morceau car la page gèle : (Partie 1 de 1)
OTL logfile created on: 2010-01-06 19:11:20 - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd
511,00 Mb Total Physical Memory | 407,00 Mb Available Physical Memory | 80,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,64 Gb Total Space | 5,40 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 12,17 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ORDIMAISON
Current User Name: Marco
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Marco\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\devldr32.exe (Creative Technology Ltd.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Marco\Bureau\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
========== Driver Services (SafeList) ==========
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntmgr) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys (Avira GmbH)
DRV - (avgntdd) -- C:\WINDOWS\system32\drivers\avgntdd.sys (Avira GmbH)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)
DRV - (SiS7018) Service pour le pilote d'échantillonnage AC'97 (WDM) -- C:\WINDOWS\system32\drivers\ac97sis.sys (Silicon Integrated Systems Corp.)
DRV - (sfman) Pilote du Gestionnaire SoundFont Creative (WDM) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (emu10k1) Pilote du Gestionnaire d'interface Creative (WDM) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (emu10k) Creative SB Live! (WDM) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-19 09:27:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-01-06 19:09:43 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTL.exe
[2010-01-06 17:02:28 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-06 17:02:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-01-06 17:02:22 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-06 16:46:58 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\TFC.exe
[2010-01-05 18:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\clp
[2010-01-05 17:53:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Fighters
[2010-01-05 17:53:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\PackageAware
[2010-01-05 17:01:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Malwarebytes
[2010-01-05 17:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-01-04 19:31:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010-01-04 19:30:29 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2010-01-04 19:30:29 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-01-03 07:33:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010-01-02 17:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Estsoft
[2010-01-02 17:55:53 | 00,000,000 | ---D | C] -- C:\Program Files\ESTsoft
[2010-01-02 17:55:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\ESTsoft
[2010-01-02 16:18:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-01-02 16:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Designer
[2010-01-02 16:17:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2010-01-02 16:15:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Microsoft Web Folders
[2010-01-02 16:15:53 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009-12-29 12:42:12 | 00,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 5
[2009-12-28 22:10:44 | 00,356,928 | ---- | C] (SkyLine Inc.) -- C:\WINDOWS\System\SKY16V3C.DLL
[2009-12-28 22:10:32 | 00,000,000 | ---D | C] -- C:\PT
[2009-12-28 22:09:55 | 00,248,064 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\UNINST16.EXE
[2009-12-28 22:09:55 | 00,026,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\CTL3D.DLL
[2009-12-28 22:09:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\WINDOWS
[2009-12-28 21:55:10 | 00,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 3
[2009-12-28 09:22:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009-12-25 09:50:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\G2Runner
[2009-12-24 11:16:40 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009-12-23 10:12:38 | 00,000,000 | ---D | C] -- C:\Nexon
[2009-12-23 09:36:38 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009-12-23 09:12:10 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\IECompatCache
[2009-12-22 20:32:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2009-12-22 19:07:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009-12-22 18:46:34 | 91,696,8641 | ---- | C] (Nexon) -- C:\Documents and Settings\Marco\Mes documents\CombatArmsSetupV33.exe
[2009-12-22 18:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\PMB Files
[2009-12-22 18:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009-12-22 18:45:36 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009-12-21 05:37:16 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009-12-20 11:36:48 | 00,000,000 | ---D | C] -- C:\Program Files\Eidos Interactive
[2009-12-19 17:04:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Adobe
[2009-12-19 17:00:48 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\PrivacIE
[2009-12-19 16:58:54 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\IETldCache
[2009-12-19 16:56:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-12-19 16:56:33 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-12-19 16:56:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009-12-19 16:56:32 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-12-19 16:56:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-12-19 16:55:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009-12-19 16:54:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-12-19 16:32:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Macromedia
[2009-12-19 15:36:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Mes documents\EA Games
[2009-12-19 15:01:18 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009-12-19 14:59:25 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009-12-19 14:59:18 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009-12-19 14:52:47 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009-12-19 14:52:47 | 00,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009-12-19 14:21:05 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009-12-19 14:21:04 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009-12-19 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2009-12-19 14:05:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Tracing
[2009-12-19 14:03:04 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009-12-19 14:02:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009-12-19 14:02:34 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009-12-19 13:59:42 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009-12-19 13:58:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Contacts
[2009-12-19 13:57:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Mes documents\Mes fichiers reçus
[2009-12-19 13:57:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009-12-19 13:55:38 | 00,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009-12-19 13:54:43 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009-12-19 13:54:06 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2009-12-19 13:53:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009-12-19 13:53:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2009-12-19 13:52:13 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009-12-19 13:52:11 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009-12-19 13:52:08 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009-12-19 13:51:53 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009-12-19 13:51:24 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009-12-19 13:51:21 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009-12-19 13:51:20 | 02,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009-12-19 13:51:17 | 00,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009-12-19 13:50:57 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009-12-19 13:50:55 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009-12-19 13:45:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009-12-19 13:45:52 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009-12-19 13:43:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-12-19 13:36:32 | 01,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009-12-19 13:36:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009-12-19 13:36:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009-12-19 13:36:29 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009-12-19 13:36:28 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009-12-19 13:36:28 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009-12-19 13:36:28 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009-12-19 13:36:27 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009-12-19 13:36:26 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009-12-19 13:36:26 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009-12-19 13:36:25 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009-12-19 13:36:25 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009-12-19 13:36:24 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009-12-19 13:36:24 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009-12-19 13:36:23 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009-12-19 13:36:21 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009-12-19 13:36:21 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009-12-19 13:36:20 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009-12-19 13:36:20 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009-12-19 13:36:20 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009-12-19 13:36:20 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009-12-19 13:36:19 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009-12-19 13:36:10 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009-12-19 13:36:03 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009-12-19 13:36:02 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009-12-19 13:36:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009-12-19 13:36:01 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009-12-19 13:36:01 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009-12-19 13:36:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009-12-19 13:36:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009-12-19 13:36:01 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009-12-19 13:36:01 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009-12-19 13:36:00 | 00,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009-12-19 13:36:00 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009-12-19 13:36:00 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009-12-19 13:36:00 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009-12-19 13:36:00 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009-12-19 13:36:00 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009-12-19 13:36:00 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009-12-19 13:36:00 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009-12-19 13:35:59 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009-12-19 13:35:56 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009-12-19 13:35:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009-12-19 13:35:55 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009-12-19 13:35:55 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009-12-19 13:35:55 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009-12-19 13:35:55 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009-12-19 13:35:55 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009-12-19 13:35:55 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009-12-19 13:35:54 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009-12-19 13:35:54 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009-12-19 13:35:54 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009-12-19 13:35:53 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009-12-19 13:35:52 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009-12-19 13:35:52 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009-12-19 13:35:52 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009-12-19 13:35:52 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009-12-19 13:35:51 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009-12-19 13:35:51 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009-12-19 13:35:51 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009-12-19 13:35:49 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009-12-19 13:35:49 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009-12-19 13:35:49 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009-12-19 13:35:48 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009-12-19 13:35:48 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009-12-19 13:35:48 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009-12-19 13:35:48 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009-12-19 13:35:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2009-12-19 13:35:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-12-19 13:35:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009-12-19 13:35:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-12-19 13:31:01 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009-12-19 13:30:35 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009-12-19 13:30:35 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009-12-19 13:30:35 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009-12-19 13:30:34 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009-12-19 13:30:34 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009-12-19 13:30:34 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009-12-19 13:30:34 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009-12-19 13:30:33 | 00,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009-12-19 13:30:30 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009-12-19 13:30:29 | 00,848,922 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009-12-19 13:30:29 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009-12-19 13:30:29 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009-12-19 13:30:29 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009-12-19 13:30:29 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009-12-19 13:30:29 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009-12-19 13:30:29 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009-12-19 13:30:29 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009-12-19 13:30:29 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009-12-19 13:30:29 | 00,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009-12-19 13:30:28 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009-12-19 13:30:28 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009-12-19 13:30:28 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009-12-19 13:30:28 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009-12-19 13:30:28 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009-12-19 13:30:28 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009-12-19 13:30:27 | 00,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009-12-19 13:30:26 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009-12-19 13:30:26 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009-12-19 13:30:26 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009-12-19 13:30:25 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009-12-19 13:30:25 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009-12-19 13:30:24 | 02,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009-12-19 13:30:24 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2009-12-19 13:30:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009-12-19 13:30:24 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009-12-19 13:30:24 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009-12-19 13:30:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009-12-19 13:30:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009-12-19 13:30:23 | 02,174,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009-12-19 13:30:23 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009-12-19 13:30:23 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009-12-19 13:30:23 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009-12-19 13:30:23 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009-12-19 13:30:23 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009-12-19 13:30:23 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009-12-19 13:27:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-12-19 13:27:55 | 00,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009-12-19 13:25:36 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009-12-19 12:50:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009-12-19 12:49:26 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2009-12-19 12:48:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009-12-19 12:48:31 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009-12-19 11:27:31 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009-12-19 11:27:31 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009-12-19 11:27:31 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009-12-19 11:27:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009-12-19 11:27:24 | 00,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2009-12-19 11:27:24 | 00,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2009-12-19 11:27:24 | 00,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2009-12-19 11:27:24 | 00,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2009-12-19 11:27:24 | 00,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2009-12-19 11:27:24 | 00,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2009-12-19 11:27:24 | 00,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2009-12-19 11:27:23 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2009-12-19 11:27:23 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2009-12-19 11:27:23 | 00,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2009-12-19 11:27:23 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2009-12-19 11:27:23 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2009-12-19 11:27:23 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2009-12-19 11:27:23 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2009-12-19 11:27:23 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2009-12-19 11:27:23 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2009-12-19 11:27:23 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2009-12-19 11:27:23 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2009-12-19 11:27:22 | 00,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2009-12-19 11:27:22 | 00,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2009-12-19 11:27:22 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2009-12-19 11:27:22 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2009-12-19 11:27:22 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2009-12-19 11:27:22 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2009-12-19 11:27:22 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2009-12-19 11:27:22 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2009-12-19 11:27:22 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2009-12-19 11:27:21 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2009-12-19 11:27:21 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2009-12-19 11:27:21 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2009-12-19 11:27:21 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2009-12-19 11:27:21 | 00,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2009-12-19 11:27:21 | 00,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2009-12-19 11:27:21 | 00,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2009-12-19 11:27:21 | 00,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2009-12-19 11:27:20 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2009-12-19 11:27:20 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009-12-19 11:27:20 | 00,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2009-12-19 11:27:19 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2009-12-19 11:27:19 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2009-12-19 11:27:19 | 00,011,868 | ---- | C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2009-12-19 11:27:18 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2009-12-19 11:27:18 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2009-12-19 11:27:18 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2009-12-19 11:27:18 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2009-12-19 11:27:18 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009-12-19 11:27:16 | 01,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2009-12-19 11:27:16 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2009-12-19 11:27:16 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009-12-19 11:27:16 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2009-12-19 11:27:15 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2009-12-19 11:27:15 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2009-12-19 11:27:15 | 00,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2009-12-19 11:27:14 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2009-12-19 11:27:14 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009-12-19 11:27:14 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009-12-19 11:27:14 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2009-12-19 11:27:14 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2009-12-19 11:27:14 | 00,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2009-12-19 11:27:14 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2009-12-19 11:27:14 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009-12-19 11:27:13 | 00,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009-12-19 11:27:13 | 00,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2009-12-19 11:27:13 | 00,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2009-12-19 11:27:13 | 00,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2009-12-19 11:27:13 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2009-12-19 11:27:13 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2009-12-19 11:27:13 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2009-12-19 11:27:12 | 01,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2009-12-19 11:27:12 | 00,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2009-12-19 11:27:12 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009-12-19 11:27:12 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009-12-19 11:27:12 | 00,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2009-12-19 11:27:12 | 00,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2009-12-19 11:27:12 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009-12-19 11:27:12 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009-12-19 11:27:12 | 00,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2009-12-19 11:27:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009-12-19 11:27:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009-12-19 11:27:11 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009-12-19 11:27:11 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009-12-19 11:27:11 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009-12-19 11:27:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2009-12-19 11:27:10 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009-12-19 11:27:10 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009-12-19 11:27:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009-12-19 11:27:09 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009-12-19 11:27:09 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009-12-19 11:27:09 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009-12-19 11:27:09 | 00,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2009-12-19 11:27:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009-12-19 11:27:09 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009-12-19 11:27:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009-12-19 11:27:07 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009-12-19 11:27:07 | 00,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2009-12-19 11:27:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009-12-19 11:27:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009-12-19 11:27:07 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009-12-19 11:27:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009-12-19 11:27:06 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2009-12-19 11:27:06 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009-12-19 11:27:06 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009-12-19 11:27:06 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2009-12-19 11:27:06 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009-12-19 11:27:05 | 04,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2009-12-19 11:27:05 | 01,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2009-12-19 11:27:05 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009-12-19 11:27:04 | 00,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009-12-19 11:27:04 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009-12-19 11:27:04 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009-12-19 11:27:04 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009-12-19 11:27:04 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009-12-19 11:27:03 | 00,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2009-12-19 11:27:03 | 00,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2009-12-19 11:27:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2009-12-19 11:27:03 | 00,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2009-12-19 11:27:03 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009-12-19 11:27:03 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009-12-19 11:27:02 | 02,986,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009-12-19 11:27:02 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2009-12-19 11:27:02 | 00,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2009-12-19 11:27:02 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009-12-19 11:27:02 | 00,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2009-12-19 11:27:02 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2009-12-19 11:27:02 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009-12-19 11:27:01 | 01,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2009-12-19 11:27:01 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009-12-19 11:27:01 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009-12-19 11:27:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-12-19 11:27:01 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009-12-19 11:27:00 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009-12-19 11:26:59 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009-12-19 11:26:59 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009-12-19 11:26:59 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009-12-19 11:26:59 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009-12-19 11:26:59 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009-12-19 11:26:58 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009-12-19 11:26:58 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009-12-19 11:26:58 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009-12-19 11:26:57 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009-12-19 11:26:57 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009-12-19 11:26:57 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009-12-19 11:26:57 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009-12-19 11:26:57 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009-12-19 11:26:57 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2009-12-19 11:26:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009-12-19 11:26:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009-12-19 11:22:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009-12-19 11:17:46 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009-12-19 11:16:05 | 00,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009-12-19 11:15:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009-12-19 11:15:27 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009-12-19 11:12:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-12-19 11:12:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009-12-19 10:49:43 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1hfm.exe
[2009-12-19 10:49:43 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$xpsp1hfm$
[2009-12-19 10:49:42 | 00,000,000 | ---D | C] -- C:\36f7efa4f25b3e2ca7f4e146eb0cff
[2009-12-19 09:53:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\UserData
[2009-12-19 09:45:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009-12-19 09:44:49 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-12-19 09:44:49 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-12-19 09:44:49 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-12-19 09:44:49 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-12-19 09:44:45 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-12-19 09:44:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-12-19 09:33:58 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009-12-19 09:33:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Identities
[2009-12-19 09:33:45 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009-12-19 09:33:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents\Mes images
[2009-12-19 09:33:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents\Ma musique
[2009-12-19 09:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\Microsoft
[2009-12-19 09:33:38 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Marco\Application Data\Microsoft
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\SendTo
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\Recent
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\Application Data
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Menu Démarrer
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Favoris
[2009-12-19 09:33:38 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\Cookies
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Voisinage réseau
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Voisinage d'impression
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Modèles
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Local Settings
[2009-12-19 09:33:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Bureau
[2009-12-19 09:32:41 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009-12-19 09:32:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009-12-19 09:31:08 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009-12-19 09:31:08 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009-12-19 09:31:08 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009-12-19 09:31:07 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009-12-19 09:31:06 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009-12-19 09:31:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009-12-19 09:31:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009-12-19 09:31:03 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009-12-19 09:31:03 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009-12-19 09:31:03 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009-12-19 09:31:02 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009-12-19 09:31:02 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009-12-19 09:31:00 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009-12-19 09:31:00 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009-12-19 09:30:59 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009-12-19 09:30:57 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009-12-19 09:30:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009-12-19 09:30:56 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009-12-19 09:30:56 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009-12-19 09:30:56 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009-12-19 09:30:55 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009-12-19 09:30:55 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009-12-19 09:30:54 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009-12-19 09:30:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009-12-19 09:30:51 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009-12-19 09:30:49 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009-12-19 09:30:49 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009-12-19 09:30:48 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009-12-19 09:30:46 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2009-12-19 09:30:46 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009-12-19 09:30:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009-12-19 09:30:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009-12-19 09:30:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009-12-19 09:30:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009-12-19 09:30:44 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009-12-19 09:30:44 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009-12-19 09:30:44 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009-12-19 09:30:44 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009-12-19 09:30:44 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009-12-19 09:30:43 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009-12-19 09:30:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009-12-19 09:30:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009-12-19 09:30:42 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009-12-19 09:30:42 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009-12-19 09:30:38 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009-12-19 09:30:38 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009-12-19 09:30:37 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009-12-19 09:30:36 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009-12-19 09:30:35 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009-12-19 09:30:35 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009-12-19 09:30:33 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009-12-19 09:30:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009-12-19 09:30:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009-12-19 09:30:30 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009-12-19 09:30:30 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009-12-19 09:30:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009-12-19 09:30:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009-12-19 09:30:28 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009-12-19 09:30:27 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009-12-19 09:30:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009-12-19 09:30:26 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009-12-19 09:30:26 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009-12-19 09:30:26 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009-12-19 09:30:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009-12-19 09:30:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009-12-19 09:30:23 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009-12-19 09:30:23 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009-12-19 09:30:23 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009-12-19 09:30:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009-12-19 09:30:23 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009-12-19 09:30:20 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009-12-19 09:30:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009-12-19 09:30:16 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009-12-19 09:30:16 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2009-12-19 09:30:10 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009-12-19 09:30:10 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009-12-19 09:30:04 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009-12-19 09:30:03 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009-12-19 09:30:03 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009-12-19 09:30:02 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009-12-19 09:30:00 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009-12-19 09:29:58 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009-12-19 09:29:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009-12-19 09:29:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009-12-19 09:29:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009-12-19 09:29:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009-12-19 09:29:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009-12-19 09:29:55 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009-12-19 09:29:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009-12-19 09:29:55 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009-12-19 09:29:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009-12-19 09:29:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009-12-19 09:29:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009-12-19 09:29:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009-12-19 09:29:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009-12-19 09:29:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009-12-19 09:29:51 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009-12-19 09:29:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009-12-19 09:29:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009-12-19 09:29:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009-12-19 09:29:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009-12-19 09:29:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009-12-19 09:29:47 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009-12-19 09:29:47 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009-12-19 09:29:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009-12-19 09:29:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009-12-19 09:29:45 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009-12-19 09:29:44 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009-12-19 09:29:43 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009-12-19 09:29:43 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009-12-19 09:29:43 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009-12-19 09:29:43 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009-12-19 09:29:42 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009-12-19 09:29:42 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009-12-19 09:29:42 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009-12-19 09:29:42 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009-12-19 09:29:41 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009-12-19 09:29:41 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009-12-19 09:29:41 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009-12-19 09:29:41 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009-12-19 09:29:40 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009-12-19 09:29:40 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009-12-19 09:29:40 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009-12-19 09:29:39 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009-12-19 09:29:39 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009-12-19 09:29:39 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009-12-19 09:29:39 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009-12-19 09:29:39 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009-12-19 09:29:39 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009-12-19 09:29:38 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009-12-19 09:29:38 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009-12-19 09:29:37 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009-12-19 09:29:37 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009-12-19 09:29:37 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009-12-19 09:29:30 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009-12-19 09:29:21 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009-12-19 09:29:19 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009-12-19 09:29:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009-12-19 09:29:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009-12-19 09:29:14 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009-12-19 09:29:14 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009-12-19 09:29:13 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009-12-19 09:29:12 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009-12-19 09:29:11 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009-12-19 09:29:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
OTL logfile created on: 2010-01-06 19:11:20 - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd
511,00 Mb Total Physical Memory | 407,00 Mb Available Physical Memory | 80,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,64 Gb Total Space | 5,40 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 12,17 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ORDIMAISON
Current User Name: Marco
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Marco\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\devldr32.exe (Creative Technology Ltd.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Marco\Bureau\OTL.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
========== Driver Services (SafeList) ==========
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntmgr) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntmgr.sys (Avira GmbH)
DRV - (avgntdd) -- C:\WINDOWS\system32\drivers\avgntdd.sys (Avira GmbH)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (sisagp) -- C:\WINDOWS\System32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (nv4) -- C:\WINDOWS\system32\drivers\nv4.sys (NVIDIA Corporation)
DRV - (SiS7018) Service pour le pilote d'échantillonnage AC'97 (WDM) -- C:\WINDOWS\system32\drivers\ac97sis.sys (Silicon Integrated Systems Corp.)
DRV - (sfman) Pilote du Gestionnaire SoundFont Creative (WDM) -- C:\WINDOWS\system32\drivers\sfmanm.sys (Creative Technology Ltd.)
DRV - (emu10k1) Pilote du Gestionnaire d'interface Creative (WDM) -- C:\WINDOWS\system32\drivers\ctlfacem.sys (Creative Technology Ltd.)
DRV - (emu10k) Creative SB Live! (WDM) -- C:\WINDOWS\system32\drivers\emu10k1m.sys (Creative Technology Ltd.)
DRV - (ctljystk) -- C:\WINDOWS\system32\drivers\ctljystk.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.200.241.37 24.201.245.77 24.200.243.189
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-12-19 09:27:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010-01-06 19:09:43 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTL.exe
[2010-01-06 17:02:28 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-01-06 17:02:23 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-01-06 17:02:22 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-06 16:46:58 | 00,410,624 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\TFC.exe
[2010-01-05 18:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\clp
[2010-01-05 17:53:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Fighters
[2010-01-05 17:53:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\PackageAware
[2010-01-05 17:01:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Malwarebytes
[2010-01-05 17:01:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-01-04 19:31:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010-01-04 19:30:29 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2010-01-04 19:30:29 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-01-03 07:33:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010-01-02 17:57:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Estsoft
[2010-01-02 17:55:53 | 00,000,000 | ---D | C] -- C:\Program Files\ESTsoft
[2010-01-02 17:55:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\ESTsoft
[2010-01-02 16:18:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010-01-02 16:18:12 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Designer
[2010-01-02 16:17:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\ShellNew
[2010-01-02 16:15:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Microsoft Web Folders
[2010-01-02 16:15:53 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2009-12-29 12:42:12 | 00,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 5
[2009-12-28 22:10:44 | 00,356,928 | ---- | C] (SkyLine Inc.) -- C:\WINDOWS\System\SKY16V3C.DLL
[2009-12-28 22:10:32 | 00,000,000 | ---D | C] -- C:\PT
[2009-12-28 22:09:55 | 00,248,064 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\UNINST16.EXE
[2009-12-28 22:09:55 | 00,026,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\CTL3D.DLL
[2009-12-28 22:09:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\WINDOWS
[2009-12-28 21:55:10 | 00,000,000 | ---D | C] -- C:\Program Files\Guitar Pro 3
[2009-12-28 09:22:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2009-12-25 09:50:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\G2Runner
[2009-12-24 11:16:40 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009-12-23 10:12:38 | 00,000,000 | ---D | C] -- C:\Nexon
[2009-12-23 09:36:38 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009-12-23 09:12:10 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\IECompatCache
[2009-12-22 20:32:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2009-12-22 19:07:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2009-12-22 18:46:34 | 91,696,8641 | ---- | C] (Nexon) -- C:\Documents and Settings\Marco\Mes documents\CombatArmsSetupV33.exe
[2009-12-22 18:46:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\PMB Files
[2009-12-22 18:45:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2009-12-22 18:45:36 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2009-12-21 05:37:16 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009-12-20 11:36:48 | 00,000,000 | ---D | C] -- C:\Program Files\Eidos Interactive
[2009-12-19 17:04:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Adobe
[2009-12-19 17:00:48 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\PrivacIE
[2009-12-19 16:58:54 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\IETldCache
[2009-12-19 16:56:33 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009-12-19 16:56:33 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009-12-19 16:56:33 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009-12-19 16:56:32 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009-12-19 16:56:26 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009-12-19 16:55:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009-12-19 16:54:22 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009-12-19 16:32:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Macromedia
[2009-12-19 15:36:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Mes documents\EA Games
[2009-12-19 15:01:18 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2009-12-19 14:59:25 | 00,205,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2009-12-19 14:59:18 | 00,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009-12-19 14:52:47 | 00,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2009-12-19 14:52:47 | 00,018,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2009-12-19 14:21:05 | 00,000,000 | ---D | C] -- C:\Program Files\EA Games
[2009-12-19 14:21:04 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009-12-19 14:20:43 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2009-12-19 14:05:11 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Tracing
[2009-12-19 14:03:04 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009-12-19 14:02:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2009-12-19 14:02:34 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009-12-19 13:59:42 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Windows Live
[2009-12-19 13:58:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Contacts
[2009-12-19 13:57:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Mes documents\Mes fichiers reçus
[2009-12-19 13:57:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009-12-19 13:55:38 | 00,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009-12-19 13:54:43 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009-12-19 13:54:06 | 00,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs\WindowsLiveInstaller
[2009-12-19 13:53:54 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009-12-19 13:53:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WLInstaller
[2009-12-19 13:52:13 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009-12-19 13:52:11 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009-12-19 13:52:08 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009-12-19 13:51:53 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009-12-19 13:51:24 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009-12-19 13:51:21 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009-12-19 13:51:20 | 02,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009-12-19 13:51:17 | 00,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2009-12-19 13:50:57 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009-12-19 13:50:55 | 01,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2009-12-19 13:45:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009-12-19 13:45:52 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009-12-19 13:43:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009-12-19 13:36:32 | 01,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009-12-19 13:36:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2009-12-19 13:36:32 | 00,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2009-12-19 13:36:29 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2009-12-19 13:36:28 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2009-12-19 13:36:28 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2009-12-19 13:36:28 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll
[2009-12-19 13:36:27 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009-12-19 13:36:26 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll
[2009-12-19 13:36:26 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009-12-19 13:36:25 | 04,874,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.dll
[2009-12-19 13:36:25 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2009-12-19 13:36:24 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2009-12-19 13:36:24 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2009-12-19 13:36:23 | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2009-12-19 13:36:21 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2009-12-19 13:36:21 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2009-12-19 13:36:20 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009-12-19 13:36:20 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2009-12-19 13:36:20 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009-12-19 13:36:20 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2009-12-19 13:36:19 | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2009-12-19 13:36:10 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2009-12-19 13:36:03 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009-12-19 13:36:02 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009-12-19 13:36:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009-12-19 13:36:01 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009-12-19 13:36:01 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009-12-19 13:36:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009-12-19 13:36:01 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009-12-19 13:36:01 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009-12-19 13:36:01 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009-12-19 13:36:00 | 00,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009-12-19 13:36:00 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009-12-19 13:36:00 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009-12-19 13:36:00 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009-12-19 13:36:00 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009-12-19 13:36:00 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009-12-19 13:36:00 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009-12-19 13:36:00 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009-12-19 13:35:59 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009-12-19 13:35:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009-12-19 13:35:56 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009-12-19 13:35:56 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009-12-19 13:35:55 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009-12-19 13:35:55 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009-12-19 13:35:55 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009-12-19 13:35:55 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009-12-19 13:35:55 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009-12-19 13:35:55 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009-12-19 13:35:54 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009-12-19 13:35:54 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009-12-19 13:35:54 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009-12-19 13:35:53 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009-12-19 13:35:52 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009-12-19 13:35:52 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009-12-19 13:35:52 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009-12-19 13:35:52 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009-12-19 13:35:51 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009-12-19 13:35:51 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009-12-19 13:35:51 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009-12-19 13:35:49 | 00,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2009-12-19 13:35:49 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009-12-19 13:35:49 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2009-12-19 13:35:48 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009-12-19 13:35:48 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009-12-19 13:35:48 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009-12-19 13:35:48 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009-12-19 13:35:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2009-12-19 13:35:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2009-12-19 13:35:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009-12-19 13:35:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009-12-19 13:31:01 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009-12-19 13:30:35 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2009-12-19 13:30:35 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2009-12-19 13:30:35 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2009-12-19 13:30:34 | 00,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2009-12-19 13:30:34 | 00,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2009-12-19 13:30:34 | 00,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2009-12-19 13:30:34 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2009-12-19 13:30:33 | 00,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2009-12-19 13:30:30 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2009-12-19 13:30:29 | 00,848,922 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2009-12-19 13:30:29 | 00,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2009-12-19 13:30:29 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2009-12-19 13:30:29 | 00,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2009-12-19 13:30:29 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2009-12-19 13:30:29 | 00,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2009-12-19 13:30:29 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009-12-19 13:30:29 | 00,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logagent.exe
[2009-12-19 13:30:29 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009-12-19 13:30:29 | 00,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2009-12-19 13:30:28 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009-12-19 13:30:28 | 00,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2009-12-19 13:30:28 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2009-12-19 13:30:28 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009-12-19 13:30:28 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2009-12-19 13:30:28 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009-12-19 13:30:27 | 00,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009-12-19 13:30:26 | 00,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2009-12-19 13:30:26 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2009-12-19 13:30:26 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2009-12-19 13:30:25 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2009-12-19 13:30:25 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2009-12-19 13:30:24 | 02,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2009-12-19 13:30:24 | 01,053,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMNetmgr.dll
[2009-12-19 13:30:24 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2009-12-19 13:30:24 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2009-12-19 13:30:24 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009-12-19 13:30:24 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2009-12-19 13:30:24 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2009-12-19 13:30:24 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2009-12-19 13:30:23 | 02,174,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2009-12-19 13:30:23 | 00,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2009-12-19 13:30:23 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2009-12-19 13:30:23 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2009-12-19 13:30:23 | 00,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2009-12-19 13:30:23 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2009-12-19 13:30:23 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2009-12-19 13:27:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2009-12-19 13:27:55 | 00,144,384 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2009-12-19 13:25:36 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009-12-19 12:50:04 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009-12-19 12:49:26 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2009-12-19 12:48:37 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009-12-19 12:48:31 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009-12-19 11:27:31 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2009-12-19 11:27:31 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2009-12-19 11:27:31 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2009-12-19 11:27:31 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009-12-19 11:27:24 | 00,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2009-12-19 11:27:24 | 00,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2009-12-19 11:27:24 | 00,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2009-12-19 11:27:24 | 00,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2009-12-19 11:27:24 | 00,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2009-12-19 11:27:24 | 00,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2009-12-19 11:27:24 | 00,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2009-12-19 11:27:23 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2009-12-19 11:27:23 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2009-12-19 11:27:23 | 00,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2009-12-19 11:27:23 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2009-12-19 11:27:23 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2009-12-19 11:27:23 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2009-12-19 11:27:23 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2009-12-19 11:27:23 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2009-12-19 11:27:23 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2009-12-19 11:27:23 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2009-12-19 11:27:23 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2009-12-19 11:27:22 | 00,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2009-12-19 11:27:22 | 00,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2009-12-19 11:27:22 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2009-12-19 11:27:22 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2009-12-19 11:27:22 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2009-12-19 11:27:22 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2009-12-19 11:27:22 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2009-12-19 11:27:22 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2009-12-19 11:27:22 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2009-12-19 11:27:21 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2009-12-19 11:27:21 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2009-12-19 11:27:21 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2009-12-19 11:27:21 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2009-12-19 11:27:21 | 00,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2009-12-19 11:27:21 | 00,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2009-12-19 11:27:21 | 00,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2009-12-19 11:27:21 | 00,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2009-12-19 11:27:20 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2009-12-19 11:27:20 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009-12-19 11:27:20 | 00,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2009-12-19 11:27:19 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2009-12-19 11:27:19 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2009-12-19 11:27:19 | 00,011,868 | ---- | C] (Conexant) -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2009-12-19 11:27:18 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2009-12-19 11:27:18 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2009-12-19 11:27:18 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2009-12-19 11:27:18 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2009-12-19 11:27:18 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009-12-19 11:27:16 | 01,897,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2009-12-19 11:27:16 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2009-12-19 11:27:16 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009-12-19 11:27:16 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2009-12-19 11:27:15 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2009-12-19 11:27:15 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2009-12-19 11:27:15 | 00,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2009-12-19 11:27:14 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2009-12-19 11:27:14 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009-12-19 11:27:14 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009-12-19 11:27:14 | 00,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2009-12-19 11:27:14 | 00,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2009-12-19 11:27:14 | 00,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2009-12-19 11:27:14 | 00,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2009-12-19 11:27:14 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009-12-19 11:27:13 | 00,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009-12-19 11:27:13 | 00,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2009-12-19 11:27:13 | 00,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2009-12-19 11:27:13 | 00,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2009-12-19 11:27:13 | 00,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2009-12-19 11:27:13 | 00,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2009-12-19 11:27:13 | 00,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2009-12-19 11:27:12 | 01,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2009-12-19 11:27:12 | 00,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2009-12-19 11:27:12 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2009-12-19 11:27:12 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2009-12-19 11:27:12 | 00,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2009-12-19 11:27:12 | 00,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2009-12-19 11:27:12 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2009-12-19 11:27:12 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2009-12-19 11:27:12 | 00,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2009-12-19 11:27:12 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009-12-19 11:27:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009-12-19 11:27:11 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2009-12-19 11:27:11 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2009-12-19 11:27:11 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2009-12-19 11:27:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2009-12-19 11:27:10 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2009-12-19 11:27:10 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2009-12-19 11:27:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2009-12-19 11:27:09 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2009-12-19 11:27:09 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2009-12-19 11:27:09 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2009-12-19 11:27:09 | 00,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2009-12-19 11:27:09 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009-12-19 11:27:09 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2009-12-19 11:27:09 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2009-12-19 11:27:07 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2009-12-19 11:27:07 | 00,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2009-12-19 11:27:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2009-12-19 11:27:07 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2009-12-19 11:27:07 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2009-12-19 11:27:07 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2009-12-19 11:27:07 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2009-12-19 11:27:07 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2009-12-19 11:27:06 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2009-12-19 11:27:06 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2009-12-19 11:27:06 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2009-12-19 11:27:06 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2009-12-19 11:27:06 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2009-12-19 11:27:05 | 04,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2009-12-19 11:27:05 | 01,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2009-12-19 11:27:05 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2009-12-19 11:27:04 | 00,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2009-12-19 11:27:04 | 00,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2009-12-19 11:27:04 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2009-12-19 11:27:04 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2009-12-19 11:27:04 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2009-12-19 11:27:03 | 00,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2009-12-19 11:27:03 | 00,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2009-12-19 11:27:03 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2009-12-19 11:27:03 | 00,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2009-12-19 11:27:03 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2009-12-19 11:27:03 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2009-12-19 11:27:02 | 02,986,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2009-12-19 11:27:02 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2009-12-19 11:27:02 | 00,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2009-12-19 11:27:02 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009-12-19 11:27:02 | 00,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2009-12-19 11:27:02 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2009-12-19 11:27:02 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2009-12-19 11:27:01 | 01,647,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2009-12-19 11:27:01 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2009-12-19 11:27:01 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2009-12-19 11:27:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009-12-19 11:27:01 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2009-12-19 11:27:00 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2009-12-19 11:26:59 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2009-12-19 11:26:59 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2009-12-19 11:26:59 | 00,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2009-12-19 11:26:59 | 00,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2009-12-19 11:26:59 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2009-12-19 11:26:58 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009-12-19 11:26:58 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009-12-19 11:26:58 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2009-12-19 11:26:57 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009-12-19 11:26:57 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009-12-19 11:26:57 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2009-12-19 11:26:57 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009-12-19 11:26:57 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009-12-19 11:26:57 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2009-12-19 11:26:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2009-12-19 11:26:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2009-12-19 11:22:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2009-12-19 11:17:46 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2009-12-19 11:16:05 | 00,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009-12-19 11:15:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009-12-19 11:15:27 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009-12-19 11:12:25 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2009-12-19 11:12:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2009-12-19 10:49:43 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1hfm.exe
[2009-12-19 10:49:43 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$xpsp1hfm$
[2009-12-19 10:49:42 | 00,000,000 | ---D | C] -- C:\36f7efa4f25b3e2ca7f4e146eb0cff
[2009-12-19 09:53:52 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\UserData
[2009-12-19 09:45:35 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009-12-19 09:44:49 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2009-12-19 09:44:49 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2009-12-19 09:44:49 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2009-12-19 09:44:49 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2009-12-19 09:44:45 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009-12-19 09:44:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009-12-19 09:33:58 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009-12-19 09:33:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Application Data\Identities
[2009-12-19 09:33:45 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009-12-19 09:33:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents\Mes images
[2009-12-19 09:33:43 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents\Ma musique
[2009-12-19 09:33:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Local Settings\Application Data\Microsoft
[2009-12-19 09:33:38 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Marco\Application Data\Microsoft
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\SendTo
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\Recent
[2009-12-19 09:33:38 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Marco\Application Data
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Mes documents
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Menu Démarrer
[2009-12-19 09:33:38 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Marco\Favoris
[2009-12-19 09:33:38 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Marco\Cookies
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Voisinage réseau
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Voisinage d'impression
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Modèles
[2009-12-19 09:33:38 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\Marco\Local Settings
[2009-12-19 09:33:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Marco\Bureau
[2009-12-19 09:32:41 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009-12-19 09:32:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009-12-19 09:31:09 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009-12-19 09:31:08 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009-12-19 09:31:08 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009-12-19 09:31:08 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009-12-19 09:31:07 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009-12-19 09:31:06 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009-12-19 09:31:05 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009-12-19 09:31:04 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009-12-19 09:31:03 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009-12-19 09:31:03 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009-12-19 09:31:03 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009-12-19 09:31:02 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009-12-19 09:31:02 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009-12-19 09:31:00 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009-12-19 09:31:00 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009-12-19 09:30:59 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009-12-19 09:30:57 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009-12-19 09:30:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009-12-19 09:30:56 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009-12-19 09:30:56 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009-12-19 09:30:56 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009-12-19 09:30:55 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009-12-19 09:30:55 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009-12-19 09:30:54 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009-12-19 09:30:52 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009-12-19 09:30:51 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009-12-19 09:30:49 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009-12-19 09:30:49 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009-12-19 09:30:48 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009-12-19 09:30:46 | 00,441,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2009-12-19 09:30:46 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009-12-19 09:30:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009-12-19 09:30:45 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2009-12-19 09:30:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009-12-19 09:30:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009-12-19 09:30:44 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009-12-19 09:30:44 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009-12-19 09:30:44 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009-12-19 09:30:44 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009-12-19 09:30:44 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009-12-19 09:30:43 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009-12-19 09:30:43 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009-12-19 09:30:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009-12-19 09:30:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009-12-19 09:30:42 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009-12-19 09:30:42 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009-12-19 09:30:38 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2009-12-19 09:30:38 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009-12-19 09:30:37 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009-12-19 09:30:36 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2009-12-19 09:30:35 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009-12-19 09:30:35 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009-12-19 09:30:33 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009-12-19 09:30:32 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009-12-19 09:30:32 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009-12-19 09:30:30 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009-12-19 09:30:30 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009-12-19 09:30:30 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009-12-19 09:30:28 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009-12-19 09:30:28 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009-12-19 09:30:27 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009-12-19 09:30:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009-12-19 09:30:26 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009-12-19 09:30:26 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009-12-19 09:30:26 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009-12-19 09:30:25 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009-12-19 09:30:24 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009-12-19 09:30:23 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009-12-19 09:30:23 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009-12-19 09:30:23 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009-12-19 09:30:23 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009-12-19 09:30:23 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009-12-19 09:30:20 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009-12-19 09:30:18 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009-12-19 09:30:16 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009-12-19 09:30:16 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\muisetup.exe
[2009-12-19 09:30:10 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009-12-19 09:30:10 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009-12-19 09:30:04 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009-12-19 09:30:03 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009-12-19 09:30:03 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009-12-19 09:30:02 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009-12-19 09:30:00 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009-12-19 09:29:58 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009-12-19 09:29:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009-12-19 09:29:58 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009-12-19 09:29:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009-12-19 09:29:57 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009-12-19 09:29:57 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009-12-19 09:29:56 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009-12-19 09:29:55 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009-12-19 09:29:55 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009-12-19 09:29:55 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009-12-19 09:29:55 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009-12-19 09:29:54 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009-12-19 09:29:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009-12-19 09:29:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009-12-19 09:29:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009-12-19 09:29:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009-12-19 09:29:51 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009-12-19 09:29:51 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009-12-19 09:29:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009-12-19 09:29:49 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009-12-19 09:29:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009-12-19 09:29:49 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009-12-19 09:29:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009-12-19 09:29:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009-12-19 09:29:47 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009-12-19 09:29:47 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009-12-19 09:29:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009-12-19 09:29:46 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009-12-19 09:29:45 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009-12-19 09:29:44 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009-12-19 09:29:43 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009-12-19 09:29:43 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009-12-19 09:29:43 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009-12-19 09:29:43 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009-12-19 09:29:42 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009-12-19 09:29:42 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009-12-19 09:29:42 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009-12-19 09:29:42 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009-12-19 09:29:41 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009-12-19 09:29:41 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009-12-19 09:29:41 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009-12-19 09:29:41 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009-12-19 09:29:40 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009-12-19 09:29:40 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009-12-19 09:29:40 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009-12-19 09:29:39 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009-12-19 09:29:39 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009-12-19 09:29:39 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009-12-19 09:29:39 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009-12-19 09:29:39 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009-12-19 09:29:39 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009-12-19 09:29:38 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009-12-19 09:29:38 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009-12-19 09:29:37 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009-12-19 09:29:37 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009-12-19 09:29:37 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009-12-19 09:29:30 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009-12-19 09:29:21 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009-12-19 09:29:19 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009-12-19 09:29:16 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009-12-19 09:29:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009-12-19 09:29:14 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009-12-19 09:29:14 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009-12-19 09:29:13 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009-12-19 09:29:12 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009-12-19 09:29:11 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009-12-19 09:29:10 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 07 Jan 2010 02:31
OTL Partie 2 de 2 :
[2009-12-19 09:29:08 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009-12-19 09:29:08 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009-12-19 09:29:08 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009-12-19 09:29:08 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009-12-19 09:29:06 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009-12-19 09:29:01 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009-12-19 09:29:00 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009-12-19 09:29:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009-12-19 09:28:59 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009-12-19 09:28:59 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009-12-19 09:28:59 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009-12-19 09:28:56 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009-12-19 09:28:55 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009-12-19 09:28:55 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009-12-19 09:28:54 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009-12-19 09:28:54 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009-12-19 09:28:54 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009-12-19 09:28:53 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009-12-19 09:28:53 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009-12-19 09:28:52 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009-12-19 09:28:52 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009-12-19 09:28:52 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009-12-19 09:28:52 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009-12-19 09:28:51 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009-12-19 09:28:50 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009-12-19 09:28:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009-12-19 09:28:49 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009-12-19 09:28:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009-12-19 09:28:47 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009-12-19 09:28:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009-12-19 09:28:46 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009-12-19 09:28:46 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009-12-19 09:28:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009-12-19 09:28:43 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009-12-19 09:28:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009-12-19 09:28:39 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009-12-19 09:28:37 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009-12-19 09:28:37 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009-12-19 09:28:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009-12-19 09:28:29 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009-12-19 09:28:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009-12-19 09:28:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009-12-19 09:28:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009-12-19 09:28:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009-12-19 09:28:21 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009-12-19 09:27:16 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009-12-19 09:26:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009-12-19 09:26:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009-12-19 09:26:15 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2009-12-19 09:26:01 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009-12-19 09:26:01 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009-12-19 09:25:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009-12-19 09:25:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009-12-19 09:25:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009-12-19 09:25:14 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009-12-19 09:25:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009-12-19 09:25:09 | 00,331,839 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009-12-19 09:25:09 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009-12-19 09:25:09 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009-12-19 09:25:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009-12-19 09:24:52 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009-12-19 09:24:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009-12-19 09:24:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009-12-19 09:24:52 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009-12-19 09:24:52 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009-12-19 09:24:52 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009-12-19 09:24:50 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009-12-19 09:24:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009-12-19 09:24:50 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009-12-19 09:24:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009-12-19 09:24:42 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009-12-19 09:24:41 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009-12-19 09:24:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009-12-19 09:24:40 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009-12-19 09:24:40 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009-12-19 09:24:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009-12-19 09:24:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009-12-19 09:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009-12-19 09:24:39 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009-12-19 09:24:39 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009-12-19 09:24:39 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009-12-19 09:24:37 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009-12-19 09:24:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009-12-19 09:24:36 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009-12-19 09:24:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009-12-19 09:24:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009-12-19 09:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009-12-19 09:24:35 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009-12-19 09:24:35 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009-12-19 09:24:35 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009-12-19 09:24:35 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Services
[2009-12-19 09:24:34 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009-12-19 09:24:30 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009-12-19 09:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009-12-19 09:24:29 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009-12-19 09:24:29 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009-12-19 09:24:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009-12-19 09:24:29 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009-12-19 09:24:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009-12-19 09:24:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009-12-19 09:24:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009-12-19 09:24:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009-12-19 09:24:27 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009-12-19 09:24:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009-12-19 09:24:27 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009-12-19 09:24:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009-12-19 09:24:27 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009-12-19 09:24:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009-12-19 09:24:26 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MSSoap
[2009-12-19 09:24:22 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009-12-19 09:24:22 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\System
[2009-12-19 09:24:17 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009-12-19 09:24:15 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes images
[2009-12-19 09:24:15 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2009-12-19 09:23:11 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009-12-19 09:23:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009-12-19 09:22:58 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009-12-19 09:22:58 | 00,000,000 | ---D | C] -- C:\Program Files\Services en ligne
[2009-12-19 09:22:45 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009-12-19 09:22:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009-12-19 09:22:39 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009-12-19 09:22:39 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009-12-19 09:22:39 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009-12-19 09:22:39 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009-12-19 09:22:38 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009-12-19 09:22:38 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009-12-19 09:22:38 | 00,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009-12-19 09:22:38 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009-12-19 09:22:38 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009-12-19 09:22:38 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009-12-19 09:22:38 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009-12-19 09:22:38 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009-12-19 09:22:38 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009-12-19 09:22:38 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009-12-19 09:22:37 | 01,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009-12-19 09:22:37 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009-12-19 09:22:37 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009-12-19 09:22:37 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009-12-19 09:22:37 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009-12-19 09:22:37 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009-12-19 09:22:36 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009-12-19 09:22:36 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009-12-19 09:22:36 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009-12-19 09:22:36 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009-12-19 09:22:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009-12-19 09:22:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009-12-19 09:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009-12-19 09:22:27 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009-12-19 09:22:27 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009-12-19 09:22:27 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009-12-19 09:22:27 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009-12-19 09:22:27 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009-12-19 09:22:26 | 00,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2009-12-19 09:22:26 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009-12-19 09:22:26 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009-12-19 09:22:26 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009-12-19 09:22:26 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009-12-19 09:22:26 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009-12-19 09:22:26 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009-12-19 09:22:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009-12-19 09:22:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009-12-19 09:22:26 | 00,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2009-12-19 09:22:25 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009-12-19 09:22:25 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009-12-19 09:22:25 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009-12-19 09:22:24 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009-12-19 09:22:19 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009-12-19 09:22:19 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009-12-19 09:22:19 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009-12-19 09:22:18 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009-12-19 09:22:18 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009-12-19 09:22:18 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009-12-19 09:22:18 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009-12-19 09:22:18 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009-12-19 09:22:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009-12-19 09:22:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009-12-19 09:22:17 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009-12-19 09:22:17 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009-12-19 09:22:17 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009-12-19 09:22:17 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009-12-19 09:22:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009-12-19 09:22:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009-12-19 09:22:16 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009-12-19 09:22:16 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009-12-19 09:22:15 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009-12-19 09:22:15 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009-12-19 09:22:15 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009-12-19 09:22:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009-12-19 09:22:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009-12-19 09:22:15 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009-12-19 09:22:15 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009-12-19 09:22:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009-12-19 09:22:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009-12-19 09:22:15 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009-12-19 09:22:15 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009-12-19 09:22:15 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009-12-19 09:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009-12-19 09:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009-12-19 09:22:14 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009-12-19 09:22:14 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009-12-19 09:22:14 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009-12-19 09:22:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009-12-19 09:22:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009-12-19 09:22:14 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009-12-19 09:22:14 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009-12-19 09:22:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009-12-19 09:22:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009-12-19 09:22:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009-12-19 09:22:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009-12-19 09:22:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009-12-19 09:22:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009-12-19 09:22:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009-12-19 09:22:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009-12-19 09:22:14 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009-12-19 09:22:14 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009-12-19 09:22:14 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009-12-19 09:22:13 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009-12-19 09:22:13 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009-12-19 09:22:13 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009-12-19 09:22:13 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009-12-19 09:22:13 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009-12-19 09:22:13 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009-12-19 09:22:13 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009-12-19 09:22:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009-12-19 09:22:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009-12-19 09:22:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009-12-19 09:22:11 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009-12-19 09:22:11 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009-12-19 09:22:11 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009-12-19 09:22:11 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009-12-19 09:22:11 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009-12-19 09:22:11 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009-12-19 09:22:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009-12-19 09:22:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009-12-19 09:22:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009-12-19 09:22:10 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009-12-19 09:22:10 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009-12-19 09:22:10 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009-12-19 09:22:10 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009-12-19 09:22:10 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009-12-19 09:22:09 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009-12-19 09:22:09 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009-12-19 09:22:09 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009-12-19 09:22:04 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009-12-19 09:22:04 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009-12-19 09:22:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009-12-19 09:22:03 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009-12-19 09:22:03 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009-12-19 09:22:03 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009-12-19 09:22:02 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009-12-19 09:22:02 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009-12-19 09:22:02 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009-12-19 09:22:02 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009-12-19 09:22:02 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009-12-19 09:22:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009-12-19 09:22:02 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009-12-19 09:22:01 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009-12-19 09:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009-12-19 09:22:00 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009-12-19 09:21:59 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009-12-19 09:21:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009-12-19 09:21:59 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009-12-19 09:21:59 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009-12-19 04:03:55 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009-12-19 04:03:55 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009-12-19 04:03:55 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009-12-19 04:03:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009-12-19 03:12:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2009-12-19 03:12:25 | 01,738,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4.dll
[2009-12-19 03:12:25 | 00,731,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4.sys
[2009-12-19 03:12:18 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys
[2009-12-19 03:12:08 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\ac97sis.sys
[2009-12-19 03:12:05 | 00,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2009-12-19 03:12:01 | 00,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\sblfx.dll
[2009-12-19 03:12:01 | 00,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\emu10k1m.sys
[2009-12-19 03:12:01 | 00,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\devcon32.dll
[2009-12-19 03:12:01 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009-12-19 03:12:01 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009-12-19 03:12:01 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009-12-19 03:12:01 | 00,051,200 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\sfman32.dll
[2009-12-19 03:12:01 | 00,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\sfmanm.sys
[2009-12-19 03:12:01 | 00,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\devldr32.exe
[2009-12-19 03:12:01 | 00,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctlfacem.sys
[2009-12-19 03:12:01 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009-12-19 03:12:01 | 00,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\ctwdm32.dll
[2009-12-19 03:11:58 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2009-12-19 03:11:58 | 00,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctljystk.sys
[2009-12-19 03:11:50 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009-12-19 03:10:25 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2009-12-19 03:10:23 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009-12-19 03:10:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009-12-19 03:10:22 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009-12-19 03:10:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009-12-19 03:10:21 | 00,000,000 | R--D | C] -- C:\Program Files
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2009-12-19 03:10:18 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009-12-19 03:10:18 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009-12-19 03:10:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009-12-19 03:10:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009-12-19 03:10:18 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009-12-19 03:10:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009-12-19 03:10:14 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009-12-19 03:10:14 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009-12-19 03:10:14 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009-12-19 03:10:14 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009-12-19 03:10:14 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009-12-19 03:10:14 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009-12-19 03:10:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009-12-19 03:10:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009-12-19 03:10:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009-12-19 03:10:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009-12-19 03:10:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009-12-19 03:10:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009-12-19 03:10:11 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009-12-19 03:10:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009-12-19 03:10:08 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009-12-19 03:10:08 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009-12-19 03:10:08 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009-12-19 03:10:08 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009-12-19 03:10:08 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009-12-19 03:10:08 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009-12-19 03:10:08 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009-12-19 03:10:08 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009-12-19 03:10:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009-12-19 03:10:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009-12-19 03:10:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009-12-19 03:10:07 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009-12-19 03:10:07 | 00,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009-12-19 03:10:07 | 00,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009-12-19 03:10:07 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009-12-19 03:10:07 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009-12-19 03:10:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009-12-19 03:10:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009-12-19 03:10:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009-12-19 03:10:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009-12-19 03:10:07 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009-12-19 03:10:07 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009-12-19 03:10:07 | 00,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009-12-19 03:10:07 | 00,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009-12-19 03:10:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009-12-19 03:10:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009-12-19 03:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009-12-19 03:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009-12-19 03:10:07 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009-12-19 03:10:07 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009-12-19 03:10:07 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009-12-19 03:10:07 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009-12-19 03:10:07 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009-12-19 03:10:07 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009-12-19 03:10:06 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009-12-19 03:10:06 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009-12-19 03:10:06 | 00,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009-12-19 03:10:06 | 00,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009-12-19 03:10:06 | 00,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009-12-19 03:10:06 | 00,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009-12-19 03:10:06 | 00,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009-12-19 03:10:06 | 00,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009-12-19 03:10:06 | 00,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009-12-19 03:10:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009-12-19 03:10:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009-12-19 03:10:06 | 00,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009-12-19 03:10:06 | 00,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009-12-19 03:10:06 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009-12-19 03:10:06 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009-12-19 03:10:06 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009-12-19 03:10:06 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009-12-19 03:10:06 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009-12-19 03:10:06 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009-12-19 03:10:06 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009-12-19 03:10:06 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009-12-19 03:10:05 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009-12-19 03:10:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009-12-19 03:10:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009-12-19 03:09:56 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2009-12-19 03:09:56 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2009-12-19 03:09:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2009-12-19 03:09:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2009-12-19 03:09:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2009-12-19 03:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009-12-19 03:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009-12-19 03:09:38 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009-12-19 03:09:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2009-12-19 03:09:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings
========== Files - Modified Within 30 Days ==========
[2010-01-06 19:09:54 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTL.exe
[2010-01-06 17:02:31 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-01-06 16:57:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-06 16:57:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-06 16:57:10 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2010-01-06 16:56:13 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\Marco\NTUSER.DAT
[2010-01-06 16:56:13 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Marco\ntuser.ini
[2010-01-06 16:47:01 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\TFC.exe
[2010-01-06 16:44:32 | 00,037,888 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\Re.doc
[2010-01-05 18:45:59 | 03,733,976 | -H-- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\IconCache.db
[2010-01-05 18:44:07 | 00,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-05 18:44:01 | 00,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-01-04 19:31:30 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010-01-02 22:09:21 | 00,018,256 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010-01-02 18:14:49 | 00,000,811 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Raccourci vers Teilia.lnk
[2010-01-02 16:20:08 | 00,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-01-02 16:19:50 | 00,000,059 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010-01-02 16:19:05 | 00,000,615 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-02 16:18:47 | 00,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2009-12-30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-12-30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-12-29 12:44:08 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 5.lnk
[2009-12-28 21:55:19 | 00,001,465 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 3.lnk
[2009-12-23 10:17:44 | 00,001,497 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Combat Arms.lnk
[2009-12-22 19:05:54 | 91,696,8641 | ---- | M] (Nexon) -- C:\Documents and Settings\Marco\Mes documents\CombatArmsSetupV33.exe
[2009-12-22 18:45:07 | 01,601,224 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\CombatArmsDownloaderV33.exe
[2009-12-22 11:54:52 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-12-21 05:38:10 | 00,007,168 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-20 11:36:31 | 00,000,393 | ---- | M] () -- C:\Documents and Settings\Marco\Application Data\Gangsters2Setup.lnk
[2009-12-20 11:36:00 | 00,775,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-20 11:36:00 | 00,367,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009-12-20 11:36:00 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-12-20 11:36:00 | 00,048,820 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009-12-20 11:36:00 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-12-19 14:03:53 | 00,000,899 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\Mes dossiers de partage.lnk
[2009-12-19 13:44:48 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009-12-19 13:27:29 | 00,252,240 | RHS- | M] () -- C:\ntldr
[2009-12-19 11:28:56 | 00,000,212 | RHS- | M] () -- C:\boot.ini
[2009-12-19 11:17:16 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-12-19 09:48:19 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-19 09:33:54 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-12-19 09:32:15 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009-12-19 09:31:23 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-12-19 09:27:31 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-12-19 09:27:31 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-12-19 09:27:31 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-12-19 09:27:26 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-12-19 09:27:26 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-12-19 09:27:24 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009-12-19 09:27:16 | 00,004,207 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009-12-19 09:26:01 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-12-19 09:26:01 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-12-19 09:23:22 | 00,021,892 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-12-19 09:23:09 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009-12-19 03:16:23 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
========== Files Created - No Company Name ==========
[2010-01-06 17:02:31 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-01-06 16:44:31 | 00,037,888 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\Re.doc
[2010-01-05 17:40:09 | 02,647,152 | ---- | C] () -- C:\Documents and Settings\Marco\Application Data\install.txt
[2010-01-04 19:31:30 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010-01-02 18:14:49 | 00,000,811 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Raccourci vers Teilia.lnk
[2010-01-02 16:20:07 | 00,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-01-02 16:18:47 | 00,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2009-12-29 12:44:08 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 5.lnk
[2009-12-28 22:10:44 | 00,049,896 | ---- | C] () -- C:\WINDOWS\System\PGTEXT.TTF
[2009-12-28 22:10:44 | 00,047,252 | ---- | C] () -- C:\WINDOWS\System\PGMUS.TTF
[2009-12-28 21:55:19 | 00,001,465 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 3.lnk
[2009-12-22 19:16:16 | 00,001,497 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Combat Arms.lnk
[2009-12-22 18:44:58 | 01,601,224 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\CombatArmsDownloaderV33.exe
[2009-12-20 11:36:31 | 00,000,393 | ---- | C] () -- C:\Documents and Settings\Marco\Application Data\Gangsters2Setup.lnk
[2009-12-19 14:03:53 | 00,000,899 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\Mes dossiers de partage.lnk
[2009-12-19 13:36:27 | 00,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009-12-19 13:36:27 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009-12-19 13:36:27 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009-12-19 13:36:27 | 00,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009-12-19 13:36:27 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009-12-19 13:36:26 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009-12-19 13:36:26 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009-12-19 13:36:26 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009-12-19 13:36:26 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009-12-19 13:36:26 | 00,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009-12-19 13:36:26 | 00,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009-12-19 13:36:25 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009-12-19 13:36:25 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009-12-19 13:36:25 | 00,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009-12-19 13:36:24 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009-12-19 13:36:24 | 00,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009-12-19 13:36:24 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009-12-19 13:36:24 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009-12-19 13:36:24 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009-12-19 13:36:24 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009-12-19 13:36:24 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009-12-19 13:36:24 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009-12-19 13:36:24 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009-12-19 13:36:24 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009-12-19 13:36:24 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009-12-19 13:36:23 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009-12-19 13:36:23 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009-12-19 13:36:23 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009-12-19 13:36:23 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009-12-19 13:36:23 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009-12-19 13:36:23 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009-12-19 13:36:23 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009-12-19 13:36:23 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009-12-19 13:36:23 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009-12-19 13:36:23 | 00,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009-12-19 13:36:23 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009-12-19 13:36:23 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009-12-19 13:36:23 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009-12-19 13:36:23 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009-12-19 13:36:23 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009-12-19 13:36:22 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009-12-19 13:36:22 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009-12-19 13:36:22 | 00,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009-12-19 13:36:22 | 00,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009-12-19 13:36:22 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009-12-19 13:36:22 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009-12-19 13:36:22 | 00,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009-12-19 13:36:22 | 00,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009-12-19 13:36:22 | 00,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009-12-19 13:36:22 | 00,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009-12-19 13:36:22 | 00,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009-12-19 13:36:22 | 00,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009-12-19 13:36:22 | 00,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009-12-19 13:36:22 | 00,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009-12-19 13:36:22 | 00,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009-12-19 13:36:22 | 00,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009-12-19 13:36:22 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009-12-19 13:36:22 | 00,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009-12-19 13:36:22 | 00,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009-12-19 13:36:22 | 00,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009-12-19 13:36:22 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009-12-19 13:36:20 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009-12-19 13:36:20 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009-12-19 13:36:20 | 00,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009-12-19 13:36:20 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009-12-19 13:36:20 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009-12-19 13:36:20 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009-12-19 13:36:19 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009-12-19 13:36:19 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009-12-19 13:36:19 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009-12-19 13:36:19 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009-12-19 13:36:18 | 00,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009-12-19 13:36:18 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009-12-19 13:36:18 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009-12-19 13:36:18 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009-12-19 13:36:18 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009-12-19 13:36:18 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009-12-19 13:36:18 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009-12-19 13:36:18 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009-12-19 11:28:39 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009-12-19 11:27:31 | 00,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2009-12-19 11:27:31 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2009-12-19 11:27:31 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2009-12-19 11:27:21 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009-12-19 11:27:20 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009-12-19 11:27:18 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009-12-19 11:27:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009-12-19 11:27:06 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009-12-19 11:18:00 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-19 09:44:56 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-19 09:33:39 | 00,000,184 | -HS- | C] () -- C:\Documents and Settings\Marco\ntuser.ini
[2009-12-19 09:33:38 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\Marco\NTUSER.DAT
[2009-12-19 09:33:36 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009-12-19 09:32:15 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009-12-19 09:31:23 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-12-19 09:30:25 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009-12-19 09:29:59 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009-12-19 09:29:43 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009-12-19 09:29:41 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009-12-19 09:29:38 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009-12-19 09:29:25 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009-12-19 09:29:19 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009-12-19 09:28:54 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009-12-19 09:27:31 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-12-19 09:27:31 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009-12-19 09:27:31 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009-12-19 09:27:27 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-12-19 09:27:26 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-12-19 09:27:26 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-12-19 09:27:24 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009-12-19 09:26:01 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-12-19 09:26:01 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-12-19 09:25:31 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009-12-19 09:24:48 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009-12-19 09:24:48 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009-12-19 09:24:41 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009-12-19 09:23:22 | 00,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-12-19 09:22:20 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bulles de savon.bmp
[2009-12-19 09:22:20 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Vent de prairie.bmp
[2009-12-19 09:22:20 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Mur de Santa Fe.bmp
[2009-12-19 09:22:20 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Rivière Sumida.bmp
[2009-12-19 09:22:20 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Granit vert.bmp
[2009-12-19 09:22:20 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009-12-19 09:22:20 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Jour de pêche.bmp
[2009-12-19 09:22:20 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Tasse à café.bmp
[2009-12-19 09:22:20 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Plume.bmp
[2009-12-19 09:22:20 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009-12-19 09:22:20 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Rosace bleue 16.bmp
[2009-12-19 09:22:19 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009-12-19 09:22:19 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009-12-19 09:22:19 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009-12-19 09:22:19 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009-12-19 09:22:19 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009-12-19 09:22:19 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009-12-19 09:22:19 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009-12-19 09:22:18 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009-12-19 09:22:15 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009-12-19 09:22:15 | 00,001,263 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009-12-19 09:22:12 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009-12-19 09:21:59 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009-12-19 04:08:47 | 00,000,212 | RHS- | C] () -- C:\boot.ini
[2009-12-19 04:08:45 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-12-19 03:12:00 | 02,104,298 | ---- | C] () -- C:\WINDOWS\System32\drivers\2gmgsmt.sf2
[2009-12-19 03:10:31 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-12-19 03:10:22 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009-12-19 03:10:22 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009-12-19 03:10:22 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009-12-19 03:10:22 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009-12-19 03:10:18 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009-12-19 03:10:18 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009-12-19 03:10:18 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009-12-19 03:10:14 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009-12-19 03:10:14 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009-12-19 03:10:13 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009-12-19 03:10:13 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009-12-19 03:10:13 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009-12-19 03:10:11 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009-12-19 03:10:09 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009-12-19 03:10:05 | 00,001,896 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009-12-19 03:09:54 | 00,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009-12-19 03:09:54 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009-12-19 03:09:54 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009-12-19 03:09:54 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009-12-19 03:09:54 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009-12-19 03:09:54 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009-12-19 03:09:23 | 00,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005-08-12 16:57:09 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[1999-01-22 14:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== Custom Scans ==========
< %SYSTEMDRIVE%\cdrom.sys /s /md5 >
[2004-08-03 22:59:54 | 00,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2008-04-13 11:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 11:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004-08-03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-13 11:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 11:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< %SYSTEMDRIVE%\ACPI.sys /s /md5 >
[2004-08-04 00:36:58 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=0BD94FBFC14EA3606CD6CA4C0255BAA3 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
[2008-04-13 18:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008-04-13 18:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\system32\drivers\acpi.sys
< %SYSTEMDRIVE%\*.exe >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2004-08-03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2008-04-13 11:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 11:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< End of report >
[2009-12-19 09:29:08 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009-12-19 09:29:08 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009-12-19 09:29:08 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009-12-19 09:29:08 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009-12-19 09:29:06 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009-12-19 09:29:01 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009-12-19 09:29:00 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009-12-19 09:29:00 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009-12-19 09:28:59 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009-12-19 09:28:59 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009-12-19 09:28:59 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009-12-19 09:28:56 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009-12-19 09:28:55 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009-12-19 09:28:55 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009-12-19 09:28:54 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009-12-19 09:28:54 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009-12-19 09:28:54 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009-12-19 09:28:53 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009-12-19 09:28:53 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009-12-19 09:28:52 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009-12-19 09:28:52 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009-12-19 09:28:52 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009-12-19 09:28:52 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009-12-19 09:28:51 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009-12-19 09:28:50 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009-12-19 09:28:50 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009-12-19 09:28:49 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009-12-19 09:28:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009-12-19 09:28:47 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009-12-19 09:28:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009-12-19 09:28:46 | 00,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2009-12-19 09:28:46 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009-12-19 09:28:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009-12-19 09:28:43 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009-12-19 09:28:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009-12-19 09:28:39 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009-12-19 09:28:37 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2009-12-19 09:28:37 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2009-12-19 09:28:30 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009-12-19 09:28:29 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009-12-19 09:28:29 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009-12-19 09:28:28 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009-12-19 09:28:28 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009-12-19 09:28:27 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009-12-19 09:28:21 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009-12-19 09:28:12 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009-12-19 09:27:16 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009-12-19 09:26:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009-12-19 09:26:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009-12-19 09:26:15 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2009-12-19 09:26:01 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009-12-19 09:26:01 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009-12-19 09:25:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009-12-19 09:25:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009-12-19 09:25:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009-12-19 09:25:14 | 00,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2009-12-19 09:25:10 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009-12-19 09:25:09 | 00,331,839 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2009-12-19 09:25:09 | 00,163,906 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2009-12-19 09:25:09 | 00,110,657 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2009-12-19 09:25:09 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009-12-19 09:24:52 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009-12-19 09:24:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009-12-19 09:24:52 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009-12-19 09:24:52 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009-12-19 09:24:52 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009-12-19 09:24:52 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009-12-19 09:24:50 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009-12-19 09:24:50 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009-12-19 09:24:50 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009-12-19 09:24:49 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009-12-19 09:24:42 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009-12-19 09:24:41 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009-12-19 09:24:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009-12-19 09:24:40 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009-12-19 09:24:40 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009-12-19 09:24:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009-12-19 09:24:40 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009-12-19 09:24:40 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009-12-19 09:24:39 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009-12-19 09:24:39 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009-12-19 09:24:39 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009-12-19 09:24:37 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009-12-19 09:24:36 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009-12-19 09:24:36 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009-12-19 09:24:36 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009-12-19 09:24:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2009-12-19 09:24:36 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009-12-19 09:24:35 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009-12-19 09:24:35 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009-12-19 09:24:35 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009-12-19 09:24:35 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Services
[2009-12-19 09:24:34 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009-12-19 09:24:30 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009-12-19 09:24:30 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009-12-19 09:24:29 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009-12-19 09:24:29 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009-12-19 09:24:29 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009-12-19 09:24:29 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009-12-19 09:24:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009-12-19 09:24:29 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009-12-19 09:24:29 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009-12-19 09:24:28 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009-12-19 09:24:27 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009-12-19 09:24:27 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009-12-19 09:24:27 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009-12-19 09:24:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009-12-19 09:24:27 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009-12-19 09:24:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009-12-19 09:24:26 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MSSoap
[2009-12-19 09:24:22 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009-12-19 09:24:22 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\System
[2009-12-19 09:24:17 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009-12-19 09:24:15 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes images
[2009-12-19 09:24:15 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2009-12-19 09:23:11 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009-12-19 09:23:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009-12-19 09:22:58 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009-12-19 09:22:58 | 00,000,000 | ---D | C] -- C:\Program Files\Services en ligne
[2009-12-19 09:22:45 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009-12-19 09:22:40 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009-12-19 09:22:39 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009-12-19 09:22:39 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009-12-19 09:22:39 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009-12-19 09:22:39 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009-12-19 09:22:38 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009-12-19 09:22:38 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009-12-19 09:22:38 | 00,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009-12-19 09:22:38 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009-12-19 09:22:38 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009-12-19 09:22:38 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009-12-19 09:22:38 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009-12-19 09:22:38 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009-12-19 09:22:38 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009-12-19 09:22:38 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009-12-19 09:22:37 | 01,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009-12-19 09:22:37 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009-12-19 09:22:37 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009-12-19 09:22:37 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009-12-19 09:22:37 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009-12-19 09:22:37 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009-12-19 09:22:36 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009-12-19 09:22:36 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009-12-19 09:22:36 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009-12-19 09:22:36 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009-12-19 09:22:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009-12-19 09:22:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009-12-19 09:22:36 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009-12-19 09:22:27 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009-12-19 09:22:27 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009-12-19 09:22:27 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009-12-19 09:22:27 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009-12-19 09:22:27 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009-12-19 09:22:26 | 00,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2009-12-19 09:22:26 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009-12-19 09:22:26 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009-12-19 09:22:26 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009-12-19 09:22:26 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009-12-19 09:22:26 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009-12-19 09:22:26 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009-12-19 09:22:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009-12-19 09:22:26 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009-12-19 09:22:26 | 00,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2009-12-19 09:22:25 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009-12-19 09:22:25 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009-12-19 09:22:25 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009-12-19 09:22:24 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009-12-19 09:22:19 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009-12-19 09:22:19 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009-12-19 09:22:19 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009-12-19 09:22:18 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009-12-19 09:22:18 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009-12-19 09:22:18 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009-12-19 09:22:18 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009-12-19 09:22:18 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009-12-19 09:22:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009-12-19 09:22:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009-12-19 09:22:17 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009-12-19 09:22:17 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009-12-19 09:22:17 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009-12-19 09:22:17 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009-12-19 09:22:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009-12-19 09:22:17 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009-12-19 09:22:16 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009-12-19 09:22:16 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009-12-19 09:22:15 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009-12-19 09:22:15 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009-12-19 09:22:15 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2009-12-19 09:22:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009-12-19 09:22:15 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009-12-19 09:22:15 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009-12-19 09:22:15 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009-12-19 09:22:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009-12-19 09:22:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009-12-19 09:22:15 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009-12-19 09:22:15 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009-12-19 09:22:15 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009-12-19 09:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009-12-19 09:22:15 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009-12-19 09:22:14 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009-12-19 09:22:14 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009-12-19 09:22:14 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009-12-19 09:22:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009-12-19 09:22:14 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009-12-19 09:22:14 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009-12-19 09:22:14 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009-12-19 09:22:14 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009-12-19 09:22:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009-12-19 09:22:14 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009-12-19 09:22:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009-12-19 09:22:14 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009-12-19 09:22:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009-12-19 09:22:14 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009-12-19 09:22:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009-12-19 09:22:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009-12-19 09:22:14 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009-12-19 09:22:14 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009-12-19 09:22:14 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009-12-19 09:22:13 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009-12-19 09:22:13 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009-12-19 09:22:13 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009-12-19 09:22:13 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009-12-19 09:22:13 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009-12-19 09:22:13 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009-12-19 09:22:13 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009-12-19 09:22:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009-12-19 09:22:12 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009-12-19 09:22:12 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009-12-19 09:22:11 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009-12-19 09:22:11 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009-12-19 09:22:11 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009-12-19 09:22:11 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009-12-19 09:22:11 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009-12-19 09:22:11 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009-12-19 09:22:11 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009-12-19 09:22:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009-12-19 09:22:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009-12-19 09:22:10 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009-12-19 09:22:10 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009-12-19 09:22:10 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009-12-19 09:22:10 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009-12-19 09:22:10 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009-12-19 09:22:09 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009-12-19 09:22:09 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009-12-19 09:22:09 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009-12-19 09:22:04 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009-12-19 09:22:04 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009-12-19 09:22:04 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009-12-19 09:22:03 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009-12-19 09:22:03 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009-12-19 09:22:03 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009-12-19 09:22:02 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009-12-19 09:22:02 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009-12-19 09:22:02 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009-12-19 09:22:02 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009-12-19 09:22:02 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009-12-19 09:22:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009-12-19 09:22:02 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009-12-19 09:22:01 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009-12-19 09:22:00 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009-12-19 09:22:00 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009-12-19 09:21:59 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009-12-19 09:21:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009-12-19 09:21:59 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009-12-19 09:21:59 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009-12-19 04:03:55 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009-12-19 04:03:55 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009-12-19 04:03:55 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009-12-19 04:03:55 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009-12-19 04:03:55 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009-12-19 03:12:55 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2009-12-19 03:12:25 | 01,738,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4.dll
[2009-12-19 03:12:25 | 00,731,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4.sys
[2009-12-19 03:12:18 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys
[2009-12-19 03:12:08 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\ac97sis.sys
[2009-12-19 03:12:05 | 00,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2009-12-19 03:12:01 | 00,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\sblfx.dll
[2009-12-19 03:12:01 | 00,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\emu10k1m.sys
[2009-12-19 03:12:01 | 00,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\devcon32.dll
[2009-12-19 03:12:01 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009-12-19 03:12:01 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009-12-19 03:12:01 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009-12-19 03:12:01 | 00,051,200 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\sfman32.dll
[2009-12-19 03:12:01 | 00,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\sfmanm.sys
[2009-12-19 03:12:01 | 00,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\devldr32.exe
[2009-12-19 03:12:01 | 00,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctlfacem.sys
[2009-12-19 03:12:01 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009-12-19 03:12:01 | 00,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\ctwdm32.dll
[2009-12-19 03:11:58 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2009-12-19 03:11:58 | 00,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctljystk.sys
[2009-12-19 03:11:50 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009-12-19 03:10:25 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2009-12-19 03:10:23 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009-12-19 03:10:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009-12-19 03:10:22 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009-12-19 03:10:21 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009-12-19 03:10:21 | 00,000,000 | R--D | C] -- C:\Program Files
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2009-12-19 03:10:21 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2009-12-19 03:10:18 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009-12-19 03:10:18 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009-12-19 03:10:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009-12-19 03:10:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009-12-19 03:10:18 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009-12-19 03:10:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009-12-19 03:10:16 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009-12-19 03:10:16 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009-12-19 03:10:14 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009-12-19 03:10:14 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009-12-19 03:10:14 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009-12-19 03:10:14 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009-12-19 03:10:14 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009-12-19 03:10:14 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009-12-19 03:10:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009-12-19 03:10:14 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009-12-19 03:10:14 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009-12-19 03:10:14 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009-12-19 03:10:13 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009-12-19 03:10:13 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009-12-19 03:10:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009-12-19 03:10:13 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009-12-19 03:10:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009-12-19 03:10:13 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009-12-19 03:10:11 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009-12-19 03:10:11 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009-12-19 03:10:11 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009-12-19 03:10:11 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009-12-19 03:10:11 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009-12-19 03:10:11 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009-12-19 03:10:08 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009-12-19 03:10:08 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009-12-19 03:10:08 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009-12-19 03:10:08 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009-12-19 03:10:08 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009-12-19 03:10:08 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009-12-19 03:10:08 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009-12-19 03:10:08 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009-12-19 03:10:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009-12-19 03:10:08 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009-12-19 03:10:08 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009-12-19 03:10:07 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2009-12-19 03:10:07 | 00,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2009-12-19 03:10:07 | 00,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009-12-19 03:10:07 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2009-12-19 03:10:07 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009-12-19 03:10:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2009-12-19 03:10:07 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009-12-19 03:10:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2009-12-19 03:10:07 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009-12-19 03:10:07 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2009-12-19 03:10:07 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009-12-19 03:10:07 | 00,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2009-12-19 03:10:07 | 00,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009-12-19 03:10:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2009-12-19 03:10:07 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009-12-19 03:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2009-12-19 03:10:07 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009-12-19 03:10:07 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2009-12-19 03:10:07 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009-12-19 03:10:07 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2009-12-19 03:10:07 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009-12-19 03:10:07 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2009-12-19 03:10:07 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009-12-19 03:10:06 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2009-12-19 03:10:06 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009-12-19 03:10:06 | 00,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2009-12-19 03:10:06 | 00,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009-12-19 03:10:06 | 00,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2009-12-19 03:10:06 | 00,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2009-12-19 03:10:06 | 00,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009-12-19 03:10:06 | 00,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2009-12-19 03:10:06 | 00,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009-12-19 03:10:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2009-12-19 03:10:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009-12-19 03:10:06 | 00,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2009-12-19 03:10:06 | 00,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009-12-19 03:10:06 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2009-12-19 03:10:06 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009-12-19 03:10:06 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2009-12-19 03:10:06 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009-12-19 03:10:06 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2009-12-19 03:10:06 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009-12-19 03:10:06 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2009-12-19 03:10:06 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009-12-19 03:10:05 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009-12-19 03:10:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009-12-19 03:10:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009-12-19 03:09:56 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2009-12-19 03:09:56 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2009-12-19 03:09:56 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2009-12-19 03:09:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2009-12-19 03:09:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2009-12-19 03:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009-12-19 03:09:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009-12-19 03:09:38 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009-12-19 03:09:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data
[2009-12-19 03:09:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings
========== Files - Modified Within 30 Days ==========
[2010-01-06 19:09:54 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\OTL.exe
[2010-01-06 17:02:31 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-01-06 16:57:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-01-06 16:57:12 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-01-06 16:57:10 | 53,639,9872 | -HS- | M] () -- C:\hiberfil.sys
[2010-01-06 16:56:13 | 01,572,864 | -H-- | M] () -- C:\Documents and Settings\Marco\NTUSER.DAT
[2010-01-06 16:56:13 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\Marco\ntuser.ini
[2010-01-06 16:47:01 | 00,410,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marco\Bureau\TFC.exe
[2010-01-06 16:44:32 | 00,037,888 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\Re.doc
[2010-01-05 18:45:59 | 03,733,976 | -H-- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\IconCache.db
[2010-01-05 18:44:07 | 00,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-01-05 18:44:01 | 00,112,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-01-04 19:31:30 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010-01-02 22:09:21 | 00,018,256 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010-01-02 18:14:49 | 00,000,811 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Raccourci vers Teilia.lnk
[2010-01-02 16:20:08 | 00,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-01-02 16:19:50 | 00,000,059 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010-01-02 16:19:05 | 00,000,615 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-01-02 16:18:47 | 00,001,735 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2009-12-30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009-12-30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009-12-29 12:44:08 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 5.lnk
[2009-12-28 21:55:19 | 00,001,465 | ---- | M] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 3.lnk
[2009-12-23 10:17:44 | 00,001,497 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Combat Arms.lnk
[2009-12-22 19:05:54 | 91,696,8641 | ---- | M] (Nexon) -- C:\Documents and Settings\Marco\Mes documents\CombatArmsSetupV33.exe
[2009-12-22 18:45:07 | 01,601,224 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\CombatArmsDownloaderV33.exe
[2009-12-22 11:54:52 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009-12-21 05:38:10 | 00,007,168 | ---- | M] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-20 11:36:31 | 00,000,393 | ---- | M] () -- C:\Documents and Settings\Marco\Application Data\Gangsters2Setup.lnk
[2009-12-20 11:36:00 | 00,775,210 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009-12-20 11:36:00 | 00,367,988 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2009-12-20 11:36:00 | 00,311,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009-12-20 11:36:00 | 00,048,820 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2009-12-20 11:36:00 | 00,040,128 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009-12-19 14:03:53 | 00,000,899 | ---- | M] () -- C:\Documents and Settings\Marco\Mes documents\Mes dossiers de partage.lnk
[2009-12-19 13:44:48 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009-12-19 13:27:29 | 00,252,240 | RHS- | M] () -- C:\ntldr
[2009-12-19 11:28:56 | 00,000,212 | RHS- | M] () -- C:\boot.ini
[2009-12-19 11:17:16 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-12-19 09:48:19 | 00,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-19 09:33:54 | 00,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-12-19 09:32:15 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009-12-19 09:31:23 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-12-19 09:27:31 | 00,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-12-19 09:27:31 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009-12-19 09:27:31 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009-12-19 09:27:26 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-12-19 09:27:26 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-12-19 09:27:24 | 00,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2009-12-19 09:27:16 | 00,004,207 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009-12-19 09:26:01 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-12-19 09:26:01 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-12-19 09:23:22 | 00,021,892 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-12-19 09:23:09 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009-12-19 03:16:23 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
========== Files Created - No Company Name ==========
[2010-01-06 17:02:31 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-01-06 16:44:31 | 00,037,888 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\Re.doc
[2010-01-05 17:40:09 | 02,647,152 | ---- | C] () -- C:\Documents and Settings\Marco\Application Data\install.txt
[2010-01-04 19:31:30 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2010-01-02 18:14:49 | 00,000,811 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Raccourci vers Teilia.lnk
[2010-01-02 16:20:07 | 00,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010-01-02 16:18:47 | 00,001,735 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
[2009-12-29 12:44:08 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 5.lnk
[2009-12-28 22:10:44 | 00,049,896 | ---- | C] () -- C:\WINDOWS\System\PGTEXT.TTF
[2009-12-28 22:10:44 | 00,047,252 | ---- | C] () -- C:\WINDOWS\System\PGMUS.TTF
[2009-12-28 21:55:19 | 00,001,465 | ---- | C] () -- C:\Documents and Settings\Marco\Bureau\Guitar Pro 3.lnk
[2009-12-22 19:16:16 | 00,001,497 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Combat Arms.lnk
[2009-12-22 18:44:58 | 01,601,224 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\CombatArmsDownloaderV33.exe
[2009-12-20 11:36:31 | 00,000,393 | ---- | C] () -- C:\Documents and Settings\Marco\Application Data\Gangsters2Setup.lnk
[2009-12-19 14:03:53 | 00,000,899 | ---- | C] () -- C:\Documents and Settings\Marco\Mes documents\Mes dossiers de partage.lnk
[2009-12-19 13:36:27 | 00,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2009-12-19 13:36:27 | 00,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2009-12-19 13:36:27 | 00,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2009-12-19 13:36:27 | 00,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2009-12-19 13:36:27 | 00,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2009-12-19 13:36:26 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2009-12-19 13:36:26 | 00,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2009-12-19 13:36:26 | 00,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2009-12-19 13:36:26 | 00,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2009-12-19 13:36:26 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2009-12-19 13:36:26 | 00,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2009-12-19 13:36:26 | 00,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2009-12-19 13:36:25 | 00,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2009-12-19 13:36:25 | 00,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2009-12-19 13:36:25 | 00,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2009-12-19 13:36:24 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2009-12-19 13:36:24 | 00,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2009-12-19 13:36:24 | 00,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2009-12-19 13:36:24 | 00,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2009-12-19 13:36:24 | 00,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2009-12-19 13:36:24 | 00,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2009-12-19 13:36:24 | 00,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2009-12-19 13:36:24 | 00,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2009-12-19 13:36:24 | 00,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2009-12-19 13:36:24 | 00,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2009-12-19 13:36:24 | 00,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2009-12-19 13:36:23 | 00,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2009-12-19 13:36:23 | 00,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2009-12-19 13:36:23 | 00,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2009-12-19 13:36:23 | 00,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2009-12-19 13:36:23 | 00,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2009-12-19 13:36:23 | 00,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2009-12-19 13:36:23 | 00,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2009-12-19 13:36:23 | 00,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2009-12-19 13:36:23 | 00,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2009-12-19 13:36:23 | 00,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2009-12-19 13:36:23 | 00,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2009-12-19 13:36:23 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2009-12-19 13:36:23 | 00,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2009-12-19 13:36:23 | 00,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2009-12-19 13:36:23 | 00,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2009-12-19 13:36:22 | 00,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2009-12-19 13:36:22 | 00,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2009-12-19 13:36:22 | 00,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2009-12-19 13:36:22 | 00,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2009-12-19 13:36:22 | 00,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2009-12-19 13:36:22 | 00,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2009-12-19 13:36:22 | 00,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2009-12-19 13:36:22 | 00,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2009-12-19 13:36:22 | 00,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2009-12-19 13:36:22 | 00,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2009-12-19 13:36:22 | 00,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2009-12-19 13:36:22 | 00,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2009-12-19 13:36:22 | 00,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2009-12-19 13:36:22 | 00,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2009-12-19 13:36:22 | 00,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2009-12-19 13:36:22 | 00,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2009-12-19 13:36:22 | 00,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2009-12-19 13:36:22 | 00,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2009-12-19 13:36:22 | 00,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2009-12-19 13:36:22 | 00,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2009-12-19 13:36:22 | 00,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2009-12-19 13:36:20 | 00,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2009-12-19 13:36:20 | 00,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp
[2009-12-19 13:36:20 | 00,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2009-12-19 13:36:20 | 00,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2009-12-19 13:36:20 | 00,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2009-12-19 13:36:20 | 00,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt
[2009-12-19 13:36:19 | 00,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2009-12-19 13:36:19 | 00,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2009-12-19 13:36:19 | 00,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2009-12-19 13:36:19 | 00,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2009-12-19 13:36:18 | 00,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2009-12-19 13:36:18 | 00,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2009-12-19 13:36:18 | 00,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2009-12-19 13:36:18 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2009-12-19 13:36:18 | 00,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2009-12-19 13:36:18 | 00,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2009-12-19 13:36:18 | 00,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2009-12-19 13:36:18 | 00,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2009-12-19 11:28:39 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009-12-19 11:27:31 | 00,239,616 | ---- | C] () -- C:\WINDOWS\System32\wstrenderer.ax
[2009-12-19 11:27:31 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\wstpager.ax
[2009-12-19 11:27:31 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\vbicodec.ax
[2009-12-19 11:27:21 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009-12-19 11:27:20 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009-12-19 11:27:18 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009-12-19 11:27:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009-12-19 11:27:06 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2009-12-19 11:18:00 | 00,007,168 | ---- | C] () -- C:\Documents and Settings\Marco\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-12-19 09:44:56 | 00,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Avira AntiVir Control Center.lnk
[2009-12-19 09:33:39 | 00,000,184 | -HS- | C] () -- C:\Documents and Settings\Marco\ntuser.ini
[2009-12-19 09:33:38 | 01,572,864 | -H-- | C] () -- C:\Documents and Settings\Marco\NTUSER.DAT
[2009-12-19 09:33:36 | 53,639,9872 | -HS- | C] () -- C:\hiberfil.sys
[2009-12-19 09:32:15 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009-12-19 09:31:23 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009-12-19 09:30:25 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009-12-19 09:29:59 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009-12-19 09:29:43 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009-12-19 09:29:41 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009-12-19 09:29:38 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009-12-19 09:29:25 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009-12-19 09:29:19 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009-12-19 09:28:54 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009-12-19 09:27:31 | 00,003,072 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009-12-19 09:27:31 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009-12-19 09:27:31 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009-12-19 09:27:31 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009-12-19 09:27:27 | 00,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2009-12-19 09:27:26 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009-12-19 09:27:26 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009-12-19 09:27:24 | 00,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2009-12-19 09:26:01 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009-12-19 09:26:01 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009-12-19 09:25:52 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009-12-19 09:25:31 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009-12-19 09:24:48 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009-12-19 09:24:48 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009-12-19 09:24:41 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009-12-19 09:23:22 | 00,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009-12-19 09:22:20 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bulles de savon.bmp
[2009-12-19 09:22:20 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Vent de prairie.bmp
[2009-12-19 09:22:20 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Mur de Santa Fe.bmp
[2009-12-19 09:22:20 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Rivière Sumida.bmp
[2009-12-19 09:22:20 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Granit vert.bmp
[2009-12-19 09:22:20 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009-12-19 09:22:20 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Jour de pêche.bmp
[2009-12-19 09:22:20 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Tasse à café.bmp
[2009-12-19 09:22:20 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Plume.bmp
[2009-12-19 09:22:20 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009-12-19 09:22:20 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Rosace bleue 16.bmp
[2009-12-19 09:22:19 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009-12-19 09:22:19 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009-12-19 09:22:19 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009-12-19 09:22:19 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009-12-19 09:22:19 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009-12-19 09:22:19 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009-12-19 09:22:19 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009-12-19 09:22:18 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009-12-19 09:22:15 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009-12-19 09:22:15 | 00,001,263 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009-12-19 09:22:12 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009-12-19 09:21:59 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2009-12-19 04:08:47 | 00,000,212 | RHS- | C] () -- C:\boot.ini
[2009-12-19 04:08:45 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009-12-19 03:12:00 | 02,104,298 | ---- | C] () -- C:\WINDOWS\System32\drivers\2gmgsmt.sf2
[2009-12-19 03:10:31 | 00,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2009-12-19 03:10:22 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009-12-19 03:10:22 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009-12-19 03:10:22 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009-12-19 03:10:22 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009-12-19 03:10:18 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009-12-19 03:10:18 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009-12-19 03:10:18 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009-12-19 03:10:16 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009-12-19 03:10:14 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009-12-19 03:10:14 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009-12-19 03:10:14 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009-12-19 03:10:13 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009-12-19 03:10:13 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009-12-19 03:10:13 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009-12-19 03:10:11 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009-12-19 03:10:11 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009-12-19 03:10:09 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009-12-19 03:10:05 | 00,001,896 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009-12-19 03:09:54 | 00,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009-12-19 03:09:54 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009-12-19 03:09:54 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009-12-19 03:09:54 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009-12-19 03:09:54 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009-12-19 03:09:54 | 00,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009-12-19 03:09:23 | 00,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005-08-12 16:57:09 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[1999-01-22 14:46:58 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== Custom Scans ==========
< %SYSTEMDRIVE%\cdrom.sys /s /md5 >
[2004-08-03 22:59:54 | 00,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2008-04-13 11:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008-04-13 11:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004-08-03 22:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008-04-13 11:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008-04-13 11:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< %SYSTEMDRIVE%\ACPI.sys /s /md5 >
[2004-08-04 00:36:58 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=0BD94FBFC14EA3606CD6CA4C0255BAA3 -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
[2008-04-13 18:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008-04-13 18:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\system32\drivers\acpi.sys
< %SYSTEMDRIVE%\*.exe >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2004-08-03 23:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2008-04-13 11:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008-04-13 11:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< End of report >
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 07 Jan 2010 02:31
Pour finir, le rapport Extras :
OTL Extras logfile created on: 2010-01-06 19:11:20 - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd
511,00 Mb Total Physical Memory | 407,00 Mb Available Physical Memory | 80,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,64 Gb Total Space | 5,40 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 12,17 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ORDIMAISON
Current User Name: Marco
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58136:TCP" = 58136:TCP:*:Enabled:Pando Media Booster
"58136:UDP" = 58136:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe" = C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe:*:Enabled:Ultima Online Client -- (Electronic Arts)
"E:\gangsters2.exe" = E:\gangsters2.exe:*:Enabled:Gangsters 2 -- File not found
"C:\Program Files\Eidos Interactive\Hothouse Creations\Gangsters 2\Gangsters2.exe" = C:\Program Files\Eidos Interactive\Hothouse Creations\Gangsters 2\Gangsters2.exe:*:Enabled:Gangsters 2 -- (Hothouse Creations)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*:Enabled:Combat Arms -- (Nexon)
"C:\Program Files\EA Games\Ultima Online Mondain's Legacy\Teilia.exe" = C:\Program Files\EA Games\Ultima Online Mondain's Legacy\Teilia.exe:*:Enabled:Teilia -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BD5B620-AA88-11D4-AEC7-0008C739EC2A}" = Gangsters 2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Combat Arms" = Combat Arms
"Guitar Pro 3.0" = Guitar Pro 3.0
"Guitar Pro 5_is1" = Guitar Pro 5.0
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Teilia" = Teilia
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2009-12-29 21:06:46 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2009-12-29 21:29:49 | Computer Name = ORDIMAISON | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant flash10d.ocx, version 10.0.42.34, adresse de défaillance 0x0020a691.
Error - 2010-01-02 17:10:02 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée Teilia.exe, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-02 18:21:08 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée Teilia.exe, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 17:52:50 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-05 18:14:31 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée mbam.exe, version 1.43.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
[ System Events ]
Error - 2009-12-27 06:02:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:02:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 06:17:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 30 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:17:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 06:47:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 60 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:47:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 59 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 07:47:17 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 120 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 07:47:17 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 119 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 09:38:54 | Computer Name = ORDIMAISON | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse
réseau est 00E006FCB0D4 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a
envoyé un message DHCPNACK).
Error - 2009-12-27 09:38:59 | Computer Name = ORDIMAISON | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 00E006FCB0D4. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).
< End of report >
OTL Extras logfile created on: 2010-01-06 19:11:20 - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Documents and Settings\Marco\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd
511,00 Mb Total Physical Memory | 407,00 Mb Available Physical Memory | 80,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,64 Gb Total Space | 5,40 Gb Free Space | 28,95% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 12,17 Gb Free Space | 32,64% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ORDIMAISON
Current User Name: Marco
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58136:TCP" = 58136:TCP:*:Enabled:Pando Media Booster
"58136:UDP" = 58136:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe" = C:\Program Files\EA Games\Ultima Online Mondain's Legacy\client.exe:*:Enabled:Ultima Online Client -- (Electronic Arts)
"E:\gangsters2.exe" = E:\gangsters2.exe:*:Enabled:Gangsters 2 -- File not found
"C:\Program Files\Eidos Interactive\Hothouse Creations\Gangsters 2\Gangsters2.exe" = C:\Program Files\Eidos Interactive\Hothouse Creations\Gangsters 2\Gangsters2.exe:*:Enabled:Gangsters 2 -- (Hothouse Creations)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*:Enabled:Combat Arms -- (Nexon)
"C:\Program Files\EA Games\Ultima Online Mondain's Legacy\Teilia.exe" = C:\Program Files\EA Games\Ultima Online Mondain's Legacy\Teilia.exe:*:Enabled:Teilia -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0000040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8BD5B620-AA88-11D4-AEC7-0008C739EC2A}" = Gangsters 2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Combat Arms" = Combat Arms
"Guitar Pro 3.0" = Guitar Pro 3.0
"Guitar Pro 5_is1" = Guitar Pro 5.0
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Teilia" = Teilia
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2009-12-29 21:06:46 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2009-12-29 21:29:49 | Computer Name = ORDIMAISON | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant flash10d.ocx, version 10.0.42.34, adresse de défaillance 0x0020a691.
Error - 2010-01-02 17:10:02 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée Teilia.exe, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-02 18:21:08 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée Teilia.exe, version 0.0.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 17:52:50 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-04 18:04:23 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 2010-01-05 18:14:31 | Computer Name = ORDIMAISON | Source = Application Hang | ID = 1002
Description = Application bloquée mbam.exe, version 1.43.0.0, module bloqué hungapp,
version 0.0.0.0, adresse de blocage 0x00000000.
[ System Events ]
Error - 2009-12-27 06:02:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:02:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 06:17:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 30 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:17:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 29 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 06:47:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 60 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 06:47:16 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 59 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 07:47:17 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452689
Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de
la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient
va essayer à nouveau la recherche DNS dans 120 minutes. L'erreur était : Une opération
a été tentée sur un hôte impossible à atteindre. (0x80072751)
Error - 2009-12-27 07:47:17 | Computer Name = ORDIMAISON | Source = W32Time | ID = 39452701
Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps
à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement
accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 119 minutes.
NtpClient
n'a pas de source de temps précis.
Error - 2009-12-27 09:38:54 | Computer Name = ORDIMAISON | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 192.168.1.100 pour la carte réseau dont l'adresse
réseau est 00E006FCB0D4 a été refusé par le serveur DHCP 192.168.1.1 (celui-ci a
envoyé un message DHCPNACK).
Error - 2009-12-27 09:38:59 | Computer Name = ORDIMAISON | Source = Dhcp | ID = 1001
Description = Le réseau n'a attribué aucune adresse à votre ordinateur (par le serveur
DHCP)
pour la carte réseau avec l'adresse réseau 00E006FCB0D4. Il s'est produit l'erreur
suivante : %%1223. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse
auprès du serveur d'adresse réseau (DHCP).
< End of report >
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 07 Jan 2010 18:31
hello ami du Canada
ça se précise un peu...
désactive ton Anti-virus le temps de faire ces manipulations.
>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.
========================================================================================================
ensuite...
Télécharge Combofix sur ton Bureau (et pas ailleurs)en le renommant avant qu'il n'atterrisse sur ton bureau.
pour cela fais un clic droit sur Combofix.exe ,choisis "enregistrer la cible du lien sous..." et renomme le en giles.exe pour l'emplacement choisis ton bureau et cliques sur "enregistrer"
Double clique sur giles.exe ( ComboFix ) pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc !!
Copie/colle le rapport combofix dans ta prochaine réponse
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.
========================================================================================================
si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...
Fait un double clic sur l'icône
de WinsockXPFix.
>>cliques sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.
@++
ça se précise un peu...
désactive ton Anti-virus le temps de faire ces manipulations.
>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.
========================================================================================================
ensuite...
Télécharge Combofix sur ton Bureau (et pas ailleurs)en le renommant avant qu'il n'atterrisse sur ton bureau.
pour cela fais un clic droit sur Combofix.exe ,choisis "enregistrer la cible du lien sous..." et renomme le en giles.exe pour l'emplacement choisis ton bureau et cliques sur "enregistrer"
Double clique sur giles.exe ( ComboFix ) pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc !!
Copie/colle le rapport combofix dans ta prochaine réponse
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.
========================================================================================================
si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...
Fait un double clic sur l'icône
de WinsockXPFix.>>cliques sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.
@++
-
jeanmimigab - PC-Infopraticien
- Messages: 2986
- Inscription: 29 Nov 2009 12:05
Re: Infecté BOO/Sinowal.A
le 08 Jan 2010 02:27
Voila le rapport de Combofix. J'ai du le recommencer une deuxième fois car je crois que tout a planter pendant que j'étais dans la douche. J'espère que ca causera pas d'ennui.
ComboFix 10-01-04.01 - Marco 2010-01-07 20:08:34.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.511.317 [GMT -5:00]
Lancé depuis: c:\documents and settings\Marco\Bureau\Giles.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-08 au 2010-01-08 ))))))))))))))))))))))))))))))))))))
.
2010-01-06 22:02 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 22:02 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 22:02 . 2010-01-06 22:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 23:04 . 2010-01-05 23:04 -------- d-----w- c:\documents and settings\All Users\Application Data\clp
2010-01-05 22:53 . 2010-01-05 22:53 -------- d-----w- c:\documents and settings\Marco\Application Data\Fighters
2010-01-05 22:53 . 2010-01-05 22:53 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PackageAware
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\Marco\Application Data\Malwarebytes
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-05 00:30 . 2010-01-05 00:31 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-02 22:57 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Estsoft
2010-01-02 22:55 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\Marco\Application Data\ESTsoft
2010-01-02 22:55 . 2010-01-02 22:56 -------- d-----w- c:\program files\ESTsoft
2010-01-02 21:17 . 2010-01-02 21:17 -------- d-----w- c:\windows\ShellNew
2010-01-02 21:15 . 2010-01-02 21:15 -------- d-----w- c:\documents and settings\Marco\Application Data\Microsoft Web Folders
2009-12-29 17:42 . 2009-12-29 17:42 -------- d-----w- c:\program files\Guitar Pro 5
2009-12-29 03:10 . 1996-11-14 12:42 356928 ----a-w- c:\windows\system\SKY16V3C.DLL
2009-12-29 03:10 . 2009-12-29 03:35 -------- d-----w- C:\PT
2009-12-29 03:09 . 1998-02-07 03:23 248064 ----a-w- c:\windows\UNINST16.EXE
2009-12-29 03:09 . 1995-07-14 00:43 26768 ----a-w- c:\windows\system\CTL3D.DLL
2009-12-29 03:09 . 2009-12-29 03:09 -------- d-----w- c:\documents and settings\Marco\WINDOWS
2009-12-29 02:55 . 2009-12-29 02:55 -------- d-----w- c:\program files\Guitar Pro 3
2009-12-28 14:22 . 2009-12-28 14:22 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-12-25 14:50 . 2009-12-25 14:50 -------- d-----w- c:\windows\G2Runner
2009-12-24 16:16 . 2008-04-13 16:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-23 15:12 . 2009-12-23 15:12 -------- d-----w- C:\Nexon
2009-12-23 14:36 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-23 14:12 . 2009-12-23 14:12 -------- d-sh--w- c:\documents and settings\Marco\IECompatCache
2009-12-23 01:32 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Nexon
2009-12-23 00:07 . 2009-12-23 15:12 90112 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
2009-12-23 00:07 . 2009-12-23 15:12 118784 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll
2009-12-23 00:07 . 2009-12-23 15:12 258352 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\unicows.dll
2009-12-23 00:07 . 2009-12-23 15:12 393216 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll
2009-12-23 00:07 . 2009-12-23 15:12 561152 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2009-12-23 00:07 . 2009-12-23 15:12 167936 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGM.exe
2009-12-23 00:07 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-12-22 23:46 . 2010-01-08 01:14 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:45 -------- d-----w- c:\program files\Pando Networks
2009-12-21 10:37 . 2009-12-21 10:37 -------- d-----w- c:\program files\DivX
2009-12-20 16:36 . 2009-12-20 16:36 -------- d-----w- c:\program files\Eidos Interactive
2009-12-19 22:03 . 2009-12-19 22:03 1956072 ----a-w- c:\documents and settings\Marco\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-12-19 22:00 . 2009-12-19 22:00 -------- d-sh--w- c:\documents and settings\Marco\PrivacIE
2009-12-19 21:58 . 2009-12-19 21:58 -------- d-sh--w- c:\documents and settings\Marco\IETldCache
2009-12-19 21:56 . 2009-10-29 07:42 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:56 . 2009-10-29 07:42 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:56 . 2009-10-29 07:42 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:56 . 2009-10-29 07:42 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:56 . 2009-10-29 07:42 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:56 . 2009-10-29 07:42 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:56 . 2009-12-22 16:52 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:56 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:54 . 2009-12-19 21:55 -------- dc-h--w- c:\windows\ie8
2009-12-19 20:01 . 2009-09-04 21:04 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-12-19 19:59 . 2009-08-05 09:00 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-12-19 19:59 . 2009-06-22 06:47 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2009-12-19 19:52 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-12-19 19:52 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-12-19 19:21 . 2009-12-19 19:21 -------- d-----w- c:\program files\EA Games
2009-12-19 19:21 . 2009-12-20 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-19 19:20 . 2009-12-20 16:36 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-12-19 19:05 . 2010-01-08 00:49 -------- d-----w- c:\documents and settings\Marco\Tracing
2009-12-19 19:03 . 2009-12-19 19:03 -------- d-----w- c:\program files\Microsoft
2009-12-19 19:02 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-19 18:59 . 2009-12-19 18:59 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-12-19 18:58 . 2009-12-19 18:58 -------- d-----w- c:\documents and settings\Marco\Contacts
2009-12-19 18:57 . 2009-12-19 18:57 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 18:55 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-19 18:54 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-19 18:54 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-12-19 18:54 . 2009-12-19 18:55 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2009-12-19 18:53 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live
2009-12-19 18:53 . 2009-12-19 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-12-19 18:53 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-19 18:53 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-19 18:53 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-12-19 18:53 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-19 18:53 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-19 18:53 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-19 18:53 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-19 18:53 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-19 18:52 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-19 18:52 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-12-19 18:52 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-12-19 18:52 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 18:51 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-12-19 18:51 . 2009-08-04 17:27 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-19 18:51 . 2009-08-04 17:27 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-19 18:51 . 2009-08-04 17:28 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-19 18:51 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-12-19 18:50 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-12-19 18:50 . 2009-07-31 04:33 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-12-19 18:50 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-19 18:45 . 2009-12-23 14:38 -------- d--h--w- c:\windows\$hf_mig$
2009-12-19 18:35 . 2008-04-14 00:33 59392 ------w- c:\windows\system32\eapqec.dll
2009-12-19 18:31 . 2008-04-14 00:33 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-12-19 18:27 . 2008-04-13 14:36 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-19 18:27 . 2008-04-13 16:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-12-19 18:11 . 2010-01-03 03:09 18256 ----a-w- c:\documents and settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-19 17:49 . 2009-12-19 17:49 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-12-19 17:48 . 2009-12-19 18:37 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-12-19 17:48 . 2009-12-19 17:48 -------- d-s---w- c:\windows\system32\Microsoft
2009-12-19 16:26 . 2009-04-03 17:15 485376 ------w- c:\windows\system32\wmspdmod.dll
2009-12-19 16:22 . 2009-12-19 16:22 -------- d-----w- c:\windows\ServicePackFiles
2009-12-19 16:17 . 2009-12-19 16:17 -------- d--h--w- c:\windows\PIF
2009-12-19 16:15 . 2009-01-07 23:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-19 16:12 . 2009-12-19 18:36 -------- d-----w- c:\windows\EHome
2009-12-19 15:49 . 2009-12-19 15:51 -------- dc-h--w- c:\windows\$xpsp1hfm$
2009-12-19 15:49 . 2003-05-11 21:26 24576 ----a-w- c:\windows\system32\xpsp1hfm.exe
2009-12-19 15:49 . 2009-12-19 15:54 -------- d-----w- C:\36f7efa4f25b3e2ca7f4e146eb0cff
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 21:19 . 2010-01-02 21:19 5058 ----a-w- c:\windows\Help\hhcolreg.dat
2010-01-02 21:15 . 2009-12-19 14:28 -------- d-----w- c:\program files\microsoft frontpage
2009-12-20 16:36 . 2001-08-28 12:00 48820 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-20 16:36 . 2001-08-28 12:00 367988 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-19 18:39 . 2009-12-19 14:26 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\program files\Avira
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-19 14:25 . 2009-12-19 14:22 -------- d-----w- c:\program files\Services en ligne
2009-12-19 14:23 . 2009-12-19 14:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 15:58 . 2001-08-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:42 . 2001-08-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2009-12-19 16:27 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2009-12-19 16:27 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-12-19 16:27 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-12-22 2935480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\client.exe"=
"c:\\Program Files\\Eidos Interactive\\Hothouse Creations\\Gangsters 2\\Gangsters2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Nexon\\Combat Arms\\Engine.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\Teilia.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58136:TCP"= 58136:TCP:Pando Media Booster
"58136:UDP"= 58136:UDP:Pando Media Booster
R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-12-19 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-12-19 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-19 108289]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Teilia - c:\program files\EA Games\Ultima Online Mondain's Legacy\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 20:14
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(4012)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
Heure de fin: 2010-01-07 20:16:06
ComboFix-quarantined-files.txt 2010-01-08 01:16
Avant-CF: 5 719 801 856 octets libres
Après-CF: 5 725 671 424 octets libres
- - End Of File - - 5066D657E91CC5CE155356A76508DFB8
ComboFix 10-01-04.01 - Marco 2010-01-07 20:08:34.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.511.317 [GMT -5:00]
Lancé depuis: c:\documents and settings\Marco\Bureau\Giles.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-08 au 2010-01-08 ))))))))))))))))))))))))))))))))))))
.
2010-01-06 22:02 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 22:02 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 22:02 . 2010-01-06 22:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 23:04 . 2010-01-05 23:04 -------- d-----w- c:\documents and settings\All Users\Application Data\clp
2010-01-05 22:53 . 2010-01-05 22:53 -------- d-----w- c:\documents and settings\Marco\Application Data\Fighters
2010-01-05 22:53 . 2010-01-05 22:53 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PackageAware
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\Marco\Application Data\Malwarebytes
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-05 00:30 . 2010-01-05 00:31 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-02 22:57 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Estsoft
2010-01-02 22:55 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\Marco\Application Data\ESTsoft
2010-01-02 22:55 . 2010-01-02 22:56 -------- d-----w- c:\program files\ESTsoft
2010-01-02 21:17 . 2010-01-02 21:17 -------- d-----w- c:\windows\ShellNew
2010-01-02 21:15 . 2010-01-02 21:15 -------- d-----w- c:\documents and settings\Marco\Application Data\Microsoft Web Folders
2009-12-29 17:42 . 2009-12-29 17:42 -------- d-----w- c:\program files\Guitar Pro 5
2009-12-29 03:10 . 1996-11-14 12:42 356928 ----a-w- c:\windows\system\SKY16V3C.DLL
2009-12-29 03:10 . 2009-12-29 03:35 -------- d-----w- C:\PT
2009-12-29 03:09 . 1998-02-07 03:23 248064 ----a-w- c:\windows\UNINST16.EXE
2009-12-29 03:09 . 1995-07-14 00:43 26768 ----a-w- c:\windows\system\CTL3D.DLL
2009-12-29 03:09 . 2009-12-29 03:09 -------- d-----w- c:\documents and settings\Marco\WINDOWS
2009-12-29 02:55 . 2009-12-29 02:55 -------- d-----w- c:\program files\Guitar Pro 3
2009-12-28 14:22 . 2009-12-28 14:22 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-12-25 14:50 . 2009-12-25 14:50 -------- d-----w- c:\windows\G2Runner
2009-12-24 16:16 . 2008-04-13 16:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-23 15:12 . 2009-12-23 15:12 -------- d-----w- C:\Nexon
2009-12-23 14:36 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-23 14:12 . 2009-12-23 14:12 -------- d-sh--w- c:\documents and settings\Marco\IECompatCache
2009-12-23 01:32 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Nexon
2009-12-23 00:07 . 2009-12-23 15:12 90112 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
2009-12-23 00:07 . 2009-12-23 15:12 118784 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll
2009-12-23 00:07 . 2009-12-23 15:12 258352 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\unicows.dll
2009-12-23 00:07 . 2009-12-23 15:12 393216 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll
2009-12-23 00:07 . 2009-12-23 15:12 561152 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2009-12-23 00:07 . 2009-12-23 15:12 167936 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGM.exe
2009-12-23 00:07 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-12-22 23:46 . 2010-01-08 01:14 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:45 -------- d-----w- c:\program files\Pando Networks
2009-12-21 10:37 . 2009-12-21 10:37 -------- d-----w- c:\program files\DivX
2009-12-20 16:36 . 2009-12-20 16:36 -------- d-----w- c:\program files\Eidos Interactive
2009-12-19 22:03 . 2009-12-19 22:03 1956072 ----a-w- c:\documents and settings\Marco\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-12-19 22:00 . 2009-12-19 22:00 -------- d-sh--w- c:\documents and settings\Marco\PrivacIE
2009-12-19 21:58 . 2009-12-19 21:58 -------- d-sh--w- c:\documents and settings\Marco\IETldCache
2009-12-19 21:56 . 2009-10-29 07:42 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:56 . 2009-10-29 07:42 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:56 . 2009-10-29 07:42 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:56 . 2009-10-29 07:42 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:56 . 2009-10-29 07:42 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:56 . 2009-10-29 07:42 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:56 . 2009-12-22 16:52 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:56 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:54 . 2009-12-19 21:55 -------- dc-h--w- c:\windows\ie8
2009-12-19 20:01 . 2009-09-04 21:04 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-12-19 19:59 . 2009-08-05 09:00 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-12-19 19:59 . 2009-06-22 06:47 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2009-12-19 19:52 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-12-19 19:52 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-12-19 19:21 . 2009-12-19 19:21 -------- d-----w- c:\program files\EA Games
2009-12-19 19:21 . 2009-12-20 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-19 19:20 . 2009-12-20 16:36 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-12-19 19:05 . 2010-01-08 00:49 -------- d-----w- c:\documents and settings\Marco\Tracing
2009-12-19 19:03 . 2009-12-19 19:03 -------- d-----w- c:\program files\Microsoft
2009-12-19 19:02 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-19 18:59 . 2009-12-19 18:59 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-12-19 18:58 . 2009-12-19 18:58 -------- d-----w- c:\documents and settings\Marco\Contacts
2009-12-19 18:57 . 2009-12-19 18:57 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 18:55 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-19 18:54 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-19 18:54 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-12-19 18:54 . 2009-12-19 18:55 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2009-12-19 18:53 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live
2009-12-19 18:53 . 2009-12-19 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-12-19 18:53 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-19 18:53 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-19 18:53 . 2009-02-09 11:23 111104 -c----w- c:\windows\system32\dllcache\services.exe
2009-12-19 18:53 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-19 18:53 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-19 18:53 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-19 18:53 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-19 18:53 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-19 18:52 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-19 18:52 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-12-19 18:52 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-12-19 18:52 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 18:51 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-12-19 18:51 . 2009-08-04 17:27 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-19 18:51 . 2009-08-04 17:27 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-19 18:51 . 2009-08-04 17:28 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-19 18:51 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-12-19 18:50 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-12-19 18:50 . 2009-07-31 04:33 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-12-19 18:50 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-19 18:45 . 2009-12-23 14:38 -------- d--h--w- c:\windows\$hf_mig$
2009-12-19 18:35 . 2008-04-14 00:33 59392 ------w- c:\windows\system32\eapqec.dll
2009-12-19 18:31 . 2008-04-14 00:33 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-12-19 18:27 . 2008-04-13 14:36 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-19 18:27 . 2008-04-13 16:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-12-19 18:11 . 2010-01-03 03:09 18256 ----a-w- c:\documents and settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-19 17:49 . 2009-12-19 17:49 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-12-19 17:48 . 2009-12-19 18:37 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-12-19 17:48 . 2009-12-19 17:48 -------- d-s---w- c:\windows\system32\Microsoft
2009-12-19 16:26 . 2009-04-03 17:15 485376 ------w- c:\windows\system32\wmspdmod.dll
2009-12-19 16:22 . 2009-12-19 16:22 -------- d-----w- c:\windows\ServicePackFiles
2009-12-19 16:17 . 2009-12-19 16:17 -------- d--h--w- c:\windows\PIF
2009-12-19 16:15 . 2009-01-07 23:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-19 16:12 . 2009-12-19 18:36 -------- d-----w- c:\windows\EHome
2009-12-19 15:49 . 2009-12-19 15:51 -------- dc-h--w- c:\windows\$xpsp1hfm$
2009-12-19 15:49 . 2003-05-11 21:26 24576 ----a-w- c:\windows\system32\xpsp1hfm.exe
2009-12-19 15:49 . 2009-12-19 15:54 -------- d-----w- C:\36f7efa4f25b3e2ca7f4e146eb0cff
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 21:19 . 2010-01-02 21:19 5058 ----a-w- c:\windows\Help\hhcolreg.dat
2010-01-02 21:15 . 2009-12-19 14:28 -------- d-----w- c:\program files\microsoft frontpage
2009-12-20 16:36 . 2001-08-28 12:00 48820 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-20 16:36 . 2001-08-28 12:00 367988 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-19 18:39 . 2009-12-19 14:26 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\program files\Avira
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-19 14:25 . 2009-12-19 14:22 -------- d-----w- c:\program files\Services en ligne
2009-12-19 14:23 . 2009-12-19 14:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 15:58 . 2001-08-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:42 . 2001-08-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2009-12-19 16:27 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2009-12-19 16:27 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-12-19 16:27 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-12-22 2935480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\client.exe"=
"c:\\Program Files\\Eidos Interactive\\Hothouse Creations\\Gangsters 2\\Gangsters2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Nexon\\Combat Arms\\Engine.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\Teilia.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58136:TCP"= 58136:TCP:Pando Media Booster
"58136:UDP"= 58136:UDP:Pando Media Booster
R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-12-19 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-12-19 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-19 108289]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
.
- - - - ORPHELINS SUPPRIMES - - - -
AddRemove-Teilia - c:\program files\EA Games\Ultima Online Mondain's Legacy\Uninstal.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-07 20:14
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(4012)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
Heure de fin: 2010-01-07 20:16:06
ComboFix-quarantined-files.txt 2010-01-08 01:16
Avant-CF: 5 719 801 856 octets libres
Après-CF: 5 725 671 424 octets libres
- - End Of File - - 5066D657E91CC5CE155356A76508DFB8
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 08 Jan 2010 16:36
hello,
Dommage que tu n'ai pas le rapport combofix du premier scan, mais c'est pas grave...
fais cela stp...
Désactives Antivir les temps de faire la suite...
> crées un nouveau document texte sur ton bureau
> pour cela clic-droit sur le bureau > Nouveau > document texte > copies et colles le contenu de la citation ci-dessous à l'intérieur
Respectes à la lettre la procédure d'enregistrement suivante,c'est très important
> ensuite cliques sur "fichier" > "enregistrer sous..."
> dans la fenêtre d'enregistrement choisis le bureau comme destination > dans type choisis "tous les fichiers" > et dans nom du fichier tape CFScript.txt > ensuite cliques sur enregistrer et fermes le document texte.
> fais un glisser/déposer(clic-gauche enfoncé sur CFScrit.txt et tu fais glisser) de ce fichier CFScript.txt sur le fichier ComboFix.exe(dans ton cas c'est "Giles.exe") comme sur cette capture.
> une fenêtre bleue va apparaître >>suis les instructions
> patientes le temps du scan. Le bureau va disparaître à plusieurs reprises,c'est normal!
> ne touches à rien tant que le scan n'est pas terminé
> une fois le scan achevé, un rapport va s'afficher,postes son contenu dans ta prochaine réponse.
> si le rapport ne s'ouvre pas, il se trouve à cet emplacement C:\ComboFix.txt
ensuite....
> Télécharges mbr.exe (De Gmer) Sur ton Bureau
> Désactives tes protections[s] Antivirus et antispywares et déconnectes toi d'internet.[/b]
> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log
ensuite copies le fichier Mbr.exe (que tu as téléchargé) et colles le à la racine du disque D:\ de manière à ce que son chemin d'accès soit D:\mbr.exe
> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log
PS: En postant les deux rapports mbr.exe, précises moi à quel disque appartient chaque rapports (par exemple rapport "Mbr.exe disque C" et "rapport Mbr.exe disque D"
@++
Dommage que tu n'ai pas le rapport combofix du premier scan, mais c'est pas grave...
fais cela stp...
Désactives Antivir les temps de faire la suite...
> crées un nouveau document texte sur ton bureau
> pour cela clic-droit sur le bureau > Nouveau > document texte > copies et colles le contenu de la citation ci-dessous à l'intérieur
KillAll::
File::
c:\windows\system32\dllcache\services.exe
C:\WINDOWS\WMSysPrx.prx
C:\WINDOWS\WMSysPr9.prx
Folder::
C:\Documents and Settings\All Users\Application Data\clp
C:\Documents and Settings\Marco\Application Data\Fighters
C:\Documents and Settings\Marco\Local Settings\Application Data\PackageAware
Respectes à la lettre la procédure d'enregistrement suivante,c'est très important
> ensuite cliques sur "fichier" > "enregistrer sous..."
> dans la fenêtre d'enregistrement choisis le bureau comme destination > dans type choisis "tous les fichiers" > et dans nom du fichier tape CFScript.txt > ensuite cliques sur enregistrer et fermes le document texte.
> fais un glisser/déposer(clic-gauche enfoncé sur CFScrit.txt et tu fais glisser) de ce fichier CFScript.txt sur le fichier ComboFix.exe(dans ton cas c'est "Giles.exe") comme sur cette capture.
> une fenêtre bleue va apparaître >>suis les instructions
> patientes le temps du scan. Le bureau va disparaître à plusieurs reprises,c'est normal!
> ne touches à rien tant que le scan n'est pas terminé
> une fois le scan achevé, un rapport va s'afficher,postes son contenu dans ta prochaine réponse.
> si le rapport ne s'ouvre pas, il se trouve à cet emplacement C:\ComboFix.txt
ensuite....
> Télécharges mbr.exe (De Gmer) Sur ton Bureau
> Désactives tes protections[s] Antivirus et antispywares et déconnectes toi d'internet.[/b]
> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log
ensuite copies le fichier Mbr.exe (que tu as téléchargé) et colles le à la racine du disque D:\ de manière à ce que son chemin d'accès soit D:\mbr.exe
> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log
PS: En postant les deux rapports mbr.exe, précises moi à quel disque appartient chaque rapports (par exemple rapport "Mbr.exe disque C" et "rapport Mbr.exe disque D"
@++
-
jeanmimigab - PC-Infopraticien
- Messages: 2986
- Inscription: 29 Nov 2009 12:05
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 01:36
Wow !!! Tu me fais faire des choses que je ne connais pas du tout. J'espère qu'a la fin tu va pouvoir me fournir une explication (seulement les grandes lignes) histoire d'épatter la galerie
Une question ,,, Quand je vais consulter mes messages sur hotmail, ca m'ouvre une fenetre de sécurité disant que la connexion n'est pas sécurisée. C'est normal ? Il me semble que ca n'affichais pas ca au paravant. En tout cas... Voici les rapport.
Le combofix :
ComboFix 10-01-04.01 - Marco 2010-01-08 19:08:28.3.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.511.298 [GMT -5:00]
Lancé depuis: c:\documents and settings\Marco\Bureau\Giles.exe
Commutateurs utilisés :: c:\documents and settings\Marco\Bureau\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FILE ::
"c:\windows\system32\dllcache\services.exe"
"c:\windows\WMSysPr9.prx"
"c:\windows\WMSysPrx.prx"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\clp
c:\documents and settings\All Users\Application Data\clp\clp.cid
c:\documents and settings\All Users\Application Data\clp\PV03_AVP-001.lic
c:\documents and settings\Marco\Application Data\Fighters
c:\documents and settings\Marco\Application Data\Fighters\SWPRO\Installer.log.txt
c:\documents and settings\Marco\Local Settings\Application Data\PackageAware
c:\windows\system32\dllcache\services.exe
c:\windows\WMSysPr9.prx
c:\windows\WMSysPrx.prx
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-09 au 2010-01-09 ))))))))))))))))))))))))))))))))))))
.
2010-01-06 22:02 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 22:02 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 22:02 . 2010-01-06 22:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\Marco\Application Data\Malwarebytes
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-05 00:30 . 2010-01-05 00:31 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-02 22:57 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Estsoft
2010-01-02 22:55 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\Marco\Application Data\ESTsoft
2010-01-02 22:55 . 2010-01-02 22:56 -------- d-----w- c:\program files\ESTsoft
2010-01-02 21:17 . 2010-01-02 21:17 -------- d-----w- c:\windows\ShellNew
2010-01-02 21:15 . 2010-01-02 21:15 -------- d-----w- c:\documents and settings\Marco\Application Data\Microsoft Web Folders
2009-12-29 17:42 . 2009-12-29 17:42 -------- d-----w- c:\program files\Guitar Pro 5
2009-12-29 03:10 . 1996-11-14 12:42 356928 ----a-w- c:\windows\system\SKY16V3C.DLL
2009-12-29 03:10 . 2009-12-29 03:35 -------- d-----w- C:\PT
2009-12-29 03:09 . 1998-02-07 03:23 248064 ----a-w- c:\windows\UNINST16.EXE
2009-12-29 03:09 . 1995-07-14 00:43 26768 ----a-w- c:\windows\system\CTL3D.DLL
2009-12-29 03:09 . 2009-12-29 03:09 -------- d-----w- c:\documents and settings\Marco\WINDOWS
2009-12-29 02:55 . 2009-12-29 02:55 -------- d-----w- c:\program files\Guitar Pro 3
2009-12-28 14:22 . 2009-12-28 14:22 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-12-25 14:50 . 2009-12-25 14:50 -------- d-----w- c:\windows\G2Runner
2009-12-24 16:16 . 2008-04-13 16:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-23 15:12 . 2009-12-23 15:12 -------- d-----w- C:\Nexon
2009-12-23 14:36 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-23 14:12 . 2009-12-23 14:12 -------- d-sh--w- c:\documents and settings\Marco\IECompatCache
2009-12-23 01:32 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Nexon
2009-12-23 00:07 . 2009-12-23 15:12 90112 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
2009-12-23 00:07 . 2009-12-23 15:12 118784 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll
2009-12-23 00:07 . 2009-12-23 15:12 258352 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\unicows.dll
2009-12-23 00:07 . 2009-12-23 15:12 393216 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll
2009-12-23 00:07 . 2009-12-23 15:12 561152 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2009-12-23 00:07 . 2009-12-23 15:12 167936 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGM.exe
2009-12-23 00:07 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-12-22 23:46 . 2010-01-09 00:15 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:45 -------- d-----w- c:\program files\Pando Networks
2009-12-21 10:37 . 2009-12-21 10:37 -------- d-----w- c:\program files\DivX
2009-12-20 16:36 . 2009-12-20 16:36 -------- d-----w- c:\program files\Eidos Interactive
2009-12-19 22:03 . 2009-12-19 22:03 1956072 ----a-w- c:\documents and settings\Marco\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-12-19 22:00 . 2009-12-19 22:00 -------- d-sh--w- c:\documents and settings\Marco\PrivacIE
2009-12-19 21:58 . 2009-12-19 21:58 -------- d-sh--w- c:\documents and settings\Marco\IETldCache
2009-12-19 21:56 . 2009-10-29 07:42 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:56 . 2009-10-29 07:42 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:56 . 2009-10-29 07:42 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:56 . 2009-10-29 07:42 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:56 . 2009-10-29 07:42 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:56 . 2009-10-29 07:42 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:56 . 2009-12-22 16:52 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:56 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:54 . 2009-12-19 21:55 -------- dc-h--w- c:\windows\ie8
2009-12-19 20:01 . 2009-09-04 21:04 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-12-19 19:59 . 2009-08-05 09:00 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-12-19 19:59 . 2009-06-22 06:47 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2009-12-19 19:52 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-12-19 19:52 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-12-19 19:21 . 2009-12-19 19:21 -------- d-----w- c:\program files\EA Games
2009-12-19 19:21 . 2009-12-20 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-19 19:20 . 2009-12-20 16:36 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-12-19 19:05 . 2010-01-08 01:20 -------- d-----w- c:\documents and settings\Marco\Tracing
2009-12-19 19:03 . 2009-12-19 19:03 -------- d-----w- c:\program files\Microsoft
2009-12-19 19:02 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-19 18:59 . 2009-12-19 18:59 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-12-19 18:58 . 2009-12-19 18:58 -------- d-----w- c:\documents and settings\Marco\Contacts
2009-12-19 18:57 . 2009-12-19 18:57 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 18:55 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-19 18:54 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-19 18:54 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-12-19 18:54 . 2009-12-19 18:55 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2009-12-19 18:53 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live
2009-12-19 18:53 . 2009-12-19 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-12-19 18:53 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-19 18:53 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-19 18:53 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-19 18:53 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-19 18:53 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-19 18:53 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-19 18:53 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-19 18:52 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-19 18:52 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-12-19 18:52 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-12-19 18:52 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 18:51 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-12-19 18:51 . 2009-08-04 17:27 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-19 18:51 . 2009-08-04 17:27 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-19 18:51 . 2009-08-04 17:28 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-19 18:51 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-12-19 18:50 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-12-19 18:50 . 2009-07-31 04:33 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-12-19 18:50 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-19 18:45 . 2009-12-23 14:38 -------- d--h--w- c:\windows\$hf_mig$
2009-12-19 18:35 . 2008-04-14 00:33 59392 ------w- c:\windows\system32\eapqec.dll
2009-12-19 18:31 . 2008-04-14 00:33 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-12-19 18:27 . 2008-04-13 14:36 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-19 18:27 . 2008-04-13 16:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-12-19 18:11 . 2010-01-03 03:09 18256 ----a-w- c:\documents and settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-19 17:49 . 2009-12-19 17:49 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-12-19 17:48 . 2009-12-19 18:37 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-12-19 17:48 . 2009-12-19 17:48 -------- d-s---w- c:\windows\system32\Microsoft
2009-12-19 16:26 . 2009-04-03 17:15 485376 ------w- c:\windows\system32\wmspdmod.dll
2009-12-19 16:22 . 2009-12-19 16:22 -------- d-----w- c:\windows\ServicePackFiles
2009-12-19 16:17 . 2009-12-19 16:17 -------- d--h--w- c:\windows\PIF
2009-12-19 16:15 . 2009-01-07 23:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-19 16:12 . 2009-12-19 18:36 -------- d-----w- c:\windows\EHome
2009-12-19 15:49 . 2009-12-19 15:51 -------- dc-h--w- c:\windows\$xpsp1hfm$
2009-12-19 15:49 . 2003-05-11 21:26 24576 ----a-w- c:\windows\system32\xpsp1hfm.exe
2009-12-19 15:49 . 2009-12-19 15:54 -------- d-----w- C:\36f7efa4f25b3e2ca7f4e146eb0cff
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 21:19 . 2010-01-02 21:19 5058 ----a-w- c:\windows\Help\hhcolreg.dat
2010-01-02 21:15 . 2009-12-19 14:28 -------- d-----w- c:\program files\microsoft frontpage
2009-12-20 16:36 . 2001-08-28 12:00 48820 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-20 16:36 . 2001-08-28 12:00 367988 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-19 18:39 . 2009-12-19 14:26 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\program files\Avira
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-19 14:25 . 2009-12-19 14:22 -------- d-----w- c:\program files\Services en ligne
2009-12-19 14:23 . 2009-12-19 14:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 15:58 . 2001-08-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:42 . 2001-08-28 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2009-12-19 16:27 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2009-12-19 16:27 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-12-19 16:27 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-12-22 2935480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\client.exe"=
"c:\\Program Files\\Eidos Interactive\\Hothouse Creations\\Gangsters 2\\Gangsters2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Nexon\\Combat Arms\\Engine.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\Teilia.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58136:TCP"= 58136:TCP:Pando Media Booster
"58136:UDP"= 58136:UDP:Pando Media Booster
R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-12-19 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-12-19 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-19 108289]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 19:16
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3560)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\devldr32.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2010-01-08 19:20:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-09 00:20
ComboFix2.txt 2010-01-08 01:16
Avant-CF: 5 696 544 768 octets libres
Après-CF: 5 664 223 232 octets libres
- - End Of File - - CDD4E66617E95718A56DC851FB7F1551
MBR disque C :
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
PE file found in sector at 0x02546841 !
MBR disque D :
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
PE file found in sector at 0x02546841 !
Voila en attente de nouvelle
Une question ,,, Quand je vais consulter mes messages sur hotmail, ca m'ouvre une fenetre de sécurité disant que la connexion n'est pas sécurisée. C'est normal ? Il me semble que ca n'affichais pas ca au paravant. En tout cas... Voici les rapport.
Le combofix :
ComboFix 10-01-04.01 - Marco 2010-01-08 19:08:28.3.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.2.1036.18.511.298 [GMT -5:00]
Lancé depuis: c:\documents and settings\Marco\Bureau\Giles.exe
Commutateurs utilisés :: c:\documents and settings\Marco\Bureau\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FILE ::
"c:\windows\system32\dllcache\services.exe"
"c:\windows\WMSysPr9.prx"
"c:\windows\WMSysPrx.prx"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\clp
c:\documents and settings\All Users\Application Data\clp\clp.cid
c:\documents and settings\All Users\Application Data\clp\PV03_AVP-001.lic
c:\documents and settings\Marco\Application Data\Fighters
c:\documents and settings\Marco\Application Data\Fighters\SWPRO\Installer.log.txt
c:\documents and settings\Marco\Local Settings\Application Data\PackageAware
c:\windows\system32\dllcache\services.exe
c:\windows\WMSysPr9.prx
c:\windows\WMSysPrx.prx
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-09 au 2010-01-09 ))))))))))))))))))))))))))))))))))))
.
2010-01-06 22:02 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 22:02 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 22:02 . 2010-01-06 22:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\Marco\Application Data\Malwarebytes
2010-01-05 22:01 . 2010-01-05 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-05 00:30 . 2010-01-05 00:31 -------- d-----w- c:\program files\Fichiers communs\Adobe
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-01-03 12:33 . 2010-01-03 12:33 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-02 22:57 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Estsoft
2010-01-02 22:55 . 2010-01-02 22:57 -------- d-----w- c:\documents and settings\Marco\Application Data\ESTsoft
2010-01-02 22:55 . 2010-01-02 22:56 -------- d-----w- c:\program files\ESTsoft
2010-01-02 21:17 . 2010-01-02 21:17 -------- d-----w- c:\windows\ShellNew
2010-01-02 21:15 . 2010-01-02 21:15 -------- d-----w- c:\documents and settings\Marco\Application Data\Microsoft Web Folders
2009-12-29 17:42 . 2009-12-29 17:42 -------- d-----w- c:\program files\Guitar Pro 5
2009-12-29 03:10 . 1996-11-14 12:42 356928 ----a-w- c:\windows\system\SKY16V3C.DLL
2009-12-29 03:10 . 2009-12-29 03:35 -------- d-----w- C:\PT
2009-12-29 03:09 . 1998-02-07 03:23 248064 ----a-w- c:\windows\UNINST16.EXE
2009-12-29 03:09 . 1995-07-14 00:43 26768 ----a-w- c:\windows\system\CTL3D.DLL
2009-12-29 03:09 . 2009-12-29 03:09 -------- d-----w- c:\documents and settings\Marco\WINDOWS
2009-12-29 02:55 . 2009-12-29 02:55 -------- d-----w- c:\program files\Guitar Pro 3
2009-12-28 14:22 . 2009-12-28 14:22 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-12-25 14:50 . 2009-12-25 14:50 -------- d-----w- c:\windows\G2Runner
2009-12-24 16:16 . 2008-04-13 16:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-12-23 15:12 . 2009-12-23 15:12 -------- d-----w- C:\Nexon
2009-12-23 14:36 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-23 14:12 . 2009-12-23 14:12 -------- d-sh--w- c:\documents and settings\Marco\IECompatCache
2009-12-23 01:32 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Nexon
2009-12-23 00:07 . 2009-12-23 15:12 90112 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
2009-12-23 00:07 . 2009-12-23 15:12 118784 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\nxgameus.dll
2009-12-23 00:07 . 2009-12-23 15:12 258352 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\unicows.dll
2009-12-23 00:07 . 2009-12-23 15:12 393216 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMResource.dll
2009-12-23 00:07 . 2009-12-23 15:12 561152 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGMDll.dll
2009-12-23 00:07 . 2009-12-23 15:12 167936 ----a-w- c:\documents and settings\All Users\Application Data\NexonUS\NGM\NGM.exe
2009-12-23 00:07 . 2009-12-23 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\NexonUS
2009-12-22 23:46 . 2010-01-09 00:15 -------- d-----w- c:\documents and settings\Marco\Local Settings\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2009-12-22 23:45 . 2009-12-22 23:45 -------- d-----w- c:\program files\Pando Networks
2009-12-21 10:37 . 2009-12-21 10:37 -------- d-----w- c:\program files\DivX
2009-12-20 16:36 . 2009-12-20 16:36 -------- d-----w- c:\program files\Eidos Interactive
2009-12-19 22:03 . 2009-12-19 22:03 1956072 ----a-w- c:\documents and settings\Marco\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-12-19 22:00 . 2009-12-19 22:00 -------- d-sh--w- c:\documents and settings\Marco\PrivacIE
2009-12-19 21:58 . 2009-12-19 21:58 -------- d-sh--w- c:\documents and settings\Marco\IETldCache
2009-12-19 21:56 . 2009-10-29 07:42 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:56 . 2009-10-29 07:42 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:56 . 2009-10-29 07:42 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:56 . 2009-10-29 07:42 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:56 . 2009-10-29 07:42 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:56 . 2009-10-29 07:42 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:56 . 2009-12-22 16:52 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:56 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:54 . 2009-12-19 21:55 -------- dc-h--w- c:\windows\ie8
2009-12-19 20:01 . 2009-09-04 21:04 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2009-12-19 19:59 . 2009-08-05 09:00 205312 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2009-12-19 19:59 . 2009-06-22 06:47 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2009-12-19 19:52 . 2009-08-07 00:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-12-19 19:52 . 2009-08-07 00:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-12-19 19:21 . 2009-12-19 19:21 -------- d-----w- c:\program files\EA Games
2009-12-19 19:21 . 2009-12-20 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-19 19:20 . 2009-12-20 16:36 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-12-19 19:05 . 2010-01-08 01:20 -------- d-----w- c:\documents and settings\Marco\Tracing
2009-12-19 19:03 . 2009-12-19 19:03 -------- d-----w- c:\program files\Microsoft
2009-12-19 19:02 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-19 18:59 . 2009-12-19 18:59 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-12-19 18:58 . 2009-12-19 18:58 -------- d-----w- c:\documents and settings\Marco\Contacts
2009-12-19 18:57 . 2009-12-19 18:57 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 18:55 . 2008-06-14 17:33 272768 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-12-19 18:54 . 2009-06-21 21:47 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-19 18:54 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2009-12-19 18:54 . 2009-12-19 18:55 -------- dcsh--w- c:\program files\Fichiers communs\WindowsLiveInstaller
2009-12-19 18:53 . 2009-12-19 19:02 -------- d-----w- c:\program files\Windows Live
2009-12-19 18:53 . 2009-12-19 18:53 -------- d-----w- c:\documents and settings\All Users\Application Data\WLInstaller
2009-12-19 18:53 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2009-12-19 18:53 . 2009-03-06 14:20 286720 -c----w- c:\windows\system32\dllcache\pdh.dll
2009-12-19 18:53 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2009-12-19 18:53 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2009-12-19 18:53 . 2009-02-09 10:53 685568 -c----w- c:\windows\system32\dllcache\advapi32.dll
2009-12-19 18:53 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2009-12-19 18:53 . 2009-02-09 10:53 739840 -c----w- c:\windows\system32\dllcache\ntdll.dll
2009-12-19 18:52 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-12-19 18:52 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys
2009-12-19 18:52 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2009-12-19 18:52 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 18:51 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2009-12-19 18:51 . 2009-08-04 17:27 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-12-19 18:51 . 2009-08-04 17:27 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-12-19 18:51 . 2009-08-04 17:28 2068096 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-12-19 18:51 . 2009-08-25 09:18 354816 -c----w- c:\windows\system32\dllcache\winhttp.dll
2009-12-19 18:50 . 2008-10-15 16:35 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2009-12-19 18:50 . 2009-07-31 04:33 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2009-12-19 18:50 . 2008-04-21 21:15 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2009-12-19 18:45 . 2009-12-23 14:38 -------- d--h--w- c:\windows\$hf_mig$
2009-12-19 18:35 . 2008-04-14 00:33 59392 ------w- c:\windows\system32\eapqec.dll
2009-12-19 18:31 . 2008-04-14 00:33 33792 -c----w- c:\windows\system32\dllcache\custsat.dll
2009-12-19 18:27 . 2008-04-13 14:36 144384 ------w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-19 18:27 . 2008-04-13 16:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2009-12-19 18:11 . 2010-01-03 03:09 18256 ----a-w- c:\documents and settings\Marco\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-19 17:49 . 2009-12-19 17:49 -------- d-----w- c:\documents and settings\LocalService\Menu Démarrer
2009-12-19 17:48 . 2009-12-19 18:37 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-12-19 17:48 . 2009-12-19 17:48 -------- d-s---w- c:\windows\system32\Microsoft
2009-12-19 16:26 . 2009-04-03 17:15 485376 ------w- c:\windows\system32\wmspdmod.dll
2009-12-19 16:22 . 2009-12-19 16:22 -------- d-----w- c:\windows\ServicePackFiles
2009-12-19 16:17 . 2009-12-19 16:17 -------- d--h--w- c:\windows\PIF
2009-12-19 16:15 . 2009-01-07 23:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-19 16:12 . 2009-12-19 18:36 -------- d-----w- c:\windows\EHome
2009-12-19 15:49 . 2009-12-19 15:51 -------- dc-h--w- c:\windows\$xpsp1hfm$
2009-12-19 15:49 . 2003-05-11 21:26 24576 ----a-w- c:\windows\system32\xpsp1hfm.exe
2009-12-19 15:49 . 2009-12-19 15:54 -------- d-----w- C:\36f7efa4f25b3e2ca7f4e146eb0cff
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 21:19 . 2010-01-02 21:19 5058 ----a-w- c:\windows\Help\hhcolreg.dat
2010-01-02 21:15 . 2009-12-19 14:28 -------- d-----w- c:\program files\microsoft frontpage
2009-12-20 16:36 . 2001-08-28 12:00 48820 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-20 16:36 . 2001-08-28 12:00 367988 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-19 18:39 . 2009-12-19 14:26 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\program files\Avira
2009-12-19 14:44 . 2009-12-19 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-12-19 14:25 . 2009-12-19 14:22 -------- d-----w- c:\program files\Services en ligne
2009-12-19 14:23 . 2009-12-19 14:23 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 15:58 . 2001-08-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:42 . 2001-08-28 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2009-12-19 16:27 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2009-12-19 16:27 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2009-12-19 16:27 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-12-22 2935480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\client.exe"=
"c:\\Program Files\\Eidos Interactive\\Hothouse Creations\\Gangsters 2\\Gangsters2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\nexon\Combat Arms\CombatArms.exe"= c:\nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms\\NMService.exe"=
"c:\\Nexon\\Combat Arms\\Engine.exe"=
"c:\\Program Files\\EA Games\\Ultima Online Mondain's Legacy\\Teilia.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58136:TCP"= 58136:TCP:Pando Media Booster
"58136:UDP"= 58136:UDP:Pando Media Booster
R0 avgntmgr;avgntmgr;c:\windows\system32\drivers\avgntmgr.sys [2009-12-19 22360]
R1 avgntdd;avgntdd;c:\windows\system32\drivers\avgntdd.sys [2009-12-19 45416]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-19 108289]
S3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys --> c:\windows\system32\DRIVERS\avfsfilter.sys [?]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 19:16
Windows 5.1.2600 Service Pack 3 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'explorer.exe'(3560)
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\windows\system32\devldr32.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
.
**************************************************************************
.
Heure de fin: 2010-01-08 19:20:22 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-09 00:20
ComboFix2.txt 2010-01-08 01:16
Avant-CF: 5 696 544 768 octets libres
Après-CF: 5 664 223 232 octets libres
- - End Of File - - CDD4E66617E95718A56DC851FB7F1551
MBR disque C :
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
PE file found in sector at 0x02546841 !
MBR disque D :
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
PE file found in sector at 0x02546841 !
Voila en attente de nouvelle
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 02:05
Au fait, ca quoi comme effet sur mon ordi cette sapré merde ? Ca le ralenti ? Ca m'espionne ? Ca me pique des choses ?
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 08:42
hello,
tu peut me dire ce que contient exactement cette fenêtre et de quel programme elle vient (internet explorer, pare-feu etc...), c'est peut être juste une modification des options internet/
L'infection que tu as choper est très coriace car elle modifie la "master boot record (MBR)", cela permet au rootkit de se charger sur ton système avant tout les autre programmes et surtout avant tes logiciels de protection.
on le vois ici dans le rapport mrb.exe >>> PE file found in sector at 0x02546841 !(trad= fichier .PE trouvé bans le secteur 0x02546841 de ta MBR), mais la bonne nouvelle c'est que celui ci n'est plus actif car Antivir en a shooter la partie active (enfin normalement)
La seule chance d'en venir à bout est de désinfecter ton système (c'est ce qu'on a fait jusqu'à présent) et de restaurer ta MBR avec mbr.exe
c'est ce que nous allons tenter maintenant....
respecte à la lettre la procédure suivante stp...
> Désactives tes protections Antivirus et antispywares et déconnectes toi d'internet.
pour le disque "c"
> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log (ne saute pas cette étape)
> Dans le menu Démarrer > choisies "Exécuter" tapes %userprofile%\Bureau\mbr -f
(N'oubliez pas l'espace entre mbr et -f)
> Ensuite re-belotte >> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log >> poste le moi stp...
On passe au disque "D" maintenant
> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log (ne saute pas cette étape)
> Dans le menu Démarrer > choisies "Exécuter" tapes D:\mbr -f
(N'oubliez pas l'espace entre mbr et -f)
> Ensuite re-belotte >> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log (cette fois ci le nouveau rapport se trouve à la racine du disque "D:\")>> poste le moi stp...
PS: En postant les deux rapports mbr.exe, précises moi à quel disque appartient chaque rapports (par exemple rapport "Mbr.exe disque C" et "rapport Mbr.exe disque D"
@++
Quand je vais consulter mes messages sur hotmail, ca m'ouvre une fenetre de sécurité disant que la connexion n'est pas sécurisée.
tu peut me dire ce que contient exactement cette fenêtre et de quel programme elle vient (internet explorer, pare-feu etc...), c'est peut être juste une modification des options internet/
J'espère qu'a la fin tu va pouvoir me fournir une explication (seulement les grandes lignes)
L'infection que tu as choper est très coriace car elle modifie la "master boot record (MBR)", cela permet au rootkit de se charger sur ton système avant tout les autre programmes et surtout avant tes logiciels de protection.
on le vois ici dans le rapport mrb.exe >>> PE file found in sector at 0x02546841 !(trad= fichier .PE trouvé bans le secteur 0x02546841 de ta MBR), mais la bonne nouvelle c'est que celui ci n'est plus actif car Antivir en a shooter la partie active (enfin normalement)
La seule chance d'en venir à bout est de désinfecter ton système (c'est ce qu'on a fait jusqu'à présent) et de restaurer ta MBR avec mbr.exe
c'est ce que nous allons tenter maintenant....
respecte à la lettre la procédure suivante stp...
> Désactives tes protections Antivirus et antispywares et déconnectes toi d'internet.
pour le disque "c"
> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log (ne saute pas cette étape)
> Dans le menu Démarrer > choisies "Exécuter" tapes %userprofile%\Bureau\mbr -f
(N'oubliez pas l'espace entre mbr et -f)
> Ensuite re-belotte >> Fais un double-clic sur mbr.exe Un rapport sera généré :mbr.log >> poste le moi stp...
On passe au disque "D" maintenant
> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log (ne saute pas cette étape)
> Dans le menu Démarrer > choisies "Exécuter" tapes D:\mbr -f
(N'oubliez pas l'espace entre mbr et -f)
> Ensuite re-belotte >> Fais un double-clic sur D:\mbr.exe Un rapport sera généré :mbr.log (cette fois ci le nouveau rapport se trouve à la racine du disque "D:\")>> poste le moi stp...
PS: En postant les deux rapports mbr.exe, précises moi à quel disque appartient chaque rapports (par exemple rapport "Mbr.exe disque C" et "rapport Mbr.exe disque D"
@++
-
jeanmimigab - PC-Infopraticien
- Messages: 2986
- Inscription: 29 Nov 2009 12:05
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 13:46
Pour la fenetre, je ne sais comment t'en faire parvenir une image donc je vais la décrire.
C'est une fenetre standard de Windows composée d'une bande bleue en haut et rectangle grise gris dessous. Dans la bande bleu du haut c'est écrit ''Alerte de sécurité''. Dans le coin gauche en haut du rectangle gris il y a un cadena jaune avec une clef et un triangle jaune dessus. Dans le trangle jaune il y a un point d'exclamation (!). C'est écrit '' La connexion que vous allez utilisr n'est pas sécurisée. D'autres utilisateurs du Web pourront dorénavant accéder aux informations que vous envoyer. Voulez vous continuer ?'' En suite il y a un petit carré qu'on peut cocher pour ne plus afficher ce message et au bas, bien entendu trois autres carrés. ''oui'', ''non'' et ''information'' qui m'amene a l'aide sur Windows.
Les rapport vont venir dès que je saurai ce que veut dire re-belotte. J'imagine que c'est redémarrer mon ordinateur ?
C'est une fenetre standard de Windows composée d'une bande bleue en haut et rectangle grise gris dessous. Dans la bande bleu du haut c'est écrit ''Alerte de sécurité''. Dans le coin gauche en haut du rectangle gris il y a un cadena jaune avec une clef et un triangle jaune dessus. Dans le trangle jaune il y a un point d'exclamation (!). C'est écrit '' La connexion que vous allez utilisr n'est pas sécurisée. D'autres utilisateurs du Web pourront dorénavant accéder aux informations que vous envoyer. Voulez vous continuer ?'' En suite il y a un petit carré qu'on peut cocher pour ne plus afficher ce message et au bas, bien entendu trois autres carrés. ''oui'', ''non'' et ''information'' qui m'amene a l'aide sur Windows.
Les rapport vont venir dès que je saurai ce que veut dire re-belotte. J'imagine que c'est redémarrer mon ordinateur ?
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 14:30
Bonjour,
Voici de quoi expliquer comment nous faire passer les images...
Capture d'écran suivi de Insertion d'images
Bonne lecture.
Voici de quoi expliquer comment nous faire passer les images...
Capture d'écran suivi de Insertion d'images
Bonne lecture.
-
Ask to Old Man - Moderateur
- Messages: 19970
- Inscription: 14 Mar 2004 10:06
- Localisation: Argenteuil,Val d'Oise
Re: Infecté BOO/Sinowal.A
le 09 Jan 2010 14:58
Voila. Merci vieil homme.
- Giles de Mounard
- Visiteur Confirmé
- Messages: 24
- Inscription: 06 Jan 2010 01:23
Sujets similaires
[Résolu] Ordinateur infecté par : Program:Win32/Uwasson.A!mlBonjour, Je me permet de vous contacter car je n'arrive pas à me débarrasser d'un virus sur mon ordinateur, je n'arrive pas à la supprimer ou mettre en quarantaine.Si j'ai bien compris le fichier porteur n'est plus sur l'ordinateur mais la menace est toujours là.Merci de votre aide.
Réponses: 7
[Réglé] Ordinateur Infecté par chainthorn.comBonsoir, je me suis apercu que l'ordinateur de mon père était affecter via le navigateur google chrome d'un logiciel malveillant nomé chainthorn.comCelui controle si j'ai bien compris ce que mon père fait sur le navigateur et peut etre en dehors , il lui fait aussi apparaitre des pop-ups et à fait p ...
Réponses: 24
infecté par bing bar, et plein d'autres problèmesbonjour à tous,je m'appelles jonathan, 27 ans,en plus des trois ou quatre problèmes usb sur les deux pc depuis des mois,je suis depuis cette nuit infecté par la barre d'outils "bing bar", etwondershare filmora s'est mal installé, je l'ai désinstallé par revo, puis en reinstallant filmora v ...
Réponses: 26
[Résolu] Infecté?Bonjour a tous !Voila j'ai un collègue qui m'a passé son ordi et je voulais voir avec vous si il est infecté enfin si il reste encore des bestioles.J'ai passé Malwarebyte et Zhpcleaner qui ont trouvé plein de chose..ZhpDiagZHPDiag.txtMerci pour votre aide !
Réponses: 35
Samsung galaxy book infecté + périphériques non reconnus + 2Shortcut.txtAddition.txtFRST.txtadlice diag clean rapport 22_01_2019.txtBonjour à tous,Mon Samsung Galaxy Book (PC Tablette) est lent depuis l'installation de Adlice Diag, DriverFighter & iObit Software Updater,-2 Go d'espace libre sur 107 Go sur C:/-Plein d'infections-Périphériques non-reconnus ...
Réponses: 2
Virus ayant infecté mon ordinateurBonjour, j'ai actuellement de nombreuses publicités s'affichant lorsque je suis sur internet. De plus lorsque je clique, des pages supplémentaires s'affichent. Par exemple des informations, tel que de commentaires sur youtube, ne s'affiche plus. J'ai aussi une version de bitdefender qui a expirée. C ...
Réponses: 12
Qui est en ligne
Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 6 invités
|
.: Nous contacter :: Flux RSS :: Données personnelles :. |