Tom's Guide > Forum > Sécurité - Virus > Pc infecté par Win32:Agent-FJO [Trj]

Pc infecté par Win32:Agent-FJO [Trj]

Forum Sécurité - Virus : Pc infecté par Win32:Agent-FJO [Trj]

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Créer un nouveau sujet Répondre

Bas de page Chercher dans ce sujet

Bonjour
je suis infecté par le cheval de troie suivant :
Win32:Agent-FJO [Trj]
Et je n'arrive pas à le supprimer avec avast.
J'ai effectué un scan hijackthis mais j'ai maintenant besoin de votre aide, voici le log:
Logfile of HijackThis v1.99.1
Scan saved at 07:04:50, on 03/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Updater (mmupdate) - Unknown owner - C:\WINDOWS\TEMP\9.tmp".exe (file missing)

Merci d'avance

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Salut,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Répondre à Destrio5

J'ai bien téléchargé RSIT mais quand je veus le lancer j'ai un message d'erreur: Line -1 Error: Variable used without being declared.
Merci d'avoir répondu aussi vite
Je ne sais pas si tu peus m'aider d'avantage??

Répondre à yan 59

Télécharge OTViewIt sur ton Bureau.
Ferme toutes les fenêtres et applications.
Double-clique sur l'icône d'OTviewIT pour le lancer.
Clique sur le bouton Run Scan et laisse le programme travailler sans l'interrompre.
Il va produire deux rapports, l'un nommé OTViewIt.txt, et un autre nommé Extras qui sera sauvegardé sur ton Bureau. Merci de me poster les deux rapports dans ta prochaine réponse.

Répondre à Destrio5

J'ai oublié de dire que ça faisait plus d'un an que j'avais attrapé ce virus!!!
RSIT liste les fichier récement installé (3 mois maxi) c'est peu être ça le problème??

Répondre à yan 59

Non.

Répondre à Destrio5

Voici les rapports:
_OTViewIt.txt:

OTViewIt logfile created on: 03/03/2009 07:38:53 - Run 3
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

510,48 Mb Total Physical Memory | 238,72 Mb Available Physical Memory | 46,76% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,72% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 66,18 Gb Free Space | 88,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP
Current User Name: Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = All Days

[color=orange]========== Processes ==========[/color]

[2006/07/25 21:44:12 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2006/07/25 21:44:12 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
[2007/01/15 18:18:23 | 00,059,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[2006/09/28 15:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
[2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
[2005/06/06 23:46:24 | 00,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[2004/08/19 16:10:04 | 00,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2006/07/29 19:34:08 | 05,354,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe
[2004/10/13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/19 16:09:56 | 00,093,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/03 07:36:17 | 00,422,912 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTViewIt.exe

[color=orange]========== (O23) Win32 Services ==========[/color]

[2004/07/15 01:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2007/01/15 18:18:23 | 00,059,008 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
[2006/07/25 21:44:12 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
[2007/02/12 21:41:19 | 00,077,944 | ---- | M] (Autodesk) -- C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service [Disabled | Stopped])
[2007/01/15 18:28:51 | 00,132,736 | ---- | M] () -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Disabled | Stopped])
[2007/01/15 18:28:32 | 00,255,616 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [Disabled | Stopped])
[2007/01/15 18:27:51 | 00,370,304 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [Disabled | Stopped])
[2006/09/28 15:13:20 | 00,204,800 | ---- | M] (Anti-Malware Development a.s.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard [Auto | Running])
[2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running])
File not found -- -- (mmupdate [Auto | Stopped])
[2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
[2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
[2009/03/03 06:39:06 | 00,137,200 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

[color=orange]========== Driver Services ==========[/color]

[2004/08/03 23:10:12 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883 [On_Demand | Stopped])
[2006/12/21 00:51:58 | 00,031,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
[2006/12/21 00:56:00 | 00,094,424 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
[2007/01/15 18:26:08 | 00,023,352 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Stopped])
[2007/01/15 18:25:24 | 00,043,176 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
[2006/07/25 21:51:58 | 01,681,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2004/08/03 23:10:12 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc [On_Demand | Stopped])
[2006/09/28 15:13:34 | 00,004,096 | ---- | M] () -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver [System | Running])
[2006/09/05 17:03:16 | 00,003,968 | ---- | M] (GRISOFT, s.r.o.) -- C:\WINDOWS\system32\drivers\AvgAsCln.sys -- (AvgAsCln [System | Running])
[2005/09/28 16:00:22 | 00,376,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX [On_Demand | Running])
[2004/08/03 23:10:40 | 00,017,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthenum.sys -- (BthEnum [On_Demand | Stopped])
[2004/08/03 23:10:40 | 00,038,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthmodem.sys -- (BTHMODEM [On_Demand | Stopped])
[2004/08/03 22:58:40 | 00,100,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthpan.sys -- (BthPan [On_Demand | Stopped])
[2004/08/19 15:55:32 | 00,274,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthport.sys -- (BTHPORT [On_Demand | Stopped])
[2004/08/03 23:10:36 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\bthusb.sys -- (BTHUSB [On_Demand | Stopped])
[2004/11/17 10:17:14 | 00,293,120 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camcaud.sys -- (CAMCAUD [On_Demand | Running])
[2004/11/17 10:17:58 | 00,280,192 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\camchal.sys -- (CAMCHALA [On_Demand | Running])
[2004/06/22 10:16:46 | 00,051,088 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\hpzid412.sys -- (HPZid412 [On_Demand | Stopped])
[2004/06/22 10:16:46 | 00,016,496 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand | Stopped])
[2004/06/22 10:16:46 | 00,021,744 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand | Stopped])
[2004/10/28 15:33:08 | 00,200,576 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH [On_Demand | Running])
[2004/10/28 15:29:48 | 01,041,664 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP [On_Demand | Running])
[2004/03/17 11:04:14 | 00,013,059 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
[2004/08/03 23:10:00 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV [On_Demand | Stopped])
[2003/04/24 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2005/06/29 01:38:00 | 00,015,172 | ---- | M] (Prassi Technology) -- C:\WINDOWS\system32\drivers\PzWDM.sys -- (PzWDM [Boot | Running])
[2004/08/03 23:10:40 | 00,059,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rfcomm.sys -- (RFCOMM [On_Demand | Stopped])
[2004/08/03 22:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139 [On_Demand | Running])
[2004/08/03 23:07:48 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2007/09/05 18:48:09 | 00,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2001/08/17 20:56:16 | 00,007,552 | ---- | M] (Sony Corporation) -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1 [On_Demand | Stopped])
[2005/06/23 09:16:08 | 00,162,176 | ---- | M] (Texas Instruments) -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21 [On_Demand | Running])
[2004/10/28 15:30:36 | 00,685,184 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
[2004/08/03 23:07:42 | 00,008,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi [System | Running])

[color=orange]========== (R ) Internet Explorer ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
"Default_Search_URL"=http://www.google.com/ie
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.google.com
"Start Page"=http://www.orange.fr/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com/ie

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s
"provider"=gogl

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[color=orange]========== (O1) Hosts File ==========[/color]

HOSTS File = (0 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...

[color=orange]========== (O2) BHO's ==========[/color]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (HKLM) -- C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} (HKLM) -- C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)

[color=orange]========== (O3) Toolbars ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" (HKLM) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

[color=orange]========== (O4) Run Keys ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" (Adobe Systems Incorporated)
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background (Microsoft Corporation)
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" /background (Microsoft Corporation)
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized ()

[color=orange]========== (O4) RunOnce Keys ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe (Adobe Systems, Inc.)

[color=orange]========== (O4) Startup Folders ==========[/color]

[color=orange]========== (O6 & O7) Current Version Policies ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"DisableRegistryTools"=0

[color=orange]========== (O12) Internet Explorer Plugins ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/contr [...] %s&mime=%s
PluginsPageFriendlyName: "" = Bibliothèque de contrôles ActiveX Microsoft

[color=orange]========== (O13) Default Prefixes ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[color=orange]========== (O16) DPF ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}: https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx -- Get_ActiveX Control

[color=orange]========== (O17) DNS Name Servers ==========[/color]

{14AB4201-9A32-44B0-B972-8495BC84E118} (Servers: | Description: )
{55E60E2C-7E77-48E4-9927-282F9BA9C6D8} (Servers: | Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family)
{5F383145-9AC0-40D5-8C6A-F211A18F752A} (Servers: | Description: Broadcom 802.11b/g WLAN)
{69328AB2-02DE-4DF5-B1D4-A16CB56D7AFC} (Servers: | Description: )
{D8ED3171-0247-4387-91CA-EE7CBC78BF22} (Servers: | Description: Carte réseau 1394)
{F472B998-9F25-46D5-91E4-864D2B2DA993} (Servers: | Description: )

[color=orange]========== Shell Execute Hooks ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}" (HKLM) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (Anti-Malware Development a.s.)

[color=orange]========== Safeboot Options ==========[/color]

"AlternateShell"=cmd.exe

[color=orange]========== CDRom AutoRun Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

[color=orange]========== Autorun Files on Drives ==========[/color]

AUTOEXEC.BAT []
[2007/02/10 23:53:15 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

[color=orange]========== MountPoints2 ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05904624-07b4-11de-9788-00c09f918a9c}\Shell\AutoRun\command]
""=E:\t.com -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05904624-07b4-11de-9788-00c09f918a9c}\Shell\explore\Command]
""=E:\t.com -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{05904624-07b4-11de-9788-00c09f918a9c}\Shell\open\Command]
""=E:\t.com -- File not found

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dc79003-60a3-11dc-976d-00c09f918a9c}\Shell\Auto\command]
""=AdobeR.exe e

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dc79003-60a3-11dc-976d-00c09f918a9c}\Shell\AutoRun\command]
""=C:\WINDOWS\system32\shell32.dll -- [2006/12/19 22:49:47 | 08,509,952 | ---- | M] (Microsoft Corporation)

[color=orange]========== Files/Folders - Created Within All Days ==========[/color]

[1 C:\WINDOWS\System32\*.tmp files]
[3 C:\WINDOWS\*.tmp files]
[2009/03/03 07:36:05 | 00,422,912 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Propriétaire\Bureau\OTViewIt.exe
[2009/03/03 07:21:12 | 00,000,000 | ---D | C] -- C:\rsit
[2009/03/03 07:20:27 | 00,781,909 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
[2007/10/19 19:02:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\Université des Sciences et Technologies de Lille, Master Sciences et Technologies (U_S_T_L_)_fichiers
[2007/10/19 19:02:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\CuisineAZ - Cuisinez comme un Chef_fichiers
[2007/10/19 19:02:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\Tutorat
[2007/10/19 19:02:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\Raccourcis Bureau non utilisés
[2007/10/19 19:02:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Bureau\Carrière
[2007/10/19 19:01:50 | 00,000,000 | ---D | C] -- C:\Program Files\ONES Trial (F)
[2007/10/11 18:41:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus
[2007/09/27 18:24:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2007/09/19 01:01:56 | 87,944,192 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\football_manager_2007_patch_v7.0.2_version_windows_multi-langues_32667.exe
[2007/09/05 18:50:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Sports Interactive
[2007/09/05 18:50:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Sports Interactive
[2007/09/05 17:55:36 | 00,001,659 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Football Manager 2007.lnk
[2007/09/05 17:54:57 | 00,000,000 | ---D | C] -- C:\Program Files\Sports Interactive
[2007/08/09 20:07:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\vlc
[2007/08/09 20:05:50 | 00,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2007/08/05 22:06:28 | 00,000,000 | ---D | C] -- C:\Program Files\Blip Blop
[2007/07/24 17:48:19 | 00,221,184 | ---- | C] (Prassi Software) -- C:\WINDOWS\InZU31.exe
[2007/07/24 17:47:57 | 00,015,172 | ---- | C] (Prassi Technology) -- C:\WINDOWS\System32\drivers\PzWDM.sys
[2007/07/20 15:48:11 | 00,000,014 | ---- | C] () -- C:\WINDOWS\System32\SystemInfo32.sys
[2007/07/20 15:48:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DVD X Studios
[2007/06/21 13:57:52 | 00,030,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2007/06/20 01:25:36 | 00,038,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2007/06/20 01:25:36 | 00,030,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2007/06/20 01:25:36 | 00,030,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2007/06/20 01:25:36 | 00,021,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2007/06/13 14:22:28 | 01,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2007/06/13 10:10:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Leadertech
[2007/05/20 13:54:04 | 00,000,000 | -H-D | C] -- C:\Config.Msi
[2007/05/17 12:29:50 | 00,549,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2007/05/13 08:37:17 | 00,000,000 | ---D | C] -- C:\Program Files\eMule
[2007/05/08 14:03:04 | 01,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4.dll
[2007/04/25 15:22:35 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2007/04/23 11:32:54 | 00,364,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\update.sys
[2007/03/17 14:44:47 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2007/03/08 16:37:50 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2007/03/08 16:37:50 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2007/03/08 16:37:50 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2007/03/08 16:33:58 | 01,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2007/02/19 20:39:06 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt19.sqm
[2007/02/19 20:39:06 | 00,000,232 | -H-- | C] () -- C:\sqmdata19.sqm
[2007/02/19 20:36:09 | 00,000,268 | -H-- | C] () -- C:\sqmdata18.sqm
[2007/02/19 20:36:09 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt18.sqm
[2007/02/19 20:35:27 | 00,002,054 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2007/02/19 20:33:33 | 00,000,268 | -H-- | C] () -- C:\sqmdata17.sqm
[2007/02/19 20:33:33 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt17.sqm
[2007/02/19 20:32:45 | 00,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2007/02/19 20:32:45 | 00,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2007/02/19 20:32:45 | 00,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2007/02/19 20:32:45 | 00,053,248 | ---- | C] (http://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2007/02/19 20:32:45 | 00,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2007/02/19 20:32:45 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2007/02/19 20:31:00 | 00,000,268 | -H-- | C] () -- C:\sqmdata16.sqm
[2007/02/19 20:31:00 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt16.sqm
[2007/02/19 19:36:07 | 00,000,268 | -H-- | C] () -- C:\sqmdata15.sqm
[2007/02/19 19:36:07 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt15.sqm
[2007/02/19 19:30:41 | 00,000,268 | -H-- | C] () -- C:\sqmdata14.sqm
[2007/02/19 19:30:41 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt14.sqm
[2007/02/19 19:08:00 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt13.sqm
[2007/02/19 19:08:00 | 00,000,232 | -H-- | C] () -- C:\sqmdata13.sqm
[2007/02/19 19:06:07 | 00,000,268 | -H-- | C] () -- C:\sqmdata12.sqm
[2007/02/19 19:06:07 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt12.sqm
[2007/02/18 15:35:56 | 00,000,268 | -H-- | C] () -- C:\sqmdata11.sqm
[2007/02/18 15:35:56 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt11.sqm
[2007/02/18 14:38:14 | 00,000,268 | -H-- | C] () -- C:\sqmdata10.sqm
[2007/02/18 14:38:14 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt10.sqm
[2007/02/18 14:35:22 | 00,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2007/02/18 14:35:22 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2007/02/18 14:32:46 | 00,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2007/02/18 14:32:46 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2007/02/18 14:29:47 | 00,000,268 | -H-- | C] () -- C:\sqmdata07.sqm
[2007/02/18 14:29:47 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2007/02/18 10:59:14 | 00,000,268 | -H-- | C] () -- C:\sqmdata06.sqm
[2007/02/18 10:59:14 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt06.sqm
[2007/02/18 10:54:10 | 00,000,268 | -H-- | C] () -- C:\sqmdata05.sqm
[2007/02/18 10:54:10 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt05.sqm
[2007/02/18 10:51:17 | 00,000,268 | -H-- | C] () -- C:\sqmdata04.sqm
[2007/02/18 10:51:17 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt04.sqm
[2007/02/15 20:28:59 | 00,000,268 | -H-- | C] () -- C:\sqmdata03.sqm
[2007/02/15 20:28:59 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt03.sqm
[2007/02/15 20:27:47 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbprint.sys
[2007/02/15 20:27:47 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2007/02/15 18:49:24 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mouhid.sys
[2007/02/15 18:49:24 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2007/02/15 18:14:26 | 00,002,422 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2007/02/15 17:48:43 | 00,002,483 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts.tim
[2007/02/15 17:47:30 | 00,000,001 | ---- | C] () -- C:\WINDOWS\System32\kr_done1
[2007/02/15 17:47:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\sdfdsf
[2007/02/15 17:47:24 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\asfds
[2007/02/15 17:45:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\inet20002
[2007/02/15 17:44:45 | 00,037,721 | ---- | C] () -- C:\WINDOWS\System32\pp.exe.exe
[2007/02/15 17:44:42 | 00,057,689 | ---- | C] () -- C:\WINDOWS\System32\ma.exe.exe
[2007/02/15 17:44:41 | 00,000,099 | ---- | C] () -- C:\WINDOWS\System32\svcp.csv
[2007/02/15 17:44:41 | 00,000,004 | ---- | C] () -- C:\WINDOWS\System32\winsub.xml
[2007/02/15 17:43:41 | 00,000,002 | ---- | C] () -- C:\149163016
[2007/02/13 15:43:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Macromedia
[2007/02/13 15:30:54 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2007/02/13 15:30:54 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2007/02/13 15:30:53 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2007/02/13 01:01:20 | 00,000,268 | -H-- | C] () -- C:\sqmdata02.sqm
[2007/02/13 01:01:20 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt02.sqm
[2007/02/12 21:40:33 | 00,000,000 | ---D | C] -- C:\Program Files\AnswerWorks 4.0
[2007/02/12 21:37:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Autodesk
[2007/02/12 21:37:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Autodesk
[2007/02/12 21:37:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2007/02/12 21:08:52 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Autodesk Shared
[2007/02/12 21:08:48 | 00,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2007/02/12 21:07:19 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\fusioncache.dat
[2007/02/12 21:07:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory
[2007/02/12 21:05:48 | 00,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2007/02/12 21:05:48 | 00,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2007/02/12 21:05:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTemp
[2007/02/12 20:56:41 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Antivirus.lnk
[2007/02/12 20:56:40 | 00,043,176 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2007/02/12 20:56:40 | 00,023,352 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2007/02/12 20:56:39 | 00,031,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2007/02/12 20:56:35 | 00,094,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2007/02/12 20:56:35 | 00,085,952 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2007/02/12 20:56:23 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MFC71.dll
[2007/02/12 20:56:23 | 00,689,280 | ---- | C] () -- C:\WINDOWS\System32\aswBoot.exe
[2007/02/12 20:56:23 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCP71.dll
[2007/02/12 20:56:23 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2007/02/12 20:56:23 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSVCR71.dll
[2007/02/12 20:56:23 | 00,090,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AVASTSS.scr
[2007/02/12 20:56:18 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2007/02/12 20:46:25 | 00,271,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2007/02/12 20:46:25 | 00,207,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\muweb.dll
[2007/02/11 23:37:57 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader 8.lnk
[2007/02/11 23:36:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\AdobeUM
[2007/02/11 23:36:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\AdobeAUM
[2007/02/11 23:36:26 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Adobe
[2007/02/11 23:36:22 | 00,002,067 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Photoshop Album Starter Edition 3.0.lnk
[2007/02/11 23:36:18 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[2007/02/11 23:36:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2007/02/11 23:36:05 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2007/02/11 23:29:23 | 00,000,000 | ---D | C] -- C:\Temp
[2007/02/11 23:29:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Adobe
[2007/02/11 23:29:22 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2007/02/11 15:35:37 | 00,000,268 | -H-- | C] () -- C:\sqmdata01.sqm
[2007/02/11 15:35:37 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt01.sqm
[2007/02/11 14:11:44 | 00,000,268 | -H-- | C] () -- C:\sqmdata00.sqm
[2007/02/11 14:11:44 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt00.sqm
[2007/02/11 12:42:33 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2007/02/11 12:42:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2007/02/11 12:42:18 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2007/02/11 12:40:16 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2007/02/11 12:40:10 | 00,000,000 | ---D | C] -- C:\Program Files\MSN Messenger
[2007/02/11 12:13:59 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Mes images
[2007/02/11 12:12:31 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidusb.sys
[2007/02/11 12:12:31 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2007/02/11 12:12:27 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBSTOR.SYS
[2007/02/11 12:12:27 | 00,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2007/02/11 12:12:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2007/02/11 12:12:23 | 00,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2007/02/11 06:22:26 | 00,002,701 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Microsoft Office Outlook 2007.lnk
[2007/02/11 06:22:26 | 00,002,589 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Bureau\Microsoft Office Publisher 2007.lnk
[2007/02/11 06:22:25 | 00,030,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2007/02/11 06:21:26 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2007/02/11 06:21:14 | 00,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2007/02/11 06:20:50 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2007/02/11 06:20:50 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DESIGNER
[2007/02/11 06:15:53 | 00,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2007/02/11 06:14:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft Help
[2007/02/11 06:14:11 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2007/02/11 06:14:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2007/02/11 06:13:13 | 00,000,000 | RH-D | C] -- C:\MSOCache
[2007/02/11 06:12:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2007/02/11 06:11:38 | 00,101,888 | ---- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/02/11 06:10:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2007/02/11 06:10:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2007/02/11 00:28:47 | 00,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2007/02/11 00:28:12 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2007/02/11 00:28:12 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2007/02/11 00:28:06 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agpcpq.sys
[2007/02/11 00:28:06 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\alim1541.sys
[2007/02/11 00:28:06 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\agp440.sys
[2007/02/11 00:28:05 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2007/02/11 00:28:04 | 00,262,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\http.sys
[2007/02/11 00:28:04 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2007/02/11 00:28:04 | 00,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fltmgr.sys
[2007/02/11 00:28:04 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2007/02/11 00:28:04 | 00,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\intelppm.sys
[2007/02/11 00:28:04 | 00,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2007/02/11 00:28:04 | 00,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2007/02/11 00:28:04 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidbth.sys
[2007/02/11 00:28:04 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthusb.sys
[2007/02/11 00:28:04 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthenum.sys
[2007/02/11 00:28:04 | 00,015,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2007/02/11 00:28:04 | 00,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidir.sys
[2007/02/11 00:28:03 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2007/02/11 00:28:03 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sdbus.sys
[2007/02/11 00:28:03 | 00,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2007/02/11 00:28:03 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\uagp35.sys
[2007/02/11 00:28:03 | 00,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2007/02/11 00:28:03 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2007/02/11 00:28:03 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2007/02/11 00:28:03 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2007/02/11 00:28:02 | 00,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2007/02/11 00:28:02 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2007/02/11 00:28:02 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\viaagp.sys
[2007/02/11 00:28:02 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthserv.dll
[2007/02/11 00:28:02 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2007/02/11 00:28:02 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2007/02/11 00:28:02 | 00,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wacompen.sys
[2007/02/11 00:28:02 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2007/02/11 00:28:02 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2007/02/11 00:28:02 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2007/02/11 00:28:01 | 02,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2007/02/11 00:28:01 | 01,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2007/02/11 00:28:01 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2007/02/11 00:28:01 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2007/02/11 00:28:01 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extmgr.dll
[2007/02/11 00:28:01 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2007/02/11 00:28:01 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2007/02/11 00:28:01 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltlib.dll
[2007/02/11 00:28:01 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2007/02/11 00:28:00 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2007/02/11 00:28:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2007/02/11 00:28:00 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2007/02/11 00:28:00 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2007/02/11 00:27:59 | 00,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2007/02/11 00:27:59 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2007/02/11 00:27:59 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2007/02/11 00:27:59 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2007/02/11 00:27:59 | 00,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2007/02/11 00:27:59 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2007/02/11 00:27:59 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2007/02/11 00:27:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2007/02/11 00:27:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2007/02/11 00:27:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2007/02/11 00:27:59 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2007/02/11 00:27:59 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2007/02/11 00:27:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2007/02/11 00:27:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2007/02/11 00:27:59 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2007/02/11 00:27:59 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2007/02/11 00:27:58 | 00,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2007/02/11 00:27:58 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsnsv.dll
[2007/02/11 00:27:58 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2007/02/11 00:27:57 | 00,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2psvc.dll
[2007/02/11 00:27:57 | 00,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2007/02/11 00:27:57 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2007/02/11 00:27:57 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2007/02/11 00:27:57 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2007/02/11 00:27:57 | 00,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2007/02/11 00:27:57 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pnrpnsp.dll
[2007/02/11 00:27:57 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2007/02/11 00:27:56 | 02,986,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2007/02/11 00:27:56 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2007/02/11 00:27:56 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\twext.dll
[2007/02/11 00:27:56 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2007/02/11 00:27:56 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w3ssl.dll
[2007/02/11 00:27:56 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2007/02/11 00:27:55 | 04,734,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.dll
[2007/02/11 00:27:55 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpdxm.dll
[2007/02/11 00:27:55 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2007/02/11 00:27:55 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2007/02/11 00:27:55 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2007/02/11 00:27:55 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2007/02/11 00:27:54 | 01,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2007/02/11 00:27:54 | 01,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2007/02/11 00:27:54 | 00,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2007/02/11 00:27:54 | 00,549,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2007/02/11 00:27:54 | 00,549,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2007/02/11 00:27:54 | 00,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2007/02/11 00:27:54 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl
[2007/02/11 00:27:54 | 00,216,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2007/02/11 00:27:54 | 00,195,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2007/02/11 00:27:54 | 00,195,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng1.dll
[2007/02/11 00:27:54 | 00,175,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2007/02/11 00:27:54 | 00,175,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt1.exe
[2007/02/11 00:27:54 | 00,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2007/02/11 00:27:54 | 00,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshbth.dll
[2007/02/11 00:27:54 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscsvc.dll
[2007/02/11 00:27:54 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscntfy.exe
[2007/02/11 00:27:53 | 00,325,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2007/02/11 00:27:53 | 00,325,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2007/02/11 00:27:53 | 00,203,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuweb.dll
[2007/02/11 00:27:53 | 00,203,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2007/02/11 00:27:53 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprov.dll
[2007/02/11 00:27:53 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2007/02/11 00:27:53 | 00,033,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2007/02/11 00:27:53 | 00,033,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2007/02/11 00:27:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2007/02/11 00:27:50 | 00,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2007/02/11 00:25:39 | 00,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2007/02/11 00:21:35 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2007/02/11 00:21:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2007/02/11 00:21:10 | 00,022,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2007/02/11 00:18:29 | 00,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2007/02/11 00:18:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2007/02/11 00:12:24 | 05,334,810 | -H-- | C] () -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\IconCache.db
[2007/02/11 00:11:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\tiinst
[2007/02/11 00:10:45 | 00,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2007/02/11 00:09:33 | 00,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2007/02/11 00:09:31 | 00,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2007/02/11 00:08:11 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\InstallShield
[2007/02/11 00:06:57 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2007/02/11 00:06:53 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2007/02/11 00:05:51 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\HSFProf.cty
[2007/02/11 00:05:44 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\splitter.sys
[2007/02/11 00:05:42 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2007/02/11 00:05:40 | 00,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dmusic.sys
[2007/02/11 00:05:39 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\swmidi.sys
[2007/02/11 00:05:39 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2007/02/11 00:05:37 | 00,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\aec.sys
[2007/02/11 00:05:35 | 00,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\kmixer.sys
[2007/02/11 00:05:34 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmkaud.sys
[2007/02/11 00:05:28 | 00,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2007/02/11 00:05:17 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2007/02/11 00:05:16 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspqm.sys
[2007/02/11 00:05:13 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mspclock.sys
[2007/02/11 00:05:05 | 00,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2007/02/11 00:05:05 | 00,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2007/02/11 00:05:05 | 00,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2007/02/11 00:05:05 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2007/02/11 00:05:05 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wdmaud.drv
[2007/02/11 00:05:05 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2007/02/11 00:05:04 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2007/02/11 00:04:59 | 00,000,000 | ---D | C] -- C:\swsetup
[2007/02/10 23:58:34 | 00,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2007/02/10 23:58:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Application Data\Identities
[2007/02/10 23:58:24 | 00,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2007/02/10 23:58:22 | 00,000,164 | -HS- | C] () -- C:\Documents and Settings\Propriétaire\Mes documents\desktop.ini
[2007/02/10 23:58:22 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Propriétaire\Mes documents\Ma musique
[2007/02/10 23:58:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft
[2007/02/10 23:58:18 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Propriétaire\Application Data\desktop.ini
[2007/02/10 23:58:17 | 00,000,084 | -HS- | C] () -- C:\Documents and Settings\Propriétaire\Menu Démarrer\Programmes\Démarrage\desktop.ini
[2007/02/10 23:58:17 | 00,000,000 | --SD | C] -- C:\Documents and Settings\Propriétaire\Application Data\Microsoft
[2007/02/10 23:58:09 | 00,000,000 | -HSD | C] -- C:\System Volume Information
[2007/02/10 23:56:01 | 00,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2007/02/10 23:55:09 | 00,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/02/10 23:54:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2007/02/10 23:54:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2007/02/10 23:54:59 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2007/02/10 23:54:59 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2007/02/10 23:54:59 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2007/02/10 23:54:58 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2007/02/10 23:54:58 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2007/02/10 23:54:58 | 00,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2007/02/10 23:54:56 | 00,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2007/02/10 23:54:56 | 00,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2007/02/10 23:54:56 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2007/02/10 23:54:55 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2007/02/10 23:54:55 | 00,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2007/02/10 23:54:54 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2007/02/10 23:54:53 | 00,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2007/02/10 23:54:53 | 00,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2007/02/10 23:54:53 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2007/02/10 23:54:53 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2007/02/10 23:54:53 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2007/02/10 23:54:52 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2007/02/10 23:54:52 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2007/02/10 23:54:52 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2007/02/10 23:54:51 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2007/02/10 23:54:50 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2007/02/10 23:54:49 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2007/02/10 23:54:49 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2007/02/10 23:54:48 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2007/02/10 23:54:48 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2007/02/10 23:54:48 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2007/02/10 23:54:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2007/02/10 23:54:48 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2007/02/10 23:54:47 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2007/02/10 23:54:47 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2007/02/10 23:54:47 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2007/02/10 23:54:47 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2007/02/10 23:54:47 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2007/02/10 23:54:47 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2007/02/10 23:54:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2007/02/10 23:54:47 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2007/02/10 23:54:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2007/02/10 23:54:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2007/02/10 23:54:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2007/02/10 23:54:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2007/02/10 23:54:47 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2007/02/10 23:54:46 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2007/02/10 23:54:44 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2007/02/10 23:54:44 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2007/02/10 23:54:43 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2007/02/10 23:54:42 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2007/02/10 23:54:42 | 00,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2007/02/10 23:54:42 | 00,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2007/02/10 23:54:42 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2007/02/10 23:54:42 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2007/02/10 23:54:41 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2007/02/10 23:54:41 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2007/02/10 23:54:41 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2007/02/10 23:54:40 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2007/02/10 23:54:39 | 00,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2007/02/10 23:54:39 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2007/02/10 23:54:38 | 00,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2007/02/10 23:54:38 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2007/02/10 23:54:38 | 00,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2007/02/10 23:54:38 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2007/02/10 23:54:38 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2007/02/10 23:54:38 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2007/02/10 23:54:38 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2007/02/10 23:54:37 | 00,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2007/02/10 23:54:37 | 00,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2007/02/10 23:54:37 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2007/02/10 23:54:37 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2007/02/10 23:54:37 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2007/02/10 23:54:37 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2007/02/10 23:54:36 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2007/02/10 23:54:32 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2007/02/10 23:54:32 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2007/02/10 23:54:29 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2007/02/10 23:54:29 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2007/02/10 23:54:24 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2007/02/10 23:54:24 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2007/02/10 23:54:23 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2007/02/10 23:54:22 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2007/02/10 23:54:22 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2007/02/10 23:54:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2007/02/10 23:54:21 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2007/02/10 23:54:21 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2007/02/10 23:54:20 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2007/02/10 23:54:20 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2007/02/10 23:54:20 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2007/02/10 23:54:20 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2007/02/10 23:54:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2007/02/10 23:54:20 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2007/02/10 23:54:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2007/02/10 23:54:19 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2007/02/10 23:54:19 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2007/02/10 23:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2007/02/10 23:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2007/02/10 23:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2007/02/10 23:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2007/02/10 23:54:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2007/02/10 23:54:19 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2007/02/10 23:54:19 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2007/02/10 23:54:19 | 00,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2007/02/10 23:54:18 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2007/02/10 23:54:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2007/02/10 23:54:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2007/02/10 23:54:18 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2007/02/10 23:54:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2007/02/10 23:54:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2007/02/10 23:54:18 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2007/02/10 23:54:16 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2007/02/10 23:54:16 | 00,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2007/02/10 23:54:16 | 00,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2007/02/10 23:54:16 | 00,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2007/02/10 23:54:16 | 00,233,527 | ---- | C] (M

Répondre à yan 59

_le second rapport, Extras.Txt:

OTViewIt Extras logfile created on: 03/03/2009 07:38:53 - Run 3
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Documents and Settings\Propriétaire\Bureau
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

510,48 Mb Total Physical Memory | 238,72 Mb Available Physical Memory | 46,76% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,72% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 66,18 Gb Free Space | 88,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP
Current User Name: Propriétaire
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = All Days

[color=orange]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\system32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\system32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\system32\notepad.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\system32\wscript.exe (Microsoft Corporation)

[color=orange]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=1
"FirewallOverride"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

[color=orange]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2004/08/19 16:10:04 | 00,142,336 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2006/07/29 19:34:08 | 05,354,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0
[2006/07/29 18:16:08 | 01,002,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2004/08/19 16:10:04 | 00,142,336 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2007/05/25 19:09:50 | 12,831,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook
[2006/07/29 19:34:08 | 05,354,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0
[2006/07/29 18:16:08 | 01,002,280 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
File not found -- c:\windows\system32\colorids0.exe:*:Enabled:colorids0
[2004/10/13 17:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2006/09/14 15:15:24 | 05,001,216 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule
[2006/10/17 17:12:58 | 18,898,944 | ---- | M] (Sports Interactive) -- C:\Program Files\Sports Interactive\Football Manager 2007\fm.exe:*:Enabled:Football Manager 2007
[2006/09/25 18:50:02 | 20,053,544 | ---- | M] () -- C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype

[color=orange]========== (O10) Winsock2 Catalogs ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [Espace de noms Bluetooth] -- C:\WINDOWS\system32\wshbth.dll (Microsoft Corporation)

[color=orange]========== (O18) Protocol Handlers ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
msdaipp: [HKLM - No CLSID value]
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
[2006/10/26 19:49:48 | 01,011,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
[2006/10/26 13:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} (HKLM) [HxProtocol Class])

[color=orange]========== (O18) Protocol Filters ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
[2006/10/26 21:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation) C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL text/xml:{807563E5-5146-11D5-A672-00B0D022E945} (HKLM) [Microsoft Office InfoPath XML Mime Filter]

[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=Panneau de contrôle ATI
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}"=Windows Live Sign-in Assistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}"=ATI Parental Control & Encoder
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}"=Google Earth
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}"=Adobe® Photoshop® Album Starter Edition 3.0
"{5783F2D7-4001-0409-0002-0060B0CE6BBA}"=AutoCAD 2006 - English
"{90120000-0010-040C-0000-0000000FF1CE}"=Microsoft Software Update for Web Folders (French) 12
"{90120000-0011-0000-0000-0000000FF1CE}"=Microsoft Office Professional Plus 2007
"{90120000-0015-040C-0000-0000000FF1CE}"=Microsoft Office Access MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}"=Microsoft Office Excel MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}"=Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}"=Microsoft Office Publisher MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}"=Microsoft Office Outlook MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}"=Microsoft Office Word MUI (French) 2007
"{90120000-001F-0401-0000-0000000FF1CE}"=Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}"=Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}"=Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}"=Microsoft Office Proof (French) 2007
"{90120000-001F-0413-0000-0000000FF1CE}"=Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}"=Microsoft Office Proof (Spanish) 2007
"{90120000-002C-040C-0000-0000000FF1CE}"=Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}"=Microsoft Office InfoPath MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}"=Microsoft Office Shared MUI (French) 2007
"{A1062847-0846-427A-92A1-BB8251A91E91}"=HP PSC & OfficeJet 4.2
"{AC76BA86-7AD7-1033-7B44-A80000000002}"=Adobe Reader 8
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{E22885AB-B503-46E2-8437-73BBC6BC5487}"=Windows Live Messenger
"{FF6F491D-BC82-4DCC-A72F-1824957C6466}"=TIxx21
"All ATI Software"=ATI - Utilitaire de désinstallation du logiciel
"ATI Display Driver"=ATI Display Driver
"Autodesk DWF Viewer"=Autodesk DWF Viewer
"avast!"=avast! Antivirus
"AVGAntiSpyware75"=AVG Anti-Spyware 7.5
"Blip Blop"=Blip Blop (remove only)
"Broadcom 802.11b Network Adapter"=Broadcom 802.11 Wireless LAN Adapter
"c474c3891a130b8bd0297680e91988cd308463113"=Football Manager 2007
"CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C"=Conexant Data Fax Modem with SmartCP
"Conexant PCI Audio"=Conexant AC-97 Audio
"eMule"=eMule
"HijackThis"=HijackThis 1.99.1
"Hijackthis Version Française_is1"=Hijackthis Version Française
"InstallShield_{FF6F491D-BC82-4DCC-A72F-1824957C6466}"=Texas Instruments PCIxx21/x515 drivers.
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"MOTIX"=MOTIX
"ONES(F)"=ONES Trial (F)
"PROPLUS"=Microsoft Office Professional Plus 2007
"ShockwaveFlash"=Adobe Flash Player 9
"Skype_is1"=Skype 2.5
"SLD Codec Pack"=SLD Codec Pack
"VLC media player"=VideoLAN VLC media player 0.8.6c
"Windows XP Service Pack"=Windows XP Service Pack 2
"Yahoo! Companion"=Yahoo! Toolbar
"Yahoo! Toolbar"=Yahoo! Toolbar

[color=orange]========== Last 10 Event Log Errors ==========[/color]

[ Antivirus Events ]
Error - 15/01/2007 21:49:02 | Computer Name = HP | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView:nCreate()
!m_strErrorWnd.IsEmpty().

Error - 03/03/2009 01:51:59 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 01:53:21 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 01:54:00 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 02:28:08 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 02:28:09 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 02:28:09 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 02:28:10 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestAddFile Error 1753.

Error - 03/03/2009 02:29:52 | Computer Name = HP | Source = avast! | ID = 33554522
Description = Error in aswChestC: chestOpenList Error 1753.

Error - 03/03/2009 02:29:52 | Computer Name = HP | Source = avast! | ID = 33554522
Description = aswChestInterface - Program error description: CChestListView::LoadFiles()
chestOpenList() failed: 2147422219.

[ Application Events ]
Error - 21/06/2007 21:51:43 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante , version 0.0.0.0, module défaillant unknown,
version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 25/06/2007 00:33:23 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

Error - 04/07/2007 04:58:42 | Computer Name = HP | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 6.0.2900.2180, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 07/07/2007 14:16:32 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

Error - 07/07/2007 08:46:14 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante wmplayer.exe, version 9.0.0.3250, module défaillant
xvidcore.dll, version 0.0.0.0, adresse de défaillance 0x000495c8.

Error - 20/07/2007 10:06:04 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

Error - 24/07/2007 12:29:08 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

Error - 24/07/2007 12:49:52 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

Error - 24/07/2007 13:00:04 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante dvdxplayer.exe, version 4.0.0.1, module défaillant
unknown, version 0.0.0.0, adresse de défaillance 0x0124000b.

Error - 24/07/2007 18:15:57 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Application défaillante svchost.exe, version 5.1.2600.2180, module
défaillant set32.dll, version 0.0.0.0, adresse de défaillance 0x0000200c.

[ OSession Events ]
Error - 09/01/2007 03:34:43 | Computer Name = HP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18029
seconds with 4920 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21/12/2008 17:29:27 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Le service wincom32 n'a pas pu démarrer en raison de l'erreur : %%2

Error - 21/12/2008 17:29:40 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Le service Services Terminal Server n'a pas pu démarrer en raison
de l'erreur : %%230

Error - 21/12/2008 17:29:40 | Computer Name = HP | Source = Service Control Manager | ID = 7001
Description = Le service Compatibilité avec le Changement rapide d'utilisateur dépend
du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur :
%%230

Error - 21/12/2008 17:29:40 | Computer Name = HP | Source = Service Control Manager | ID = 7031
Description = Le service Lanceur de processus serveur DCOM s'est terminé de manière
inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée
dans 60000 millisecondes : Redémarrer l'ordinateur.

Error - 21/12/2008 17:33:23 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Le service wincom32 n'a pas pu démarrer en raison de l'erreur : %%2

Error - 21/12/2008 17:33:36 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Le service Services Terminal Server n'a pas pu démarrer en raison
de l'erreur : %%230

Error - 21/12/2008 17:33:36 | Computer Name = HP | Source = Service Control Manager | ID = 7001
Description = Le service Compatibilité avec le Changement rapide d'utilisateur dépend
du service Services Terminal Server qui n'a pas pu démarrer en raison de l'erreur :
%%230

Error - 21/12/2008 17:33:36 | Computer Name = HP | Source = Service Control Manager | ID = 7031
Description = Le service Lanceur de processus serveur DCOM s'est terminé de manière
inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée
dans 60000 millisecondes : Redémarrer l'ordinateur.

Error - 03/04/2009 13:17:33 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Le service wincom32 n'a pas pu démarrer en raison de l'erreur : %%2

Error - 03/04/2009 13:17:36 | Computer Name = HP | Source = Service Control Manager | ID = 7031
Description = Le service Lanceur de processus serveur DCOM s'est terminé de manière
inattendue. Ceci s'est produit 1 fois. L'action corrective suivante va être effectuée
dans 60000 millisecondes : Redémarrer l'ordinateur.

< End of report >

Répondre à yan 59

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Répondre à Destrio5

Voila le rapport et je te remercie de prendre de ton temps pour résoudre mon probléme.

Malwarebytes' Anti-Malware 1.35
Version de la base de données: 1940
Windows 5.1.2600 Service Pack 2

02/03/2009 23:18:21
mbam-log-2009-03-02 (23-18-21).txt

Type de recherche: Examen rapide
Eléments examinés: 68026
Temps écoulé: 17 minute(s), 15 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 11

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{73364d99-1240-4dff-b12a-67e448373148} (Spyware.Bzub) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rpcc (Spyware.LDPinch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AdfGHost.Cli (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\BprintingHost.Serv (Fake.Dropped.Malware) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\inet20002 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\Google_files (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\inet20002\tmp.req (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\favicon.ico (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\index.html (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\thank.html (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\Google_files\hp0.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\Google_files\hp1.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\Google_files\hp2.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\inet20002\www.google.com\Google_files\hp3.gif (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winsub.xml (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\svcp.csv (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kr_done1 (Malware.Trace) -> Quarantined and deleted successfully.

Répondre à yan 59

Télécharge SDFix (créé par AndyManchesta) sur ton Bureau.
Double-clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en Mode sans échec.

Pour redémarrer en mode sans échec :

Redémarre ton PC.
Au démarrage, tapote sur F8 (F5 sur certains PC) juste après l'affichage du BIOS et juste avant le chargement de Windows.
Dans le menu d'options avancées, choisis Mode sans échec.
Choisis ta session.

Déroule la liste des instructions ci-dessous :

Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double-clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse.

Répondre à Destrio5

voila le rapport de SDFIX:

SDFix: Version 1.240
Run by Propri‚taire on 02/03/2009 at 14:12

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

Checking Services :

Name :
wincom32

Path :
\??\C:\WINDOWS\system32\wincom32.sys

wincom32 - Deleted

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\149163~1 - Deleted
C:\WINDOWS\system32\ma.exe.exe - Deleted
C:\WINDOWS\system32\pp.exe.exe - Deleted
C:\WINDOWS\system32\drivers\etc\hosts.tim - Deleted
C:\WINDOWS\system32\set32.dll - Deleted

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-02 14:42:51
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd1082ed]
"00188d2e2b60"=hex:30,67,bd,e8,34,c0,fe,97,81,79,54,97,b7,64,b8,61
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0009dd1082ed]
"00188d2e2b60"=hex:30,67,bd,e8,34,c0,fe,97,81,79,54,97,b7,64,b8,61

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=str(2):"crypt32.dll"
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=str(2):"cryptnet.dll"
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\origami]
"a"="3259259644838940"
"b"=dword:0000000f
"DllName"="C:\WINDOWS\system32\set32.dll"
"Startup"="DllName"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=str(2):"wlnotify.dll"
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=str(2):"sclgntfy.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=str(2):"wlnotify.dll"
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"c:\\windows\\system32\\colorids0.exe"="c:\\windows\\system32\\colorids0.exe:*:Enabled:colorids0"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Sports Interactive\\Football Manager 2007\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2007\\fm.exe:*:Enabled:Football Manager 2007"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 22 Dec 2004 76,568 ..SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\Setup.exe"
Thu 13 Jan 2005 11,360 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setupx.dll"

Finished!

Répondre à yan 59

Je te remercie pour ton aide précieuse!! Je viens de rallumer mon pc je n'ai plus de virus apparement....

Répondre à yan 59

Relance MBAM, va dans Quarantaine et supprime tout.

Refais un scan OTViewIt et poste le rapport.

Répondre à Destrio5

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > Pc infecté par Win32:Agent-FJO [Trj]

Aller à :

Aide |
Règles du forum

Il y a 2537 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,303 secondes

Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler

Liens