Plus d'internet et base de registre verrouillée

hervax · le 21 Mai 2010 14:52

Bonjour à tous,

Me revoilà, avec un nouveau problème (encore sur l'ordinateur d'une amie). Pour commencer, petite présentation:
DELL Latitude D610 (Pentium M730, 1Go, Win XP Home SP2), une seule session disponible, en mode administrateur (en plus du compte "administrateur", toujours accessible.
Les symptômes:
- plus de connexion internet (dans le gestionnaire de périphérique, toutes les cartes réseau ont un point d'interrogation, indiquant que leur driver est manquant ou corrompu);
- impossible d'installer un logiciel (j'ai tenté d'installer MBAM, et j'obtiens une erreur avec "RegCreateKeyEx" m'indiquant qu'il est impossible d'écrire une clé dans la base de registre);
- par ailleurs, je n'arrive pas à utiliser la corbeille sur le bureau. Si je glisse un raccourci dessus, il ne fait que se repositionner là où se trouvait la corbeille (et la corbeille se déplace aussi). Comme si la corbeille n'était qu'un objet du bureau comme un autre.

J'ai réussi à récupérer la connexion internet en réparant l'installation de Windows, mais je ne peux toujours rien installer, y compris en mode sans échec.

Avez-vous une piste ?
RV.

[EDIT] Quelques infos: dans la série "verrouillage du registre", je ne peux pas modifier les options d'affichage dans les dossiers de l'explorateur windows. Du coup, impossible d'accéder aux fichiers cachés.
Par contre, j'ai réussi à aller un peu plus loin à partir du compte "Administrateur" en mode sans échec:
- accès aux fichiers cachés (j'ai vérifié l'ensemble des fichiers du registre et je n'ai pas vu d'options particulières. Aucun n'est en lecture seule);
- installation de MBAM, qui est en cours de mise à jour...

H3bus · le 21 Mai 2010 17:15

Salut,

Tu as tenté une restauration Windows avec ton CD ?

Sinon, je pense que tu peux commencer à rapatrier les données que tu veux sauvegarder avec un Live CD Linux.

jeanmimigab · le 21 Mai 2010 17:23

Salut vous deux,

Je pense que tu est infecté, car une interdiction au regedit et aux options d'affichage c'est caractéristique.... , mais je me trompe peu être, comme le dit "H3bus" Sauvegarde tous tes documents sur un support externe.

ensuite...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

@++

hervax · le 21 Mai 2010 18:11

Voici les deux rapports MBAM (scan rapide interrompu avant la fin, puis scan complet), ainsi que les deux rapports OTL:
MBAM rapide :

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4124 Windows 5.1.2600 Service Pack 2 (Safe Mode) Internet Explorer 6.0.2900.2180 21/05/2010 18:01:22 mbam-log-2010-05-21 (18-01-22).txt Type d'examen: Examen rapide Elément(s) analysé(s): 13047 Temps écoulé: 4 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 5 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

MBAM complet :

Code: Tout sélectionner: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4124 Windows 5.1.2600 Service Pack 2 (Safe Mode) Internet Explorer 6.0.2900.2180 21/05/2010 18:38:42 mbam-log-2010-05-21 (18-38-42).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 190696 Temps écoulé: 36 minute(s), 3 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 3 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary (Adware.MyWaySearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywaysearchassistantde.auxiliary.1 (Adware.MyWaySearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully. C:\Documents and Settings\nazia\Application Data\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> Quarantined and deleted successfully. C:\Documents and Settings\nazia\Application Data\Desktop Security 2010\mfc71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully. C:\Documents and Settings\nazia\Application Data\Desktop Security 2010\MFC71ENU.DLL (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully. C:\Documents and Settings\nazia\Application Data\Desktop Security 2010\msvcp71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully. C:\Documents and Settings\nazia\Application Data\Desktop Security 2010\msvcr71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.

OTL.txt :

Code: Tout sélectionner: OTL logfile created on: 21/05/2010 18:55:21 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Administrateur\Bureau Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 015,00 Mb Total Physical Memory | 837,00 Mb Available Physical Memory | 82,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 97,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,15 Gb Total Space | 2,04 Gb Free Space | 5,48% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 3,76 Gb Total Space | 3,72 Gb Free Space | 98,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D96T482J Current User Name: Administrateur Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\Administrateur\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\Administrateur\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (ServiceSFRABCD) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCdService.exe (SFR & Celliance) SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (Intel® Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (BAsfIpM) -- C:\WINDOWS\system32\BAsfIpM.exe (Broadcom Corp.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (sp_rsdrv2) -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys () DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated) DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation) DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation) DRV - (USB_RNDIS_51) -- C:\WINDOWS\system32\drivers\usb8023.sys (Microsoft Corporation) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (AVIRA GmbH) DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc) DRV - (GTIPCI21) -- C:\WINDOWS\system32\drivers\gtipci21.sys (Texas Instruments) DRV - (STAC97) -- C:\WINDOWS\system32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (IWCA) -- C:\WINDOWS\system32\drivers\iwca.sys (Intel Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems, Inc.) DRV - (omci) -- C:\WINDOWS\system32\drivers\omci.sys (Dell Inc) DRV - (BASFND) -- C:\WINDOWS\system32\drivers\BASFND.sys (Broadcom Corporation) DRV - (ScFBPNT2) -- C:\WINDOWS\system32\drivers\ScFBPNT2.sys () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1595988822-3659961159-3473051763-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\S-1-5-21-1595988822-3659961159-3473051763-500\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\S-1-5-21-1595988822-3659961159-3473051763-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\S-1-5-21-1595988822-3659961159-3473051763-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe () O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe (Ulead Systems, Inc.) O4 - Startup: C:\Documents and Settings\nazia\Menu Démarrer\Programmes\Démarrage\MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1595988822-3659961159-3473051763-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/20 11:37:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010/03/29 21:33:10 | 000,000,000 | RHSD | M] - E:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/21 15:09:27 | 000,000,000 | ---D | M] NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/21 18:43:19 | 000,075,072 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 18:43:19 | 000,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/05/21 18:43:19 | 000,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/05/21 18:43:19 | 000,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/05/21 18:42:05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Recent [2010/05/21 18:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/05/21 17:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes [2010/05/21 17:47:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/21 17:47:17 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Administrateur\Bureau\ccsetup231.exe [2010/05/21 17:47:15 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2010/05/21 17:47:15 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Administrateur\Bureau\EnleveCela.exe [2010/05/21 17:46:54 | 005,115,840 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrateur\Bureau\mbam-setup.exe [2010/05/21 16:29:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp [2010/05/21 16:17:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/05/21 16:04:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/05/21 16:04:03 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/05/21 16:03:50 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010/05/21 16:03:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/05/21 16:03:38 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/05/21 16:03:38 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/05/21 16:03:18 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/05/21 16:03:17 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010/05/21 16:03:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/05/21 16:03:00 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2010/05/21 16:03:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2010/05/21 16:03:00 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2010/05/21 16:03:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010/05/21 16:03:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010/05/21 16:03:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010/05/21 16:03:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010/05/21 16:02:59 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010/05/21 16:02:59 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010/05/21 16:02:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010/05/21 16:02:58 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010/05/21 16:02:58 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010/05/21 16:02:58 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010/05/21 16:02:58 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010/05/21 16:02:58 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010/05/21 16:02:58 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010/05/21 16:02:58 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010/05/21 16:02:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010/05/21 16:02:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/05/21 16:02:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010/05/21 16:02:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010/05/21 16:02:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/05/21 16:02:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010/05/21 15:16:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/21 15:14:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010/05/21 15:13:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/21 15:13:19 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/21 15:13:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/21 15:13:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/21 15:13:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/21 15:13:18 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/21 15:13:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/21 15:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/21 15:13:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/21 15:13:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/21 15:13:13 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/21 15:13:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/21 15:13:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/21 15:13:00 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/21 15:12:51 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/21 15:12:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/21 15:12:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010/05/21 15:12:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/05/21 15:12:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/21 15:12:39 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/21 15:12:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/21 15:12:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/21 15:12:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/21 15:12:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/21 15:12:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/21 15:12:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/21 15:12:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/21 15:12:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/21 15:12:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/21 15:12:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/21 15:12:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/21 15:12:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/21 15:12:23 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/21 15:12:23 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/21 15:12:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/21 15:12:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/21 15:12:22 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/21 15:12:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/21 15:12:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/21 15:12:22 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/21 15:12:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/21 15:12:21 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/21 15:12:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/21 15:12:21 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/21 15:12:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/21 15:12:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/21 15:12:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/21 15:12:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/21 15:12:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/21 15:12:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/21 15:12:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/21 15:12:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/21 15:12:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/21 15:12:13 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/21 15:12:02 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/21 15:12:02 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010/05/21 15:12:00 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010/05/21 15:12:00 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010/05/21 15:12:00 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010/05/21 15:11:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/21 15:11:57 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010/05/21 15:11:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/21 15:11:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/21 15:11:53 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/21 15:11:53 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/21 15:11:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/21 15:11:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010/05/21 15:11:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/21 15:11:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/21 15:11:49 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/21 15:11:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/21 15:11:48 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/21 15:11:48 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/21 15:11:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/21 15:11:35 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/21 15:11:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/21 15:11:33 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010/05/21 15:11:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010/05/21 15:11:31 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/21 15:11:31 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/21 15:11:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/21 15:11:30 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/21 15:11:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/21 15:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/21 15:11:29 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/21 15:11:29 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010/05/21 15:11:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010/05/21 15:11:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010/05/21 15:11:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010/05/21 15:11:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/21 15:11:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/21 15:11:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/21 15:11:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/21 15:11:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/21 15:11:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010/05/21 15:11:26 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/21 15:11:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/21 15:11:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/21 15:11:17 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010/05/21 15:11:16 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010/05/21 15:11:16 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010/05/21 15:11:16 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010/05/21 15:11:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010/05/21 15:11:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010/05/21 15:11:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/21 15:10:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/21 15:10:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/21 15:10:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/21 15:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone [2010/05/21 15:08:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010/05/21 14:54:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/21 14:23:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/21 14:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/21 13:59:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/05/13 23:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2010/05/13 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2010/05/13 22:38:14 | 004,099,468 | ---- | C] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/13 21:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/05/11 22:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [2010/05/11 00:07:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET [2010/05/10 21:59:12 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrateur\IETldCache [2010/05/10 21:58:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Application Data\Microsoft [2010/05/10 21:58:24 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrateur\Cookies [2010/05/10 21:58:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\Application Data [2010/05/10 21:58:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Favoris [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Sun [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Intel [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Application Data\Identities [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\BVRP Software [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Bureau [2010/05/10 21:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\ApplicationHistory [2010/05/10 21:58:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrateur\SendTo [2010/05/10 21:58:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Mes images [2010/05/10 21:58:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents [2010/05/10 21:58:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Menu Démarrer [2010/05/10 21:58:23 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrateur\Mes documents\Ma musique [2010/05/10 21:58:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage réseau [2010/05/10 21:58:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Voisinage d'impression [2010/05/10 21:58:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Modèles [2010/05/10 21:58:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrateur\Local Settings [2010/05/10 21:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft [2010/05/10 21:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030} [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/21 18:48:06 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrateur\Bureau\OTL.exe [2010/05/21 18:45:35 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/21 18:44:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/21 18:43:58 | 000,786,432 | -H-- | M] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT [2010/05/21 18:43:58 | 000,000,184 | -HS- | M] () -- C:\Documents and Settings\Administrateur\ntuser.ini [2010/05/21 18:43:56 | 003,184,656 | -H-- | M] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\IconCache.db [2010/05/21 18:43:29 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 18:41:03 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Administrateur\Bureau\CCleaner.lnk [2010/05/21 17:47:47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 17:42:31 | 000,961,510 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/21 17:42:31 | 000,448,180 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/05/21 17:42:31 | 000,383,126 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/21 17:42:31 | 000,065,422 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/05/21 17:42:31 | 000,054,276 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/21 17:33:28 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/21 17:26:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/21 16:02:06 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Administrateur\Bureau\ccsetup231.exe [2010/05/21 15:15:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/21 15:10:10 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/21 15:10:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/21 15:10:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/21 15:09:53 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/21 15:08:19 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/21 15:07:00 | 000,023,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/21 15:04:08 | 000,000,216 | -HS- | M] () -- C:\boot.ini [2010/05/21 14:57:03 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2010/05/21 14:54:52 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/21 14:28:22 | 001,184,362 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010/05/13 23:24:03 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/13 22:38:06 | 004,099,468 | ---- | M] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/11 22:54:55 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:11:27 | 000,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/10 21:53:48 | 000,000,506 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/05/21 18:43:29 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 18:41:03 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\CCleaner.lnk [2010/05/21 17:47:47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 17:47:15 | 022,148,280 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\antivir_workstation_winu_fr_h.exe [2010/05/21 17:47:15 | 004,118,254 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe [2010/05/21 16:04:46 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/05/21 16:04:42 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/05/21 16:04:42 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/05/21 16:04:41 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/05/21 16:04:40 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/05/21 16:04:38 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/05/21 16:04:38 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/05/21 16:04:38 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/05/21 16:04:38 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/05/21 16:04:26 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/05/21 16:03:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/05/21 16:03:50 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/05/21 16:03:50 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/05/21 16:03:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/05/21 16:03:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/05/21 16:03:50 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/05/21 16:03:32 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/05/21 16:03:32 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/05/21 16:03:31 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/05/21 16:03:27 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/05/21 16:03:27 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/05/21 16:03:27 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/05/21 16:03:27 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/05/21 16:03:27 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/05/21 16:03:27 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/05/21 16:03:26 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/05/21 16:03:26 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/05/21 16:03:26 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/05/21 16:03:26 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/05/21 16:03:26 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/05/21 16:03:26 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/05/21 16:03:26 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/05/21 16:03:26 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/05/21 16:03:26 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/05/21 16:03:26 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/05/21 16:03:22 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/05/21 16:03:21 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/05/21 16:03:17 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/05/21 16:03:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/05/21 16:03:13 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/05/21 16:03:13 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/05/21 16:03:12 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/05/21 16:03:11 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/05/21 16:03:11 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/05/21 16:03:11 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/05/21 16:03:11 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/05/21 16:03:11 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/05/21 16:03:07 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/05/21 16:03:07 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/05/21 16:03:07 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/05/21 16:03:01 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/05/21 16:03:01 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/05/21 16:03:01 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/05/21 16:03:01 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/05/21 16:03:01 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/05/21 16:03:01 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/05/21 16:03:01 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/05/21 16:03:01 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/05/21 16:03:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/05/21 16:03:00 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/05/21 16:03:00 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/05/21 16:02:59 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/05/21 16:02:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/05/21 16:02:59 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/05/21 16:02:58 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/05/21 16:02:58 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/05/21 16:02:58 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/05/21 16:02:58 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/05/21 16:02:58 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/05/21 16:02:58 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/05/21 16:02:58 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/05/21 16:02:58 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/05/21 16:02:58 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/05/21 15:14:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/21 15:13:18 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/21 15:12:35 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/21 15:12:34 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/21 15:12:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/21 15:12:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/21 15:12:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/21 15:12:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/21 15:11:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/21 15:11:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/21 15:11:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/21 15:11:23 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/21 15:11:23 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/21 15:11:23 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/21 15:11:21 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/21 15:11:21 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/21 15:11:21 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/21 15:11:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/21 15:11:20 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/21 15:11:19 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/21 15:11:19 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/21 15:11:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/21 15:11:19 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/21 15:11:18 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/21 15:11:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/21 15:08:45 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 14:54:25 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/21 14:54:25 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/21 14:54:25 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/21 14:54:25 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/21 14:54:24 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/21 14:54:24 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/13 23:24:03 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/11 22:54:55 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 21:58:27 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Administrateur\Bureau\Aide et support.lnk [2010/05/10 21:58:25 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\fusioncache.dat [2010/05/10 21:58:23 | 000,786,432 | -H-- | C] () -- C:\Documents and Settings\Administrateur\NTUSER.DAT [2010/05/10 21:58:23 | 000,184,320 | -H-- | C] () -- C:\Documents and Settings\Administrateur\ntuser.dat.LOG [2010/05/10 21:58:23 | 000,000,184 | -HS- | C] () -- C:\Documents and Settings\Administrateur\ntuser.ini [2010/01/03 16:56:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009/12/11 17:14:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE RX585DEFGIPS.ini [2008/04/17 21:36:10 | 000,446,976 | ---- | C] () -- C:\WINDOWS\System32\ShellMPD.dll [2008/04/17 13:26:19 | 000,000,506 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2008/04/17 13:21:12 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys [2007/08/03 10:36:40 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007/08/03 10:34:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED92Euro.ini [2006/06/12 20:02:08 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/04 00:12:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/05/03 23:53:32 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll [2006/05/03 23:52:50 | 000,000,344 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/20 11:45:35 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll [2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004264_.tmp.dll [2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004232_.tmp.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2009/11/30 23:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7 [2009/12/11 17:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2010/05/14 11:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2009/12/11 17:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2006/11/07 19:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\AVG7 [2009/11/30 12:49:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\AVG7 [2007/08/03 10:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\EPSON [2008/04/17 21:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\MSN Pictures Displayer [2007/08/05 10:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\MSNInstaller [2010/05/13 23:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\ScanSpyware [2009/11/04 17:47:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\SFR [2010/04/17 12:19:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Application Data\temp [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:AGP440.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\i386\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\i386\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2005/04/25 17:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\i386\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll [2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\i386\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color] [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\system32\drivers\NvAtaBus.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\i386\rasacd.sys [2004/08/05 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2005/06/10 06:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\system32\drivers\rdpwd.sys [2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\i386\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll [2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\i386\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\i386\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\system32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:splitter.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\i386\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 10:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\system32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:swmidi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\system32\drivers\swmidi.sys [2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\i386\swmidi.sys [2004/08/05 14:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\i386\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\system32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\system32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\i386\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbprint.sys [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\system32\drivers\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\system32\drivers\usbscan.sys [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [254 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

Extras.txt :

Code: Tout sélectionner: OTL Extras logfile created on: 21/05/2010 18:55:21 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Administrateur\Bureau Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 015,00 Mb Total Physical Memory | 837,00 Mb Available Physical Memory | 82,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 97,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,15 Gb Total Space | 2,04 Gb Free Space | 5,48% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 3,76 Gb Total Space | 3,72 Gb Free Space | 98,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D96T482J Current User Name: Administrateur Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "1723:TCP" = 1723:TCP:*:Enabled:@xpsp2res.dll,-22015 "1701:UDP" = 1701:UDP:*:Enabled:@xpsp2res.dll,-22016 "500:UDP" = 500:UDP:*:Enabled:@xpsp2res.dll,-22017 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Assistant Transfert de fichiers et de paramètres -- (Microsoft Corporation) "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- File not found "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found "C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found "C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd_ZTE.exe" = C:\Program Files\SFR\Gestionnaire de Connexion SFR\ABCd_ZTE.exe:*:Enabled:Gestionnaire de connexions SFR -- (SFR) [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional "{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO "{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView "{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Gestion de l'alimentation de la carte réseau interne "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe "{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page "{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print "{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{4304BE34-6DDA-46CC-ADAB-77990DC77ED5}" = Magellan RoadMate Tools "{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell "{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2 "{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1 "{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore "{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper "{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile "{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz "{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite "{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A70FA218-6598-4AC9-813D-63597C5DD068}" = Galerie de photos Windows Live "{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.2 - Français "{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet "{C514C594-23AA-4F13-A070-DB8BDB27594F}" = Windows Live Mail "{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}" = Assistant de connexion Windows Live "{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect "{E7559288-223B-453C-9F06-340E3BE21E39}" = MyWay Search Assistant "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse "{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi "{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe "{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}" = Windows Live installer "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "CanoCraft CS-P 3.7" = Canon CanoCraft CS-P 3.7 "CCleaner" = CCleaner "CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.9x Modem "eMule" = eMule "EPSON Printer and Utilities" = EPSON Logiciel imprimante "EPSON Scanner" = EPSON Scan "EPSON Stylus C90_91_D92 Guide d'utilisation" = EPSON Stylus C90_91_D92 Manuel "EPSON Stylus Photo RX585_RX610 Guide d'utilisation" = EPSON Stylus Photo RX585_RX610 Manuel "Gestionnaire de Connexion SFR_is1" = Gestionnaire de Connexion SFR 2009.09 "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{25D24E84-64A9-40D2-85CF-540B1C4A6D52}" = Broadcom ASF Management Applications "InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Advanced Control Suite 2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "MSN Pictures Displayer" = MSN Pictures Displayer 4.5 "ProInst" = Intel(R) PROSet/Wireless Software "Spyware Terminator_is1" = Spyware Terminator "Ulead Photo Express 2.0 SE" = Ulead Photo Express 2.0 SE "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "Windows XP Service" = Windows XP Service Pack 3 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 14/05/2010 06:04:09 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 07:42:42 | Computer Name = D96T482J | Source = JavaQuickStarterService | ID = 1 Description = Error - 21/05/2010 07:42:43 | Computer Name = D96T482J | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 07:42:43 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 07:52:01 | Computer Name = D96T482J | Source = JavaQuickStarterService | ID = 1 Description = Error - 21/05/2010 07:52:03 | Computer Name = D96T482J | Source = PerfNet | ID = 2004 Description = Impossible d'ouvrir le Service serveur. Les données de performance du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 07:52:03 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 09:16:50 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 09:28:20 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. Error - 21/05/2010 09:48:20 | Computer Name = D96T482J | Source = PerfNet | ID = 2002 Description = Impossible d'ouvrir le Service redirecteur. Les données de performance du redirecteur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD 0. [ System Events ] Error - 21/05/2010 11:46:47 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 21/05/2010 12:39:15 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 21/05/2010 12:40:12 | Computer Name = D96T482J | Source = sr | ID = 1 Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume2'. Ceci a entraîné l'arrêt de la surveillance du volume. Error - 21/05/2010 12:40:39 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 21/05/2010 12:41:40 | Computer Name = D96T482J | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : APPDRV Fips IntelIde intelppm sp_rsdrv2 Error - 21/05/2010 12:43:56 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 21/05/2010 12:45:50 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service EventSystem avec les arguments "" pour démarrer le serveur : {1BE1F766-5536-11D1-B726-00C04FB926AF} Error - 21/05/2010 12:46:19 | Computer Name = D96T482J | Source = Service Control Manager | ID = 7026 Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger : APPDRV avgio avipbb Fips intelppm sp_rsdrv2 Error - 21/05/2010 12:52:25 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} Error - 21/05/2010 12:54:46 | Computer Name = D96T482J | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1084" lors de la mise en route du service StiSvc avec les arguments "" pour démarrer le serveur : {A1F4E726-8CF1-11D1-BF92-0060081ED811} < End of report >

jeanmimigab · le 21 Mai 2010 18:42

re,

Ne fais que les Manipulations que je te propose....

Car là, avec Malwarebyte tu as eu de la nouille, il y a de cela une semaine, tu aurais planté ton pc en faisant ce scan...la réparation de cette clef n'était pas toujours effectuée

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.

je regarde ton rapport OTL :wink:

jeanmimigab · le 21 Mai 2010 18:58

re,

1.tu as fais le sacn OTL en "Mode sans échec", il me faudrait un rapport en mode Normal si possible :wink:

2.[2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox => sUBs ComboFix Quarantaine

tu as utilisé combofix tout seul...? si c'est sur une désinfection via un forum, file le lien du topic STP;;;

Et ne suis surtout pas deux procédures de désinfections différente en même temps, sinon on file à catastrophe ... :-?

Si tu ne peux pas faire de scan OTL en mode normal dit le moi... :wink:

H3bus · le 22 Mai 2010 00:49

Je vais répondre dans le désordre:
2. Je n'ai pas utilisé Combofix, mais mon amie a peut être tente quelque chose avant de me passer son PC
1. Voici le rapport OTL en mode normal:

Code: Tout sélectionner: OTL logfile created on: 22/05/2010 01:32:15 - Run 2 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\nazia\Bureau Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: | Country: | Language: | Date Format: 1 015,00 Mb Total Physical Memory | 711,00 Mb Available Physical Memory | 70,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,15 Gb Total Space | 1,00 Gb Free Space | 2,69% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 3,76 Gb Total Space | 3,72 Gb Free Space | 98,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D96T482J Current User Name: nazia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) PRC - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) PRC - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (Intel) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (ServiceSFRABCD) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc [2004/08/20 11:34:06 | 000,000,000 | ---D | M] SRV - (BAsfIpM) -- C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (avipbb) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (sp_rsdrv2) -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys () DRV - (ZTEusbnmea) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys (ZTE Incorporated) DRV - (massfilter) -- C:\WINDOWS\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (ZTEusbvoice) -- C:\WINDOWS\System32\DRIVERS\ZTEusbvoice.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (ZTEusbnet) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys (ZTE Corporation) DRV - (Tcpip6) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys (Microsoft Corporation) DRV - (USB_RNDIS_51) -- C:\WINDOWS\System32\DRIVERS\usb8023.sys (Microsoft Corporation) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (ssmdrv) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (AVIRA GmbH) DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ApfiltrService) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc) DRV - (GTIPCI21) -- C:\WINDOWS\System32\DRIVERS\gtipci21.sys (Texas Instruments) DRV - (STAC97) -- C:\WINDOWS\System32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\System32\DRIVERS\w29n51.sys (Intel® Corporation) DRV - (b57w2k) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation) DRV - (s24trans) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation) DRV - (IWCA) -- C:\WINDOWS\System32\DRIVERS\iwca.sys (Intel Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nv) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (HSFHWICH) -- C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.) DRV - (omci) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Inc) DRV - (BASFND) -- C:\WINDOWS\System32\Drivers\BASFND.sys (Broadcom Corporation) DRV - (ScFBPNT2) -- C:\WINDOWS\System32\drivers\ScFBPNT2.SYS () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe () O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - Startup: C:\Documents and Settings\Administrateur\Application Data [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Bureau [2010/05/22 01:30:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Cookies [2010/05/21 18:45:33 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\IETldCache [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Modèles [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.dat () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.ini () O4 - Startup: C:\Documents and Settings\Administrateur\Recent [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\SendTo [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\Application Data [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\All Users\Bureau [2010/05/21 18:43:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Documents [2010/05/13 22:40:38 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\DRM [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\All Users\Favoris [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer [2010/05/21 15:14:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\Modèles [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\Application Data [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Bureau [2008/04/17 21:44:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Default User\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Default User\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Modèles [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\ntuser.dat () O4 - Startup: C:\Documents and Settings\Default User\ntuser.ini () O4 - Startup: C:\Documents and Settings\Default User\Recent [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\SendTo [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\Application Data [2006/11/07 19:22:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\Application Data [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Bureau [2010/05/22 01:30:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Cookies [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Favoris [2010/05/01 20:02:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\IECompatCache [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\IETldCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Mes documents [2010/05/11 20:22:03 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Modèles [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\PrivacIE [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Recent [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\SendTo [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\UserData [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage réseau [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\WINDOWS [2006/06/08 17:55:48 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Application Data [2004/08/20 11:41:36 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\NetworkService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.dat () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1595988822-3659961159-3473051763-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/20 11:37:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/21 15:09:27 | 000,000,000 | ---D | M] NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/21 19:04:23 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2010/05/21 18:43:19 | 000,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 18:43:19 | 000,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/05/21 18:43:19 | 000,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/05/21 18:43:19 | 000,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/05/21 18:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/05/21 17:47:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/21 16:17:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/05/21 16:04:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/05/21 16:04:03 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/05/21 16:03:50 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010/05/21 16:03:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/05/21 16:03:38 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/05/21 16:03:38 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/05/21 16:03:18 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/05/21 16:03:17 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010/05/21 16:03:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/05/21 16:03:00 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2010/05/21 16:03:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2010/05/21 16:03:00 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2010/05/21 16:03:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010/05/21 16:03:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010/05/21 16:03:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010/05/21 16:03:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010/05/21 16:02:59 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010/05/21 16:02:59 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010/05/21 16:02:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010/05/21 16:02:58 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010/05/21 16:02:58 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010/05/21 16:02:58 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010/05/21 16:02:58 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010/05/21 16:02:58 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010/05/21 16:02:58 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010/05/21 16:02:58 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010/05/21 16:02:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010/05/21 16:02:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/05/21 16:02:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010/05/21 16:02:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010/05/21 16:02:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/05/21 16:02:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010/05/21 15:16:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/21 15:14:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010/05/21 15:13:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/21 15:13:19 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/21 15:13:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/21 15:13:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/21 15:13:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/21 15:13:18 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/21 15:13:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/21 15:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/21 15:13:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/21 15:13:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/21 15:13:13 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/21 15:13:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/21 15:13:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/21 15:13:00 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/21 15:12:51 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/21 15:12:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/21 15:12:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010/05/21 15:12:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/05/21 15:12:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/21 15:12:39 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/21 15:12:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/21 15:12:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/21 15:12:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/21 15:12:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/21 15:12:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/21 15:12:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/21 15:12:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/21 15:12:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/21 15:12:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/21 15:12:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/21 15:12:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/21 15:12:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/21 15:12:23 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/21 15:12:23 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/21 15:12:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/21 15:12:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/21 15:12:22 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/21 15:12:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/21 15:12:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/21 15:12:22 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/21 15:12:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/21 15:12:21 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/21 15:12:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/21 15:12:21 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/21 15:12:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/21 15:12:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/21 15:12:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/21 15:12:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/21 15:12:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/21 15:12:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/21 15:12:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/21 15:12:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/21 15:12:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/21 15:12:13 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/21 15:12:02 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/21 15:12:02 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010/05/21 15:12:00 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010/05/21 15:12:00 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010/05/21 15:12:00 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010/05/21 15:11:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/21 15:11:57 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010/05/21 15:11:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/21 15:11:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/21 15:11:53 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/21 15:11:53 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/21 15:11:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/21 15:11:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010/05/21 15:11:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/21 15:11:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/21 15:11:49 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/21 15:11:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/21 15:11:48 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/21 15:11:48 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/21 15:11:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/21 15:11:35 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/21 15:11:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/21 15:11:33 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010/05/21 15:11:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010/05/21 15:11:31 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/21 15:11:31 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/21 15:11:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/21 15:11:30 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/21 15:11:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/21 15:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/21 15:11:29 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/21 15:11:29 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010/05/21 15:11:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010/05/21 15:11:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010/05/21 15:11:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010/05/21 15:11:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/21 15:11:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/21 15:11:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/21 15:11:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/21 15:11:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/21 15:11:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010/05/21 15:11:26 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/21 15:11:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/21 15:11:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/21 15:11:17 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010/05/21 15:11:16 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010/05/21 15:11:16 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010/05/21 15:11:16 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010/05/21 15:11:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010/05/21 15:11:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010/05/21 15:11:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/21 15:10:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/21 15:10:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/21 15:10:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/21 15:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone [2010/05/21 15:08:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010/05/21 14:54:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/21 14:23:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/21 14:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/21 13:59:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- \Qoobox [2010/05/13 23:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2010/05/13 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2010/05/13 22:38:14 | 004,099,468 | ---- | C] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/13 21:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/05/11 22:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/22 01:29:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/21 19:41:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/21 19:41:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/21 19:41:42 | 1064,755,200 | -HS- | M] () -- C:\hiberfil.sys [2010/05/21 19:40:43 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/05/21 19:39:51 | 000,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 19:20:10 | 000,961,510 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/21 19:20:10 | 000,448,836 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/05/21 19:20:10 | 000,383,460 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/21 19:20:10 | 000,065,860 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/05/21 19:20:10 | 000,054,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/21 18:43:29 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:47:47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 17:33:28 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/21 15:15:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/21 15:10:10 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/21 15:10:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/21 15:10:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/21 15:09:53 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/21 15:08:19 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/21 15:07:00 | 000,023,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/21 15:04:08 | 000,000,216 | -HS- | M] () -- C:\boot.ini [2010/05/21 14:57:03 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2010/05/21 14:54:52 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/21 14:28:22 | 001,184,362 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010/05/13 23:24:03 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/13 22:38:06 | 004,099,468 | ---- | M] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/11 22:54:55 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:24:42 | 000,000,042 | -HS- | M] () -- C:\Documents and Settings\nazia\ntuser.ini [2010/05/10 22:11:27 | 000,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/10 21:53:48 | 000,000,506 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

Code: Tout sélectionner: [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- C:\hiberfil.sys [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- [2010/05/21 18:43:29 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:51:27 | 000,000,127 | ---- | C] () -- \mbam-error.txt [2010/05/21 17:47:47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 16:42:15 | 1598,029,824 | -HS- | C] () -- [2010/05/21 16:04:46 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/05/21 16:04:42 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/05/21 16:04:42 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/05/21 16:04:41 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/05/21 16:04:40 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/05/21 16:04:38 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/05/21 16:04:38 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/05/21 16:04:38 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/05/21 16:04:38 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/05/21 16:04:26 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/05/21 16:03:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/05/21 16:03:50 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/05/21 16:03:50 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/05/21 16:03:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/05/21 16:03:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/05/21 16:03:50 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/05/21 16:03:32 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/05/21 16:03:32 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/05/21 16:03:31 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/05/21 16:03:27 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/05/21 16:03:27 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/05/21 16:03:27 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/05/21 16:03:27 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/05/21 16:03:27 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/05/21 16:03:27 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/05/21 16:03:26 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/05/21 16:03:26 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/05/21 16:03:26 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/05/21 16:03:26 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/05/21 16:03:26 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/05/21 16:03:26 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/05/21 16:03:26 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/05/21 16:03:26 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/05/21 16:03:26 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/05/21 16:03:26 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/05/21 16:03:22 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/05/21 16:03:21 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/05/21 16:03:17 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/05/21 16:03:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/05/21 16:03:13 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/05/21 16:03:13 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/05/21 16:03:12 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/05/21 16:03:11 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/05/21 16:03:11 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/05/21 16:03:11 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/05/21 16:03:11 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/05/21 16:03:11 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/05/21 16:03:07 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/05/21 16:03:07 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/05/21 16:03:07 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/05/21 16:03:01 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/05/21 16:03:01 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/05/21 16:03:01 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/05/21 16:03:01 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/05/21 16:03:01 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/05/21 16:03:01 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/05/21 16:03:01 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/05/21 16:03:01 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/05/21 16:03:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/05/21 16:03:00 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/05/21 16:03:00 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/05/21 16:02:59 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/05/21 16:02:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/05/21 16:02:59 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/05/21 16:02:58 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/05/21 16:02:58 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/05/21 16:02:58 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/05/21 16:02:58 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/05/21 16:02:58 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/05/21 16:02:58 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/05/21 16:02:58 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/05/21 16:02:58 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/05/21 16:02:58 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/05/21 15:14:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/21 15:13:18 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/21 15:12:35 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/21 15:12:34 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/21 15:12:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/21 15:12:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/21 15:12:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/21 15:12:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/21 15:11:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/21 15:11:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/21 15:11:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/21 15:11:23 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/21 15:11:23 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/21 15:11:23 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/21 15:11:21 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/21 15:11:21 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/21 15:11:21 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/21 15:11:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/21 15:11:20 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/21 15:11:19 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/21 15:11:19 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/21 15:11:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/21 15:11:19 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/21 15:11:18 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/21 15:11:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/21 15:08:45 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 14:54:25 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/21 14:54:25 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/21 14:54:25 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/21 14:54:25 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/21 14:54:24 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/21 14:54:24 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/13 23:24:03 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/11 22:54:55 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:06:01 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/01/03 16:56:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009/12/11 17:14:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE RX585DEFGIPS.ini [2008/04/17 21:36:10 | 000,446,976 | ---- | C] () -- C:\WINDOWS\System32\ShellMPD.dll [2008/04/17 13:26:19 | 000,000,506 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2008/04/17 13:21:12 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys [2007/08/03 10:36:40 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007/08/03 10:34:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED92Euro.ini [2006/06/12 20:02:08 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/04 00:12:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/05/03 23:53:32 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll [2006/05/03 23:52:50 | 000,000,344 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/20 11:45:35 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll [2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004264_.tmp.dll [2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004232_.tmp.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Application Data [2010/05/22 01:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Bureau [2010/05/21 18:45:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Favoris [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrateur\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Modèles [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Recent [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage réseau [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2010/05/21 18:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Bureau [2010/05/13 22:40:38 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Documents [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Favoris [2010/05/21 15:14:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Modèles [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data [2008/04/17 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Bureau [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Favoris [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Mes documents [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Modèles [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Recent [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage réseau [2006/11/07 19:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Local Settings [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Application Data [2010/05/22 01:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Bureau [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Cookies [2010/05/01 20:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Favoris [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IECompatCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Menu Démarrer [2010/05/11 20:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Mes documents [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Modèles [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\PrivacIE [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Recent [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\SendTo [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\UserData [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage d'impression [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage réseau [2006/06/08 17:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\WINDOWS [2004/08/20 11:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\NetworkService\Cookies [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\NetworkService\Local Settings [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:AGP440.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\i386\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\System32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\i386\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2005/04/25 17:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\i386\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll [2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\i386\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color] [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\System32\drivers\NvAtaBus.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\i386\rasacd.sys [2004/08/05 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\System32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2005/06/10 06:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\System32\drivers\rdpwd.sys [2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\i386\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll [2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\i386\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\i386\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\System32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:splitter.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\i386\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 10:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\System32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:swmidi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\System32\drivers\swmidi.sys [2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\i386\swmidi.sys [2004/08/05 14:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\i386\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\System32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\System32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\i386\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbprint.sys [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\System32\drivers\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\System32\drivers\usbscan.sys [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [254 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

A+, RV

hervax · le 22 Mai 2010 01:05

Le précédent message (envoyé depuis le PC infecté) a planté. En voici une copie:
Je vais répondre dans le désordre:
2. Je n'ai pas utilisé Combofix, mais mon amie a peut être tente quelque chose avant de me passer son PC
1. Voici le rapport OTL en mode normal:

Code: Tout sélectionner: OTL logfile created on: 22/05/2010 01:32:15 - Run 2 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\nazia\Bureau Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: | Country: | Language: | Date Format: 1 015,00 Mb Total Physical Memory | 711,00 Mb Available Physical Memory | 70,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,15 Gb Total Space | 1,00 Gb Free Space | 2,69% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 3,76 Gb Total Space | 3,72 Gb Free Space | 98,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D96T482J Current User Name: nazia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) PRC - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) PRC - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (Intel) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (ServiceSFRABCD) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc [2004/08/20 11:34:06 | 000,000,000 | ---D | M] SRV - (BAsfIpM) -- C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (avipbb) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (sp_rsdrv2) -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys () DRV - (ZTEusbnmea) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys (ZTE Incorporated) DRV - (massfilter) -- C:\WINDOWS\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (ZTEusbvoice) -- C:\WINDOWS\System32\DRIVERS\ZTEusbvoice.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (ZTEusbnet) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys (ZTE Corporation) DRV - (Tcpip6) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys (Microsoft Corporation) DRV - (USB_RNDIS_51) -- C:\WINDOWS\System32\DRIVERS\usb8023.sys (Microsoft Corporation) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (ssmdrv) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (AVIRA GmbH) DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ApfiltrService) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc) DRV - (GTIPCI21) -- C:\WINDOWS\System32\DRIVERS\gtipci21.sys (Texas Instruments) DRV - (STAC97) -- C:\WINDOWS\System32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\System32\DRIVERS\w29n51.sys (Intel® Corporation) DRV - (b57w2k) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation) DRV - (s24trans) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation) DRV - (IWCA) -- C:\WINDOWS\System32\DRIVERS\iwca.sys (Intel Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nv) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (HSFHWICH) -- C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.) DRV - (omci) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Inc) DRV - (BASFND) -- C:\WINDOWS\System32\Drivers\BASFND.sys (Broadcom Corporation) DRV - (ScFBPNT2) -- C:\WINDOWS\System32\drivers\ScFBPNT2.SYS () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe () O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - Startup: C:\Documents and Settings\Administrateur\Application Data [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Bureau [2010/05/22 01:30:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Cookies [2010/05/21 18:45:33 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\IETldCache [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Modèles [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.dat () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.ini () O4 - Startup: C:\Documents and Settings\Administrateur\Recent [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\SendTo [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\Application Data [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\All Users\Bureau [2010/05/21 18:43:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Documents [2010/05/13 22:40:38 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\DRM [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\All Users\Favoris [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer [2010/05/21 15:14:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\Modèles [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\Application Data [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Bureau [2008/04/17 21:44:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Default User\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Default User\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Modèles [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\ntuser.dat () O4 - Startup: C:\Documents and Settings\Default User\ntuser.ini () O4 - Startup: C:\Documents and Settings\Default User\Recent [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\SendTo [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\Application Data [2006/11/07 19:22:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\Application Data [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Bureau [2010/05/22 01:30:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Cookies [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Favoris [2010/05/01 20:02:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\IECompatCache [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\IETldCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Mes documents [2010/05/11 20:22:03 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Modèles [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\PrivacIE [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Recent [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\SendTo [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\UserData [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage réseau [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\WINDOWS [2006/06/08 17:55:48 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Application Data [2004/08/20 11:41:36 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\NetworkService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.dat () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1595988822-3659961159-3473051763-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/20 11:37:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/21 15:09:27 | 000,000,000 | ---D | M] NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/21 19:04:23 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2010/05/21 18:43:19 | 000,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 18:43:19 | 000,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/05/21 18:43:19 | 000,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/05/21 18:43:19 | 000,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/05/21 18:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/05/21 17:47:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/21 16:17:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/05/21 16:04:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/05/21 16:04:03 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/05/21 16:03:50 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010/05/21 16:03:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/05/21 16:03:38 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/05/21 16:03:38 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/05/21 16:03:18 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/05/21 16:03:17 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010/05/21 16:03:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/05/21 16:03:00 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2010/05/21 16:03:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2010/05/21 16:03:00 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2010/05/21 16:03:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010/05/21 16:03:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010/05/21 16:03:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010/05/21 16:03:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010/05/21 16:02:59 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010/05/21 16:02:59 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010/05/21 16:02:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010/05/21 16:02:58 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010/05/21 16:02:58 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010/05/21 16:02:58 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010/05/21 16:02:58 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010/05/21 16:02:58 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010/05/21 16:02:58 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010/05/21 16:02:58 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010/05/21 16:02:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010/05/21 16:02:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/05/21 16:02:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010/05/21 16:02:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010/05/21 16:02:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/05/21 16:02:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010/05/21 15:16:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/21 15:14:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010/05/21 15:13:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/21 15:13:19 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/21 15:13:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/21 15:13:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/21 15:13:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/21 15:13:18 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/21 15:13:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/21 15:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/21 15:13:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/21 15:13:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/21 15:13:13 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/21 15:13:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/21 15:13:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/21 15:13:00 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/21 15:12:51 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/21 15:12:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/21 15:12:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010/05/21 15:12:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/05/21 15:12:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/21 15:12:39 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/21 15:12:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/21 15:12:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/21 15:12:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/21 15:12:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/21 15:12:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/21 15:12:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/21 15:12:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/21 15:12:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/21 15:12:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/21 15:12:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/21 15:12:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/21 15:12:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/21 15:12:23 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/21 15:12:23 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/21 15:12:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/21 15:12:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/21 15:12:22 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/21 15:12:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/21 15:12:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/21 15:12:22 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/21 15:12:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/21 15:12:21 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/21 15:12:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/21 15:12:21 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/21 15:12:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/21 15:12:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/21 15:12:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/21 15:12:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/21 15:12:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/21 15:12:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/21 15:12:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/21 15:12:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/21 15:12:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/21 15:12:13 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/21 15:12:02 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/21 15:12:02 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010/05/21 15:12:00 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010/05/21 15:12:00 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010/05/21 15:12:00 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010/05/21 15:11:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/21 15:11:57 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010/05/21 15:11:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/21 15:11:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/21 15:11:53 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/21 15:11:53 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/21 15:11:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/21 15:11:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010/05/21 15:11:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/21 15:11:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/21 15:11:49 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/21 15:11:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/21 15:11:48 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/21 15:11:48 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/21 15:11:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/21 15:11:35 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/21 15:11:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/21 15:11:33 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010/05/21 15:11:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010/05/21 15:11:31 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/21 15:11:31 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/21 15:11:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/21 15:11:30 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/21 15:11:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/21 15:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/21 15:11:29 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/21 15:11:29 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010/05/21 15:11:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010/05/21 15:11:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010/05/21 15:11:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010/05/21 15:11:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/21 15:11:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/21 15:11:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/21 15:11:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/21 15:11:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/21 15:11:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010/05/21 15:11:26 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/21 15:11:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/21 15:11:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/21 15:11:17 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010/05/21 15:11:16 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010/05/21 15:11:16 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010/05/21 15:11:16 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010/05/21 15:11:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010/05/21 15:11:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010/05/21 15:11:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/21 15:10:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/21 15:10:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/21 15:10:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/21 15:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone [2010/05/21 15:08:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010/05/21 14:54:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/21 14:23:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/21 14:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/21 13:59:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- \Qoobox [2010/05/13 23:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2010/05/13 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2010/05/13 22:38:14 | 004,099,468 | ---- | C] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/13 21:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/05/11 22:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/22 01:29:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/21 19:41:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/21 19:41:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/21 19:41:42 | 1064,755,200 | -HS- | M] () -- C:\hiberfil.sys [2010/05/21 19:40:43 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/05/21 19:39:51 | 000,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 19:20:10 | 000,961,510 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/21 19:20:10 | 000,448,836 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/05/21 19:20:10 | 000,383,460 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/21 19:20:10 | 000,065,860 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/05/21 19:20:10 | 000,054,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/21 18:43:29 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:47:47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 17:33:28 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/21 15:15:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/21 15:10:10 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/21 15:10:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/21 15:10:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/21 15:09:53 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/21 15:08:19 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/21 15:07:00 | 000,023,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/21 15:04:08 | 000,000,216 | -HS- | M] () -- C:\boot.ini [2010/05/21 14:57:03 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2010/05/21 14:54:52 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/21 14:28:22 | 001,184,362 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010/05/13 23:24:03 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/13 22:38:06 | 004,099,468 | ---- | M] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/11 22:54:55 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:24:42 | 000,000,042 | -HS- | M] () -- C:\Documents and Settings\nazia\ntuser.ini [2010/05/10 22:11:27 | 000,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/10 21:53:48 | 000,000,506 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- C:\hiberfil.sys [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- [2010/05/21 18:43:29 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:51:27 | 000,000,127 | ---- | C] () -- \mbam-error.txt [2010/05/21 17:47:47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 16:42:15 | 1598,029,824 | -HS- | C] () -- [2010/05/21 16:04:46 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/05/21 16:04:42 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/05/21 16:04:42 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/05/21 16:04:41 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/05/21 16:04:40 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/05/21 16:04:38 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/05/21 16:04:38 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/05/21 16:04:38 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/05/21 16:04:38 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/05/21 16:04:26 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/05/21 16:03:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/05/21 16:03:50 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/05/21 16:03:50 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/05/21 16:03:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/05/21 16:03:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/05/21 16:03:50 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/05/21 16:03:32 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/05/21 16:03:32 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/05/21 16:03:31 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/05/21 16:03:27 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/05/21 16:03:27 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/05/21 16:03:27 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/05/21 16:03:27 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/05/21 16:03:27 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/05/21 16:03:27 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/05/21 16:03:26 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/05/21 16:03:26 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/05/21 16:03:26 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/05/21 16:03:26 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/05/21 16:03:26 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/05/21 16:03:26 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/05/21 16:03:26 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/05/21 16:03:26 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/05/21 16:03:26 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/05/21 16:03:26 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/05/21 16:03:22 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/05/21 16:03:21 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/05/21 16:03:17 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/05/21 16:03:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/05/21 16:03:13 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/05/21 16:03:13 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/05/21 16:03:12 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/05/21 16:03:11 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/05/21 16:03:11 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/05/21 16:03:11 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/05/21 16:03:11 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/05/21 16:03:11 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/05/21 16:03:07 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/05/21 16:03:07 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/05/21 16:03:07 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/05/21 16:03:01 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/05/21 16:03:01 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/05/21 16:03:01 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/05/21 16:03:01 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/05/21 16:03:01 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/05/21 16:03:01 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/05/21 16:03:01 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/05/21 16:03:01 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/05/21 16:03:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/05/21 16:03:00 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/05/21 16:03:00 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/05/21 16:02:59 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/05/21 16:02:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/05/21 16:02:59 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/05/21 16:02:58 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/05/21 16:02:58 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/05/21 16:02:58 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/05/21 16:02:58 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/05/21 16:02:58 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/05/21 16:02:58 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/05/21 16:02:58 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/05/21 16:02:58 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/05/21 16:02:58 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/05/21 15:14:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/21 15:13:18 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/21 15:12:35 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/21 15:12:34 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/21 15:12:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/21 15:12:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/21 15:12:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/21 15:12:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/21 15:11:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/21 15:11:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/21 15:11:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/21 15:11:23 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/21 15:11:23 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/21 15:11:23 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/21 15:11:21 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/21 15:11:21 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/21 15:11:21 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/21 15:11:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/21 15:11:20 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/21 15:11:19 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/21 15:11:19 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/21 15:11:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/21 15:11:19 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/21 15:11:18 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/21 15:11:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/21 15:08:45 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 14:54:25 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/21 14:54:25 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/21 14:54:25 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/21 14:54:25 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/21 14:54:24 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/21 14:54:24 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/13 23:24:03 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/11 22:54:55 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:06:01 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/01/03 16:56:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009/12/11 17:14:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE RX585DEFGIPS.ini [2008/04/17 21:36:10 | 000,446,976 | ---- | C] () -- C:\WINDOWS\System32\ShellMPD.dll [2008/04/17 13:26:19 | 000,000,506 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2008/04/17 13:21:12 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys [2007/08/03 10:36:40 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007/08/03 10:34:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED92Euro.ini [2006/06/12 20:02:08 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/04 00:12:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/05/03 23:53:32 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll [2006/05/03 23:52:50 | 000,000,344 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/20 11:45:35 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll [2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004264_.tmp.dll [2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004232_.tmp.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Application Data [2010/05/22 01:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Bureau [2010/05/21 18:45:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Favoris [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrateur\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Modèles [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Recent [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage réseau [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2010/05/21 18:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Bureau [2010/05/13 22:40:38 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Documents [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Favoris [2010/05/21 15:14:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Modèles [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data [2008/04/17 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Bureau [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Favoris [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Mes documents [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Modèles [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Recent [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage réseau [2006/11/07 19:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Local Settings [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Application Data [2010/05/22 01:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Bureau [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Cookies [2010/05/01 20:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Favoris [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IECompatCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Menu Démarrer [2010/05/11 20:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Mes documents [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Modèles [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\PrivacIE [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Recent [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\SendTo [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\UserData [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage d'impression [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage réseau [2006/06/08 17:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\WINDOWS [2004/08/20 11:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\NetworkService\Cookies [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\NetworkService\Local Settings [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:AGP440.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\i386\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\System32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\i386\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2005/04/25 17:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\i386\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll [2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\i386\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color] [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\System32\drivers\NvAtaBus.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\i386\rasacd.sys [2004/08/05 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\System32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2005/06/10 06:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\System32\drivers\rdpwd.sys [2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\i386\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll [2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\i386\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\i386\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\System32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:splitter.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\i386\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 10:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\System32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:swmidi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\System32\drivers\swmidi.sys [2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\i386\swmidi.sys [2004/08/05 14:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\i386\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\System32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\System32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\i386\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbprint.sys [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\System32\drivers\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\System32\drivers\usbscan.sys [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [254 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

A+, RV

jeanmimigab · le 22 Mai 2010 07:17

Bonjour Hervax

jeanmimigab a écrit:re,

1.tu as fais le sacn OTL en "Mode sans échec", il me faudrait un rapport en mode Normal si possible

2.[2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox => sUBs ComboFix Quarantaine

tu as utilisé combofix tout seul...? si c'est sur une désinfection via un forum, file le lien du topic STP;;;

Et ne suis surtout pas deux procédures de désinfections différente en même temps, sinon on file à catastrophe ...

Si tu ne peux pas faire de scan OTL en mode normal dit le moi...

Il me faut ces renseignements demandés dans mon dernier message stp... :wink:

hervax · le 22 Mai 2010 08:43

Je pige pas...

Mes deux messages précédents ne s'affichent pas correctement dans le forum. Pourtant, quand je clique sur "éditer", je peux récupérer tout leur contenu...

hervax · le 22 Mai 2010 09:08

Je continue... Il y a peut-être une balise html merdique dans le fichier txt. Pour répondre à tes questions:
- je n'ai pas fait tourner Combofix (mais mon amie l'a peut-être tenté il y a quelques jours - elle m'a dit s'être fait aidée par quelqu'un, mais pas sur un forum, en tout cas); La quarantaine a du être créée par MBAM, non ?
- je tente à nouveau de coller le contenu du fichier OTL.txt dans un autre message, ci-dessous.
En attendant, puisque je peux accéder au contenu de mes messages "vides" en cliquant sur "éditer", peut-être peux-tu les lire aussi en cliquant sur "citer" ???

A+, RV.

H3bus · le 22 Mai 2010 09:14

Et voici le OTL.txt depuis le compte "Nazia", en mode normal:
PS: désolé pour la longueur du post, mais le message est vide si je mets les balises code/code

Code: Tout sélectionner: OTL logfile created on: 22/05/2010 01:32:15 - Run 2 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\nazia\Bureau Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: | Country: | Language: | Date Format: 1 015,00 Mb Total Physical Memory | 711,00 Mb Available Physical Memory | 70,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 37,15 Gb Total Space | 1,00 Gb Free Space | 2,69% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 3,76 Gb Total Space | 3,72 Gb Free Space | 98,89% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: D96T482J Current User Name: nazia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) PRC - C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) PRC - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe (Intel) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation) PRC - C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - C:\Documents and Settings\nazia\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - (sp_rssrv) -- C:\Program Files\Spyware Terminator\sp_rsser.exe (Crawler.com) SRV - (ServiceSFRABCD) -- C:\Program Files\SFR\Gestionnaire de Connexion SFR\SFRABCDService.exe (SFR & Celliance) SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH) SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation) SRV - (WLANKEEPER) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe (Intel® Corporation) SRV - (S24EventMonitor) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (MSDTC) -- C:\WINDOWS\system32\msdtc [2004/08/20 11:34:06 | 000,000,000 | ---D | M] SRV - (BAsfIpM) -- C:\WINDOWS\System32\basfipm.exe (Broadcom Corp.) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - (avipbb) -- C:\WINDOWS\System32\DRIVERS\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH) DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH) DRV - (sp_rsdrv2) -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys () DRV - (ZTEusbnmea) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnmea.sys (ZTE Incorporated) DRV - (massfilter) -- C:\WINDOWS\System32\drivers\massfilter.sys (ZTE Incorporated) DRV - (ZTEusbvoice) -- C:\WINDOWS\System32\DRIVERS\ZTEusbvoice.sys (ZTE Incorporated) DRV - (ZTEusbser6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbser6k.sys (ZTE Incorporated) DRV - (ZTEusbmdm6k) -- C:\WINDOWS\System32\DRIVERS\ZTEusbmdm6k.sys (ZTE Incorporated) DRV - (ZTEusbnet) -- C:\WINDOWS\System32\DRIVERS\ZTEusbnet.sys (ZTE Corporation) DRV - (Tcpip6) -- C:\WINDOWS\System32\DRIVERS\tcpip6.sys (Microsoft Corporation) DRV - (USB_RNDIS_51) -- C:\WINDOWS\System32\DRIVERS\usb8023.sys (Microsoft Corporation) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\System32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.) DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation) DRV - (ssmdrv) -- C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (AVIRA GmbH) DRV - (hwdatacard) -- C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (ApfiltrService) -- C:\WINDOWS\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc) DRV - (GTIPCI21) -- C:\WINDOWS\System32\DRIVERS\gtipci21.sys (Texas Instruments) DRV - (STAC97) -- C:\WINDOWS\System32\drivers\STAC97.sys (SigmaTel, Inc.) DRV - (w29n51) Pilote de carte de connexion réseau Intel(R) -- C:\WINDOWS\System32\DRIVERS\w29n51.sys (Intel® Corporation) DRV - (b57w2k) -- C:\WINDOWS\System32\DRIVERS\b57xp32.sys (Broadcom Corporation) DRV - (s24trans) -- C:\WINDOWS\System32\DRIVERS\s24trans.sys (Intel Corporation) DRV - (IWCA) -- C:\WINDOWS\System32\DRIVERS\iwca.sys (Intel Corporation) DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation) DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation) DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation) DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation) DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.) DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic) DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic) DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic) DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.) DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.) DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.) DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.) DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.) DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nv) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys (NVIDIA Corporation) DRV - (HSFHWICH) -- C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSF_DP) -- C:\WINDOWS\System32\DRIVERS\HSF_DP.sys (Conexant Systems, Inc.) DRV - (omci) -- C:\WINDOWS\System32\DRIVERS\omci.sys (Dell Inc) DRV - (BASFND) -- C:\WINDOWS\System32\Drivers\BASFND.sys (Broadcom Corporation) DRV - (ScFBPNT2) -- C:\WINDOWS\System32\drivers\ScFBPNT2.SYS () [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2004/08/05 13:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe () O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com) O4 - Startup: C:\Documents and Settings\Administrateur\Application Data [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Bureau [2010/05/22 01:30:13 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Cookies [2010/05/21 18:45:33 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\IETldCache [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Modèles [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.dat () O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.ini () O4 - Startup: C:\Documents and Settings\Administrateur\Recent [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\SendTo [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\Application Data [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\All Users\Bureau [2010/05/21 18:43:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Documents [2010/05/13 22:40:38 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\DRM [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\All Users\Favoris [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer [2010/05/21 15:14:44 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\All Users\Modèles [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\All Users\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\Application Data [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Bureau [2008/04/17 21:44:29 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\Default User\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\Default User\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M] O4 - Startup: C:\Documents and Settings\Default User\Modèles [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\Default User\ntuser.dat () O4 - Startup: C:\Documents and Settings\Default User\ntuser.ini () O4 - Startup: C:\Documents and Settings\Default User\Recent [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\SendTo [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\Default User\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\Application Data [2006/11/07 19:22:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M] O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\LocalService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.dat () O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\Application Data [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Bureau [2010/05/22 01:30:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Cookies [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Favoris [2010/05/01 20:02:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\IECompatCache [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\IETldCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Mes documents [2010/05/11 20:22:03 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\nazia\Modèles [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.dat () O4 - Startup: C:\Documents and Settings\nazia\ntuser.ini () O4 - Startup: C:\Documents and Settings\nazia\PrivacIE [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Recent [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\SendTo [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\UserData [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\Voisinage réseau [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\nazia\WINDOWS [2006/06/08 17:55:48 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Application Data [2004/08/20 11:41:36 | 000,000,000 | ---D | M] O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] O4 - Startup: C:\Documents and Settings\NetworkService\NTUSER.DAT () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.dat () O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1595988822-3659961159-3473051763-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\ComPlusSetup: DllName - C:\WINDOWS\system32\catsrvut.dll - C:\WINDOWS\system32\catsrvut.dll (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/08/20 11:37:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/05/21 15:09:27 | 000,000,000 | ---D | M] NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: LanmanWorkstation - File not found NetSvcs: Messenger - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation) NetSvcs: WmdmPmSp - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010/05/21 19:04:23 | 000,147,456 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2010/05/21 18:43:19 | 000,075,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 18:43:19 | 000,045,376 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2010/05/21 18:43:19 | 000,022,336 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2010/05/21 18:43:19 | 000,021,248 | ---- | C] (AVIRA GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/05/21 18:43:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira [2010/05/21 18:40:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/05/21 17:47:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/21 16:17:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/05/21 16:04:33 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2010/05/21 16:04:03 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2010/05/21 16:03:50 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010/05/21 16:03:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2010/05/21 16:03:38 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010/05/21 16:03:38 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2010/05/21 16:03:18 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/05/21 16:03:17 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll [2010/05/21 16:03:16 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2010/05/21 16:03:00 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll [2010/05/21 16:03:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll [2010/05/21 16:03:00 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll [2010/05/21 16:03:00 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll [2010/05/21 16:03:00 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll [2010/05/21 16:03:00 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll [2010/05/21 16:03:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll [2010/05/21 16:02:59 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmnetmgr.dll [2010/05/21 16:02:59 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll [2010/05/21 16:02:59 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx [2010/05/21 16:02:58 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll [2010/05/21 16:02:58 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll [2010/05/21 16:02:58 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll [2010/05/21 16:02:58 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll [2010/05/21 16:02:58 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmod.dll [2010/05/21 16:02:58 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll [2010/05/21 16:02:58 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax [2010/05/21 16:02:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpdxm.dll [2010/05/21 16:02:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/05/21 16:02:58 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll [2010/05/21 16:02:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll [2010/05/21 16:02:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/05/21 16:02:58 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll [2010/05/21 16:02:58 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll [2010/05/21 15:16:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/21 15:14:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010/05/21 15:13:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/21 15:13:19 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/21 15:13:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/21 15:13:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/21 15:13:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/21 15:13:18 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/21 15:13:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/21 15:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/21 15:13:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/21 15:13:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/21 15:13:13 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/21 15:13:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/21 15:13:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/21 15:13:00 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/21 15:12:51 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/21 15:12:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/21 15:12:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010/05/21 15:12:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/05/21 15:12:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/21 15:12:39 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/21 15:12:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/21 15:12:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/21 15:12:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/21 15:12:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/21 15:12:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/21 15:12:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/21 15:12:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/21 15:12:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/21 15:12:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/21 15:12:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/21 15:12:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/21 15:12:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/21 15:12:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/21 15:12:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/21 15:12:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/21 15:12:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/21 15:12:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/21 15:12:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/21 15:12:23 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/21 15:12:23 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/21 15:12:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/21 15:12:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/21 15:12:22 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/21 15:12:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/21 15:12:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/21 15:12:22 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/21 15:12:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/21 15:12:21 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/21 15:12:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/21 15:12:21 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/21 15:12:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/21 15:12:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/21 15:12:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/21 15:12:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/21 15:12:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/21 15:12:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/21 15:12:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/21 15:12:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/21 15:12:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/21 15:12:13 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/21 15:12:02 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/21 15:12:02 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010/05/21 15:12:00 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010/05/21 15:12:00 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010/05/21 15:12:00 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010/05/21 15:11:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/21 15:11:57 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010/05/21 15:11:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/21 15:11:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/21 15:11:53 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/21 15:11:53 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/21 15:11:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/21 15:11:52 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010/05/21 15:11:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/21 15:11:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/21 15:11:49 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/21 15:11:49 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/21 15:11:48 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/21 15:11:48 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/21 15:11:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/21 15:11:35 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/21 15:11:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/21 15:11:33 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010/05/21 15:11:33 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010/05/21 15:11:31 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/21 15:11:31 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/21 15:11:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/21 15:11:30 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/21 15:11:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/21 15:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/21 15:11:29 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/21 15:11:29 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010/05/21 15:11:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010/05/21 15:11:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010/05/21 15:11:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010/05/21 15:11:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/21 15:11:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/21 15:11:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/21 15:11:28 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/21 15:11:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/21 15:11:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010/05/21 15:11:26 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/21 15:11:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/21 15:11:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/21 15:11:17 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010/05/21 15:11:16 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010/05/21 15:11:16 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010/05/21 15:11:16 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010/05/21 15:11:16 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010/05/21 15:11:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010/05/21 15:11:00 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/21 15:10:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/21 15:10:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/21 15:10:34 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/21 15:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone [2010/05/21 15:08:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010/05/21 14:54:43 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/21 14:54:43 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/21 14:23:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/21 14:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/21 13:59:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/05/21 13:59:15 | 000,000,000 | ---D | C] -- \Qoobox [2010/05/13 23:22:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2010/05/13 23:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator [2010/05/13 22:38:14 | 004,099,468 | ---- | C] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/13 21:56:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/05/11 22:54:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MpEngineStore [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010/05/22 01:29:41 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/21 19:41:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/21 19:41:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/21 19:41:42 | 1064,755,200 | -HS- | M] () -- C:\hiberfil.sys [2010/05/21 19:40:43 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/05/21 19:39:51 | 000,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010/05/21 19:20:10 | 000,961,510 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/21 19:20:10 | 000,448,836 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/05/21 19:20:10 | 000,383,460 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/21 19:20:10 | 000,065,860 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/05/21 19:20:10 | 000,054,610 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/21 18:43:29 | 000,001,851 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:47:47 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 17:33:28 | 000,200,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/21 15:15:04 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/21 15:10:10 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/21 15:10:09 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/21 15:10:09 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/21 15:09:53 | 000,004,205 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/21 15:08:45 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/21 15:08:19 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/21 15:07:00 | 000,023,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/21 15:04:08 | 000,000,216 | -HS- | M] () -- C:\boot.ini [2010/05/21 14:57:03 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1 [2010/05/21 14:54:52 | 000,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/21 14:28:22 | 001,184,362 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010/05/13 23:24:03 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/13 22:38:06 | 004,099,468 | ---- | M] (ScanSpyware.net ) -- C:\Documents and Settings\All Users\Documents\ScanSpyware_3.9.1.9.exe [2010/05/11 22:54:55 | 000,000,127 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:24:42 | 000,000,042 | -HS- | M] () -- C:\Documents and Settings\nazia\ntuser.ini [2010/05/10 22:11:27 | 000,000,379 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/10 21:53:48 | 000,000,506 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [254 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

Code: Tout sélectionner: [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- C:\hiberfil.sys [2010/05/21 19:18:17 | 1064,755,200 | -HS- | C] () -- [2010/05/21 18:43:29 | 000,001,851 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\AntiVir PE Classic.lnk [2010/05/21 17:51:27 | 000,000,127 | ---- | C] () -- \mbam-error.txt [2010/05/21 17:47:47 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk [2010/05/21 16:42:15 | 1598,029,824 | -HS- | C] () -- [2010/05/21 16:04:46 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/05/21 16:04:42 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/05/21 16:04:42 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/05/21 16:04:41 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/05/21 16:04:41 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/05/21 16:04:40 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2010/05/21 16:04:38 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/05/21 16:04:38 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/05/21 16:04:38 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/05/21 16:04:38 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/05/21 16:04:26 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/05/21 16:03:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/05/21 16:03:50 | 000,097,117 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/05/21 16:03:50 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/05/21 16:03:50 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/05/21 16:03:50 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/05/21 16:03:50 | 000,001,885 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/05/21 16:03:32 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/05/21 16:03:32 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/05/21 16:03:31 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/05/21 16:03:27 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2010/05/21 16:03:27 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2010/05/21 16:03:27 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2010/05/21 16:03:27 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2010/05/21 16:03:27 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2010/05/21 16:03:27 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2010/05/21 16:03:26 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/05/21 16:03:26 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2010/05/21 16:03:26 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2010/05/21 16:03:26 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2010/05/21 16:03:26 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2010/05/21 16:03:26 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2010/05/21 16:03:26 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2010/05/21 16:03:26 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2010/05/21 16:03:26 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2010/05/21 16:03:26 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2010/05/21 16:03:22 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2010/05/21 16:03:21 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/05/21 16:03:17 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/05/21 16:03:16 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/05/21 16:03:13 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/05/21 16:03:13 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/05/21 16:03:13 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/05/21 16:03:12 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/05/21 16:03:11 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/05/21 16:03:11 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/05/21 16:03:11 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/05/21 16:03:11 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/05/21 16:03:11 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/05/21 16:03:07 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/05/21 16:03:07 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/05/21 16:03:07 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/05/21 16:03:01 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/05/21 16:03:01 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/05/21 16:03:01 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/05/21 16:03:01 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/05/21 16:03:01 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/05/21 16:03:01 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/05/21 16:03:01 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/05/21 16:03:01 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/05/21 16:03:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/05/21 16:03:00 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/05/21 16:03:00 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/05/21 16:02:59 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/05/21 16:02:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/05/21 16:02:59 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2010/05/21 16:02:58 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/05/21 16:02:58 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/05/21 16:02:58 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/05/21 16:02:58 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/05/21 16:02:58 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/05/21 16:02:58 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/05/21 16:02:58 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/05/21 16:02:58 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/05/21 16:02:58 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/05/21 16:02:58 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/05/21 16:02:58 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/05/21 15:14:15 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/21 15:13:20 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/21 15:13:18 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/21 15:12:35 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/21 15:12:34 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/21 15:12:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/21 15:12:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/21 15:12:20 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/21 15:12:07 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/21 15:11:58 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/21 15:11:31 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/21 15:11:25 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/21 15:11:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/21 15:11:24 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/21 15:11:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/21 15:11:23 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/21 15:11:23 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/21 15:11:23 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/21 15:11:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/21 15:11:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/21 15:11:21 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/21 15:11:21 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/21 15:11:21 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/21 15:11:21 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/21 15:11:21 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/21 15:11:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/21 15:11:20 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/21 15:11:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/21 15:11:19 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/21 15:11:19 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/21 15:11:19 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/21 15:11:19 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/21 15:11:19 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/21 15:11:18 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/21 15:11:17 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/21 15:08:45 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/21 15:08:36 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/21 14:54:25 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/21 14:54:25 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/21 14:54:25 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/21 14:54:25 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/21 14:54:24 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/21 14:54:24 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/13 23:24:03 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Spyware Terminator.lnk [2010/05/13 23:22:14 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2010/05/11 22:54:55 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2010/05/10 22:06:01 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\nazia\ntuser.dat [2010/01/03 16:56:18 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI [2009/12/11 17:14:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE RX585DEFGIPS.ini [2008/04/17 21:36:10 | 000,446,976 | ---- | C] () -- C:\WINDOWS\System32\ShellMPD.dll [2008/04/17 13:26:19 | 000,000,506 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI [2008/04/17 13:21:12 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\ScFBPNT2.sys [2007/08/03 10:36:40 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini [2007/08/03 10:34:54 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDED92Euro.ini [2006/06/12 20:02:08 | 000,000,379 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006/05/04 00:12:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006/05/03 23:53:32 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll [2006/05/03 23:52:50 | 000,000,344 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2004/08/20 11:45:35 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini [2004/08/12 09:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll [2004/08/05 14:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004264_.tmp.dll [2004/08/05 14:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004232_.tmp.dll [1999/01/22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL [color=#E56717]========== LOP Check ==========[/color] [2010/05/21 17:47:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Application Data [2010/05/22 01:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Bureau [2010/05/21 18:45:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrateur\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Favoris [2010/05/10 21:59:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrateur\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Modèles [2010/05/21 19:04:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\Recent [2006/06/07 16:26:25 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Administrateur\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Administrateur\Voisinage réseau [2010/05/13 23:22:10 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2010/05/21 18:43:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Bureau [2010/05/13 22:40:38 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Documents [2010/04/07 18:46:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\DRM [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Favoris [2010/05/21 15:14:44 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Menu Démarrer [2009/12/11 17:14:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Modèles [2006/05/04 00:09:16 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data [2008/04/17 21:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Bureau [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Default User\Cookies [2006/05/04 00:06:05 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Favoris [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:42:00 | 000,000,000 | R--D | M] -- C:\Documents and Settings\Default User\Mes documents [2010/05/21 14:54:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Modèles [2004/08/20 11:42:00 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Recent [2010/05/21 15:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\SendTo [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Default User\Voisinage réseau [2006/11/07 19:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data [2004/08/20 11:30:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:41:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Local Settings [2010/05/13 22:41:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Application Data [2010/05/22 01:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Bureau [2010/05/13 23:38:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Cookies [2010/05/01 20:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Favoris [2010/01/07 14:53:07 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IECompatCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\IETldCache [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Menu Démarrer [2010/05/11 20:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\Mes documents [2010/05/10 22:06:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Modèles [2009/11/30 23:22:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\PrivacIE [2010/05/10 15:47:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Recent [2010/05/10 22:06:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\SendTo [2006/11/07 19:57:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\nazia\UserData [2004/08/20 11:30:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage d'impression [2008/12/27 17:51:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\nazia\Voisinage réseau [2006/06/08 17:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\nazia\WINDOWS [2004/08/20 11:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data [2006/06/12 20:36:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\NetworkService\Cookies [2004/08/20 11:41:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\NetworkService\Local Settings [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:AGP440.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:AGP440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys [2008/04/13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\System32\drivers\agp440.sys [2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS [2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:atapi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys [2008/04/13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\System32\drivers\atapi.sys [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys [2004/08/05 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:cdrom.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\cdrom.sys [2008/04/13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\System32\drivers\cdrom.sys [2004/08/05 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\i386\cdrom.sys [2004/08/05 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys [color=#A23BEC]< MD5 for: CHANGER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Changer.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\changer.sys [2008/04/13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\changer.sys [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:disk.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:disk.sys [2004/08/05 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys [2004/08/05 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\disk.sys [2008/04/13 20:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\System32\drivers\disk.sys [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color] [2004/08/05 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\i386\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll [2004/08/05 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\eventlog.dll [2008/04/14 04:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color] [2005/04/25 17:28:14 | 000,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys [2008/04/13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\System32\drivers\ndis.sys [2004/08/05 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\i386\ndis.sys [2004/08/05 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\netlogon.dll [2008/04/14 04:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\e5d538fd9a974271877bfc69f00e1e0a\sp2qfe\netlogon.dll [2009/02/06 20:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\SoftwareDistribution\Download\fd39c169e8cb784cefd1d3b2f372297e\sp2qfe\netlogon.dll [2004/08/05 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\i386\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll [2004/08/05 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color] [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys [2005/05/18 00:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\System32\drivers\NvAtaBus.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2004/08/05 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\i386\rasacd.sys [2004/08/05 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\System32\drivers\rasacd.sys [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2005/06/10 06:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\ServicePackFiles\i386\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\rdpwd.sys [2008/04/14 04:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\System32\drivers\rdpwd.sys [2005/06/10 06:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\i386\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtServicePackUninstall$\rdpwd.sys [2004/08/05 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\scecli.dll [2008/04/14 04:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll [2004/08/05 13:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\i386\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2004/08/05 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:Sfloppy.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Sfloppy.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:Sfloppy.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:Sfloppy.sys [2004/08/05 13:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\i386\sfloppy.sys [2004/08/05 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\$NtServicePackUninstall$\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\ServicePackFiles\i386\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sfloppy.sys [2008/04/13 20:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\System32\drivers\sfloppy.sys [color=#A23BEC]< MD5 for: SPLITTER.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:splitter.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:splitter.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:splitter.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\i386\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtServicePackUninstall$\splitter.sys [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 10:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\ServicePackFiles\i386\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\splitter.sys [2008/04/13 20:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\System32\drivers\splitter.sys [color=#A23BEC]< MD5 for: SWMIDI.SYS >[/color] [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:swmidi.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:swmidi.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\ServicePackFiles\i386\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\swmidi.sys [2008/04/13 20:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\System32\drivers\swmidi.sys [2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\i386\swmidi.sys [2004/08/05 14:00:00 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2004/08/05 13:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\i386\tdpipe.sys [2004/08/05 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\$NtServicePackUninstall$\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\ServicePackFiles\i386\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdpipe.sys [2008/04/14 04:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\System32\drivers\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\ServicePackFiles\i386\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdtcp.sys [2008/04/14 04:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\System32\drivers\tdtcp.sys [2004/08/05 13:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\i386\tdtcp.sys [2004/08/05 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\$NtServicePackUninstall$\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbprint.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbprint.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbprint.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbprint.sys [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\$NtServicePackUninstall$\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\ServicePackFiles\i386\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbprint.sys [2008/04/13 20:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\System32\drivers\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2004/08/05 13:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\i386\sp2.cab:usbscan.sys [2004/08/05 14:00:00 | 018,779,217 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbscan.sys [2010/05/21 16:17:02 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\sp3.cab:usbscan.sys [2009/03/27 20:17:57 | 023,892,017 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sp3.cab:usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\ServicePackFiles\i386\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\327771f7f3830b5acec68906a2aac4ab\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbscan.sys [2008/04/13 20:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\System32\drivers\usbscan.sys [2004/08/03 22:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\$NtServicePackUninstall$\usbscan.sys [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [254 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] < End of report >

hervax · le 22 Mai 2010 09:34

PS: j'ai encore quelques questions:
1. sais-tu comment accéder au compte "administrateur" autrement qu'en mode sans échec ? Apparemment, le registre n'est pas verrouillé sur ce compte et ça pourrait être une piste, si ce n'est pas une infection virale...
2. je ne comprends pas pourquoi seule une partie du registre ne peut pas être modifiée ? Par exemple, avec regedit, le simple fait d'ouvrir une clé HKCU et de cliquer sur "Ok" pour la refermer provoque une erreur "impossible de modifier xxx : erreur lors de l'écriture du nouveau contenu de la valeur". Ce n'est pas le cas pour les autres branches du registre (HKRoots, HKLM, HKCurrentConfig). Le problème apparaît aussi avec une des branches de HKUsers (probablement celle qui correspond à sa session)...
3. Pour info, parmi les petits problèmes "annexes" dans sa session:
- le fait de double-cliquer sur l'icône "internet explorer" du bureau crée un raccourci sur le bureau. En faisant un clic droit sur l'icône d'IE, je n'ai effectivement que "Créer un raccourci", "supprimer", "renommer" et "propriétés";
- je n'arrive pas à ouvrir la corbeille (rien ne se passe quand on double-clique dessus);
- le clavier est en mode qwerty;
- si je désactive le pare-feu de Windows, je reçois une alerte de sécurité (info bulle) m'indiquant que Norton Internet Worm protection a été désactivé

... Il n'y a pourtant aucun produit Symantec installé sur son PC ...

A+, RV...

jeanmimigab · le 22 Mai 2010 10:23

re,
pour le registre, l'infection s'attaque en priorité à la clef HKCU , d'où les problèmes plus fréquent sur la session infectée
Je te prépare le script, et ont fais le point après pour voir si il y a des changements :wink:

jeanmimigab · le 22 Mai 2010 11:12

ok,

c'est le souk dans le registre :-?

fais cela stp...

A exécuter impérativement sur la cession qui est la plus infectée (apparemment nazia)

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\WINDOWS\System32\_004264_.tmp.dll
C:\WINDOWS\System32\_004232_.tmp.dll
C:\i386\eventlog.dll | C:\WINDOWS\ServicePackFiles\i386\eventlog.dll /replace
C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll | C:\WINDOWS\ServicePackFiles\i386\eventlog.dll /replace
C:\WINDOWS\system32\eventlog.dll | C:\WINDOWS\ServicePackFiles\i386\eventlog.dll /replace

:OTL
O4 - Startup: C:\Documents and Settings\Administrateur\Application Data [2010/05/21 17:47:48 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Bureau [2010/05/22 01:30:13 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Cookies [2010/05/21 18:45:33 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\IETldCache [2010/05/10 21:59:12 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Modèles [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\Administrateur\Recent [2010/05/21 19:04:02 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\SendTo [2006/06/07 16:26:25 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Administrateur\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Application Data [2010/05/13 23:22:10 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Bureau [2010/05/21 18:43:29 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Documents [2010/05/13 22:40:38 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\DRM [2010/04/07 18:46:51 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\All Users\Favoris [2004/08/20 11:30:24 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer [2010/05/21 15:14:44 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\All Users\Modèles [2009/12/11 17:14:59 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Application Data [2006/05/04 00:09:16 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Bureau [2008/04/17 21:44:29 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\Default User\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\Default User\Favoris [2006/05/04 00:06:05 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Default User\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Default User\Mes documents [2004/08/20 11:42:00 | 000,000,000 | R--D | M]
O4 - Startup: C:\Documents and Settings\Default User\Modèles [2010/05/21 14:54:25 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\Default User\Recent [2004/08/20 11:42:00 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\SendTo [2010/05/21 15:08:48 | 000,000,000 | RH-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\Default User\Voisinage réseau [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Application Data [2006/11/07 19:22:14 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\LocalService\Cookies [2004/08/20 11:30:24 | 000,000,000 | --SD | M]
O4 - Startup: C:\Documents and Settings\LocalService\Local Settings [2004/08/20 11:41:38 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\LocalService\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\nazia\Application Data [2010/05/13 22:41:34 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\Bureau [2010/05/22 01:30:06 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\nazia\Cookies [2010/05/13 23:38:26 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\Favoris [2010/05/01 20:02:25 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\nazia\IECompatCache [2010/01/07 14:53:07 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\nazia\IETldCache [2009/11/30 23:10:08 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\nazia\Local Settings [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\Menu Démarrer [2004/08/20 11:30:24 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\nazia\Mes documents [2010/05/11 20:22:03 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\nazia\Modèles [2010/05/10 22:06:12 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\ntuser.ini ()
O4 - Startup: C:\Documents and Settings\nazia\PrivacIE [2009/11/30 23:22:13 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\nazia\Recent [2010/05/10 15:47:36 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\SendTo [2010/05/10 22:06:13 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\UserData [2006/11/07 19:57:56 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\nazia\Voisinage d'impression [2004/08/20 11:30:24 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\Voisinage réseau [2008/12/27 17:51:49 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\nazia\WINDOWS [2006/06/08 17:55:48 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Application Data [2004/08/20 11:41:36 | 000,000,000 | ---D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Cookies [2006/06/12 20:36:00 | 000,000,000 | -HSD | M]
O4 - Startup: C:\Documents and Settings\NetworkService\Local Settings [2004/08/20 11:41:36 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\NetworkService\ntuser.ini ()

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Si OTL te demande de redémarrer le pc, accepte...

Plus d'internet et base de registre verrouillée

Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Re: Plus d'internet et base de registre verrouillée

Sujets similaires

Qui est en ligne