Il y a actuellement 58 visiteurs
Lundi 04 Juillet 2022
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Réglé]virus win32 alureonEU pour novice

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

[Réglé]virus win32 alureonEU pour novice

Message le 02 Jan 2010 18:12

Bonjour je suis nouveau et surtout débutant en informatique
Je travaille sous win xp Pro
Avast m'indique un virus WIN32 ALUREON EU dans le fichier C:\WINDOWS\system32\drivers\atapi.sys
J'ai essayé de redémarre en mode sans échec mais il tournait en rond.
Je l'ai démarré en entrant " démarrer sur le dernière bonne version " ou un truc comme çà. De plus il est trèèèèès lent.

Sur le forum j'ai trouve ce virus mais pas avec la terminaison EU.
Lorsque je fais une recherche forcée avec AVAST tout est clean, l'alerte se lance par le fait de l'activation en protection résidente.
Malware byte ne m'a rien trouvé aujourd'hui.
Merci
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 


Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 18:44

salut et bienvenue sur PC-InfoPratique :wink:

fait cela stp...

Désactives ton anti-virus avant de faire toutes ces étapes

Télécharges load_tdsskiller ( par loup_blanc ) sur ton bureau.

Fais un double-clic sur l'icône Load_tdsskiller qui se trouve sur ton bureau et patiente le temps du scan.

Si ton parre-feu te signale que le proccessus "Wget.exe" tente d'accéder à internet, accèpte....

Moins d'une minute après dans la fenêtre noire apparait le message " Appuyez sur un touche pour continuer ", fait un clic dans la fenêtre et appuie sur la touche "entrée".

Ensuite un rapport texte va s'ouvrir, postes son contenu dans ta prochaine réponse.

ensuite...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "Custom scanx/fixes"


%SYSTEMDRIVE%\cdrom.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\ACPI.sys /s /md5
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5


* Cliques sur l'icône "RunScan" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

@++
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 19:50

Rapport TDSSKILLER
Je ne savais pas s il fallait que je laisse redémarrer le pc ??? j'ai peur qu'il ne redémarre plus du tout !

19:46:11:359 3196 TDSSKiller 2.1.1 Dec 20 2009 02:40:02
19:46:11:359 3196 ================================================================================
19:46:11:359 3196 SystemInfo:

19:46:11:359 3196 OS Version: 5.1.2600 ServicePack: 3.0
19:46:11:359 3196 Product type: Workstation
19:46:11:359 3196 ComputerName: AS-SEPPI
19:46:11:359 3196 UserName: seppi
19:46:11:359 3196 Windows directory: C:\WINDOWS
19:46:11:359 3196 Processor architecture: Intel x86
19:46:11:359 3196 Number of processors: 1
19:46:11:359 3196 Page size: 0x1000
19:46:11:546 3196 Boot type: Normal boot
19:46:11:546 3196 ================================================================================
19:46:11:546 3196 ForceUnloadDriver: NtUnloadDriver error 2
19:46:11:546 3196 ForceUnloadDriver: NtUnloadDriver error 2
19:46:11:546 3196 ForceUnloadDriver: NtUnloadDriver error 2
19:46:11:546 3196 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0
19:46:11:546 3196 main: Driver KLMD successfully dropped
19:46:11:546 3196 main: Driver KLMD successfully loaded
19:46:11:546 3196
Scanning Registry ...
19:46:11:593 3196 ScanServices: Searching service UACd.sys
19:46:11:593 3196 ScanServices: Open/Create key error 2
19:46:11:593 3196 ScanServices: Searching service TDSSserv.sys
19:46:11:593 3196 ScanServices: Open/Create key error 2
19:46:11:593 3196 ScanServices: Searching service gaopdxserv.sys
19:46:11:593 3196 ScanServices: Open/Create key error 2
19:46:11:593 3196 ScanServices: Searching service gxvxcserv.sys
19:46:11:593 3196 ScanServices: Open/Create key error 2
19:46:11:593 3196 ScanServices: Searching service MSIVXserv.sys
19:46:11:593 3196 ScanServices: Open/Create key error 2
19:46:11:593 3196 UnhookRegistry: Kernel module file name: C:\windows\system32\ntoskrnl.exe, base addr: 804D7000
19:46:11:593 3196 UnhookRegistry: Kernel local addr: DC0000
19:46:11:609 3196 UnhookRegistry: KeServiceDescriptorTable addr: E43220
19:46:12:031 3196 UnhookRegistry: KiServiceTable addr: DCB6A8
19:46:12:031 3196 UnhookRegistry: NtEnumerateKey service number (local): 47
19:46:12:031 3196 UnhookRegistry: NtEnumerateKey local addr: E5C5A4
19:46:12:031 3196 KLMD_OpenDevice: Trying to open KLMD device
19:46:12:031 3196 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey
19:46:12:031 3196 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey
19:46:12:031 3196 KLMD_ReadMem: Trying to ReadMemory 0x804DCC49[0x4]
19:46:12:031 3196 UnhookRegistry: NtEnumerateKey service number (kernel): 47
19:46:12:031 3196 KLMD_ReadMem: Trying to ReadMemory 0x804E27C4[0x4]
19:46:12:031 3196 UnhookRegistry: NtEnumerateKey real addr: 805735A4
19:46:12:031 3196 UnhookRegistry: NtEnumerateKey calc addr: 805735A4
19:46:12:031 3196 UnhookRegistry: No SDT hooks found on NtEnumerateKey
19:46:12:031 3196 KLMD_ReadMem: Trying to ReadMemory 0x805735A4[0xA]
19:46:12:031 3196 UnhookRegistry: No splicing found on NtEnumerateKey
19:46:12:046 3196
Scanning Kernel memory ...
19:46:12:046 3196 KLMD_OpenDevice: Trying to open KLMD device
19:46:12:046 3196 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk
19:46:12:046 3196 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk
19:46:12:046 3196 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 867E92B0
19:46:12:046 3196 DetectCureTDL3: KLMD_GetDeviceObjectList returned 5 DevObjects
19:46:12:046 3196 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 85AFF1E8
19:46:12:046 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 85AFF1E8
19:46:12:046 3196 KLMD_ReadMem: Trying to ReadMemory 0x85AFF1E8[0x38]
19:46:12:046 3196 DetectCureTDL3: DRIVER_OBJECT addr: 867E92B0
19:46:12:046 3196 KLMD_ReadMem: Trying to ReadMemory 0x867E92B0[0xA8]
19:46:12:046 3196 KLMD_ReadMem: Trying to ReadMemory 0xE1010F50[0x208]
19:46:12:046 3196 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
19:46:12:046 3196 DetectCureTDL3: IrpHandler (0) addr: F7874BB0
19:46:12:046 3196 DetectCureTDL3: IrpHandler (1) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (2) addr: F7874BB0
19:46:12:046 3196 DetectCureTDL3: IrpHandler (3) addr: F786ED1F
19:46:12:046 3196 DetectCureTDL3: IrpHandler (4) addr: F786ED1F
19:46:12:046 3196 DetectCureTDL3: IrpHandler (5) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (6) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (7) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (8) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (9) addr: F786F2E2
19:46:12:046 3196 DetectCureTDL3: IrpHandler (10) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (11) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (12) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (13) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (14) addr: F786F3BB
19:46:12:046 3196 DetectCureTDL3: IrpHandler (15) addr: F7872F28
19:46:12:046 3196 DetectCureTDL3: IrpHandler (16) addr: F786F2E2
19:46:12:046 3196 DetectCureTDL3: IrpHandler (17) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (18) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (19) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (20) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (21) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (22) addr: F7870C82
19:46:12:046 3196 DetectCureTDL3: IrpHandler (23) addr: F787599E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (24) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (25) addr: 804FA87E
19:46:12:046 3196 DetectCureTDL3: IrpHandler (26) addr: 804FA87E
19:46:12:046 3196 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
19:46:12:046 3196 KLMD_ReadMem: DeviceIoControl error 1
19:46:12:046 3196 TDL3_StartIoHookDetect: Unable to get StartIo handler code
19:46:12:046 3196 TDL3_FileDetect: Processing driver: Disk
19:46:12:046 3196 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
19:46:12:046 3196 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
19:46:12:046 3196 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
19:46:12:109 3196 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 859EE248
19:46:12:109 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 859EE248
19:46:12:109 3196 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 85540030
19:46:12:109 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 85540030
19:46:12:109 3196 KLMD_ReadMem: Trying to ReadMemory 0x85540030[0x38]
19:46:12:109 3196 DetectCureTDL3: DRIVER_OBJECT addr: 85C88078
19:46:12:109 3196 KLMD_ReadMem: Trying to ReadMemory 0x85C88078[0xA8]
19:46:12:109 3196 KLMD_ReadMem: Trying to ReadMemory 0xE19DC3C0[0x208]
19:46:12:109 3196 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
19:46:12:109 3196 DetectCureTDL3: IrpHandler (0) addr: F7B2B218
19:46:12:109 3196 DetectCureTDL3: IrpHandler (1) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (2) addr: F7B2B218
19:46:12:109 3196 DetectCureTDL3: IrpHandler (3) addr: F7B2B23C
19:46:12:109 3196 DetectCureTDL3: IrpHandler (4) addr: F7B2B23C
19:46:12:109 3196 DetectCureTDL3: IrpHandler (5) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (6) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (7) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (8) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (9) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (10) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (11) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (12) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (13) addr: 804FA87E
19:46:12:109 3196 DetectCureTDL3: IrpHandler (14) addr: F7B2B180
19:46:12:109 3196 DetectCureTDL3: IrpHandler (15) addr: F7B269E6
19:46:12:125 3196 DetectCureTDL3: IrpHandler (16) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (17) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (18) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (19) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (20) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (21) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (22) addr: F7B2A5F0
19:46:12:125 3196 DetectCureTDL3: IrpHandler (23) addr: F7B28A6E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (24) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (25) addr: 804FA87E
19:46:12:125 3196 DetectCureTDL3: IrpHandler (26) addr: 804FA87E
19:46:12:125 3196 KLMD_ReadMem: Trying to ReadMemory 0xF7B27F26[0x400]
19:46:12:125 3196 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 0, 0
19:46:12:125 3196 TDL3_FileDetect: Processing driver: USBSTOR
19:46:12:125 3196 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\usbstor.sys, C:\WINDOWS\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk
19:46:12:125 3196 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\usbstor.sys
19:46:12:125 3196 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\usbstor.sys
19:46:12:187 3196 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 8677AC68
19:46:12:187 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8677AC68
19:46:12:187 3196 KLMD_ReadMem: Trying to ReadMemory 0x8677AC68[0x38]
19:46:12:187 3196 DetectCureTDL3: DRIVER_OBJECT addr: 867E92B0
19:46:12:187 3196 KLMD_ReadMem: Trying to ReadMemory 0x867E92B0[0xA8]
19:46:12:187 3196 KLMD_ReadMem: Trying to ReadMemory 0xE1010F50[0x208]
19:46:12:187 3196 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
19:46:12:187 3196 DetectCureTDL3: IrpHandler (0) addr: F7874BB0
19:46:12:187 3196 DetectCureTDL3: IrpHandler (1) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (2) addr: F7874BB0
19:46:12:187 3196 DetectCureTDL3: IrpHandler (3) addr: F786ED1F
19:46:12:187 3196 DetectCureTDL3: IrpHandler (4) addr: F786ED1F
19:46:12:187 3196 DetectCureTDL3: IrpHandler (5) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (6) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (7) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (8) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (9) addr: F786F2E2
19:46:12:187 3196 DetectCureTDL3: IrpHandler (10) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (11) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (12) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (13) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (14) addr: F786F3BB
19:46:12:187 3196 DetectCureTDL3: IrpHandler (15) addr: F7872F28
19:46:12:187 3196 DetectCureTDL3: IrpHandler (16) addr: F786F2E2
19:46:12:187 3196 DetectCureTDL3: IrpHandler (17) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (18) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (19) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (20) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (21) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (22) addr: F7870C82
19:46:12:187 3196 DetectCureTDL3: IrpHandler (23) addr: F787599E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (24) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (25) addr: 804FA87E
19:46:12:187 3196 DetectCureTDL3: IrpHandler (26) addr: 804FA87E
19:46:12:187 3196 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
19:46:12:187 3196 KLMD_ReadMem: DeviceIoControl error 1
19:46:12:187 3196 TDL3_StartIoHookDetect: Unable to get StartIo handler code
19:46:12:187 3196 TDL3_FileDetect: Processing driver: Disk
19:46:12:187 3196 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
19:46:12:187 3196 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
19:46:12:187 3196 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
19:46:12:250 3196 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 86760C68
19:46:12:250 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86760C68
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x86760C68[0x38]
19:46:12:250 3196 DetectCureTDL3: DRIVER_OBJECT addr: 867E92B0
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x867E92B0[0xA8]
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0xE1010F50[0x208]
19:46:12:250 3196 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
19:46:12:250 3196 DetectCureTDL3: IrpHandler (0) addr: F7874BB0
19:46:12:250 3196 DetectCureTDL3: IrpHandler (1) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (2) addr: F7874BB0
19:46:12:250 3196 DetectCureTDL3: IrpHandler (3) addr: F786ED1F
19:46:12:250 3196 DetectCureTDL3: IrpHandler (4) addr: F786ED1F
19:46:12:250 3196 DetectCureTDL3: IrpHandler (5) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (6) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (7) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (8) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (9) addr: F786F2E2
19:46:12:250 3196 DetectCureTDL3: IrpHandler (10) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (11) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (12) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (13) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (14) addr: F786F3BB
19:46:12:250 3196 DetectCureTDL3: IrpHandler (15) addr: F7872F28
19:46:12:250 3196 DetectCureTDL3: IrpHandler (16) addr: F786F2E2
19:46:12:250 3196 DetectCureTDL3: IrpHandler (17) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (18) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (19) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (20) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (21) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (22) addr: F7870C82
19:46:12:250 3196 DetectCureTDL3: IrpHandler (23) addr: F787599E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (24) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (25) addr: 804FA87E
19:46:12:250 3196 DetectCureTDL3: IrpHandler (26) addr: 804FA87E
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400]
19:46:12:250 3196 KLMD_ReadMem: DeviceIoControl error 1
19:46:12:250 3196 TDL3_StartIoHookDetect: Unable to get StartIo handler code
19:46:12:250 3196 TDL3_FileDetect: Processing driver: Disk
19:46:12:250 3196 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk
19:46:12:250 3196 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys
19:46:12:250 3196 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys
19:46:12:250 3196 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 867CAAB8
19:46:12:250 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 867CAAB8
19:46:12:250 3196 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 867696C0
19:46:12:250 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 867696C0
19:46:12:250 3196 DetectCureTDL3: 4 Curr stack PDEVICE_OBJECT: 8677CD98
19:46:12:250 3196 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8677CD98
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x8677CD98[0x38]
19:46:12:250 3196 DetectCureTDL3: DRIVER_OBJECT addr: 867CC548
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x867CC548[0xA8]
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x867CD030[0x38]
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x867CFF38[0xA8]
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0xE13CE0D0[0x208]
19:46:12:250 3196 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi
19:46:12:250 3196 DetectCureTDL3: IrpHandler (0) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (1) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (2) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (3) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (4) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (5) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (6) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (7) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (8) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (9) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (10) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (11) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (12) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (13) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (14) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (15) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (16) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (17) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (18) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (19) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (20) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (21) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (22) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (23) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (24) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (25) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: IrpHandler (26) addr: 866E6841
19:46:12:250 3196 DetectCureTDL3: All IRP handlers pointed to one addr: 866E6841
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x866E6841[0x400]
19:46:12:250 3196 TDL3_IrpHookDetect: CheckParameters: 4, FFDF0308, 333, 121, 3, 109
19:46:12:250 3196 Driver "atapi" Irp handler infected by TDSS rootkit ... 19:46:12:250 3196 KLMD_WriteMem: Trying to WriteMemory 0x866E68BA[0xD]
19:46:12:250 3196 cured
19:46:12:250 3196 KLMD_ReadMem: Trying to ReadMemory 0x866E66EC[0x400]
19:46:12:250 3196 TDL3_StartIoHookDetect: CheckParameters: 7, FFDF0308, 249, 0
19:46:12:250 3196 TDL3_FileDetect: Processing driver: atapi
19:46:12:250 3196 GetServiceInfoByNameW: RegOpenKeyEx (SYSTEM\CurrentControlSet\Services\atapi) error 2
19:46:12:250 3196 TDL3_FileDetect: Can't get parameters for service atapi
19:46:12:250 3196
Completed

Results:
19:46:12:250 3196 Infected objects in memory: 1
19:46:12:250 3196 Cured objects in memory: 1
19:46:12:250 3196 Infected objects on disk: 0
19:46:12:312 3196 Objects on disk cured on reboot: 0
19:46:12:312 3196 Objects on disk deleted on reboot: 0
19:46:12:312 3196 Registry nodes deleted on reboot: 0
19:46:12:312 3196
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 19:57

re,

fait le scan OTL pour voir si le driver est toujours patché stp... :wink:
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 20:28

la suite

OTL logfile created on: 02/01/2010 19:52:05 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\seppi\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 462,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 39,07 Gb Free Space | 65,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 89,04 Gb Total Space | 83,86 Gb Free Space | 94,18% Space Free | Partition Type: NTFS
Drive G: | 495,02 Mb Total Space | 410,41 Mb Free Space | 82,91% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AS-SEPPI
Current User Name: seppi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\seppi\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\Temp\SL2.tmp ()
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - f:\aad0773e8829edfc4029c3\HotFixInstaller.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wpabaln.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\seppi\Bureau\OTL.exe (OldTimer Tools)


========== Win32 Services (SafeList) ==========

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)
SRV - (NMIndexingService) -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (LightScribeService) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)


========== Driver Services (SafeList) ==========

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (Amusbprt) -- C:\WINDOWS\system32\drivers\Amusbprt.sys ((Standard Mouse Types))
DRV - (Amps2prt) -- C:\WINDOWS\system32\drivers\Amps2prt.sys ((Standard Mouse Types))
DRV - (Amfilter) -- C:\WINDOWS\system32\drivers\Amfilter.sys ((Standard Mouse Types))
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (FETNDIS) -- C:\WINDOWS\system32\drivers\fetnd5b.sys (VIA Technologies, Inc. )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (E100B) Intel(R) -- C:\WINDOWS\system32\drivers\e100b325.sys (Intel Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.08
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/01 11:58:07 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/18 07:43:26 | 00,000,000 | ---D | M]

[2009/12/16 14:43:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\seppi\Application Data\Mozilla\Extensions
[2010/01/01 11:51:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\seppi\Application Data\Mozilla\Firefox\Profiles\czoitbzp.default\extensions
[2009/12/25 18:51:37 | 00,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\seppi\Application Data\Mozilla\Firefox\Profiles\czoitbzp.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/12/16 10:13:08 | 00,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\seppi\Application Data\Mozilla\Firefox\Profiles\czoitbzp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/01/01 00:32:35 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/16 14:43:18 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/12/16 14:43:18 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/12/16 14:43:18 | 00,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2009/12/16 14:43:18 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/12/16 14:43:19 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: (790 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O4 - HKLM..\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://ushousecall02.trendmicro.com/hou ... hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan ... stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/12 17:53:00 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:73003343b5) - C:\WINDOWS\System32\aswBoot.exe (ALWIL Software)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/02 19:46:06 | 00,000,000 | ---D | C] -- C:\tdsskiller
[2010/01/02 19:45:13 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\seppi\Bureau\OTL.exe
[2010/01/02 19:44:49 | 00,711,168 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\seppi\Bureau\7z.dll
[2010/01/02 19:44:49 | 00,148,992 | ---- | C] (Igor Pavlov) -- C:\Documents and Settings\seppi\Bureau\7z.exe
[2010/01/02 18:22:10 | 00,096,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/02 17:35:29 | 00,452,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\seppi\Bureau\OTM.exe
[2010/01/02 11:38:41 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\seppi\Recent
[2010/01/01 18:10:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\WinRAR
[2010/01/01 17:36:40 | 00,000,000 | ---D | C] -- C:\UsbFix
[2010/01/01 11:21:05 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/01/01 10:25:23 | 00,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2010/01/01 07:17:19 | 00,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/01/01 07:16:44 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/01/01 06:41:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\BDOSCAN8
[2009/12/31 18:56:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/12/31 10:49:39 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/12/31 10:49:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/12/31 07:55:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\HouseCall 6.6
[2009/12/31 07:55:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\HouseCall 6.6
[2009/12/31 07:55:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/12/31 03:00:27 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/12/30 15:01:45 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\ApplicationHistory
[2009/12/30 15:01:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Broderbund Software
[2009/12/30 15:01:39 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Broderbund Software
[2009/12/30 14:55:35 | 00,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2009/12/30 14:55:29 | 03,186,688 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\acXMLParser.dll
[2009/12/30 14:55:27 | 03,186,688 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf300.dll
[2009/12/30 14:46:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2009/12/30 12:51:00 | 00,000,000 | ---D | C] -- C:\WINDOWS\Profiles
[2009/12/30 12:50:55 | 00,423,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn80n.dll
[2009/12/30 12:50:55 | 00,392,192 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn11n.dll
[2009/12/30 12:50:55 | 00,045,936 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltvdd11w.drv
[2009/12/30 12:50:54 | 00,285,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP11n.DLL
[2009/12/30 12:50:54 | 00,262,656 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LTDIS11n.dll
[2009/12/30 12:50:54 | 00,172,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfpng11n.dll
[2009/12/30 12:50:54 | 00,152,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif11n.dll
[2009/12/30 12:50:54 | 00,127,488 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltimg11n.dll
[2009/12/30 12:50:54 | 00,118,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil11n.DLL
[2009/12/30 12:50:54 | 00,081,408 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax11n.dll
[2009/12/30 12:50:54 | 00,059,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwmf11n.dll
[2009/12/30 12:50:54 | 00,056,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpsd11n.dll
[2009/12/30 12:50:54 | 00,041,472 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif11n.dll
[2009/12/30 12:50:54 | 00,036,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp11n.dll
[2009/12/30 12:50:54 | 00,033,280 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx11n.dll
[2009/12/30 12:50:54 | 00,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfeps11n.dll
[2009/12/30 12:50:54 | 00,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfwpg11n.dll
[2009/12/30 12:50:54 | 00,026,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcd11n.dll
[2009/12/30 12:50:40 | 00,133,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCANS32.DLL
[2009/12/30 12:50:40 | 00,081,920 | ---- | C] (The Learning Company.) -- C:\WINDOWS\System32\CONNMGR.OCX
[2009/12/30 12:50:40 | 00,073,728 | ---- | C] (Mattel Interactive, Inc.) -- C:\WINDOWS\System32\ImageServerMI.dll
[2009/12/30 12:50:40 | 00,029,184 | ---- | C] (Blue Sky Software) -- C:\WINDOWS\System32\Popup.ocx
[2009/12/30 12:50:40 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFCUIA32.DLL
[2009/12/30 10:48:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Nova Development
[2009/12/30 07:32:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2009/12/30 07:32:04 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2009/12/30 07:32:01 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/12/30 07:31:53 | 00,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2009/12/30 07:31:21 | 00,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2009/12/30 07:31:21 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2009/12/30 07:31:20 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2009/12/30 07:31:20 | 01,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2009/12/30 07:31:20 | 00,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2009/12/30 07:31:20 | 00,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2009/12/29 11:31:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\WINDOWS
[2009/12/29 11:31:32 | 00,027,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\CTL3DV2.DLL
[2009/12/29 11:30:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Yahoo!
[2009/12/29 11:11:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\gtk-2.0
[2009/12/29 11:11:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\.thumbnails
[2009/12/29 11:10:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\.gimp-2.6
[2009/12/29 11:09:51 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2009/12/29 09:46:40 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2009/12/29 09:45:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Mes documents\Downloads
[2009/12/29 09:44:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2009/12/29 09:44:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2009/12/29 09:44:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\PC_Drivers_Headquarters
[2009/12/29 09:43:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Canon
[2009/12/29 09:42:40 | 00,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2009/12/29 09:39:01 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2009/12/29 09:38:24 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2009/12/29 09:37:12 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2009/12/29 09:37:10 | 00,106,496 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\cnqo4803.dll
[2009/12/29 09:37:09 | 01,298,432 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNQC4803.DLL
[2009/12/29 09:37:09 | 00,229,376 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNQL4803.DLL
[2009/12/29 09:37:09 | 00,057,344 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNQI4803.DLL
[2009/12/29 09:37:09 | 00,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2009/12/26 13:41:22 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2009/12/26 11:45:43 | 00,000,000 | ---D | C] -- C:\Program Files\Easy CD-DA Extractor 8
[2009/12/26 11:45:43 | 00,000,000 | ---D | C] -- C:\WINDOWS\Easy CD-DA Extractor
[2009/12/26 10:08:48 | 00,000,000 | ---D | C] -- C:\Program Files\Mouse
[2009/12/26 10:07:37 | 00,019,840 | ---- | C] ((Standard Mouse Types)) -- C:\WINDOWS\System32\drivers\Amserprt.sys
[2009/12/26 10:07:37 | 00,011,264 | ---- | C] ((Standard Mouse Types)) -- C:\WINDOWS\System32\drivers\Amusbprt.sys
[2009/12/26 10:07:37 | 00,007,296 | ---- | C] ((Standard Mouse Types)) -- C:\WINDOWS\System32\drivers\Arfumftr.sys
[2009/12/26 10:07:36 | 00,009,856 | ---- | C] ((Standard Mouse Types)) -- C:\WINDOWS\System32\drivers\Amps2prt.sys
[2009/12/26 10:07:36 | 00,004,992 | ---- | C] ((Standard Mouse Types)) -- C:\WINDOWS\System32\drivers\Amfilter.sys
[2009/12/23 13:10:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2009/12/23 08:20:46 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009/12/23 08:20:42 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009/12/22 18:21:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Mes documents\My Games
[2009/12/22 18:21:23 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/12/22 18:21:23 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/12/22 18:21:22 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/12/22 18:21:21 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/12/22 18:21:21 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/12/22 18:21:20 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/12/22 18:21:19 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/12/22 18:21:16 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/12/22 18:21:16 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/12/22 18:21:15 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/12/22 18:21:13 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/12/22 18:21:13 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/12/22 18:21:12 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/12/22 18:21:12 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/12/22 18:21:11 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/12/22 18:21:11 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/12/22 18:21:10 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/12/22 18:21:09 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/12/22 18:21:09 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/12/22 18:21:08 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/12/22 18:21:07 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/12/22 18:21:06 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/12/22 18:21:06 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/12/22 18:21:05 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/12/22 18:21:04 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/12/22 18:21:04 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/12/22 18:21:03 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/12/22 18:21:03 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/12/22 18:21:02 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/12/22 18:21:01 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/12/22 18:21:00 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/12/22 18:21:00 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/12/22 18:20:59 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/12/22 18:20:58 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/12/22 18:20:57 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/12/22 18:20:57 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/12/22 18:20:56 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/12/22 18:20:55 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/12/22 18:20:54 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/12/22 18:20:54 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/12/22 18:20:53 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/12/22 18:20:52 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/12/22 18:20:52 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/12/22 18:20:51 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/12/22 18:20:51 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/12/22 18:20:50 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/12/22 18:20:49 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/12/22 18:20:48 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/12/22 18:20:47 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/12/22 18:20:47 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/12/22 18:20:45 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/12/22 18:20:44 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/12/22 18:20:43 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/12/22 18:20:42 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/12/22 18:20:42 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/12/22 18:20:42 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/12/22 18:20:41 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/12/22 18:20:40 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/12/22 18:20:39 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/12/22 18:20:39 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/12/22 18:20:38 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/12/22 18:20:38 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/12/22 18:20:35 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/12/22 18:20:35 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/12/22 18:20:34 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/12/22 18:20:32 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/12/22 18:20:31 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/12/22 18:20:30 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/12/22 18:20:29 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/12/22 18:20:27 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/12/22 18:20:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2009/12/21 09:09:17 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2009/12/21 09:09:15 | 00,083,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2009/12/21 09:09:13 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2009/12/21 09:09:11 | 00,056,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2009/12/21 09:09:09 | 00,142,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2009/12/21 09:09:06 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2009/12/21 09:09:05 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2009/12/21 09:09:03 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2009/12/21 09:09:01 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2009/12/21 09:08:59 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2009/12/21 09:08:56 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2009/12/21 09:08:51 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2009/12/21 09:08:51 | 00,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2009/12/21 09:08:50 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2009/12/21 09:08:50 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2009/12/21 09:08:49 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2009/12/21 09:08:49 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2009/12/21 09:08:49 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2009/12/21 09:08:49 | 00,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2009/12/21 09:08:38 | 00,000,000 | ---D | C] -- C:\Program Files\Realtek Sound Manager
[2009/12/21 09:08:34 | 00,000,000 | ---D | C] -- C:\Program Files\AvRack
[2009/12/21 09:08:32 | 00,947,884 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2009/12/21 09:08:32 | 00,047,104 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2009/12/21 09:08:31 | 01,375,744 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2009/12/21 09:08:31 | 00,208,896 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2009/12/21 09:08:31 | 00,131,072 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe
[2009/12/21 09:08:31 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2009/12/20 17:02:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\dvdcss
[2009/12/16 19:55:02 | 00,000,000 | ---D | C] -- C:\Program Files\GIMP-2
[2009/12/16 18:24:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/12/16 18:20:05 | 00,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2009/12/16 18:16:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Real
[2009/12/16 12:40:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Malwarebytes
[2009/12/16 12:40:51 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/12/16 12:40:48 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/12/16 12:40:48 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/16 12:40:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/12/15 18:14:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Ahead
[2009/12/15 18:10:33 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\LightScribe
[2009/12/15 17:58:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Ahead
[2009/12/15 17:54:59 | 00,000,000 | ---D | C] -- C:\Program Files\Nero
[2009/12/15 17:54:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/12/15 17:54:59 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Ahead
[2009/12/15 17:53:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2009/12/15 17:52:03 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/12/15 17:52:02 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/12/15 17:48:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\seppi\IECompatCache
[2009/12/15 17:46:47 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/12/15 17:46:47 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/12/15 17:46:47 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/12/15 17:23:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Media Player Classic
[2009/12/15 13:36:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\OpenOffice.org
[2009/12/15 13:33:20 | 00,000,000 | ---D | C] -- C:\Program Files\JRE
[2009/12/15 13:33:04 | 00,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2009/12/15 13:32:34 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/12/15 13:32:34 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/12/15 13:32:12 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/12/15 13:31:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Sun
[2009/12/15 13:29:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Ares
[2009/12/15 13:28:50 | 00,000,000 | ---D | C] -- C:\Program Files\Ares
[2009/12/15 13:19:29 | 00,800,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\seppi\Bureau\jxpiinstall-rv.exe
[2009/12/15 13:14:56 | 00,000,000 | ---D | C] -- C:\Program Files\Kyodai Mahjongg 2006
[2009/12/15 10:03:36 | 00,097,280 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLM3w.DLL
[2009/12/15 10:03:30 | 00,000,000 | -H-D | C] -- C:\BJPrinter
[2009/12/15 10:03:22 | 00,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2009/12/15 09:46:11 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CNBJMON2.DLL
[2009/12/15 09:43:44 | 00,000,000 | ---D | C] -- C:\Program Files\canon
[2009/12/15 09:43:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Bureau\Canon
[2009/12/15 09:42:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\vlc
[2009/12/15 09:18:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Mes documents\Azureus Downloads
[2009/12/15 09:14:46 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2009/12/15 09:12:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2009/12/15 09:12:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Azureus
[2009/12/15 09:11:48 | 00,000,000 | ---D | C] -- C:\Program Files\Vuze
[2009/12/15 09:11:48 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\i4j_jres
[2009/12/14 18:58:11 | 00,000,000 | ---D | C] -- C:\Program Files\Kyodai Mahjongg 2006 Portable
[2009/12/14 18:57:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Bureau\PDF to Word Converter v3.0
[2009/12/14 17:03:54 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2009/12/14 16:04:25 | 00,000,000 | ---D | C] -- C:\Downloads
[2009/12/14 15:50:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/12/14 15:50:45 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2009/12/14 15:50:45 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/12/14 15:50:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau\Programme d'installation d'Adobe Reader 9
[2009/12/14 15:48:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Adobe
[2009/12/14 15:47:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Adobe
[2009/12/14 15:44:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Macromedia
[2009/12/14 15:28:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/12/14 15:26:40 | 00,016,384 | R--- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atriprxx.cht
[2009/12/14 15:26:40 | 00,016,384 | R--- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atriprxx.chs
[2009/12/14 15:26:27 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2009/12/14 15:18:41 | 00,331,863 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiicdxx.dll
[2009/12/14 15:18:41 | 00,061,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atricdxx.dft
[2009/12/14 15:18:41 | 00,004,557 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiicdxx.sys
[2009/12/14 15:17:41 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2009/12/14 15:08:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2009/12/14 15:05:21 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/14 15:04:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\seppi\PrivacIE
[2009/12/14 15:04:14 | 00,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/12/14 15:04:14 | 00,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/12/14 15:04:14 | 00,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2009/12/14 15:04:14 | 00,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2009/12/14 15:04:10 | 00,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\WINDOWS\System32\lameACM.acm
[2009/12/14 15:04:10 | 00,217,088 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2009/12/14 15:04:10 | 00,118,784 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2009/12/14 15:04:08 | 00,090,112 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\dpl100.dll
[2009/12/14 15:04:07 | 00,685,056 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\divx.dll
[2009/12/14 15:04:02 | 00,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2009/12/14 15:02:13 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2009/12/14 15:01:29 | 00,000,000 | ---D | C] -- C:\Program Files\FlashGet
[2009/12/14 13:08:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\KB905474
[2009/12/14 13:06:36 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\seppi\IETldCache
[2009/12/13 23:06:46 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/12/13 23:06:46 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/12/13 23:06:45 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/12/13 23:06:45 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/12/13 23:06:40 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/12/13 23:06:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2009/12/13 23:05:32 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2009/12/13 20:26:19 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2009/12/13 20:26:18 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2009/12/13 20:26:18 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2009/12/13 20:26:16 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2009/12/13 20:26:16 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2009/12/13 20:26:16 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2009/12/13 20:26:16 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2009/12/13 20:26:16 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2009/12/13 20:25:53 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2009/12/13 20:25:53 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2009/12/13 20:25:53 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2009/12/13 20:25:53 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.dll
[2009/12/13 20:25:51 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/12/13 20:20:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Talkback
[2009/12/13 20:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Mozilla
[2009/12/13 20:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Mozilla
[2009/12/13 20:19:10 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2009/12/13 20:13:37 | 00,272,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/12/13 20:11:05 | 02,147,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/12/13 20:11:03 | 02,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2009/12/13 20:11:03 | 02,025,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/12/13 20:10:55 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/12/13 20:08:10 | 00,139,776 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\e100b325.sys
[2009/12/13 20:08:10 | 00,139,776 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2009/12/13 20:08:10 | 00,053,248 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\Prounstl.exe
[2009/12/13 20:08:10 | 00,023,040 | R--- | C] (Intel Corporation) -- C:\WINDOWS\System32\IntelNic.dll
[2009/12/13 20:07:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/12/13 20:07:49 | 00,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2009/12/13 20:07:49 | 00,017,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2009/12/13 20:07:47 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2009/12/13 20:05:05 | 00,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2009/12/13 14:31:49 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/12/12 18:37:38 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gameenum.sys
[2009/12/12 18:37:26 | 00,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2009/12/12 18:37:25 | 00,852,377 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2009/12/12 18:37:25 | 00,852,377 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009/12/12 18:37:25 | 00,580,279 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2009/12/12 18:37:25 | 00,472,576 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2009/12/12 18:37:25 | 00,472,576 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2009/12/12 18:37:25 | 00,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2009/12/12 18:37:25 | 00,215,808 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2009/12/12 18:37:12 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2009/12/12 18:36:01 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2009/12/12 18:36:01 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\ODBC
[2009/12/12 18:35:59 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2009/12/12 18:35:59 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2009/12/12 18:35:58 | 00,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2009/12/12 18:35:57 | 00,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2009/12/12 18:35:57 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2009/12/12 18:35:57 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\SpeechEngines
[2009/12/12 18:35:56 | 00,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2009/12/12 18:35:56 | 00,000,000 | R--D | C] -- C:\Program Files
[2009/12/12 18:35:56 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Microsoft Shared
[2009/12/12 18:35:56 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs
[2009/12/12 18:35:54 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2009/12/12 18:35:54 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2009/12/12 18:35:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2009/12/12 18:35:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2009/12/12 18:35:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2009/12/12 18:35:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2009/12/12 18:35:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2009/12/12 18:35:52 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2009/12/12 18:35:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2009/12/12 18:35:52 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2009/12/12 18:35:52 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2009/12/12 18:35:52 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2009/12/12 18:35:50 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2009/12/12 18:35:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2009/12/12 18:35:48 | 00,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2009/12/12 18:35:48 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2009/12/12 18:35:48 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2009/12/12 18:35:48 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2009/12/12 18:35:48 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2009/12/12 18:35:48 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2009/12/12 18:35:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2009/12/12 18:35:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2009/12/12 18:35:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2009/12/12 18:35:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2009/12/12 18:35:48 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2009/12/12 18:35:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2009/12/12 18:35:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2009/12/12 18:35:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2009/12/12 18:35:47 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2009/12/12 18:35:47 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2009/12/12 18:35:47 | 00,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2009/12/12 18:35:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2009/12/12 18:35:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2009/12/12 18:35:47 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2009/12/12 18:35:47 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2009/12/12 18:35:47 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2009/12/12 18:35:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2009/12/12 18:35:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2009/12/12 18:35:45 | 00,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2009/12/12 18:35:45 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2009/12/12 18:35:45 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2009/12/12 18:35:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2009/12/12 18:35:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2009/12/12 18:35:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2009/12/12 18:35:45 | 00,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2009/12/12 18:35:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2009/12/12 18:35:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2009/12/12 18:35:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2009/12/12 18:35:44 | 00,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2009/12/12 18:35:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2009/12/12 18:35:42 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2009/12/12 18:35:42 | 00,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2009/12/12 18:35:42 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2009/12/12 18:35:42 | 00,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2009/12/12 18:35:42 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2009/12/12 18:35:42 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2009/12/12 18:35:41 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2009/12/12 18:35:41 | 00,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2009/12/12 18:35:41 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2009/12/12 18:35:41 | 00,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2009/12/12 18:35:41 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2009/12/12 18:35:41 | 00,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2009/12/12 18:35:41 | 00,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2009/12/12 18:35:41 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2009/12/12 18:35:41 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2009/12/12 18:35:41 | 00,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2009/12/12 18:35:41 | 00,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2009/12/12 18:35:41 | 00,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2009/12/12 18:35:40 | 00,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2009/12/12 18:35:40 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2009/12/12 18:35:40 | 00,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2009/12/12 18:35:40 | 00,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2009/12/12 18:35:40 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2009/12/12 18:35:40 | 00,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2009/12/12 18:35:40 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2009/12/12 18:35:40 | 00,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2009/12/12 18:35:40 | 00,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2009/12/12 18:35:40 | 00,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2009/12/12 18:35:40 | 00,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2009/12/12 18:35:39 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2009/12/12 18:35:39 | 00,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2009/12/12 18:35:39 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2009/12/12 18:35:39 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2009/12/12 18:35:39 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irenum.sys
[2009/12/12 18:35:39 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2009/12/12 18:35:39 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2009/12/12 18:35:38 | 00,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WINSPOOL.DRV
[2009/12/12 18:35:38 | 00,070,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL
[2009/12/12 18:35:37 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2009/12/12 18:35:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Menu Démarrer
[2009/12/12 18:35:29 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2009/12/12 18:35:29 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Modèles
[2009/12/12 18:35:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favoris
[2009/12/12 18:35:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Bureau
[2009/12/12 18:35:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2009/12/12 18:35:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2009/12/12 18:35:08 | 00,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/12/12 18:35:08 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2009/12/12 18:34:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings
[2009/12/12 18:32:55 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2009/12/12 18:26:46 | 00,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2009/12/12 18:26:46 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/12/12 18:26:46 | 00,000,000 | R--D | C] -- C:\WINDOWS\Web
[2009/12/12 18:26:46 | 00,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\system32
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\system
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\security
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\repair
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\mui
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Media
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\java
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ime
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Help
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\Config
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\addins
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1036
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2009/12/12 18:26:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2009/12/12 18:21:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/12/12 18:14:14 | 00,040,448 | R--- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\drivers\fetnd5b.sys
[2009/12/12 18:01:57 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/12/12 17:58:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Application Data\Identities
[2009/12/12 17:58:40 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2009/12/12 17:58:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\seppi\Mes documents\Mes images
[2009/12/12 17:58:37 | 00,000,000 | R--D | C] -- C:\Documents and Settings\seppi\Mes documents\Ma musique
[2009/12/12 17:58:32 | 00,000,000 | --SD | C] -- C:\Documents and Settings\seppi\Application Data\Microsoft
[2009/12/12 17:58:32 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\seppi\SendTo
[2009/12/12 17:58:32 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\seppi\Application Data
[2009/12/12 17:58:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\seppi\Mes documents
[2009/12/12 17:58:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\seppi\Menu Démarrer
[2009/12/12 17:58:32 | 00,000,000 | R--D | C] -- C:\Documents and Settings\seppi\Favoris
[2009/12/12 17:58:32 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\seppi\Cookies
[2009/12/12 17:58:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\seppi\Voisinage réseau
[2009/12/12 17:58:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\seppi\Voisinage d'impression
[2009/12/12 17:58:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\seppi\Modèles
[2009/12/12 17:58:32 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\seppi\Local Settings
[2009/12/12 17:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Local Settings\Application Data\Microsoft
[2009/12/12 17:58:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\seppi\Bureau
[2009/12/12 17:57:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2009/12/12 17:57:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/12/12 17:57:06 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2009/12/12 17:57:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/12/12 17:56:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/12/12 17:55:43 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2009/12/12 17:55:43 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2009/12/12 17:55:42 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2009/12/12 17:55:42 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2009/12/12 17:55:42 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2009/12/12 17:55:41 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2009/12/12 17:55:40 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/12/12 17:55:40 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/12/12 17:55:39 | 00,367,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2009/12/12 17:55:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2009/12/12 17:55:39 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2009/12/12 17:55:39 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/12/12 17:55:38 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/12/12 17:55:38 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/12/12 17:55:38 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/12/12 17:55:38 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/12/12 17:55:37 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2009/12/12 17:55:37 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2009/12/12 17:55:35 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2009/12/12 17:55:35 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2009/12/12 17:55:35 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2009/12/12 17:55:35 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/12/12 17:55:34 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2009/12/12 17:55:33 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2009/12/12 17:55:33 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2009/12/12 17:55:33 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2009/12/12 17:55:33 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2009/12/12 17:55:32 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/12/12 17:55:32 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/12/12 17:55:32 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/12/12 17:55:32 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/12/12 17:55:30 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2009/12/12 17:55:30 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/12/12 17:55:29 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/12/12 17:55:29 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2009/12/12 17:55:29 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2009/12/12 17:55:27 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/12/12 17:55:26 | 00,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2009/12/12 17:55:26 | 00,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2009/12/12 17:55:26 | 00,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2009/12/12 17:55:26 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2009/12/12 17:55:26 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/12/12 17:55:26 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2009/12/12 17:55:26 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/12/12 17:55:26 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2009/12/12 17:55:25 | 00,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2009/12/12 17:55:25 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2009/12/12 17:55:25 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/12/12 17:55:25 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2009/12/12 17:55:24 | 00,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2009/12/12 17:55:24 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/12/12 17:55:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/12/12 17:55:24 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/12/12 17:55:24 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/12/12 17:55:24 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/12/12 17:55:24 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/12/12 17:55:24 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/12/12 17:55:23 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/12/12 17:55:23 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/12/12 17:55:23 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/12/12 17:55:23 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/12/12 17:55:23 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/12/12 17:55:23 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/12/12 17:55:23 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/12/12 17:55:23 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/12/12 17:55:23 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/12/12 17:55:22 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/12/12 17:55:19 | 00,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2009/12/12 17:55:19 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/12/12 17:55:18 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/12/12 17:55:17 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/12/12 17:55:17 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/12/12 17:55:17 | 00,029,184 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2009/12/12 17:55:17 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2009/12/12 17:55:17 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2009/12/12 17:55:16 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2009/12/12 17:55:15 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2009/12/12 17:55:15 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/12/12 17:55:15 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/12/12 17:55:13 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2009/12/12 17:55:13 | 00,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2009/12/12 17:55:13 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/12/12 17:55:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/12/12 17:55:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2009/12/12 17:55:11 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/12/12 17:55:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/12/12 17:55:10 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2009/12/12 17:55:10 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2009/12/12 17:55:10 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2009/12/12 17:55:10 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2009/12/12 17:55:10 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/12/12 17:55:09 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2009/12/12 17:55:09 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/12/12 17:55:08 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/12/12 17:55:08 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/12/12 17:55:08 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2009/12/12 17:55:08 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2009/12/12 17:55:08 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/12/12 17:55:05 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2009/12/12 17:55:05 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/12/12 17:55:04 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/12/12 17:55:02 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/12/12 17:55:01 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2009/12/12 17:54:58 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/12/12 17:54:58 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/12/12 17:54:58 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiregmv.exe
[2009/12/12 17:54:52 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/12/12 17:54:52 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/12/12 17:54:52 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2009/12/12 17:54:51 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2009/12/12 17:54:51 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2009/12/12 17:54:51 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/12/12 17:54:50 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/12/12 17:54:49 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2009/12/12 17:54:49 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/12/12 17:54:49 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2009/12/12 17:54:49 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2009/12/12 17:54:48 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2009/12/12 17:54:47 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/12/12 17:54:47 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2009/12/12 17:54:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2009/12/12 17:54:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2009/12/12 17:54:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2009/12/12 17:54:45 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/12/12 17:54:45 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/12/12 17:54:45 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/12/12 17:54:45 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2009/12/12 17:54:45 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2009/12/12 17:54:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2009/12/12 17:54:45 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2009/12/12 17:54:44 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2009/12/12 17:54:44 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2009/12/12 17:54:44 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2009/12/12 17:54:44 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2009/12/12 17:54:43 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2009/12/12 17:54:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2009/12/12 17:54:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2009/12/12 17:54:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2009/12/12 17:54:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2009/12/12 17:54:43 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2009/12/12 17:54:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2009/12/12 17:54:43 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2009/12/12 17:54:42 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2009/12/12 17:54:42 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/12/12 17:54:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/12/12 17:54:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2009/12/12 17:54:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/12/12 17:54:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2009/12/12 17:54:42 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2009/12/12 17:54:41 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2009/12/12 17:54:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/12/12 17:54:40 | 00,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2009/12/12 17:54:40 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2009/12/12 17:54:40 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/12/12 17:54:39 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/12/12 17:54:39 | 00,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2009/12/12 17:54:39 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2009/12/12 17:54:39 | 00,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2009/12/12 17:54:39 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/12/12 17:54:38 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2009/12/12 17:54:38 | 00,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2009/12/12 17:54:38 | 00,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2009/12/12 17:54:38 | 00,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2009/12/12 17:54:38 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/12/12 17:54:37 | 00,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2009/12/12 17:54:37 | 00,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2009/12/12 17:54:37 | 00,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2009/12/12 17:54:37 | 00,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2009/12/12 17:54:37 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/12/12 17:54:36 | 00,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2009/12/12 17:54:36 | 00,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2009/12/12 17:54:36 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/12/12 17:54:36 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2009/12/12 17:54:36 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/12/12 17:54:36 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2009/12/12 17:54:36 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2009/12/12 17:54:36 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/12/12 17:54:35 | 00,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2009/12/12 17:54:35 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/12/12 17:54:35 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2009/12/12 17:54:35 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/12/12 17:54:35 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/12/12 17:54:34 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2009/12/12 17:54:34 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/12/12 17:54:34 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2009/12/12 17:54:30 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/12/12 17:54:21 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/12/12 17:54:21 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2009/12/12 17:54:21 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2009/12/12 17:54:20 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2009/12/12 17:54:20 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2009/12/12 17:54:19 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/12/12 17:54:19 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2009/12/12 17:54:18 | 00,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2009/12/12 17:54:18 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2009/12/12 17:54:18 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2009/12/12 17:54:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2009/12/12 17:54:17 | 00,563,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2009/12/12 17:54:17 | 00,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2009/12/12 17:54:17 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2009/12/12 17:54:17 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2009/12/12 17:54:17 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2009/12/12 17:54:17 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2009/12/12 17:54:17 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2009/12/12 17:54:17 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2009/12/12 17:54:16 | 00,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2009/12/12 17:54:16 | 00,238,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2009/12/12 17:54:16 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2009/12/12 17:54:16 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2009/12/12 17:54:16 | 00,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2009/12/12 17:54:16 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2009/12/12 17:54:16 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2009/12/12 17:54:16 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2009/12/12 17:54:16 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2009/12/12 17:54:15 | 00,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2009/12/12 17:54:15 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2009/12/12 17:54:15 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/12/12 17:54:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2009/12/12 17:54:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/12/12 17:54:14 | 00,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2009/12/12 17:54:14 | 00,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2009/12/12 17:54:14 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2009/12/12 17:54:14 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/12/12 17:54:13 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/12/12 17:54:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2009/12/12 17:54:13 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2009/12/12 17:54:12 | 00,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2009/12/12 17:54:12 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2009/12/12 17:54:12 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/12/12 17:54:12 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/12/12 17:54:12 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/12/12 17:54:12 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2009/12/12 17:54:12 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/12/12 17:54:11 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/12/12 17:54:06 | 00,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2009/12/12 17:54:06 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2009/12/12 17:54:05 | 00,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2009/12/12 17:54:05 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/12/12 17:54:04 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/12/12 17:54:04 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/12/12 17:54:04 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/12/12 17:54:03 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2009/12/12 17:54:02 | 00,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2009/12/12 17:54:02 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2009/12/12 17:54:02 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2009/12/12 17:54:02 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2009/12/12 17:54:01 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/12/12 17:54:01 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2009/12/12 17:54:00 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/12/12 17:54:00 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2009/12/12 17:54:00 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/12/12 17:54:00 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/12/12 17:54:00 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/12/12 17:54:00 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/12/12 17:53:59 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/12/12 17:53:58 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2009/12/12 17:53:58 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/12/12 17:53:58 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/12/12 17:53:51 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/12/12 17:53:50 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/12/12 17:53:49 | 00,377,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2009/12/12 17:53:49 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/12/12 17:53:49 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/12/12 17:53:48 | 00,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2009/12/12 17:53:48 | 00,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2009/12/12 17:53:48 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/12/12 17:53:48 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2009/12/12 17:53:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2009/12/12 17:53:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2009/12/12 17:53:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2009/12/12 17:53:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2009/12/12 17:53:47 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2009/12/12 17:53:46 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/12/12 17:53:46 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2009/12/12 17:53:46 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/12/12 17:53:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/12/12 17:53:41 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/12/12 17:53:40 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2009/12/12 17:53:40 | 00,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2009/12/12 17:53:40 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2009/12/12 17:53:40 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2009/12/12 17:53:39 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2009/12/12 17:53:39 | 00,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2009/12/12 17:53:39 | 00,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2009/12/12 17:53:35 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2009/12/12 17:53:34 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2009/12/12 17:53:34 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/12/12 17:53:34 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2009/12/12 17:53:34 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2009/12/12 17:53:34 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/12/12 17:53:34 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2009/12/12 17:53:34 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/12/12 17:53:33 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2009/12/12 17:53:33 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2009/12/12 17:53:33 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2009/12/12 17:53:33 | 00,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2009/12/12 17:53:33 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/12/12 17:53:33 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/12/12 17:53:33 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/12/12 17:53:32 | 00,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2009/12/12 17:53:32 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2009/12/12 17:53:32 | 00,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2009/12/12 17:53:32 | 00,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2009/12/12 17:53:32 | 00,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2009/12/12 17:53:31 | 00,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2009/12/12 17:53:31 | 00,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2009/12/12 17:53:31 | 00,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2009/12/12 17:53:31 | 00,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2009/12/12 17:53:31 | 00,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2009/12/12 17:53:31 | 00,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2009/12/12 17:53:30 | 00,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2009/12/12 17:53:30 | 00,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2009/12/12 17:53:30 | 00,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2009/12/12 17:53:30 | 00,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2009/12/12 17:53:30 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2009/12/12 17:53:29 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2009/12/12 17:53:29 | 00,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2009/12/12 17:53:29 | 00,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/12/12 17:53:29 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2009/12/12 17:53:29 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2009/12/12 17:53:29 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2009/12/12 17:53:28 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2009/12/12 17:53:28 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2009/12/12 17:53:28 | 00,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2009/12/12 17:53:27 | 00,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2009/12/12 17:53:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2009/12/12 17:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\xerox
[2009/12/12 17:53:22 | 00,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2009/12/12 17:52:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/12/12 17:52:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/12/12 17:52:39 | 00,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2009/12/12 17:51:51 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2009/12/12 17:51:39 | 00,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2009/12/12 17:51:39 | 00,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2009/12/12 17:51:27 | 00,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2009/12/12 17:51:23 | 00,000,000 | ---D | C] -- C:\Program Files\Services en ligne
[2009/12/12 17:51:08 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2009/12/12 17:51:03 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2009/12/12 17:51:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2009/12/12 17:51:03 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2009/12/12 17:51:02 | 00,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2009/12/12 17:51:02 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2009/12/12 17:51:02 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2009/12/12 17:50:55 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2009/12/12 17:50:55 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2009/12/12 17:50:55 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2009/12/12 17:50:54 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2009/12/12 17:50:54 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2009/12/12 17:50:54 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2009/12/12 17:50:54 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2009/12/12 17:50:54 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2009/12/12 17:50:53 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Services
[2009/12/12 17:50:51 | 00,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2009/12/12 17:50:51 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2009/12/12 17:50:51 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2009/12/12 17:50:51 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2009/12/12 17:50:51 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2009/12/12 17:50:51 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2009/12/12 17:50:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2009/12/12 17:50:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2009/12/12 17:50:51 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2009/12/12 17:50:51 | 00,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2009/12/12 17:50:50 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2009/12/12 17:50:50 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\MSSoap
[2009/12/12 17:50:48 | 00,727,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2009/12/12 17:50:48 | 00,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2009/12/12 17:50:47 | 03,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2009/12/12 17:50:47 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\VGX.dll
[2009/12/12 17:50:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2009/12/12 17:50:46 | 00,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2009/12/12 17:50:46 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2009/12/12 17:50:46 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2009/12/12 17:50:45 | 00,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2009/12/12 17:50:45 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2009/12/12 17:50:45 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2009/12/12 17:50:45 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2009/12/12 17:50:45 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2009/12/12 17:50:45 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2009/12/12 17:50:45 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2009/12/12 17:50:44 | 00,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2009/12/12 17:50:44 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2009/12/12 17:50:44 | 00,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2009/12/12 17:50:44 | 00,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2009/12/12 17:50:44 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2009/12/12 17:50:44 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2009/12/12 17:50:44 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauserv.dll
[2009/12/12 17:50:44 | 00,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2009/12/12 17:50:43 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2009/12/12 17:50:43 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2009/12/12 17:50:43 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2009/12/12 17:50:43 | 00,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2009/12/12 17:50:43 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2009/12/12 17:50:43 | 00,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2009/12/12 17:50:43 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2009/12/12 17:50:43 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2009/12/12 17:50:43 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2009/12/12 17:50:43 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2009/12/12 17:50:43 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2009/12/12 17:50:43 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2009/12/12 17:50:43 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2009/12/12 17:50:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2009/12/12 17:50:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/12/12 17:50:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2009/12/12 17:50:43 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2009/12/12 17:50:42 | 00,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2009/12/12 17:50:41 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2009/12/12 17:50:41 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2009/12/12 17:50:40 | 04,290,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2009/12/12 17:50:40 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2009/12/12 17:50:40 | 00,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2009/12/12 17:50:40 | 00,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2009/12/12 17:50:40 | 00,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2009/12/12 17:50:40 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2009/12/12 17:50:39 | 03,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2009/12/12 17:50:39 | 00,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2009/12/12 17:50:27 | 00,566,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2009/12/12 17:50:27 | 00,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2009/12/12 17:50:27 | 00,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2009/12/12 17:50:27 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2009/12/12 17:50:27 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2009/12/12 17:50:27 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2009/12/12 17:50:27 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2009/12/12 17:50:25 | 00,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2009/12/12 17:50:24 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2009/12/12 17:50:24 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2009/12/12 17:50:24 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2009/12/12 17:50:24 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2009/12/12 17:50:24 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2009/12/12 17:50:24 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2009/12/12 17:50:24 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2009/12/12 17:50:24 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchsvc.dll
[2009/12/12 17:50:24 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2009/12/12 17:50:24 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2009/12/12 17:50:22 | 00,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2009/12/12 17:50:22 | 00,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2009/12/12 17:50:22 | 00,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2009/12/12 17:50:22 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2009/12/12 17:50:21 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rstrui.exe
[2009/12/12 17:50:21 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2009/12/12 17:50:21 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srrstr.dll
[2009/12/12 17:50:21 | 00,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srsvc.dll
[2009/12/12 17:50:21 | 00,129,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2009/12/12 17:50:21 | 00,073,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sr.sys
[2009/12/12 17:50:21 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srclient.dll
[2009/12/12 17:50:21 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltMc.exe
[2009/12/12 17:50:21 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2009/12/12 17:50:21 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2009/12/12 17:50:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2009/12/12 17:50:20 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2009/12/12 17:50:20 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2009/12/12 17:50:20 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2009/12/12 17:50:20 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2009/12/12 17:50:20 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2009/12/12 17:50:20 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2009/12/12 17:50:20 | 00,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2009/12/12 17:50:20 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2009/12/12 17:50:20 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2009/12/12 17:50:20 | 00,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2009/12/12 17:50:20 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2009/12/12 17:50:20 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2009/12/12 17:50:19 | 00,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2009/12/12 17:50:19 | 00,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2009/12/12 17:50:19 | 00,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2009/12/12 17:50:19 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2009/12/12 17:50:19 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2009/12/12 17:50:19 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2009/12/12 17:50:19 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2009/12/12 17:50:18 | 01,044,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2009/12/12 17:50:18 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2009/12/12 17:50:18 | 00,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2009/12/12 17:50:18 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2009/12/12 17:50:18 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2009/12/12 17:50:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2009/12/12 17:50:18 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoert2.dll
[2009/12/12 17:50:18 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2009/12/12 17:50:18 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2009/12/12 17:50:18 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2009/12/12 17:50:18 | 00,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2009/12/12 17:50:17 | 00,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2009/12/12 17:50:17 | 00,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2009/12/12 17:50:17 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2009/12/12 17:50:17 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2009/12/12 17:50:17 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2009/12/12 17:50:17 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2009/12/12 17:50:17 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2009/12/12 17:50:17 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetres.dll
[2009/12/12 17:50:17 | 00,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2009/12/12 17:50:17 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabfind.dll
[2009/12/12 17:50:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2009/12/12 17:50:16 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/12/12 17:50:16 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2009/12/12 17:50:16 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2009/12/12 17:50:15 | 02,534,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2009/12/12 17:50:15 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstask.dll
[2009/12/12 17:50:15 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schedsvc.dll
[2009/12/12 17:50:15 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup50.exe
[2009/12/12 17:50:15 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2009/12/12 17:50:15 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2009/12/12 17:50:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2009/12/12 17:50:15 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2009/12/12 17:50:15 | 00,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2009/12/12 17:50:14 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2009/12/12 17:50:14 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2009/12/12 17:50:14 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2009/12/12 17:50:14 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2009/12/12 17:50:14 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2009/12/12 17:50:14 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2009/12/12 17:50:14 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2009/12/12 17:50:14 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2009/12/12 17:50:13 | 00,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2009/12/12 17:50:13 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2009/12/12 17:50:13 | 00,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwhelp.dll
[2009/12/12 17:50:13 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2009/12/12 17:50:13 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn.dll
[2009/12/12 17:50:13 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwutil.dll
[2009/12/12 17:50:13 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2009/12/12 17:50:13 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwrmind.exe
[2009/12/12 17:50:13 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2009/12/12 17:50:12 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2009/12/12 17:50:12 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2009/12/12 17:50:12 | 00,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2009/12/12 17:50:12 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2009/12/12 17:50:12 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2009/12/12 17:50:12 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2009/12/12 17:50:12 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2009/12/12 17:50:11 | 00,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2009/12/12 17:50:11 | 00,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2009/12/12 17:50:11 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2009/12/12 17:50:11 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2009/12/12 17:50:11 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2009/12/12 17:50:11 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2009/12/12 17:50:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2009/12/12 17:50:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2009/12/12 17:50:11 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2009/12/12 17:50:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2009/12/12 17:50:11 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2009/12/12 17:50:11 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2009/12/12 17:50:11 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2009/12/12 17:50:11 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2009/12/12 17:50:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2009/12/12 17:50:11 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2009/12/12 17:50:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2009/12/12 17:50:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2009/12/12 17:50:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2009/12/12 17:50:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2009/12/12 17:50:11 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2009/12/12 17:50:10 | 00,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2009/12/12 17:50:10 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2009/12/12 17:50:10 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2009/12/12 17:50:10 | 00,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadco.dll
[2009/12/12 17:50:10 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2009/12/12 17:50:10 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2009/12/12 17:50:10 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2009/12/12 17:50:10 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2009/12/12 17:50:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2009/12/12 17:50:10 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2009/12/12 17:50:10 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2009/12/12 17:50:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2009/12/12 17:50:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2009/12/12 17:50:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2009/12/12 17:50:10 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2009/12/12 17:50:09 | 00,638,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe
[2009/12/12 17:50:09 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hmmapi.dll
[2009/12/12 17:50:09 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedw.exe
[2009/12/12 17:50:09 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\System
[2009/12/12 17:50:09 | 00,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2009/12/12 17:50:07 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes images
[2009/12/12 17:49:25 | 00,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2009/12/12 17:49:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2009/12/12 17:49:12 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Ma musique
[2009/12/12 17:49:12 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2009/12/12 17:49:12 | 00,000,000 | ---D | C] -- C:\Program Files\Online Services
[2009/12/12 17:49:06 | 00,000,000 | ---D | C] -- C:\Program Files\Messenger
[2009/12/12 17:49:05 | 01,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2009/12/12 17:49:05 | 00,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2009/12/12 17:49:05 | 00,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2009/12/12 17:49:05 | 00,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2009/12/12 17:49:05 | 00,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2009/12/12 17:49:05 | 00,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2009/12/12 17:49:04 | 02,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2009/12/12 17:49:04 | 01,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2009/12/12 17:49:04 | 00,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2009/12/12 17:49:04 | 00,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2009/12/12 17:49:04 | 00,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2009/12/12 17:49:04 | 00,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2009/12/12 17:49:04 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2009/12/12 17:49:04 | 00,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2009/12/12 17:49:04 | 00,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2009/12/12 17:49:04 | 00,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2009/12/12 17:49:04 | 00,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2009/12/12 17:49:03 | 01,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2009/12/12 17:49:03 | 00,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2009/12/12 17:49:03 | 00,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2009/12/12 17:49:03 | 00,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2009/12/12 17:49:03 | 00,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2009/12/12 17:49:03 | 00,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2009/12/12 17:49:03 | 00,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2009/12/12 17:49:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2009/12/12 17:49:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2009/12/12 17:49:02 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2009/12/12 17:48:54 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2009/12/12 17:48:54 | 00,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2009/12/12 17:48:54 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2009/12/12 17:48:54 | 00,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2009/12/12 17:48:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2009/12/12 17:48:54 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2009/12/12 17:48:54 | 00,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2009/12/12 17:48:54 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2009/12/12 17:48:54 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2009/12/12 17:48:54 | 00,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2009/12/12 17:48:53 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2009/12/12 17:48:53 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2009/12/12 17:48:48 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2009/12/12 17:48:48 | 00,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2009/12/12 17:48:48 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2009/12/12 17:48:48 | 00,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2009/12/12 17:48:48 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2009/12/12 17:48:48 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2009/12/12 17:48:48 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2009/12/12 17:48:48 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2009/12/12 17:48:47 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2009/12/12 17:48:47 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2009/12/12 17:48:47 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2009/12/12 17:48:47 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2009/12/12 17:48:47 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2009/12/12 17:48:47 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2009/12/12 17:48:47 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2009/12/12 17:48:47 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2009/12/12 17:48:47 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2009/12/12 17:48:47 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2009/12/12 17:48:47 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2009/12/12 17:48:47 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2009/12/12 17:48:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2009/12/12 17:48:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2009/12/12 17:48:46 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2009/12/12 17:48:46 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2009/12/12 17:48:46 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2009/12/12 17:48:46 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2009/12/12 17:48:46 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2009/12/12 17:48:46 | 00,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2009/12/12 17:48:46 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2009/12/12 17:48:46 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2009/12/12 17:48:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2009/12/12 17:48:46 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2009/12/12 17:48:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2009/12/12 17:48:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2009/12/12 17:48:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2009/12/12 17:48:46 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2009/12/12 17:48:46 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2009/12/12 17:48:46 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2009/12/12 17:48:46 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2009/12/12 17:48:46 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2009/12/12 17:48:46 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2009/12/12 17:48:46 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2009/12/12 17:48:45 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2009/12/12 17:48:45 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2009/12/12 17:48:42 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2009/12/12 17:48:42 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2009/12/12 17:48:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2009/12/12 17:48:42 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2009/12/12 17:48:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2009/12/12 17:48:42 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2009/12/12 17:48:42 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2009/12/12 17:48:42 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2009/12/12 17:48:42 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2009/12/12 17:48:42 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2009/12/12 17:48:42 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2009/12/12 17:48:42 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2009/12/12 17:48:42 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2009/12/12 17:48:41 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2009/12/12 17:48:41 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2009/12/12 17:48:41 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2009/12/12 17:48:25 | 00,000,000 | ---D | C] -- C:\Program Files\MSN
[2009/12/12 17:48:24 | 00,284,160 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2009/12/12 17:48:24 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2009/12/12 17:48:24 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2009/12/12 17:48:24 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2009/12/12 17:48:24 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2009/12/12 17:48:23 | 00,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2009/12/12 17:48:23 | 00,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2009/12/12 17:48:23 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2009/12/12 17:48:23 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2009/12/12 17:48:23 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2009/12/12 17:48:23 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2009/12/12 17:48:23 | 00,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2009/12/12 17:48:22 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2009/12/12 17:48:22 | 00,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spider.exe
[2009/12/12 17:48:22 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009/12/12 17:48:22 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009/12/12 17:48:22 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2009/12/12 17:48:22 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2009/12/12 17:48:21 | 00,139,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2009/12/12 17:48:21 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2009/12/12 17:48:21 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2009/12/12 17:48:21 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdtcp.sys
[2009/12/12 17:48:21 | 00,012,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdpipe.sys
[2009/12/12 17:48:20 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/12/12 17:48:20 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rhttpaa.dll
[2009/12/12 17:48:20 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaclient.dll
[2009/12/12 17:48:20 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/12/12 17:48:20 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/12/12 17:48:20 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsgqec.dll
[2009/12/12 17:48:19 | 02,061,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2009/12/12 17:48:19 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstsc.exe
[2009/12/12 17:48:19 | 00,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstsc.exe
[2009/12/12 17:48:19 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotepg.dll
[2009/12/12 17:48:18 | 00,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termsrv.dll
[2009/12/12 17:48:18 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2009/12/12 17:48:18 | 00,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2009/12/12 17:48:18 | 00,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2009/12/12 17:48:18 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2009/12/12 17:48:18 | 00,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2009/12/12 17:48:18 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2009/12/12 17:48:18 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2009/12/12 17:48:18 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2009/12/12 17:48:18 | 00,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2009/12/12 17:48:18 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2009/12/12 17:48:18 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2009/12/12 17:48:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2009/12/12 17:48:18 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2009/12/12 17:48:18 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2009/12/12 17:48:18 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2009/12/12 17:48:17 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2009/12/12 17:48:17 | 00,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2009/12/12 17:48:17 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2009/12/12 17:48:17 | 00,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2009/12/12 17:48:17 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2009/12/12 17:48:17 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2009/12/12 17:48:17 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2009/12/12 17:48:17 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2009/12/12 17:48:17 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2009/12/12 17:48:17 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2009/12/12 17:48:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2009/12/12 17:48:16 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2009/12/12 17:48:16 | 00,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2009/12/12 17:48:16 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2009/12/12 17:48:16 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2009/12/12 17:48:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2009/12/12 17:48:16 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2009/12/12 17:48:16 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2009/12/12 17:48:15 | 00,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2009/12/12 17:48:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2009/12/12 17:48:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2009/12/12 17:48:15 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2009/12/12 17:48:15 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2009/12/12 17:48:15 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2009/12/12 17:48:15 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2009/12/12 17:48:15 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2009/12/12 17:48:15 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2009/12/12 17:48:15 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2009/12/12 17:48:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2009/12/12 17:48:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2009/12/12 17:48:15 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2009/12/12 17:48:15 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2009/12/12 17:48:15 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2009/12/12 17:48:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2009/12/12 17:48:14 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2009/12/12 17:48:14 | 00,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2009/12/12 17:48:14 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2009/12/12 17:48:14 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2009/12/12 17:48:14 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2009/12/12 17:48:14 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2009/12/12 17:48:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2009/12/12 17:48:14 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2009/12/12 17:48:14 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2009/12/12 17:48:14 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2009/12/12 17:48:13 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2009/12/12 17:48:13 | 01,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2009/12/12 17:48:13 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2009/12/12 17:48:13 | 00,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2009/12/12 17:48:12 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2009/12/12 17:48:12 | 00,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2009/12/12 17:48:12 | 00,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2009/12/12 17:48:12 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2009/12/12 17:48:12 | 00,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2009/12/12 17:48:10 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmic.exe
[2009/12/12 17:48:10 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2009/12/12 17:48:10 | 00,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2009/12/12 17:48:10 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2009/12/12 17:48:10 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2009/12/12 17:48:10 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2009/12/12 17:48:10 | 00,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2009/12/12 17:48:10 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2009/12/12 17:48:10 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2009/12/12 17:48:10 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2009/12/12 17:48:10 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2009/12/12 17:48:10 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2009/12/12 17:48:10 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2009/12/12 17:48:10 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2009/12/12 17:48:09 | 00,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2009/12/12 17:48:09 | 00,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2009/12/12 17:48:09 | 00,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2009/12/12 17:48:09 | 00,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2009/12/12 17:48:09 | 00,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2009/12/12 17:48:09 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2009/12/12 17:48:09 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2009/12/12 17:48:09 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2009/12/12 17:48:09 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2009/12/12 17:48:09 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2009/12/12 17:48:09 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2009/12/12 17:48:09 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2009/12/12 17:48:04 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2009/12/12 17:48:03 | 00,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2009/12/12 17:48:03 | 00,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2009/12/12 17:48:03 | 00,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2009/12/12 17:48:03 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\policman.dll
[2009/12/12 17:48:03 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2009/12/12 17:48:02 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2009/12/12 17:48:02 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2009/12/12 17:48:02 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2009/12/12 17:48:02 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2009/12/12 17:48:02 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2009/12/12 17:48:01 | 00,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2009/12/12 17:48:00 | 01,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2009/12/12 17:48:00 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2009/12/12 17:48:00 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2009/12/12 17:47:59 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2009/12/12 17:47:59 | 00,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2009/12/12 17:47:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2009/12/12 17:47:59 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2009/12/12 17:47:59 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2009/12/12 17:47:59 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2009/12/12 17:47:55 | 00,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/01/02 19:45:13 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\seppi\Bureau\OTL.exe
[2010/01/02 19:40:34 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/02 19:33:38 | 02,621,440 | -H-- | M] () -- C:\Documents and Settings\seppi\NTUSER.DAT
[2010/01/02 19:33:35 | 02,359,350 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\carte anniv interieur.bmp
[2010/01/02 19:22:03 | 00,694,272 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\anniversaire2.hcr
[2010/01/02 19:20:38 | 00,439,808 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\anniversaire3.not
[2010/01/02 19:00:30 | 00,037,983 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\virus win32 alureonEU pour novice.htm
[2010/01/02 18:59:50 | 00,310,108 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\virus win32 alureonEU pour novice.mht
[2010/01/02 18:53:05 | 00,845,916 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Load_tdsskiller.exe
[2010/01/02 18:15:26 | 00,000,539 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Raccourci (2) vers HiJackThis.lnk
[2010/01/02 18:04:04 | 00,452,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\seppi\Bureau\OTM.exe
[2010/01/02 17:27:59 | 00,343,020 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\ToolBarSD.exe
[2010/01/02 11:40:23 | 00,049,664 | ---- | M] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/02 09:17:20 | 00,000,539 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Raccourci vers HiJackThis.lnk
[2010/01/02 09:14:52 | 00,000,466 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Raccourci vers UsbFix.lnk
[2010/01/02 08:53:06 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/01/01 15:27:45 | 01,668,247 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\UsbFix.exe
[2010/01/01 11:46:40 | 00,510,290 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/01/01 11:46:40 | 00,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/01 11:46:40 | 00,085,196 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/01/01 11:46:40 | 00,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/01 11:46:39 | 01,076,970 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/01 10:39:42 | 00,000,645 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\RegCleaner.lnk
[2010/01/01 10:24:53 | 00,553,687 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\RegCleaner.exe
[2010/01/01 06:49:17 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\housecall.guid.cache
[2009/12/31 19:05:16 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\CCleaner.lnk
[2009/12/31 18:48:23 | 00,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/12/31 18:48:07 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/31 18:48:06 | 00,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/31 18:47:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/31 18:47:52 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/31 15:51:27 | 00,694,272 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\anniversaire.hcr
[2009/12/31 14:48:52 | 00,005,258 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\joyeu anni.jpg
[2009/12/31 14:47:22 | 00,005,331 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Joyeux anniversaire.jpg
[2009/12/31 14:43:09 | 00,054,322 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\ist2_4785884-champagne.jpg
[2009/12/31 12:52:56 | 00,653,037 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\depliant_norme_photo_1_.pdf
[2009/12/31 10:49:55 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Spybot - Search & Destroy.lnk
[2009/12/31 10:41:35 | 00,000,550 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/12/31 10:41:35 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/31 10:41:35 | 00,000,212 | -HS- | M] () -- C:\boot.ini
[2009/12/30 20:31:08 | 00,202,262 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Champagne_Flutes.jpg
[2009/12/30 18:30:43 | 01,004,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/30 18:29:37 | 00,000,184 | -HS- | M] () -- C:\Documents and Settings\seppi\ntuser.ini
[2009/12/30 17:15:39 | 00,278,032 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\attachments_30_12_2009.zip
[2009/12/30 15:04:25 | 00,362,392 | ---- | M] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/12/30 15:01:46 | 00,000,128 | ---- | M] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\fusioncache.dat
[2009/12/30 08:15:00 | 00,066,451 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-5.jpg
[2009/12/30 08:15:00 | 00,065,642 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-4.jpg
[2009/12/30 08:15:00 | 00,061,945 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-1.jpg
[2009/12/30 08:15:00 | 00,058,760 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-2.jpg
[2009/12/30 08:15:00 | 00,057,911 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-3.jpg
[2009/12/29 11:33:55 | 00,155,365 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\Bernard casse croute.jpg
[2009/12/29 11:33:55 | 00,001,562 | ---- | M] () -- C:\Documents and Settings\seppi\.recently-used.xbel
[2009/12/29 11:10:33 | 00,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/12/29 09:51:04 | 00,010,593 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2009/12/29 09:42:53 | 00,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Driver Detective.lnk
[2009/12/29 09:42:01 | 00,001,765 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CanoScan Toolbox 5.0.lnk
[2009/12/26 13:41:29 | 00,000,652 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\eMule.lnk
[2009/12/26 13:38:49 | 00,450,560 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\EmuleAc4_Setup.exe
[2009/12/26 12:14:49 | 00,000,083 | ---- | M] () -- C:\WINDOWS\CDPLAYER.INI
[2009/12/26 11:45:50 | 00,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Easy CD-DA Extractor.lnk
[2009/12/23 09:25:11 | 00,012,440 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\Résiliation assurance.odt
[2009/12/23 09:25:07 | 00,008,678 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\ENVELOPPE DE BAS.odt
[2009/12/23 08:54:41 | 00,011,232 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\Femme africaine.odt
[2009/12/22 18:07:53 | 00,084,305 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\etiquette noel.odt
[2009/12/22 15:45:34 | 00,010,428 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\ASSURANCE TATA CMDP.odt
[2009/12/22 14:38:21 | 00,014,477 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\Redoute TNT.odt
[2009/12/22 14:30:03 | 00,011,555 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\Notre temps.odt
[2009/12/22 14:16:21 | 00,000,802 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Load-tdsskiller.bat
[2009/12/21 18:50:39 | 00,012,209 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\menus de noel.odt
[2009/12/21 17:22:17 | 05,947,419 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\LE_NOEL_DES_CHATS.mpg
[2009/12/21 15:06:10 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/12/21 15:05:31 | 00,000,040 | ---- | M] () -- C:\WINDOWS\NAVIGMA.INI
[2009/12/21 13:41:46 | 00,004,644 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images7.jpeg
[2009/12/21 13:41:34 | 00,005,152 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images6.jpeg
[2009/12/21 13:41:02 | 00,003,246 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images5.jpeg
[2009/12/21 13:40:32 | 00,003,724 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images4.jpeg
[2009/12/21 13:40:18 | 00,003,636 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images3.jpeg
[2009/12/21 13:40:07 | 00,003,943 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images2.jpeg
[2009/12/21 13:39:52 | 00,003,931 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\images1.jpeg
[2009/12/21 09:08:38 | 00,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AvRack.lnk
[2009/12/20 20:06:52 | 00,010,545 | ---- | M] () -- C:\Documents and Settings\seppi\Mes documents\eaux ganeval decembre.odt
[2009/12/18 10:52:46 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Ares.lnk
[2009/12/16 12:40:54 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/12/15 18:12:14 | 05,886,714 | -H-- | M] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\IconCache.db
[2009/12/15 18:06:31 | 00,002,401 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart Essentials.lnk
[2009/12/15 13:34:17 | 00,000,897 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.1.lnk
[2009/12/15 13:29:34 | 15,201,2024 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\OOo_3.1.1_Win32Intel_install_wJRE_fr.exe
[2009/12/15 13:19:29 | 00,800,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\seppi\Bureau\jxpiinstall-rv.exe
[2009/12/15 13:15:05 | 00,000,659 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Kyodai Mahjongg.lnk
[2009/12/15 09:15:17 | 00,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2009/12/15 09:12:26 | 00,001,505 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Vuze.lnk
[2009/12/15 09:11:15 | 18,030,130 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\vlc-1.0.3-win32.exe
[2009/12/15 09:07:59 | 00,032,836 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Kyodai_Mahjongg_2006_v1.21
[2009/12/15 09:07:51 | 00,035,464 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\Easy_CD-DA_8.2.3
[2009/12/14 17:03:33 | 00,939,956 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\7z465.exe
[2009/12/14 15:51:03 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/14 15:02:15 | 00,000,767 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\EVEREST Home Edition.lnk
[2009/12/14 15:01:32 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\FlashGet.lnk
[2009/12/13 20:26:19 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2009/12/13 20:26:16 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/13 20:24:42 | 41,958,336 | ---- | M] () -- C:\Documents and Settings\seppi\Bureau\avast_avast_4.8.1368_francais_anglais_11113.exe
[2009/12/13 20:19:20 | 00,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2009/12/13 20:19:12 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2009/12/12 18:39:26 | 00,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2009/12/12 17:57:01 | 00,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2009/12/12 17:55:59 | 00,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/12/12 17:53:00 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/12/12 17:53:00 | 00,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/12/12 17:53:00 | 00,000,000 | ---- | M] () -- C:\WINDOWS\control.ini
[2009/12/12 17:53:00 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/12/12 17:53:00 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/12/12 17:52:49 | 00,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/12/12 17:52:49 | 00,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/12/12 17:52:39 | 00,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2009/12/12 17:51:39 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/12/12 17:51:39 | 00,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/12/12 17:49:33 | 00,021,892 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/12 17:49:23 | 00,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2009/12/12 17:49:23 | 00,000,036 | ---- | M] () -- C:\WINDOWS\vb.ini
[2009/12/10 19:00:00 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2009/12/10 19:00:00 | 00,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2009/12/10 19:00:00 | 00,085,504 | ---- | M] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/10 19:00:00 | 00,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2009/12/10 19:00:00 | 00,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2009/12/10 19:00:00 | 00,000,038 | ---- | M] () -- C:\WINDOWS\avisplitter.ini
[3 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/01/02 19:44:49 | 00,403,968 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\wget.exe
[2010/01/02 19:44:49 | 00,000,802 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Load-tdsskiller.bat
[2010/01/02 19:33:34 | 02,359,350 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\carte anniv interieur.bmp
[2010/01/02 19:16:19 | 00,439,808 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\anniversaire3.not
[2010/01/02 19:00:28 | 00,037,983 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\virus win32 alureonEU pour novice.htm
[2010/01/02 18:59:50 | 00,310,108 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\virus win32 alureonEU pour novice.mht
[2010/01/02 18:53:05 | 00,845,916 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Load_tdsskiller.exe
[2010/01/02 18:18:51 | 00,694,272 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\anniversaire2.hcr
[2010/01/02 18:15:25 | 00,000,539 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Raccourci (2) vers HiJackThis.lnk
[2010/01/02 17:27:59 | 00,343,020 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\ToolBarSD.exe
[2010/01/02 09:17:19 | 00,000,539 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Raccourci vers HiJackThis.lnk
[2010/01/02 09:14:52 | 00,000,466 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Raccourci vers UsbFix.lnk
[2010/01/01 15:27:45 | 01,668,247 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\UsbFix.exe
[2010/01/01 10:25:25 | 00,000,645 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\RegCleaner.lnk
[2010/01/01 10:24:48 | 00,553,687 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\RegCleaner.exe
[2010/01/01 06:49:17 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\housecall.guid.cache
[2009/12/31 15:24:09 | 00,694,272 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\anniversaire.hcr
[2009/12/31 14:49:07 | 00,005,258 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\joyeu anni.jpg
[2009/12/31 14:48:17 | 00,005,331 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Joyeux anniversaire.jpg
[2009/12/31 14:43:26 | 00,054,322 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\ist2_4785884-champagne.jpg
[2009/12/31 12:52:56 | 00,653,037 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\depliant_norme_photo_1_.pdf
[2009/12/31 10:49:55 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Spybot - Search & Destroy.lnk
[2009/12/30 20:31:07 | 00,202,262 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Champagne_Flutes.jpg
[2009/12/30 17:15:55 | 00,066,451 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-5.jpg
[2009/12/30 17:15:55 | 00,065,642 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-4.jpg
[2009/12/30 17:15:55 | 00,061,945 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-1.jpg
[2009/12/30 17:15:55 | 00,058,760 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-2.jpg
[2009/12/30 17:15:55 | 00,057,911 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Bernard casse croute-3.jpg
[2009/12/30 17:15:31 | 00,278,032 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\attachments_30_12_2009.zip
[2009/12/30 15:01:46 | 00,000,128 | ---- | C] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\fusioncache.dat
[2009/12/30 12:50:53 | 00,066,536 | ---- | C] () -- C:\WINDOWS\System32\Presws__.ttf
[2009/12/30 12:50:53 | 00,049,988 | ---- | C] () -- C:\WINDOWS\System32\Tt0015m_.ttf
[2009/12/30 12:50:53 | 00,048,340 | ---- | C] () -- C:\WINDOWS\System32\Tt0016m_.ttf
[2009/12/30 12:50:52 | 00,058,732 | ---- | C] () -- C:\WINDOWS\System32\Tt0939m_.ttf
[2009/12/30 12:50:52 | 00,050,100 | ---- | C] () -- C:\WINDOWS\System32\Tt0017m_.ttf
[2009/12/30 12:50:52 | 00,047,868 | ---- | C] () -- C:\WINDOWS\System32\Unicorn.ttf
[2009/12/30 12:50:52 | 00,045,252 | ---- | C] () -- C:\WINDOWS\System32\Tristan.ttf
[2009/12/30 12:50:52 | 00,045,196 | ---- | C] () -- C:\WINDOWS\System32\Vagabond.ttf
[2009/12/30 12:50:52 | 00,040,312 | ---- | C] () -- C:\WINDOWS\System32\Tubular.ttf
[2009/12/30 12:50:51 | 00,050,920 | ---- | C] () -- C:\WINDOWS\System32\Storyboo.ttf
[2009/12/30 12:50:51 | 00,047,448 | ---- | C] () -- C:\WINDOWS\System32\Teletype.ttf
[2009/12/30 12:50:51 | 00,046,644 | ---- | C] () -- C:\WINDOWS\System32\Steamer.ttf
[2009/12/30 12:50:51 | 00,045,812 | ---- | C] () -- C:\WINDOWS\System32\Subway.ttf
[2009/12/30 12:50:51 | 00,037,664 | ---- | C] () -- C:\WINDOWS\System32\Signboar.ttf
[2009/12/30 12:50:51 | 00,033,988 | ---- | C] () -- C:\WINDOWS\System32\Socket.ttf
[2009/12/30 12:50:50 | 00,045,048 | ---- | C] () -- C:\WINDOWS\System32\Sherwood.ttf
[2009/12/30 12:50:50 | 00,039,472 | ---- | C] () -- C:\WINDOWS\System32\Poster.ttf
[2009/12/30 12:50:50 | 00,038,820 | ---- | C] () -- C:\WINDOWS\System32\Pickwick.ttf
[2009/12/30 12:50:50 | 00,038,780 | ---- | C] () -- C:\WINDOWS\System32\Sceptre.ttf
[2009/12/30 12:50:50 | 00,032,640 | ---- | C] () -- C:\WINDOWS\System32\Pythagor.ttf
[2009/12/30 12:50:49 | 00,053,996 | ---- | C] () -- C:\WINDOWS\System32\Market.ttf
[2009/12/30 12:50:49 | 00,047,100 | ---- | C] () -- C:\WINDOWS\System32\Tt0841m_.ttf
[2009/12/30 12:50:49 | 00,046,852 | ---- | C] () -- C:\WINDOWS\System32\Tt0842m_.ttf
[2009/12/30 12:50:49 | 00,046,268 | ---- | C] () -- C:\WINDOWS\System32\Tt0844m_.ttf
[2009/12/30 12:50:49 | 00,043,748 | ---- | C] () -- C:\WINDOWS\System32\Oldcentu.ttf
[2009/12/30 12:50:49 | 00,038,220 | ---- | C] () -- C:\WINDOWS\System32\Pegasus.ttf
[2009/12/30 12:50:48 | 00,056,688 | ---- | C] () -- C:\WINDOWS\System32\Jester.ttf
[2009/12/30 12:50:48 | 00,047,468 | ---- | C] () -- C:\WINDOWS\System32\Tt0843m_.ttf
[2009/12/30 12:50:48 | 00,043,608 | ---- | C] () -- C:\WINDOWS\System32\Longisle.ttf
[2009/12/30 12:50:48 | 00,041,844 | ---- | C] () -- C:\WINDOWS\System32\Tt1115m_.ttf
[2009/12/30 12:50:47 | 00,039,796 | ---- | C] () -- C:\WINDOWS\System32\Tt0390m_.ttf
[2009/12/30 12:50:47 | 00,039,336 | ---- | C] () -- C:\WINDOWS\System32\Tt0391m_.ttf
[2009/12/30 12:50:47 | 00,038,888 | ---- | C] () -- C:\WINDOWS\System32\Tt0388m_.ttf
[2009/12/30 12:50:47 | 00,038,360 | ---- | C] () -- C:\WINDOWS\System32\Tt0389m_.ttf
[2009/12/30 12:50:47 | 00,036,360 | ---- | C] () -- C:\WINDOWS\System32\Tt0387m_.ttf
[2009/12/30 12:50:47 | 00,031,344 | ---- | C] () -- C:\WINDOWS\System32\Herald.ttf
[2009/12/30 12:50:46 | 00,040,792 | ---- | C] () -- C:\WINDOWS\System32\Heather.ttf
[2009/12/30 12:50:46 | 00,039,944 | ---- | C] () -- C:\WINDOWS\System32\Tt0307m_.ttf
[2009/12/30 12:50:46 | 00,038,812 | ---- | C] () -- C:\WINDOWS\System32\Tt0306m_.ttf
[2009/12/30 12:50:45 | 00,039,800 | ---- | C] () -- C:\WINDOWS\System32\Tt0312m_.ttf
[2009/12/30 12:50:45 | 00,037,804 | ---- | C] () -- C:\WINDOWS\System32\Tt1126m_.ttf
[2009/12/30 12:50:45 | 00,037,620 | ---- | C] () -- C:\WINDOWS\System32\Tt1127m_.ttf
[2009/12/30 12:50:45 | 00,036,920 | ---- | C] () -- C:\WINDOWS\System32\Tt1129m_.ttf
[2009/12/30 12:50:44 | 00,060,256 | ---- | C] () -- C:\WINDOWS\System32\Tt1001m_.ttf
[2009/12/30 12:50:44 | 00,039,620 | ---- | C] () -- C:\WINDOWS\System32\Tt1128m_.ttf
[2009/12/30 12:50:44 | 00,038,712 | ---- | C] () -- C:\WINDOWS\System32\Francisc.ttf
[2009/12/30 12:50:44 | 00,034,940 | ---- | C] () -- C:\WINDOWS\System32\Tt0628m_.ttf
[2009/12/30 12:50:44 | 00,033,524 | ---- | C] () -- C:\WINDOWS\System32\Denmark.ttf
[2009/12/30 12:50:44 | 00,031,008 | ---- | C] () -- C:\WINDOWS\System32\Cuckoo.ttf
[2009/12/30 12:50:43 | 00,053,340 | ---- | C] () -- C:\WINDOWS\System32\Chaucer.ttf
[2009/12/30 12:50:43 | 00,053,008 | ---- | C] () -- C:\WINDOWS\System32\Tt0757m_.ttf
[2009/12/30 12:50:43 | 00,040,120 | ---- | C] () -- C:\WINDOWS\System32\Calligra.ttf
[2009/12/30 12:50:43 | 00,038,944 | ---- | C] () -- C:\WINDOWS\System32\Cezanne.ttf
[2009/12/30 12:50:43 | 00,034,176 | ---- | C] () -- C:\WINDOWS\System32\Cornerst.ttf
[2009/12/30 12:50:42 | 00,046,064 | ---- | C] () -- C:\WINDOWS\System32\Bazooka.ttf
[2009/12/30 12:50:42 | 00,037,652 | ---- | C] () -- C:\WINDOWS\System32\Tt1027m_.ttf
[2009/12/30 12:50:42 | 00,032,032 | ---- | C] () -- C:\WINDOWS\System32\Boulder.ttf
[2009/12/30 12:48:56 | 00,284,160 | ---- | C] () -- C:\WINDOWS\unin040c.exe
[2009/12/29 11:33:55 | 00,001,562 | ---- | C] () -- C:\Documents and Settings\seppi\.recently-used.xbel
[2009/12/29 11:17:08 | 00,155,365 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\Bernard casse croute.jpg
[2009/12/29 11:10:33 | 00,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\GIMP 2.lnk
[2009/12/29 09:51:04 | 00,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009/12/29 09:42:53 | 00,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Driver Detective.lnk
[2009/12/29 09:42:01 | 00,001,765 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CanoScan Toolbox 5.0.lnk
[2009/12/26 13:41:29 | 00,000,652 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\eMule.lnk
[2009/12/26 13:38:47 | 00,450,560 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\EmuleAc4_Setup.exe
[2009/12/26 11:48:17 | 00,000,083 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2009/12/26 11:45:50 | 00,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Easy CD-DA Extractor.lnk
[2009/12/26 10:07:37 | 00,389,120 | ---- | C] () -- C:\WINDOWS\System32\Amsample.dll
[2009/12/26 10:07:37 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\Amuninst.exe
[2009/12/26 10:07:36 | 00,311,296 | ---- | C] () -- C:\WINDOWS\System32\Amoucplx.dll
[2009/12/26 10:07:36 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\Amoures.dll
[2009/12/26 10:07:36 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\Amhooker.dll
[2009/12/23 09:25:06 | 00,008,678 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\ENVELOPPE DE BAS.odt
[2009/12/22 15:45:34 | 00,010,428 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\ASSURANCE TATA CMDP.odt
[2009/12/22 15:40:41 | 00,012,440 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\Résiliation assurance.odt
[2009/12/22 15:21:37 | 00,011,232 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\Femme africaine.odt
[2009/12/22 14:38:20 | 00,014,477 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\Redoute TNT.odt
[2009/12/22 14:30:01 | 00,011,555 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\Notre temps.odt
[2009/12/21 18:45:24 | 00,012,209 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\menus de noel.odt
[2009/12/21 17:22:16 | 05,947,419 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\LE_NOEL_DES_CHATS.mpg
[2009/12/21 15:07:06 | 00,171,967 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.hlp
[2009/12/21 15:07:06 | 00,007,348 | ---- | C] () -- C:\WINDOWS\System32\Odbcjet.cnt
[2009/12/21 15:00:46 | 00,000,040 | ---- | C] () -- C:\WINDOWS\NAVIGMA.INI
[2009/12/21 14:14:46 | 00,084,305 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\etiquette noel.odt
[2009/12/21 13:41:46 | 00,004,644 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images7.jpeg
[2009/12/21 13:41:34 | 00,005,152 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images6.jpeg
[2009/12/21 13:41:01 | 00,003,246 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images5.jpeg
[2009/12/21 13:40:31 | 00,003,724 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images4.jpeg
[2009/12/21 13:40:17 | 00,003,636 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images3.jpeg
[2009/12/21 13:40:07 | 00,003,943 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images2.jpeg
[2009/12/21 13:39:51 | 00,003,931 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\images1.jpeg
[2009/12/21 09:08:38 | 00,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AvRack.lnk
[2009/12/21 09:08:34 | 00,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2009/12/21 09:08:32 | 00,141,016 | R--- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2009/12/20 20:06:51 | 00,010,545 | ---- | C] () -- C:\Documents and Settings\seppi\Mes documents\eaux ganeval decembre.odt
[2009/12/16 14:40:40 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/12/16 12:40:54 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2009/12/15 18:06:31 | 00,002,401 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nero StartSmart Essentials.lnk
[2009/12/15 13:34:17 | 00,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\OpenOffice.org 3.1.lnk
[2009/12/15 13:28:59 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Ares.lnk
[2009/12/15 13:22:43 | 15,201,2024 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\OOo_3.1.1_Win32Intel_install_wJRE_fr.exe
[2009/12/15 13:15:05 | 00,000,659 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Kyodai Mahjongg.lnk
[2009/12/15 13:12:50 | 00,049,664 | ---- | C] () -- C:\Documents and Settings\seppi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/15 10:03:36 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS3w.DLL
[2009/12/15 10:03:30 | 00,036,864 | ---- | C] () -- C:\WINDOWS\System32\CNMCP3W.EXE
[2009/12/15 09:46:14 | 00,058,276 | ---- | C] () -- C:\WINDOWS\System32\CNBJHLP2.HLP
[2009/12/15 09:46:14 | 00,001,312 | ---- | C] () -- C:\WINDOWS\System32\CNBJHLP2.CNT
[2009/12/15 09:15:17 | 00,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2009/12/15 09:12:26 | 00,001,505 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Vuze.lnk
[2009/12/15 09:12:00 | 18,030,130 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\vlc-1.0.3-win32.exe
[2009/12/15 09:07:59 | 00,032,836 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Kyodai_Mahjongg_2006_v1.21
[2009/12/15 09:07:51 | 00,035,464 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\Easy_CD-DA_8.2.3
[2009/12/14 17:03:39 | 00,939,956 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\7z465.exe
[2009/12/14 15:51:03 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk
[2009/12/14 15:18:41 | 00,007,849 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.vxd
[2009/12/14 15:18:41 | 00,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2009/12/14 15:05:22 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\CCleaner.lnk
[2009/12/14 15:04:12 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/12/14 15:04:12 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/12/14 15:04:11 | 00,000,414 | ---- | C] () -- C:\WINDOWS\System32\lame_acm.xml
[2009/12/14 15:04:09 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/12/14 15:04:09 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/12/14 15:04:08 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/12/14 15:04:05 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/12/14 15:04:04 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/12/14 15:02:15 | 00,000,767 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\EVEREST Home Edition.lnk
[2009/12/14 15:01:32 | 00,000,682 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\FlashGet.lnk
[2009/12/14 13:08:23 | 00,000,260 | ---- | C] () -- C:\WINDOWS\tasks\WGASetup.job
[2009/12/13 20:26:19 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2009/12/13 20:25:53 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2009/12/13 20:23:40 | 41,958,336 | ---- | C] () -- C:\Documents and Settings\seppi\Bureau\avast_avast_4.8.1368_francais_anglais_11113.exe
[2009/12/13 20:19:20 | 00,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/12/13 20:19:12 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2009/12/13 20:08:10 | 00,002,983 | R--- | C] () -- C:\WINDOWS\System32\net82557.din
[2009/12/12 18:39:26 | 00,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2009/12/12 18:35:58 | 01,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2009/12/12 18:35:58 | 00,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2009/12/12 18:35:58 | 00,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2009/12/12 18:35:57 | 00,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2009/12/12 18:35:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2009/12/12 18:35:54 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2009/12/12 18:35:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2009/12/12 18:35:52 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2009/12/12 18:35:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2009/12/12 18:35:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2009/12/12 18:35:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2009/12/12 18:35:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2009/12/12 18:35:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2009/12/12 18:35:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2009/12/12 18:35:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2009/12/12 18:35:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2009/12/12 18:35:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2009/12/12 18:35:48 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2009/12/12 18:35:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2009/12/12 18:35:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2009/12/12 18:35:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2009/12/12 18:35:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2009/12/12 18:35:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2009/12/12 18:35:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2009/12/12 18:35:44 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_852.nls
[2009/12/12 18:35:44 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_852.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2009/12/12 18:35:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2009/12/12 18:35:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2009/12/12 18:35:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2009/12/12 18:35:39 | 00,001,896 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/12/12 18:35:28 | 00,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2009/12/12 18:35:28 | 00,105,926 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2009/12/12 18:35:28 | 00,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2009/12/12 18:35:28 | 00,022,351 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2009/12/12 18:35:28 | 00,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2009/12/12 18:35:28 | 00,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2009/12/12 18:35:28 | 00,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2009/12/12 18:35:28 | 00,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2009/12/12 18:35:28 | 00,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2009/12/12 18:35:27 | 01,246,130 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2009/12/12 18:35:27 | 00,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2009/12/12 18:35:27 | 00,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2009/12/12 18:35:27 | 00,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2009/12/12 18:35:27 | 00,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2009/12/12 18:35:27 | 00,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2009/12/12 18:35:27 | 00,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2009/12/12 18:35:27 | 00,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2009/12/12 18:35:26 | 02,037,681 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2009/12/12 18:35:26 | 00,636,042 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2009/12/12 18:34:02 | 01,004,104 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/12 18:33:22 | 00,000,212 | -HS- | C] () -- C:\boot.ini
[2009/12/12 18:33:19 | 00,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/12/12 17:58:33 | 00,000,184 | -HS- | C] () -- C:\Documents and Settings\seppi\ntuser.ini
[2009/12/12 17:58:32 | 02,621,440 | -H-- | C] () -- C:\Documents and Settings\seppi\NTUSER.DAT
[2009/12/12 17:58:31 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2009/12/12 17:57:01 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2009/12/12 17:55:59 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/12/12 17:55:49 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/12/12 17:55:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/12/12 17:55:11 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/12/12 17:55:09 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2009/12/12 17:54:48 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/12/12 17:54:47 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/12/12 17:54:39 | 00,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2009/12/12 17:54:38 | 00,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2009/12/12 17:54:35 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/12/12 17:54:25 | 13,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2009/12/12 17:54:19 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/12/12 17:54:15 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2009/12/12 17:54:02 | 00,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2009/12/12 17:53:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/12/12 17:53:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/12/12 17:53:58 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/12/12 17:53:58 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/12/12 17:53:57 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/12/12 17:53:57 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/12/12 17:53:57 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/12/12 17:53:57 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/12/12 17:53:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/12/12 17:53:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/12/12 17:53:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/12/12 17:53:57 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/12/12 17:53:56 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/12/12 17:53:55 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/12/12 17:53:54 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/12/12 17:53:54 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/12/12 17:53:54 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/12/12 17:53:54 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/12/12 17:53:54 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/12/12 17:53:54 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/12/12 17:53:54 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/12/12 17:53:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/12/12 17:53:52 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/12/12 17:53:52 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/12/12 17:53:52 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/12/12 17:53:52 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/12/12 17:53:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/12/12 17:53:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/12/12 17:53:52 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/12/12 17:53:51 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/12/12 17:53:50 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/12/12 17:53:00 | 00,003,121 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/12/12 17:53:00 | 00,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2009/12/12 17:53:00 | 00,000,000 | RHS- | C] () -- C:\IO.SYS
[2009/12/12 17:53:00 | 00,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2009/12/12 17:53:00 | 00,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2009/12/12 17:52:49 | 00,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2009/12/12 17:52:49 | 00,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2009/12/12 17:52:48 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2009/12/12 17:51:39 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2009/12/12 17:51:39 | 00,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2009/12/12 17:51:32 | 00,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2009/12/12 17:51:15 | 04,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2009/12/12 17:51:01 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2009/12/12 17:51:01 | 00,049,102 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2009/12/12 17:50:55 | 00,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2009/12/12 17:50:22 | 00,382,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2009/12/12 17:49:33 | 00,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/12/12 17:48:50 | 00,065,832 | ---- | C] () -- C:\WINDOWS\Mur de Santa Fe.bmp
[2009/12/12 17:48:50 | 00,026,680 | ---- | C] () -- C:\WINDOWS\Rivière Sumida.bmp
[2009/12/12 17:48:50 | 00,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2009/12/12 17:48:49 | 00,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2009/12/12 17:48:49 | 00,065,978 | ---- | C] () -- C:\WINDOWS\Bulles de savon.bmp
[2009/12/12 17:48:49 | 00,065,954 | ---- | C] () -- C:\WINDOWS\Vent de prairie.bmp
[2009/12/12 17:48:49 | 00,026,582 | ---- | C] () -- C:\WINDOWS\Granit vert.bmp
[2009/12/12 17:48:49 | 00,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2009/12/12 17:48:49 | 00,017,336 | ---- | C] () -- C:\WINDOWS\Jour de pêche.bmp
[2009/12/12 17:48:49 | 00,017,062 | ---- | C] () -- C:\WINDOWS\Tasse à café.bmp
[2009/12/12 17:48:49 | 00,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2009/12/12 17:48:49 | 00,016,730 | ---- | C] () -- C:\WINDOWS\Plume.bmp
[2009/12/12 17:48:49 | 00,001,272 | ---- | C] () -- C:\WINDOWS\Rosace bleue 16.bmp
[2009/12/12 17:48:48 | 00,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2009/12/12 17:48:48 | 00,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2009/12/12 17:48:48 | 00,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2009/12/12 17:48:48 | 00,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2009/12/12 17:48:48 | 00,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2009/12/12 17:48:48 | 00,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2009/12/12 17:48:47 | 00,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2009/12/12 17:48:47 | 00,001,263 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2009/12/12 17:48:46 | 00,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2009/12/12 17:48:41 | 00,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2005/03/14 14:38:28 | 00,000,469 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini

========== Custom Scans ==========


< %SYSTEMDRIVE%\cdrom.sys /s /md5 >
[2008/04/14 13:00:00 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2010/01/01 16:16:50 | 00,096,512 | ---- | M] () MD5=502031DE337BD9FB42D5A383E7FD82C3 -- C:\WINDOWS\LastGood\system32\drivers\atapi.sys
[2010/01/02 19:40:34 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010/01/02 19:40:34 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\ACPI.sys /s /md5 >
[2008/04/14 13:00:00 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\system32\drivers\acpi.sys
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/04/13 12:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[3 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >
< End of report >
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 20:30

la fin rapport extras txt

OTL Extras logfile created on: 02/01/2010 19:52:05 - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\seppi\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

1 023,00 Mb Total Physical Memory | 462,00 Mb Available Physical Memory | 45,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 60,00 Gb Total Space | 39,07 Gb Free Space | 65,10% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 89,04 Gb Total Space | 83,86 Gb Free Space | 94,18% Space Free | Partition Type: NTFS
Drive G: | 495,02 Mb Total Space | 410,41 Mb Free Space | 82,91% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AS-SEPPI
Current User Name: seppi
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [!ezcddaxa] -- "C:\Program Files\Easy CD-DA Extractor 8\convert.exe" "%1" ()
Directory [!ezcddaxb] -- "C:\Program Files\Easy CD-DA Extractor 8\burn.exe" "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"45829:TCP" = 45829:TCP:*:Enabled:emule
"29081:UDP" = 29081:UDP:*:Enabled:emule

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Ares\chatServer.exe" = C:\Program Files\Ares\chatServer.exe:*:Disabled:Ares Chat Server -- (Ares Development Group)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}" = OpenOffice.org 3.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803" = CanoScan 4400F
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BDEE284-1516-40E8-B784-00FEBE1B1036}" = Nero 7 Essentials
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 4.65
"8461-7759-5462-8226" = Vuze
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ares" = Ares 2.1.2
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"CANONBJ_Deinstall_CNMCP3w.DLL" = Canon S200
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CCleaner" = CCleaner
"Easy CD-DA Extractor 8.2.3" = Easy CD-DA Extractor 8.2.3
"eMule" = eMule
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FlashGet" = FlashGet 1.9.6.1073
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.5.0
"Kyodai Mahjongg 2006_is1" = Kyodai Mahjongg 2006 v1.21
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.16)" = Mozilla Firefox (3.0.16)
"MSNINST" = MSN
"PrintMaster 8.0" = PrintMaster® Gold
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"Trend Micro HouseCall 6.6" = HouseCall 6.6
"Unlocker" = Unlocker 1.8.8
"VLC media player" = VLC media player 1.0.3
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WheelMouse" = iWheelWorks V7.64
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinGimp-2.0_is1" = GIMP 2.6.8

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23/12/2009 08:03:33 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.0.3623, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 23/12/2009 09:27:48 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 23/12/2009 09:36:28 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant mshtml.dll, version 8.0.6001.18854, adresse de défaillance 0x00100610.

Error - 23/12/2009 10:06:54 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00011780.

Error - 23/12/2009 10:07:04 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28/12/2009 11:06:11 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant jccatch.dll, version 1.8.4.1007, adresse de défaillance 0x00007859.

Error - 28/12/2009 11:31:23 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant mshtml.dll, version 8.0.6001.18854, adresse de défaillance 0x00100610.

Error - 28/12/2009 11:33:56 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x0001168b.

Error - 29/12/2009 08:50:46 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00011780.

Error - 29/12/2009 12:31:41 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante wmplayer.exe, version 9.0.0.4503, module défaillant
libavcodec.dll, version 0.0.0.0, adresse de défaillance 0x001fe653.

[ Application Events ]
Error - 23/12/2009 08:03:33 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.0.3623, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 23/12/2009 09:27:48 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 23/12/2009 09:36:28 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant mshtml.dll, version 8.0.6001.18854, adresse de défaillance 0x00100610.

Error - 23/12/2009 10:06:54 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00011780.

Error - 23/12/2009 10:07:04 | Computer Name = AS-SEPPI | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 28/12/2009 11:06:11 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant jccatch.dll, version 1.8.4.1007, adresse de défaillance 0x00007859.

Error - 28/12/2009 11:31:23 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant mshtml.dll, version 8.0.6001.18854, adresse de défaillance 0x00100610.

Error - 28/12/2009 11:33:56 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x0001168b.

Error - 29/12/2009 08:50:46 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant ntdll.dll, version 5.1.2600.5755, adresse de défaillance 0x00011780.

Error - 29/12/2009 12:31:41 | Computer Name = AS-SEPPI | Source = Application Error | ID = 1000
Description = Application défaillante wmplayer.exe, version 9.0.0.4503, module défaillant
libavcodec.dll, version 0.0.0.0, adresse de défaillance 0x001fe653.

[ System Events ]
Error - 31/12/2009 02:56:10 | Computer Name = AS-SEPPI | Source = SideBySide | ID = 16842811
Description = Generate Activation Context a échoué pour C:\Documents and Settings\seppi\Application
Data\HouseCall 6.6\MFC80U.DLL. Message d'erreur de référence : Opération réussie.
.

Error - 31/12/2009 05:17:08 | Computer Name = AS-SEPPI | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
avast! Web Scanner.

Error - 31/12/2009 05:17:08 | Computer Name = AS-SEPPI | Source = Service Control Manager | ID = 7000
Description = Le service avast! Web Scanner n'a pas pu démarrer en raison de l'erreur :
%%1053

Error - 31/12/2009 05:17:34 | Computer Name = AS-SEPPI | Source = Service Control Manager | ID = 7034
Description = Le service avast! Web Scanner s'est terminé de façon inattendue pour
la 1ème fois.

Error - 31/12/2009 13:48:21 | Computer Name = AS-SEPPI | Source = Ftdisk | ID = 262189
Description = Le système n'a pas pu charger le pilote du fichier de vidage sur incident.

Error - 31/12/2009 13:48:21 | Computer Name = AS-SEPPI | Source = Ftdisk | ID = 262193
Description = Échec de la configuration du fichier d'échange pour le vidage sur
incident. Assurez-vous qu'un fichier d'échange est présent sur la partition d'amorçage
et
qu'il est suffisamment grand pour contenir toute la mémoire physique.

Error - 01/01/2010 05:50:09 | Computer Name = AS-SEPPI | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80242007 : Microsoft .NET Framework 1.1 Service Pack 1.

Error - 01/01/2010 22:00:12 | Computer Name = AS-SEPPI | Source = Windows Update Agent | ID = 20
Description = Échec de l'installation : l'installation de la mise à jour suivante
a échoué avec l'erreur 0x80242007 : Mise à jour de sécurité pour Microsoft .NET
Framework version 2.0 Service Pack 2 pour Windows 2000, Windows Server 2003 et
Windows XP (KB974417).

Error - 02/01/2010 14:02:21 | Computer Name = AS-SEPPI | Source = Service Control Manager | ID = 7034
Description = Le service NMIndexingService s'est terminé de façon inattendue pour
la 1ème fois.

Error - 02/01/2010 14:02:39 | Computer Name = AS-SEPPI | Source = Service Control Manager | ID = 7034
Description = Le service Java Quick Starter s'est terminé de façon inattendue pour
la 1ème fois.


< End of report >
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 02 Jan 2010 21:13

re,

load_tdsskiller à bien bossé, le driver atapi chargé au démarrage de windows est réparer, mais il y en à un autre d'infecté...

fait cela stp...

télécharge SafeBootKeyRepair sur ton bureau et exécute le...

ensuite dit moi si le mode sans échec est de nouveau accessible :wink:

ensuite...dans les prochaines étapes, combofix auras surement besoin d'effectuer un ou plusieurs redémarrage du pc, ne les empêche surtout pas

désactive ton Anti-virus le temps de faire ces manipulations.

>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.

========================================================================================================

ensuite...

Télécharge Combofix sur ton Bureau (et pas ailleurs)en le renommant [b]avant qu'il n'atterrisse sur ton bureau.
pour cela fais un clic droit sur Combofix.exe ,choisis "enregistrer la cible du lien sous..." et renomme le en calimero.exe pour l'emplacement choisis ton bureau et cliques sur "enregistrer"


Double clique ComboFix.exe(pour toi c'est calimero.exe) pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc !!
Copie/colle le rapport combofix dans ta prochaine réponse

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.

========================================================================================================

si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...

Fait un double clic sur l'icône Image de WinsockXPFix.


>>clique sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.

@++
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 03 Jan 2010 16:26

ouh à c'était long et surtout pas pratique duand on n'a pas deux PC un à nettoyer le second pour naviguer et vous répondre :

apres safeboot le mode sans echec etait toujours nul
de plus avast pourtant desactivé m'indiquait un virus WIN32:JiFasCN
J'ai tout fait dans combox fixe il a redémarré
voici le rapport combo fix :

ComboFix 10-01-02.05 - seppi 03/01/2010 16:02:01.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1023.679 [GMT 1:00]
Lancé depuis: c:\calimero.exe\ComboFix.exe
Commutateurs utilisés :: ComboFix
AV: avast! antivirus 4.8.1368 [VPS 100103-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\PR15.DLL
c:\windows\system32\sdra64.exe
c:\windows\system32\WORK.DAT

Une copie infectée de c:\windows\system32\DRIVERS\atapi.sys a été trouvée et désinfectée
Copie restaurée à partir de - Kitty ate it :p
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-03 au 2010-01-03 ))))))))))))))))))))))))))))))))))))
.

2010-01-03 14:48 . 2010-01-03 14:49 24576 ----a-w- c:\windows\system32\PR19.DLL
2010-01-03 14:48 . 2010-01-03 14:48 37376 ---ha-w- c:\windows\system32\wexe.exe
2010-01-02 18:46 . 2010-01-02 18:46 -------- d-----w- C:\tdsskiller
2010-01-02 17:22 . 2010-01-02 18:40 96512 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2010-01-02 17:22 . 2010-01-02 18:40 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-01-01 16:36 . 2010-01-02 08:15 -------- d-----w- C:\UsbFix
2010-01-01 09:25 . 2010-01-01 09:36 -------- d-----w- c:\program files\RegCleaner
2010-01-01 06:17 . 2009-06-30 08:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-01-01 06:16 . 2010-01-01 06:16 -------- d-----w- c:\program files\Panda Security
2010-01-01 05:41 . 2010-01-01 05:41 -------- d-----w- c:\windows\BDOSCAN8
2009-12-31 09:49 . 2009-12-31 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-12-31 09:49 . 2009-12-31 09:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-31 06:57 . 2008-03-30 17:55 1213784 ----a-w- c:\documents and settings\seppi\Application Data\HouseCall 6.6\vsapi32.dll
2009-12-31 06:57 . 2006-11-22 16:48 91744 ----a-w- c:\documents and settings\seppi\Application Data\HouseCall 6.6\BPMNT.dll
2009-12-31 06:57 . 2007-12-24 16:37 138384 ----a-w- c:\documents and settings\seppi\Application Data\HouseCall 6.6\tmcomm.sys
2009-12-31 06:57 . 2006-07-07 15:29 1197584 ----a-w- c:\documents and settings\seppi\Application Data\HouseCall 6.6\ssapi32.dll
2009-12-31 06:56 . 2009-03-27 16:38 366344 ----a-w- c:\documents and settings\seppi\Application Data\HouseCall 6.6\tsc.exe
2009-12-31 06:55 . 2009-12-31 07:04 -------- d-----w- c:\documents and settings\seppi\Application Data\HouseCall 6.6
2009-12-31 06:55 . 2009-12-31 06:55 -------- d-----w- c:\windows\system32\HouseCall 6.6
2009-12-31 02:00 . 2009-12-31 02:00 -------- d-----w- c:\program files\MSXML 4.0
2009-12-30 14:01 . 2009-12-30 14:01 128 ----a-w- c:\documents and settings\seppi\Local Settings\Application Data\fusioncache.dat
2009-12-30 14:01 . 2009-12-30 14:40 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\ApplicationHistory
2009-12-30 14:01 . 2009-12-30 14:01 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\Broderbund Software
2009-12-30 14:01 . 2009-12-30 14:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Broderbund Software
2009-12-30 13:55 . 2009-12-30 17:31 -------- d-----w- c:\program files\Web Publish
2009-12-30 13:55 . 2007-07-19 12:07 3186688 ----a-w- c:\windows\system32\acXMLParser.dll
2009-12-30 13:55 . 2007-07-19 12:07 3186688 ----a-w- c:\windows\system32\cdintf300.dll
2009-12-30 13:46 . 2009-12-30 13:46 -------- d-----w- c:\windows\system32\URTTEMP
2009-12-30 12:59 . 2009-12-30 12:59 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-12-30 12:54 . 2009-12-30 12:54 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-12-30 11:51 . 2009-12-30 11:51 -------- d-----w- c:\windows\Profiles
2009-12-30 11:48 . 1996-02-08 08:54 284160 ----a-w- c:\windows\unin040c.exe
2009-12-30 09:48 . 2009-12-30 09:48 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\Nova Development
2009-12-30 06:32 . 2009-12-30 06:32 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-30 06:32 . 2009-12-30 06:32 -------- d-----w- c:\program files\MSBuild
2009-12-30 06:31 . 2009-12-30 06:31 -------- d-----w- c:\program files\Reference Assemblies
2009-12-30 06:31 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-30 06:31 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-30 06:31 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-30 06:31 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-30 06:31 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-30 06:31 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-30 06:31 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-30 06:31 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-30 06:31 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-29 10:32 . 1997-05-21 11:36 45056 ------w- c:\windows\system32\Spool\prtprocs\w32x86\BLPROCES.DLL
2009-12-29 10:31 . 2009-12-29 10:31 -------- d-----w- c:\documents and settings\seppi\WINDOWS
2009-12-29 10:31 . 1995-07-14 01:43 27632 ----a-w- c:\windows\system\CTL3DV2.DLL
2009-12-29 10:30 . 2009-12-29 10:30 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\Yahoo!
2009-12-29 10:11 . 2009-12-29 10:33 -------- d-----w- c:\documents and settings\seppi\Application Data\gtk-2.0
2009-12-29 10:11 . 2009-12-29 10:11 -------- d-----w- c:\documents and settings\seppi\.thumbnails
2009-12-29 10:10 . 2009-12-29 10:34 -------- d-----w- c:\documents and settings\seppi\.gimp-2.6
2009-12-29 10:09 . 2009-12-29 10:09 -------- d-----w- c:\program files\GIMP-2.0
2009-12-29 08:46 . 2008-04-13 10:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-29 08:46 . 2008-04-13 10:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-29 08:44 . 2009-12-29 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\UAB
2009-12-29 08:44 . 2009-12-29 08:44 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-12-29 08:44 . 2009-12-29 08:44 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\PC_Drivers_Headquarters
2009-12-29 08:43 . 2009-12-29 08:48 -------- d-----w- c:\documents and settings\seppi\Application Data\Canon
2009-12-29 08:42 . 2009-12-29 08:42 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-12-29 08:37 . 2009-12-29 08:37 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2009-12-29 08:37 . 2006-06-29 13:29 106496 ----a-w- c:\windows\system32\cnqo4803.dll
2009-12-29 08:37 . 2009-12-29 08:37 -------- d--h--w- c:\program files\CanonBJ
2009-12-29 08:37 . 2007-08-09 10:17 229376 ----a-w- c:\windows\system32\CNQL4803.DLL
2009-12-29 08:37 . 2006-07-20 14:51 1298432 ----a-w- c:\windows\system32\CNQC4803.DLL
2009-12-29 08:37 . 2006-07-20 14:51 57344 ----a-w- c:\windows\system32\CNQI4803.DLL
2009-12-26 12:41 . 2010-01-02 07:31 -------- d-----w- c:\program files\eMule
2009-12-26 10:45 . 2009-12-26 11:14 -------- d-----w- c:\program files\Easy CD-DA Extractor 8
2009-12-26 10:45 . 2009-12-26 10:45 -------- d-----w- c:\windows\Easy CD-DA Extractor
2009-12-26 09:08 . 2009-12-29 10:05 -------- d-----w- c:\program files\Mouse
2009-12-26 09:07 . 2004-08-25 16:19 19840 ----a-w- c:\windows\system32\drivers\Amserprt.sys
2009-12-26 09:07 . 2004-08-25 16:18 11264 ----a-w- c:\windows\system32\drivers\Amusbprt.sys
2009-12-26 09:07 . 2004-08-25 16:17 7296 ----a-w- c:\windows\system32\drivers\Arfumftr.sys
2009-12-26 09:07 . 2004-08-25 15:29 77824 ----a-w- c:\windows\system32\Amuninst.exe
2009-12-26 09:07 . 2004-08-25 15:28 389120 ----a-w- c:\windows\system32\Amsample.dll
2009-12-26 09:07 . 2004-08-25 16:16 9856 ----a-w- c:\windows\system32\drivers\Amps2prt.sys
2009-12-26 09:07 . 2004-08-25 16:15 4992 ----a-w- c:\windows\system32\drivers\Amfilter.sys
2009-12-26 09:07 . 2004-08-25 15:28 86016 ----a-w- c:\windows\system32\Amoures.dll
2009-12-26 09:07 . 2004-08-25 15:26 311296 ----a-w- c:\windows\system32\Amoucplx.dll
2009-12-26 09:07 . 2004-08-25 15:25 32768 ----a-w- c:\windows\system32\Amhooker.dll
2009-12-23 12:10 . 2009-12-23 12:10 -------- d-----w- c:\windows\Sun
2009-12-23 07:20 . 2001-08-23 16:04 12288 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-12-23 07:20 . 2001-08-23 16:04 12288 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-23 07:20 . 2008-04-13 10:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-12-23 07:20 . 2008-04-13 10:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-12-22 17:20 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2009-12-21 08:09 . 2008-04-13 10:45 6272 -c--a-w- c:\windows\system32\dllcache\splitter.sys
2009-12-21 08:08 . 2008-04-13 10:39 4992 -c--a-w- c:\windows\system32\dllcache\mspqm.sys
2009-12-20 16:02 . 2009-12-26 10:36 -------- d-----w- c:\documents and settings\seppi\Application Data\dvdcss
2009-12-16 18:55 . 2009-12-16 18:55 -------- d-----w- c:\program files\GIMP-2
2009-12-16 17:24 . 2009-12-16 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\LightScribe
2009-12-16 17:20 . 2009-12-24 10:38 -------- d-----w- c:\program files\Unlocker
2009-12-16 11:40 . 2009-12-16 11:40 -------- d-----w- c:\documents and settings\seppi\Application Data\Malwarebytes
2009-12-16 11:40 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-16 11:40 . 2009-12-16 11:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-16 11:40 . 2009-12-16 11:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-12-16 11:40 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-16 09:07 . 2009-12-16 09:07 177024 ----a-w- c:\documents and settings\seppi\Application Data\Mozilla\Firefox\Profiles\czoitbzp.default\FlashGot.exe
2009-12-15 17:14 . 2009-12-16 17:25 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\Ahead
2009-12-15 17:10 . 2009-12-15 17:10 -------- d-----w- c:\program files\Fichiers communs\LightScribe
2009-12-15 16:58 . 2009-12-16 17:25 -------- d-----w- c:\documents and settings\seppi\Application Data\Ahead
2009-12-15 16:54 . 2009-12-15 17:06 -------- d-----w- c:\program files\Fichiers communs\Ahead
2009-12-15 16:54 . 2009-12-15 16:54 -------- d-----w- c:\program files\Nero
2009-12-15 16:54 . 2009-12-15 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-12-15 16:48 . 2009-12-15 16:48 -------- d-sh--w- c:\documents and settings\seppi\IECompatCache
2009-12-15 12:29 . 2009-12-17 22:31 -------- d-----w- c:\documents and settings\seppi\Local Settings\Application Data\Ares
2009-12-15 12:28 . 2009-12-15 12:29 -------- d-----w- c:\program files\Ares
2009-12-15 12:14 . 2009-12-16 21:02 -------- d-----w- c:\program files\Kyodai Mahjongg 2006
2009-12-15 12:12 . 2009-12-15 12:12 10686001 ----a-w- c:\documents and settings\seppi\Application Data\Azureus\plugins\azump\mplayer.exe
2009-12-15 09:03 . 2002-02-12 13:00 97280 ----a-w- c:\windows\system32\CNMLM3w.DLL
2009-12-15 09:03 . 2002-02-12 13:00 5632 ----a-w- c:\windows\system32\CNMVS3w.DLL
2009-12-15 09:03 . 2002-02-12 13:00 43008 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP3w.DLL
2009-12-15 09:03 . 2002-02-12 13:00 13824 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD3w.DLL
2009-12-15 09:03 . 2009-12-15 09:03 -------- d-----w- C:\BJPrinter
2009-12-15 09:03 . 2002-01-17 10:48 36864 ----a-w- c:\windows\system32\CNMCP3W.EXE
2009-12-15 09:03 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-12-15 08:46 . 2008-04-13 18:33 83968 ----a-w- c:\windows\system32\CNBJMON2.DLL
2009-12-15 08:43 . 2009-12-29 08:41 -------- d-----w- c:\program files\canon
2009-12-15 08:42 . 2009-12-29 17:04 -------- d-----w- c:\documents and settings\seppi\Application Data\vlc
2009-12-15 08:14 . 2009-12-15 08:14 -------- d-----w- c:\program files\VideoLAN
2009-12-15 08:12 . 2010-01-03 14:39 125528 ----a-w- c:\documents and settings\seppi\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-15 08:12 . 2009-12-15 08:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus
2009-12-15 08:12 . 2009-12-30 16:35 -------- d-----w- c:\documents and settings\seppi\Application Data\Azureus
2009-12-15 08:11 . 2009-12-30 11:52 -------- d-----w- c:\program files\Vuze
2009-12-15 08:11 . 2009-12-15 08:11 -------- d-----w- c:\program files\Fichiers communs\i4j_jres

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-02 17:22 . 2010-01-02 17:22 96512 ----a-w- c:\windows\system32\drivers\OLD28F.tmp
2010-01-01 15:16 . 2010-01-01 15:16 96512 ----a-w- c:\windows\system32\drivers\OLD236.tmp
2010-01-01 10:46 . 2008-04-14 12:00 85196 ----a-w- c:\windows\system32\perfc00C.dat
2010-01-01 10:46 . 2008-04-14 12:00 510290 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-30 14:53 . 2009-12-15 12:36 1 ----a-w- c:\documents and settings\seppi\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-21 14:06 . 2009-12-21 08:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-21 08:08 . 2009-12-21 08:08 -------- d-----w- c:\program files\Realtek Sound Manager
2009-12-21 08:08 . 2009-12-21 08:08 -------- d-----w- c:\program files\AvRack
2009-12-15 16:46 . 2009-12-15 12:32 -------- d-----w- c:\program files\Java
2009-12-15 16:45 . 2009-12-15 16:45 152576 ----a-w- c:\documents and settings\seppi\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-15 16:45 . 2009-12-15 16:45 79488 ----a-w- c:\documents and settings\seppi\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-15 16:23 . 2009-12-15 16:23 -------- d-----w- c:\documents and settings\seppi\Application Data\Media Player Classic
2009-12-15 12:36 . 2009-12-15 12:36 -------- d-----w- c:\documents and settings\seppi\Application Data\OpenOffice.org
2009-12-15 12:33 . 2009-12-15 12:33 -------- d-----w- c:\program files\JRE
2009-12-15 12:33 . 2009-12-15 12:33 -------- d-----w- c:\program files\OpenOffice.org 3
2009-12-14 14:04 . 2009-12-14 14:04 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-12-13 17:01 . 2009-12-12 16:52 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-12 16:53 . 2009-12-12 16:53 -------- d-----w- c:\program files\microsoft frontpage
2009-12-12 16:51 . 2009-12-12 16:51 -------- d-----w- c:\program files\Services en ligne
2009-12-12 16:49 . 2009-12-12 16:49 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-10 18:00 . 2009-12-14 14:04 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-10-29 07:42 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:39 . 2008-04-14 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2008-04-14 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-14 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:33 . 2008-04-14 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2008-04-14 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:39 . 2008-04-14 12:00 150528 ----a-w- c:\windows\system32\rastls.dll
2009-10-11 03:17 . 2009-12-15 12:32 411368 ----a-w- c:\windows\system32\deploytk.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Flashget"="c:\program files\FlashGet\flashget.exe" [2007-09-25 2007088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Event Reminder.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Event Reminder.lnk
backup=c:\windows\pss\Event Reminder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Pense-bête.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Pense-bête.lnk
backup=c:\windows\pss\Pense-bête.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-07-04 13:01 148776 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
2007-09-25 08:10 2007088 ----a-w- c:\program files\FlashGet\flashget.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2007-06-20 11:49 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-07-04 13:20 161064 ----a-w- c:\program files\Fichiers communs\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2002-10-16 10:24 47104 ----a-r- c:\windows\SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2009-10-26 07:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Ares\\chatServer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\eMule\\emule.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"45829:TCP"= 45829:TCP:emule
"29081:UDP"= 29081:UDP:emule

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [13/12/2009 20:26 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13/12/2009 20:26 20560]
S3 Amps2prt;Compatible PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [26/12/2009 10:07 9856]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe
.
Contenu du dossier 'Tâches planifiées'

2010-01-03 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-12-14 21:18]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\seppi\Application Data\Mozilla\Firefox\Profiles\czoitbzp.default\
FF - plugin: c:\documents and settings\seppi\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-WheelMouse - Amoumain.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 16:10
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(1068)
c:\program files\FlashGet\fgmgr.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Heure de fin: 2010-01-03 16:12:21 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-03 15:12

Avant-CF: 41 841 131 520 octets libres
Après-CF: 41 859 457 024 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - EE14D945D8EB158F153BBBF9143911D4
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 03 Jan 2010 17:41

hello,

tu n'as pas téléchargés combofix comme demande sur ton bureau et le fichier combofix.exe n'as pas été renommé en calimero.exe, mais c'est pas grave, ça n'a pas eu d'incidence sur le résultat du scan...

fait cela stp...

Télécharge Findykill ( par chiquitine29 ) sur ton bureau

installes le et exécute le....

Choisis "F" pour la langue et ensuite l'option N°2 ( Suppression ) et poste le rapport généré...ensuite ré-essais de démarrer en mode sans échec pour voir si cela re-fonctionne.

@++
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 16:33

Me revoilou,
Si si j'avais renommé Combofix mais seulement une fois installé sur le bureau
Le mode sans echec marche
voici deux rapports findykill mais ils sont avant le lancement de suppression.
Par contre le programme de suppression ne marche pas, après 1 heure il reste toujours bloqué sur le même fichier .zip dans le programme open office.

Autre chose, depuis hier il me demande de valider ma version ??? çà fait plus d'un an que je travaille avec cet ordinateur il ne m'a jamais demandé celà. Changement d'année ????
Est ce que un autre antivirus aurait pu éradiquer cette saloperie que j'ai chopé ? Beaucoup de gens critique Avast et toi ?
Quels sont les programmes de sécurité que je dois en permanence avoir sur le pc ?
Merci
A+
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 16:37

avec les rapports joints :

le 3 janvier

############################## | FindyKill V5.023 |

# User : seppi (Administrateurs) # AS-SEPPI
# Update on 31/12/2009 by El Desaparecido
# Start at: 22:15:52 | 03/01/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) 4 CPU 2.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1368 [VPS 100103-0] 4.8.1368 [ Enabled | Updated ]

# C:\ # Disque fixe local # 60 Go (39 Go free) # NTFS
# D:\ # Disque CD-ROM
# F:\ # Disque fixe local # 89,04 Go (84,9 Go free) [Partition 2] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |


################## | C:\WINDOWS |


################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\seppi\Application Data |


################## | Temporary Internet Files |


################## | Registre / Clés infectieuses |


################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


################## | Cracks / Keygens / Serials |



################## | ! Fin du rapport # FindyKill V5.023 ! |

rapport d aujourd'hui

############################## | FindyKill V5.023 |

# User : seppi (Administrateurs) # AS-SEPPI
# Update on 31/12/2009 by El Desaparecido
# Start at: 14:43:38 | 04/01/2010
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) 4 CPU 2.00GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1368 [VPS 100103-0] 4.8.1368 [ Enabled | Updated ]

# C:\ # Disque fixe local # 60 Go (40 Go free) # NTFS
# D:\ # Disque CD-ROM
# F:\ # Disque fixe local # 89,04 Go (84,9 Go free) [Partition 2] # NTFS

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |


################## | C:\WINDOWS |


################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\seppi\Application Data |


################## | Temporary Internet Files |


################## | Registre / Clés infectieuses |


################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


################## | Cracks / Keygens / Serials |


################## | ! Fin du rapport # FindyKill V5.023 ! |

voilà voilà
A+
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 17:46

hello calimero67,

Par contre le programme de suppression ne marche pas, après 1 heure il reste toujours bloqué sur le même fichier .zip dans le programme open office.

Bizarre, peut être un fichier abimé...
est ce que tu peut noté le nom du fichier et son emplacement et me dire si tu connait la provenance de ce dossier.

depuis hier il me demande de valider ma version ???


Mystère ! Tu n'aurais pas utilisé TDSS Remover par hasard ?

Est ce que un autre antivirus aurait pu éradiquer cette saloperie que j'ai chopé ?


Aucunes chances, au mieux une petite partie de l'infection aurait été traité...

Beaucoup de gens critique Avast et toi ?


Je te laisse te faire une idée, :wink:
http://forum.malekal.com/viewtopic.php? ... 934#p89934
perso je préfère " Antivir" d'Avira

Quels sont les programmes de sécurité que je dois en permanence avoir sur le pc ?


Antivir comme antivirus et Malwarebytes comme antispyware >>> 1 scan par semaine et tu es tranquille
Une précaution importante et de supprimer les fichiers temporaires de windows et de tes navigateurs à chaque fois avant déteindre ton pc.Car les infections présentes dans ces répertoires s'installent très souvent au re-démarrage suivant....

tiens moi au courant pour ce fameux fichier.zip stp... :wink:

@++
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 18:39

le fichier qui bloque est le suivant
openoffice3\baris\share\config\images-classic.zip

j'ose pas aller dessus des fois qu'il soit vérolé !.

TDSS remover ? c'est quoi ?

Je garde tout ce que j'ai téléchargé FINDYKILL safeboot combofix etc ? ou je le vire ? et hijackthis ?

Pour la validation je fais çà par internet ? y a pas de risque ?
A+
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 19:21

hello,

tu peux faire analyser le fichier "images-classic.zip" sur virus total et me poster le rapport

pour cela...

rend toi sur Virus Total

une fois sur la page d'accueil....

1:Clique sur "Parcourir" et choisis le fichier "images-classic.zip" et cliques sur "envoyer le fichier" .

Patientes le temps du scan et postes moi le contenue du rapport stp...

TDSS remover ? c'est quoi ?


c'est un tool destiné à la suppression des rootkit TDSS, mais comme il liste tous les éléments cachés, si tu supprimes ce qu'il trouve, il peut te virer un fichier caché destiné au contrôle de ta licence :oops:

Pour la validation je fais çà par internet ? y a pas de risque ?


Aucuns risque :wink:

@++
"Ce que tu gardes pour toi s'en ira mourir... C'est ce que tu donnes qui te restera" (JF Bernardini / I muvrini )
Image
.1948 | 2012
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: virus win32 alureonEU pour novice

Message le 04 Jan 2010 19:39

Fichier images_classic.zip reçu le 2010.01.04 18:33:49 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE


Résultat: 0/39 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 1.
L'heure estimée de démarrage est entre 46 et 66 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email:


Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.46 2010.01.04 -
AhnLab-V3 5.0.0.2 2010.01.04 -
AntiVir 7.9.1.122 2009.12.31 -
Antiy-AVL 2.0.3.7 2010.01.04 -
Authentium 5.2.0.5 2010.01.04 -
Avast 4.8.1351.0 2010.01.04 -
BitDefender 7.2 2010.01.04 -
CAT-QuickHeal 10.00 2010.01.04 -
ClamAV 0.94.1 2010.01.04 -
Comodo 3467 2010.01.04 -
DrWeb 5.0.1.12222 2010.01.04 -
eSafe 7.0.17.0 2010.01.04 -
eTrust-Vet 35.1.7214 2010.01.04 -
F-Prot 4.5.1.85 2010.01.04 -
Fortinet 4.0.14.0 2010.01.04 -
GData 19 2010.01.04 -
Ikarus T3.1.1.79.0 2009.12.31 -
Jiangmin 13.0.900 2010.01.04 -
K7AntiVirus 7.10.937 2010.01.04 -
Kaspersky 7.0.0.125 2010.01.04 -
McAfee 5851 2010.01.04 -
McAfee+Artemis 5851 2010.01.04 -
McAfee-GW-Edition 6.8.5 2010.01.04 -
Microsoft 1.5302 2010.01.04 -
NOD32 4743 2010.01.04 -
Norman 6.04.03 2010.01.04 -
nProtect 2009.1.8.0 2010.01.04 -
Panda 10.0.2.2 2010.01.04 -
PCTools 7.0.3.5 2010.01.04 -
Prevx 3.0 2010.01.04 -
Rising 22.29.00.04 2010.01.04 -
Sophos 4.49.0 2010.01.04 -
Sunbelt 3.2.1858.2 2010.01.03 -
Symantec 20091.2.0.41 2010.01.04 -
TheHacker 6.5.0.3.131 2010.01.04 -
TrendMicro 9.120.0.1004 2010.01.04 -
VBA32 3.12.12.1 2010.01.04 -
ViRobot 2010.1.4.2120 2010.01.04 -
VirusBuster 5.0.21.0 2010.01.04 -
Information additionnelle
File size: 3350102 bytes
MD5...: 41c39a20fc7f0976be9b9126642f2488
SHA1..: 9f4993cbd1c774dcb807a33ee211ea29d603e66a
SHA256: 7c9b08c0316b5be605b337d68a3c7a834cd30fe957af80486078f234913ade50
ssdeep: 49152:llurOsTPwnFZGTN7iDg/XtIf9H0SlmZr/MDeR1DFawAkn:X2T4FZyN7/f4
bmaaLkwln

PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: ZIP compressed archive (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
calimero67
Apprenti(e)
Apprenti(e)
 
Messages: 35
Inscription: 02 Jan 2010 17:57
 

Suivante


Sujets similaires

Message [Réglé] Echec ajout photo avatar
Bonjour,Souhaitant ajouter la photo de feu mon Fox dans mon avatar, je n'y réussis pas, elle dépasse toujours la limite des 6 kio.Malgré mes connaissances nulles en Informatique, j'ai tenté plusieurs fois de la réduire en pixels avec resizepixel.com/fr mais c'est toujours trop et si j'insiste je cra ...
Réponses: 16

Message [Réglé] Marque-pages en double dans Firefox
Comme disais un ancien ici même : " Rien que le merci vaut le détour "
Réponses: 26

Message [Réglé] pls aide pour le choix de mon ventirad ?? Merci :)
Bonsoirune petite recherche sur le premier.... Le virus Great DiscoverLe Virus Great Discover est un type de logiciel malveillant classé dans la catégorie des chevaux de Troie qui exploite les ressources du système et les utilise pour générer des crypto-monnaies, ce qui ralentit considérablement l? ...
Réponses: 6

Message [Réglé] modification d'un mot dans word
bonsoirParfait , j'ai mis en "réglé"
Réponses: 7

Message [Réglé] TrojanDownloader:Java/Agent.S détecté
Hello,Concernant ton fichier .bat, fait un clic droit dessus et sélectionne "Exécuter en tant qu'administrateur"A+
Réponses: 29

Message [Réglé] TrojanDownloader:Java/Agent.S détecté PC n° 2
bonsoirheracles a écrit:Un modérateur se chargera de passer le sujet en mode résolu.C'est fait
Réponses: 11

Message [Réglé] activité processeur à fond
bonjourje vous expose le problèmedans le gestionnaire des taches on peut voir dans l'onglet performances, l'activité du processeur.alors il est à 5% quand je fait rien ce qui est normal, par contre il fonctionne à 4.20 ghz alors qu'il devrait beaucoup plus bas !c'est pas logique d'avoir un cpu qui f ...
Réponses: 2


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 5 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.