Aller au contenu

Kleen

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    11

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Francais

Kleen's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Kleen

    MOZILLA FIREFOX [Résolu]

    Kleen a posté un sujet dans Software

    Salut ! J'ai téléchargé la version 3.6.10 de Mozilla Firefox ce matin. La première fois que je l'ai utilisé il marchait. Mais après une boite de message s'ouvre et dit ceci : Windows ne trouve pas C:\Program Files\Mozilla Firefox\firefox.exe . Pourtant quand j'utilise l'option rechercher dans le menu démarrer je le trouve, il est même présent dans le dossier de Mozilla dans Program Files A l'aide svp j'aimerais bien l'utiliser vu que c'est un membre de l'équipe de sécurité zebulon qui me l'a proposé .
  2. Kleen
    Hello. Merci encore pour ton aide et bonne continuation ! J'y vais de ce pas mettre résolu
  3. Kleen
    De rien ! Merci aussi pour la désinfection, t'es efficace ! J'attends tes instructions avec impatience
  4. Kleen
    Salut, je t'ai envoyé lel ien par MP. Et depuis qu'on a commencé la désinfection j'ai pas reçu d'alertes de mon antivirus
  5. Kleen
    Salut. J'ai beau cherché mais je trouve pas le dossier a supprimé . Y'a un autre dossier renommé en bleu : DRVSTORE, avec un sous-dossier dedans du nom de b57win32 en bleu aussi . Donc j'ai pas fait ce qui suit parce que j'ai pas encore trouvé le dossier, je préfère attendre tes conseils...
  6. Kleen
    Voilà Logfile of random's system information tool 1.08 (written by random/random) Run by Administrateur at 2010-09-15 23:00:55 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 29 GB (75%) free of 38 GB Total RAM: 1271 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:01:04, on 15/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.idjib.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 3D3A13.lnk = C:\WINDOWS\system32\088623\3D3A13.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 5995 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360] "DrvLsnr"=C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [2003-05-08 69632] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-09-07 949376] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 136176] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage 3D3A13.lnk - C:\WINDOWS\system32\088623\3D3A13.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2010-09-15 22:24:33 ----D---- C:\WINDOWS\temp 2010-09-15 22:23:53 ----A---- C:\ComboFix.txt 2010-09-15 20:15:11 ----D---- C:\Program Files\WinRAR 2010-09-15 13:16:57 ----A---- C:\Boot.bak 2010-09-15 13:16:52 ----RASHD---- C:\cmdcons 2010-09-15 13:15:03 ----A---- C:\WINDOWS\zip.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\SWSC.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\SWREG.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\sed.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\PEV.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\NIRCMD.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\MBR.exe 2010-09-15 13:15:03 ----A---- C:\WINDOWS\grep.exe 2010-09-15 13:13:17 ----D---- C:\WINDOWS\ERDNT 2010-09-15 11:53:28 ----D---- C:\Qoobox 2010-09-14 20:09:30 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-14 13:32:08 ----D---- C:\Program Files\trend micro 2010-09-14 13:32:07 ----D---- C:\rsit 2010-09-14 12:54:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2010-09-14 12:54:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-14 12:54:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-09-14 12:54:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-14 12:54:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-13 19:57:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 23:29:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-09-11 23:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-09-11 23:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-09-11 16:44:53 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:28:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\app 2010-09-11 13:28:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:27:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:27:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus 2 2010-09-11 00:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-09-11 00:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-09-11 00:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-09-11 00:24:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-09-11 00:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-09-11 00:23:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-09-11 00:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-09-11 00:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-09-11 00:23:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-09-11 00:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-09-11 00:22:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-09-11 00:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-09-11 00:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-09-11 00:22:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$ 2010-09-11 00:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-09-11 00:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-09-11 00:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-09-11 00:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-09-11 00:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-09-11 00:21:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-09-11 00:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-09-11 00:21:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-09-11 00:21:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-09-11 00:21:27 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-09-11 00:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-09-11 00:20:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-09-11 00:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-09-11 00:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-09-11 00:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-09-11 00:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-09-11 00:20:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-09-11 00:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-09-11 00:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-09-11 00:19:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-09-11 00:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-09-11 00:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-09-11 00:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-09-11 00:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-09-11 00:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-09-11 00:18:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-09-11 00:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-09-11 00:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-09-11 00:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-09-11 00:18:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-09-11 00:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-09-11 00:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-09-11 00:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-09-11 00:17:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-09-11 00:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-09-11 00:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-09-11 00:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-09-11 00:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-09-11 00:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-09-11 00:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-09-11 00:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-09-11 00:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-09-11 00:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-09-11 00:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-09-11 00:16:41 ----D---- C:\WINDOWS\ServicePackFiles 2010-09-11 00:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-09-11 00:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-09-11 00:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-09-11 00:16:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-09-11 00:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-09-11 00:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-09-11 00:15:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-09-11 00:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$ 2010-09-11 00:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-09-11 00:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$ 2010-09-11 00:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-09-11 00:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-09-11 00:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-09-11 00:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\muweb.dll 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-09-10 11:31:57 ----D---- C:\Program Files\Dofus 2 2010-09-10 11:31:50 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2010-09-09 20:06:49 ----D---- C:\Program Files\Microsoft 2010-09-09 20:06:33 ----D---- C:\Program Files\Windows Live SkyDrive 2010-09-09 20:06:10 ----D---- C:\Program Files\Windows Live 2010-09-09 19:55:37 ----D---- C:\WINDOWS\system32\CatRoot_bak 2010-09-09 19:39:28 ----N---- C:\WINDOWS\system32\drivers\bthport.sys 2010-09-09 19:30:29 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2010-09-09 19:30:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2010-09-09 19:19:27 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-09-09 19:09:51 ----D---- C:\Program Files\Fichiers communs\Windows Live 2010-09-09 19:05:05 ----D---- C:\WINDOWS\system32\PreInstall 2010-09-09 19:05:04 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2010-09-09 19:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-09-09 19:05:02 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-09 19:00:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Macromedia 2010-09-09 19:00:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe 2010-09-09 18:59:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan 2010-09-09 18:59:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2010-09-09 18:59:08 ----D---- C:\Program Files\McAfee Security Scan 2010-09-07 11:50:38 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-09-07 11:50:17 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2010-09-07 11:48:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-09-07 11:47:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\imon.dll 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\drivers\nod32drv.sys 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\drivers\amon.sys 2010-09-07 11:44:19 ----D---- C:\Program Files\ESET 2010-09-07 11:42:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-09-07 11:42:41 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-09-07 11:42:41 ----D---- C:\Program Files\Adobe 2010-09-07 11:41:43 ----D---- C:\Program Files\Mozilla Firefox 2010-09-07 11:41:05 ----D---- C:\Program Files\VideoLAN 2010-09-07 11:40:49 ----D---- C:\Program Files\SuperCopier2 2010-09-07 11:38:57 ----D---- C:\Program Files\Microsoft Works 2010-09-07 11:38:48 ----D---- C:\Program Files\MSBuild 2010-09-07 11:38:34 ----D---- C:\Program Files\Microsoft Visual Studio 2010-09-07 11:38:33 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2010-09-07 11:35:08 ----D---- C:\WINDOWS\SHELLNEW 2010-09-07 11:34:38 ----D---- C:\Program Files\Microsoft Office 2010-09-07 11:34:37 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-09-07 11:34:18 ----RD---- C:\MSOCache 2010-09-07 11:28:29 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys 2010-09-07 04:54:05 ----A---- C:\WINDOWS\system32\igfxres.dll 2010-09-04 12:23:26 ----A---- C:\WINDOWS\system32\h323log.txt 2010-09-04 12:21:03 ----A---- C:\WINDOWS\system32\drivers\audstub.sys 2010-09-04 12:20:31 ----A---- C:\WINDOWS\system32\drivers\redbook.sys 2010-09-04 12:20:10 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys 2010-09-04 12:19:55 ----A---- C:\WINDOWS\system32\drivers\intelide.sys 2010-09-04 12:19:53 ----A---- C:\WINDOWS\system32\usbui.dll 2010-09-04 12:18:56 ----A---- C:\WINDOWS\imsins.BAK 2010-09-04 12:18:53 ----SHD---- C:\WINDOWS\Installer 2010-09-04 12:18:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-04 12:18:52 ----D---- C:\Program Files\Fichiers communs\ODBC 2010-09-04 12:18:52 ----A---- C:\WINDOWS\ODBCINST.INI 2010-09-04 12:18:49 ----RD---- C:\Program Files 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdur.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdru.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdest.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdro.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\irclass.dll 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\dgsetup.dll 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2010-09-04 12:18:38 ----A---- C:\WINDOWS\system32\spxcoins.dll 2010-09-04 12:18:38 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2010-09-04 12:18:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2010-09-04 12:18:37 ----A---- C:\WINDOWS\TASKMAN.EXE 2010-09-04 12:18:37 ----A---- C:\WINDOWS\system32\drivers\irenum.sys 2010-09-04 12:18:36 ----A---- C:\WINDOWS\system32\batt.dll 2010-09-04 12:18:36 ----A---- C:\WINDOWS\NOTEPAD.EXE 2010-09-04 12:18:35 ----A---- C:\WINDOWS\system32\storprop.dll 2010-09-04 12:18:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2010-09-04 12:18:24 ----RA---- C:\WINDOWS\SET8.tmp 2010-09-04 12:18:21 ----RA---- C:\WINDOWS\SET4.tmp 2010-09-04 12:18:20 ----RA---- C:\WINDOWS\SET3.tmp 2010-09-04 12:18:15 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-04 12:18:15 ----D---- C:\WINDOWS\system32\CatRoot 2010-09-04 12:18:09 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-09-04 12:17:52 ----A---- C:\WINDOWS\setuplog.txt 2010-09-04 12:17:48 ----SHD---- C:\System Volume Information 2010-09-04 12:17:48 ----D---- C:\Documents and Settings 2010-09-04 12:17:19 ----RASH---- C:\boot.ini 2010-09-04 12:12:22 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-04 12:12:22 ----RSD---- C:\WINDOWS\Fonts 2010-09-04 12:12:22 ----RD---- C:\WINDOWS\Web 2010-09-04 12:12:22 ----HD---- C:\WINDOWS\inf 2010-09-04 12:12:22 ----D---- C:\WINDOWS\WinSxS 2010-09-04 12:12:22 ----D---- C:\WINDOWS\twain_32 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\wins 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\wbem 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\usmt 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\spool 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ShellExt 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\Setup 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ras 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\oobe 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\npp 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\mui 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\inetsrv 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\IME 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\icsxml 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ias 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\export 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers\etc 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers\disdn 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\dhcp 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\config 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\3com_dmi 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\3076 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\2052 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1054 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1042 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1041 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1037 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1036 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1033 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1031 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1028 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1025 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system 2010-09-04 12:12:22 ----D---- C:\WINDOWS\security 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Resources 2010-09-04 12:12:22 ----D---- C:\WINDOWS\repair 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Provisioning 2010-09-04 12:12:22 ----D---- C:\WINDOWS\PeerNet 2010-09-04 12:12:22 ----D---- C:\WINDOWS\pchealth 2010-09-04 12:12:22 ----D---- C:\WINDOWS\mui 2010-09-04 12:12:22 ----D---- C:\WINDOWS\msapps 2010-09-04 12:12:22 ----D---- C:\WINDOWS\msagent 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Media 2010-09-04 12:12:22 ----D---- C:\WINDOWS\java 2010-09-04 12:12:22 ----D---- C:\WINDOWS\ime 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Help 2010-09-04 12:12:22 ----D---- C:\WINDOWS\ehome 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Driver Cache 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Debug 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Cursors 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Connection Wizard 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Config 2010-09-04 12:12:22 ----D---- C:\WINDOWS\AppPatch 2010-09-04 12:12:22 ----D---- C:\WINDOWS\addins 2010-09-04 12:12:22 ----D---- C:\WINDOWS 2010-09-04 12:12:21 ----ASH---- C:\pagefile.sys 2010-09-04 10:49:32 ----A---- C:\WINDOWS\system32\drivers\splitter.sys 2010-09-04 10:49:30 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys 2010-09-04 10:49:28 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys 2010-09-04 10:49:27 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys 2010-09-04 10:49:26 ----A---- C:\WINDOWS\system32\drivers\aec.sys 2010-09-04 10:49:24 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys 2010-09-04 10:49:23 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys 2010-09-04 10:49:22 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys 2010-09-04 10:49:21 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010-09-04 10:49:19 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys 2010-09-04 10:49:17 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\ksuser.dll 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\drivers\portcls.sys 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\drivers\drmk.sys 2010-09-04 10:49:11 ----A---- C:\WINDOWS\system32\drivers\smsens.sys 2010-09-04 10:49:11 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys 2010-09-04 10:49:10 ----D---- C:\Program Files\Analog Devices 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\wdmioctl.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\Syncor11.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\SMMedia.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\S11thk32.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\DSndUp.exe 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\CleanUp.exe 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\a3d.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\SynthCoreA.Dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\SynCor.exe 2010-09-04 10:49:09 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-04 10:49:01 ----D---- C:\Program Files\Fichiers communs\InstallShield 2010-09-04 10:47:51 ----D---- C:\swsetup 2010-09-04 10:47:26 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys 2010-09-04 10:47:23 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys 2010-09-04 10:47:16 ----A---- C:\WINDOWS\system32\Baspxp32.dll 2010-09-04 10:47:06 ----D---- C:\WINDOWS\Downloaded Installations 2010-09-04 10:46:48 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-09-04 10:46:48 ----A---- C:\WINDOWS\system32\drivers\b57xp32.sys 2010-09-04 10:46:47 ----D---- C:\Program Files\Broadcom 2010-09-04 10:45:57 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS 2010-09-04 10:37:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\Identities 2010-09-04 10:37:35 ----HD---- C:\Program Files\Uninstall Information 2010-09-04 10:37:25 ----ASH---- C:\Documents and Settings\Administrateur\Application Data\desktop.ini 2010-09-04 10:37:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2010-09-04 10:37:19 ----D---- C:\WINDOWS\SoftwareDistribution 2010-09-04 10:37:16 ----SD---- C:\WINDOWS\system32\Microsoft 2010-09-04 10:37:16 ----D---- C:\WINDOWS\Prefetch 2010-09-04 10:37:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-04 10:28:57 ----D---- C:\WINDOWS\system32\xircom 2010-09-04 10:28:57 ----D---- C:\Program Files\xerox 2010-09-04 10:28:57 ----D---- C:\Program Files\microsoft frontpage 2010-09-04 10:28:35 ----RASH---- C:\MSDOS.SYS 2010-09-04 10:28:35 ----RASH---- C:\IO.SYS 2010-09-04 10:28:35 ----A---- C:\WINDOWS\control.ini 2010-09-04 10:28:35 ----A---- C:\CONFIG.SYS 2010-09-04 10:28:35 ----A---- C:\AUTOEXEC.BAT 2010-09-04 10:28:19 ----A---- C:\WINDOWS\OEWABLog.txt 2010-09-04 10:28:14 ----A---- C:\WINDOWS\system32\mapi32.dll 2010-09-04 10:27:14 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-04 10:27:14 ----RD---- C:\WINDOWS\Offline Web Pages 2010-09-04 10:27:14 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2010-09-04 10:27:08 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2010-09-04 10:27:03 ----HD---- C:\Program Files\WindowsUpdate 2010-09-04 10:26:59 ----D---- C:\Program Files\Services en ligne 2010-09-04 10:26:44 ----D---- C:\WINDOWS\system32\DirectX 2010-09-04 10:26:29 ----A---- C:\WINDOWS\system32\atrace.dll 2010-09-04 10:26:27 ----A---- C:\WINDOWS\system32\desktop.ini 2010-09-04 10:26:27 ----A---- C:\WINDOWS\desktop.ini 2010-09-04 10:26:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2010-09-04 10:26:21 ----A---- C:\WINDOWS\system32\acctres.dll 2010-09-04 10:26:20 ----D---- C:\Program Files\Fichiers communs\Services 2010-09-04 10:26:19 ----SD---- C:\WINDOWS\Tasks 2010-09-04 10:26:19 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2010-09-04 10:26:18 ----D---- C:\Program Files\Fichiers communs\MSSoap 2010-09-04 10:26:15 ----D---- C:\WINDOWS\srchasst 2010-09-04 10:26:14 ----D---- C:\WINDOWS\system32\Macromed 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuweb.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wucltui.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuauserv.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wups.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuaueng.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuauclt.exe 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuapi.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\qmgr.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2010-09-04 10:26:08 ----D---- C:\Program Files\Movie Maker 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrslv.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrdm.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\racpldlg.dll 2010-09-04 10:26:02 ----D---- C:\WINDOWS\system32\Restore 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\fltMc.exe 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\fltlib.dll 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srsvc.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srrstr.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srclient.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\mnmdd.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\ils.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\drivers\sr.sys 2010-09-04 10:26:00 ----A---- C:\WINDOWS\system32\msconf.dll 2010-09-04 10:26:00 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2010-09-04 10:25:58 ----D---- C:\Program Files\NetMeeting 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\msoert2.dll 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\msoeacct.dll 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\inetres.dll 2010-09-04 10:25:57 ----A---- C:\WINDOWS\system32\inetcomm.dll 2010-09-04 10:25:56 ----D---- C:\Program Files\Outlook Express 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\schedsvc.dll 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\mstinit.exe 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\mstask.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\isign32.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\inetcfg.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\icwphbk.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\icwdial.dll 2010-09-04 10:25:51 ----D---- C:\Program Files\Fichiers communs\System 2010-09-04 10:25:50 ----D---- C:\Program Files\Internet Explorer 2010-09-04 10:25:11 ----D---- C:\Program Files\ComPlus Applications 2010-09-04 10:25:09 ----A---- C:\WINDOWS\vbaddin.ini 2010-09-04 10:25:09 ----A---- C:\WINDOWS\vb.ini 2010-09-04 10:25:05 ----D---- C:\WINDOWS\Registration 2010-09-04 10:24:57 ----D---- C:\Program Files\Windows Media Player 2010-09-04 10:24:57 ----D---- C:\Program Files\Online Services 2010-09-04 10:24:52 ----D---- C:\Program Files\Messenger 2010-09-04 10:24:49 ----D---- C:\Program Files\MSN Gaming Zone 2010-09-04 10:24:49 ----A---- C:\WINDOWS\system32\write.exe 2010-09-04 10:24:43 ----A---- C:\WINDOWS\system32\sndvol32.exe 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\winchat.exe 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\hticons.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avwav.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avtapi.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avmeter.dll 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\getuname.dll 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\charmap.exe 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\calc.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\winmine.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tslabels.ini 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tskill.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\sol.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\reset.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\mshearts.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\freecell.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\tscon.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\shadow.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\rwinsta.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\regini.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\qwinsta.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\qappsrv.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\msg.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\logoff.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\cdmodem.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\stclient.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxex.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxdm.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comsnap.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comrepl.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comaddin.dll 2010-09-04 10:24:30 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2010-09-04 10:24:22 ----D---- C:\Program Files\MSN 2010-09-04 10:24:22 ----A---- C:\WINDOWS\system32\accwiz.exe 2010-09-04 10:24:21 ----D---- C:\Program Files\Windows NT 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\sndrec32.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\mspaint.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\mplay32.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\hypertrm.dll 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\clipbrd.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\spider.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\remotepg.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\rdshost.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\mstscax.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\mstsc.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys 2010-09-04 10:24:19 ----D---- C:\WINDOWS\system32\MsDtc 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\termsrv.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\sessmgr.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpclip.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdchost.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\qprocess.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\icaapi.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\xolehlp.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\mtxoci.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtctm.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtclog.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtc.exe 2010-09-04 10:24:17 ----D---- C:\WINDOWS\system32\Com 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\colbact.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\clbcatex.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrvut.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrvps.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrv.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\comuid.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\comsvcs.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\clbcatq.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\servdeps.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\mmfutil.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\licwmi.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\cmprops.dll 2010-09-04 10:24:08 ----A---- C:\WINDOWS\system32\drivers\termdd.sys 2010-09-04 10:24:08 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys ======List of files/folders modified in the last 1 months====== 2010-09-15 22:22:46 ----A---- C:\WINDOWS\system.ini 2010-09-11 23:26:41 ----A---- C:\WINDOWS\win.ini 2010-09-04 10:28:01 ----ASH---- C:\WINDOWS\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-09-07 15424] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-09-07 512096] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640] R3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2008-06-06 98816] S3 mbr;mbr; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys [] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-09-07 552064] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF-----------------
  7. Kleen
    Ok désolé j'avais pas bien compris. Rapport : ComboFix 10-09-14.05 - Administrateur 15/09/2010 22:20:45.3.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1271.844 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\Kleen.exe Commutateurs utilisés :: c:\documents and settings\Administrateur\Bureau\CFScript.txt AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} file zipped: c:\windows\system32\explorer.vbe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\0A092D c:\windows\system32\0A092D\shell.fne c:\windows\system32\0A092D\spec.fne c:\windows\system32\A6F0DD c:\windows\system32\A6F0DD\5b5eaea1.txt c:\windows\system32\A6F0DD\75beb4ed.txt c:\windows\system32\BA69BF c:\windows\system32\BA69BF\41f944.txt c:\windows\system32\BA69BF\df2e11.txt c:\windows\system32\explorer.vbe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-15 au 2010-09-15 )))))))))))))))))))))))))))))))))))) . 2010-09-14 19:09 . 2010-09-14 19:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- c:\program files\trend micro 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- C:\rsit 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-13 18:57 . 2010-09-13 18:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-12 18:35 . 2010-09-12 18:35 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2010-09-11 15:44 . 2010-09-11 15:44 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\app 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-14 19:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus 2 2010-09-11 12:27 . 2010-09-11 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 23:16 . 2010-09-10 23:16 -------- d-----w- c:\windows\ServicePackFiles 2010-09-10 15:31 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-09-10 15:31 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-09-10 10:31 . 2010-09-10 10:32 -------- d-----w- c:\program files\Dofus 2 2010-09-10 10:31 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 10:31 . 2010-09-10 10:31 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Google 2010-09-09 19:07 . 2010-09-15 20:24 -------- d-----w- c:\documents and settings\Administrateur\Tracing 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Microsoft 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live 2010-09-09 18:55 . 2010-09-10 15:52 -------- d-----w- c:\windows\system32\CatRoot_bak 2010-09-09 18:39 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys 2010-09-09 18:32 . 2010-02-16 19:33 2060416 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-09-09 18:32 . 2010-02-16 19:32 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-09-09 18:32 . 2010-02-16 19:33 2183424 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-09-09 18:32 . 2010-02-16 19:32 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-09-09 18:30 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-09-09 18:09 . 2010-09-09 18:09 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2010-09-09 18:08 . 2010-09-09 18:08 -------- d-s---w- c:\documents and settings\Administrateur\UserData 2010-09-09 18:05 . 2008-07-09 07:40 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2010-09-09 18:05 . 2010-09-11 12:54 -------- d--h--w- c:\windows\$hf_mig$ 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-09-09 17:59 . 2010-09-12 18:27 -------- d-----w- c:\program files\McAfee Security Scan 2010-09-07 10:47 . 2010-09-07 10:47 0 ----a-w- c:\windows\nsreg.dat 2010-09-07 10:47 . 2010-09-07 10:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla 2010-09-07 10:44 . 2010-09-07 10:44 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2010-09-07 10:44 . 2010-09-07 10:44 298104 ----a-w- c:\windows\system32\imon.dll 2010-09-07 10:44 . 2010-09-07 10:44 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2010-09-07 10:44 . 2010-09-15 12:00 -------- d-----w- c:\program files\ESET 2010-09-07 10:43 . 2010-09-07 10:43 68464 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-09-07 10:43 . 2010-09-12 14:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Adobe 2010-09-07 10:42 . 2010-09-07 10:43 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-09-07 10:41 . 2010-09-07 10:41 -------- d-----w- c:\program files\VideoLAN 2010-09-07 10:40 . 2010-09-07 10:40 -------- d-----w- c:\program files\SuperCopier2 2010-09-07 10:38 . 2010-09-12 23:02 -------- d-----w- c:\program files\Microsoft Works 2010-09-07 10:38 . 2010-09-07 10:38 -------- d-----w- c:\program files\MSBuild 2010-09-07 10:35 . 2010-09-07 10:38 -------- d-----w- c:\windows\SHELLNEW 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-15 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----r- C:\MSOCache 2010-09-07 10:28 . 2004-08-03 22:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-09-07 10:28 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-09-07 03:54 . 2005-09-20 08:36 147456 ----a-w- c:\windows\system32\igfxres.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-12 09:40 . 2001-08-28 12:00 48856 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-12 09:40 . 2001-08-28 12:00 368076 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Analog Devices 2010-09-04 09:49 . 2010-09-04 09:49 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2010-09-04 09:47 . 2010-09-04 09:46 -------- d-----w- c:\program files\Broadcom 2010-09-04 09:28 . 2010-09-04 09:28 -------- d-----w- c:\program files\microsoft frontpage 2010-09-04 09:27 . 2010-09-04 09:27 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-09-04 09:26 . 2010-09-04 09:26 -------- d-----w- c:\program files\Services en ligne 2010-09-04 09:25 . 2010-09-04 09:25 21892 ----a-w- c:\windows\system32\emptyregdb.dat . ((((((((((((((((((((((((((((( SnapShot@2010-09-15_12.20.23 ))))))))))))))))))))))))))))))))))))))))) . - 2010-09-07 10:39 . 2010-09-13 22:45 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2010-09-07 10:39 . 2010-09-15 15:14 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2010-08-04 14:13 . 2010-08-04 14:13 686080 c:\windows\Installer\aeae24.msp + 2010-09-07 10:39 . 2010-09-15 15:14 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2010-09-07 10:39 . 2010-09-13 22:45 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2010-09-07 10:39 . 2010-09-15 15:14 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2010-09-07 10:39 . 2010-09-13 22:45 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2010-09-07 10:39 . 2010-09-13 22:45 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-09-07 10:39 . 2010-09-15 15:14 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-09-07 10:39 . 2010-09-15 15:14 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2010-08-19 16:57 . 2010-08-19 16:57 3395584 c:\windows\Installer\aeae10.msp + 2010-09-07 10:39 . 2010-09-15 15:14 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2010-09-07 10:39 . 2010-09-15 15:14 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-07-23 00:04 . 2010-07-23 00:04 11395072 c:\windows\Installer\aeadfc.msp . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Google Update"="c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-09-10 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360] "DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-07 949376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [07/09/2010 11:44 15424] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232] . Contenu du dossier 'Tâches planifiées' 2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] 2010-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] . . ------- Examen supplémentaire ------- . uStart Page = www.idjib.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-15 22:22 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(712) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll . Heure de fin: 2010-09-15 22:23:53 ComboFix-quarantined-files.txt 2010-09-15 21:23 ComboFix2.txt 2010-09-15 19:30 ComboFix3.txt 2010-09-15 12:21 Avant-CF: 29 962 055 680 octets libres Après-CF: 29 956 579 328 octets libres - - End Of File - - 680B0C0221338AE4ACD35418D96D9B99 L'envoi a r‚ussi
  8. Kleen
    Slt. Bon le lien pour télécharger CFScript ne marchait pas, donc je l'ai téléchargé d'un autre site... La boite de message qui dit que ComboFix a besoin de soumettre les malwares a des analyses plus poussées n'est pas apparue... L'ordi n'as pas redémarré et la boite de message du fichier CF-Submit.htm n'est pas apparue aussi... Sinon un rapport a été généré et voici le contenu : ComboFix 10-09-14.05 - Administrateur 15/09/2010 20:26:01.2.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1271.888 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\Kleen.exe Commutateurs utilisés :: c:\documents and settings\Administrateur\Bureau\CFScript.txt AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FILE :: "c:\windows\jusched.exe" . ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-15 au 2010-09-15 )))))))))))))))))))))))))))))))))))) . 2010-09-14 19:09 . 2010-09-14 19:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- c:\program files\trend micro 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- C:\rsit 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-13 18:57 . 2010-09-13 18:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-12 21:39 . 2010-09-12 21:39 11590 --sha-r- c:\windows\system32\explorer.vbe 2010-09-12 18:35 . 2010-09-12 18:35 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2010-09-11 15:44 . 2010-09-11 15:44 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\app 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-14 19:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus 2 2010-09-11 12:27 . 2010-09-11 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 23:16 . 2010-09-10 23:16 -------- d-----w- c:\windows\ServicePackFiles 2010-09-10 15:31 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-09-10 15:31 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-09-10 10:31 . 2010-09-10 10:32 -------- d-----w- c:\program files\Dofus 2 2010-09-10 10:31 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 10:31 . 2010-09-10 10:31 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Google 2010-09-09 19:07 . 2010-09-15 16:37 -------- d-----w- c:\documents and settings\Administrateur\Tracing 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Microsoft 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live 2010-09-09 18:55 . 2010-09-10 15:52 -------- d-----w- c:\windows\system32\CatRoot_bak 2010-09-09 18:39 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys 2010-09-09 18:32 . 2010-02-16 19:33 2060416 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-09-09 18:32 . 2010-02-16 19:32 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-09-09 18:32 . 2010-02-16 19:33 2183424 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-09-09 18:32 . 2010-02-16 19:32 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-09-09 18:30 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-09-09 18:09 . 2010-09-09 18:09 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2010-09-09 18:08 . 2010-09-09 18:08 -------- d-s---w- c:\documents and settings\Administrateur\UserData 2010-09-09 18:05 . 2008-07-09 07:40 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2010-09-09 18:05 . 2010-09-11 12:54 -------- d--h--w- c:\windows\$hf_mig$ 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-09-09 17:59 . 2010-09-12 18:27 -------- d-----w- c:\program files\McAfee Security Scan 2010-09-07 10:47 . 2010-09-07 10:47 0 ----a-w- c:\windows\nsreg.dat 2010-09-07 10:47 . 2010-09-07 10:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla 2010-09-07 10:44 . 2010-09-07 10:44 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2010-09-07 10:44 . 2010-09-07 10:44 298104 ----a-w- c:\windows\system32\imon.dll 2010-09-07 10:44 . 2010-09-07 10:44 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2010-09-07 10:44 . 2010-09-15 12:00 -------- d-----w- c:\program files\ESET 2010-09-07 10:43 . 2010-09-07 10:43 68464 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-09-07 10:43 . 2010-09-12 14:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Adobe 2010-09-07 10:42 . 2010-09-07 10:43 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-09-07 10:41 . 2010-09-07 10:41 -------- d-----w- c:\program files\VideoLAN 2010-09-07 10:40 . 2010-09-07 10:40 -------- d-----w- c:\program files\SuperCopier2 2010-09-07 10:38 . 2010-09-12 23:02 -------- d-----w- c:\program files\Microsoft Works 2010-09-07 10:38 . 2010-09-07 10:38 -------- d-----w- c:\program files\MSBuild 2010-09-07 10:35 . 2010-09-07 10:38 -------- d-----w- c:\windows\SHELLNEW 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-15 15:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----r- C:\MSOCache 2010-09-07 10:33 . 2010-09-14 12:29 -------- d--h--w- c:\windows\system32\0A092D 2010-09-07 10:33 . 2010-09-09 18:05 -------- d--h--w- c:\windows\system32\A6F0DD 2010-09-07 10:33 . 2010-09-09 18:04 -------- d--h--w- c:\windows\system32\BA69BF 2010-09-07 10:28 . 2004-08-03 22:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-09-07 10:28 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-09-07 03:54 . 2005-09-20 08:36 147456 ----a-w- c:\windows\system32\igfxres.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-12 09:40 . 2001-08-28 12:00 48856 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-12 09:40 . 2001-08-28 12:00 368076 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Analog Devices 2010-09-04 09:49 . 2010-09-04 09:49 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2010-09-04 09:47 . 2010-09-04 09:46 -------- d-----w- c:\program files\Broadcom 2010-09-04 09:28 . 2010-09-04 09:28 -------- d-----w- c:\program files\microsoft frontpage 2010-09-04 09:27 . 2010-09-04 09:27 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-09-04 09:26 . 2010-09-04 09:26 -------- d-----w- c:\program files\Services en ligne 2010-09-04 09:25 . 2010-09-04 09:25 21892 ----a-w- c:\windows\system32\emptyregdb.dat . ((((((((((((((((((((((((((((( SnapShot@2010-09-15_12.20.23 ))))))))))))))))))))))))))))))))))))))))) . - 2010-09-07 10:39 . 2010-09-13 22:45 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 35088 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2010-09-07 10:39 . 2010-09-15 15:14 18704 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 20240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2010-08-04 14:13 . 2010-08-04 14:13 686080 c:\windows\Installer\aeae24.msp + 2010-09-07 10:39 . 2010-09-15 15:14 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2010-09-07 10:39 . 2010-09-13 22:45 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2010-09-07 10:39 . 2010-09-15 15:14 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2010-09-07 10:39 . 2010-09-13 22:45 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2010-09-07 10:39 . 2010-09-13 22:45 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2010-09-07 10:39 . 2010-09-15 15:14 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-09-07 10:39 . 2010-09-15 15:14 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2010-09-07 10:39 . 2010-09-15 15:14 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2010-09-07 10:39 . 2010-09-13 22:45 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2010-08-19 16:57 . 2010-08-19 16:57 3395584 c:\windows\Installer\aeae10.msp + 2010-09-07 10:39 . 2010-09-15 15:14 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2010-09-07 10:39 . 2010-09-15 15:14 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2010-09-07 10:39 . 2010-09-13 22:45 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2010-07-23 00:04 . 2010-07-23 00:04 11395072 c:\windows\Installer\aeadfc.msp . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Google Update"="c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-09-10 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360] "DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-07 949376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [07/09/2010 11:44 15424] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232] . Contenu du dossier 'Tâches planifiées' 2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] 2010-09-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] . . ------- Examen supplémentaire ------- . uStart Page = www.idjib.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-15 20:29 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(712) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll - - - - - - - > 'explorer.exe'(2696) c:\windows\system32\msi.dll . Heure de fin: 2010-09-15 20:30:58 ComboFix-quarantined-files.txt 2010-09-15 19:30 ComboFix2.txt 2010-09-15 12:21 Avant-CF: 29 798 641 664 octets libres Après-CF: 29 972 439 040 octets libres - - End Of File - - B3ECA05114E60ABF94D4BC61C1EFEDDF
  9. Kleen
    Salut Voici le rappot de ComboFix : ComboFix 10-09-14.04 - Administrateur 15/09/2010 13:17:40.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1271.933 [GMT 1:00] Lancé depuis: c:\documents and settings\Administrateur\Bureau\Kleen.exe AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\088623 c:\windows\system32\msssc.dll . ((((((((((((((((((((((((((((( Fichiers créés du 2010-08-15 au 2010-09-15 )))))))))))))))))))))))))))))))))))) . 2010-09-14 19:09 . 2010-09-14 19:09 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- c:\program files\trend micro 2010-09-14 12:32 . 2010-09-14 12:32 -------- d-----w- C:\rsit 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-14 11:54 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-14 11:54 . 2010-09-14 11:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-13 18:57 . 2010-09-13 18:57 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-12 21:39 . 2010-09-12 21:39 11590 --sha-r- c:\windows\system32\explorer.vbe 2010-09-12 18:35 . 2010-09-12 18:35 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee 2010-09-11 15:44 . 2010-09-11 15:44 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\app 2010-09-11 12:28 . 2010-09-11 12:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-14 19:28 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus 2 2010-09-11 12:27 . 2010-09-11 12:27 -------- d-----w- c:\documents and settings\Administrateur\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 12:27 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Administrateur\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 23:16 . 2010-09-10 23:16 -------- d-----w- c:\windows\ServicePackFiles 2010-09-10 15:31 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-09-10 15:31 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-09-10 10:31 . 2010-09-10 10:32 -------- d-----w- c:\program files\Dofus 2 2010-09-10 10:31 . 2010-09-10 10:31 53632 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-09-10 10:31 . 2010-09-10 10:31 -------- d-----w- c:\program files\Fichiers communs\Adobe AIR 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Temp 2010-09-10 09:23 . 2010-09-10 09:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Google 2010-09-09 19:07 . 2010-09-15 12:02 -------- d-----w- c:\documents and settings\Administrateur\Tracing 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Microsoft 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-09-09 19:06 . 2010-09-09 19:06 -------- d-----w- c:\program files\Windows Live 2010-09-09 18:55 . 2010-09-10 15:52 -------- d-----w- c:\windows\system32\CatRoot_bak 2010-09-09 18:39 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 -c----w- c:\windows\system32\dllcache\bthport.sys 2010-09-09 18:39 . 2008-06-14 17:59 272768 ------w- c:\windows\system32\drivers\bthport.sys 2010-09-09 18:32 . 2010-02-16 19:33 2060416 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-09-09 18:32 . 2010-02-16 19:32 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-09-09 18:32 . 2010-02-16 19:33 2183424 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe 2010-09-09 18:32 . 2010-02-16 19:32 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-09-09 18:30 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-09-09 18:09 . 2010-09-09 18:09 -------- d-----w- c:\program files\Fichiers communs\Windows Live 2010-09-09 18:08 . 2010-09-09 18:08 -------- d-s---w- c:\documents and settings\Administrateur\UserData 2010-09-09 18:05 . 2008-07-09 07:40 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2010-09-09 18:05 . 2010-09-11 12:54 -------- d--h--w- c:\windows\$hf_mig$ 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan 2010-09-09 17:59 . 2010-09-09 17:59 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2010-09-09 17:59 . 2010-09-12 18:27 -------- d-----w- c:\program files\McAfee Security Scan 2010-09-07 10:47 . 2010-09-07 10:47 0 ----a-w- c:\windows\nsreg.dat 2010-09-07 10:47 . 2010-09-07 10:47 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Mozilla 2010-09-07 10:44 . 2010-09-07 10:44 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2010-09-07 10:44 . 2010-09-07 10:44 298104 ----a-w- c:\windows\system32\imon.dll 2010-09-07 10:44 . 2010-09-07 10:44 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2010-09-07 10:44 . 2010-09-15 12:00 -------- d-----w- c:\program files\ESET 2010-09-07 10:43 . 2010-09-07 10:43 68464 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-09-07 10:43 . 2010-09-12 14:27 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Adobe 2010-09-07 10:42 . 2010-09-07 10:43 -------- d-----w- c:\program files\Fichiers communs\Adobe 2010-09-07 10:41 . 2010-09-07 10:41 -------- d-----w- c:\program files\VideoLAN 2010-09-07 10:40 . 2010-09-07 10:40 -------- d-----w- c:\program files\SuperCopier2 2010-09-07 10:38 . 2010-09-12 23:02 -------- d-----w- c:\program files\Microsoft Works 2010-09-07 10:38 . 2010-09-07 10:38 -------- d-----w- c:\program files\MSBuild 2010-09-07 10:35 . 2010-09-07 10:38 -------- d-----w- c:\windows\SHELLNEW 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-13 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-09-07 10:34 . 2010-09-07 10:34 -------- d-----r- C:\MSOCache 2010-09-07 10:33 . 2010-09-14 12:29 -------- d--h--w- c:\windows\system32\0A092D 2010-09-07 10:33 . 2010-09-09 18:05 -------- d--h--w- c:\windows\system32\A6F0DD 2010-09-07 10:33 . 2010-09-09 18:04 -------- d--h--w- c:\windows\system32\BA69BF 2010-09-07 10:28 . 2004-08-03 22:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-09-07 10:28 . 2004-08-03 22:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-09-07 03:54 . 2005-09-20 08:36 147456 ----a-w- c:\windows\system32\igfxres.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-12 09:40 . 2001-08-28 12:00 48856 ----a-w- c:\windows\system32\perfc00C.dat 2010-09-12 09:40 . 2001-08-28 12:00 368076 ----a-w- c:\windows\system32\perfh00C.dat 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Analog Devices 2010-09-04 09:49 . 2010-09-04 09:49 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-09-04 09:49 . 2010-09-04 09:49 -------- d-----w- c:\program files\Fichiers communs\InstallShield 2010-09-04 09:47 . 2010-09-04 09:46 -------- d-----w- c:\program files\Broadcom 2010-09-04 09:28 . 2010-09-04 09:28 -------- d-----w- c:\program files\microsoft frontpage 2010-09-04 09:27 . 2010-09-04 09:27 86331 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-09-04 09:26 . 2010-09-04 09:26 -------- d-----w- c:\program files\Services en ligne 2010-09-04 09:25 . 2010-09-04 09:25 21892 ----a-w- c:\windows\system32\emptyregdb.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Google Update"="c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-09-10 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360] "DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2010-09-07 949376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [07/09/2010 11:44 15424] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232] . Contenu du dossier 'Tâches planifiées' 2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500Core.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] 2010-09-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500UA.job - c:\documents and settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 09:23] . . ------- Examen supplémentaire ------- . uStart Page = www.idjib.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-3D3A13 - c:\windows\system32\088623\3D3A13.EXE ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-15 13:20 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'lsass.exe'(708) c:\windows\system32\imon.dll c:\program files\Eset\pr_imon.dll . Heure de fin: 2010-09-15 13:21:43 ComboFix-quarantined-files.txt 2010-09-15 12:21 Avant-CF: 29 375 225 856 octets libres Après-CF: 30 087 307 264 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect - - End Of File - - 18F6637CC1D56B51F5FF1B899DE3AE88
  10. Kleen
    Slt. Merci pour ta réponse et pas grave pour l'attente aussi Voila Le rapport de MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4613 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 14/09/2010 13:29:39 mbam-log-2010-09-14 (13-29-39).txt Type d'examen: Examen complet (C:\|) Elément(s) analysé(s): 159612 Temps écoulé: 27 minute(s), 32 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 15 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4 (Worm.Autorun) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\cnvpe.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\eAPI.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\HtmlView.fne (HackTool.Patcher) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\cnvpe.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\eAPI.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\HtmlView.fne (HackTool.Patcher) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\krnln.fnr (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\0A092D\RegEx.fnr (Worm.AutoRun) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\shell.fne (Worm.Autorun) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrateur\Local Settings\Temp\E_N4\spec.fne (Worm.Autorun) -> Quarantined and deleted successfully. Le Rapport de Log.txt : Logfile of random's system information tool 1.08 (written by random/random) Run by Administrateur at 2010-09-14 13:32:07 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 28 GB (74%) free of 38 GB Total RAM: 1271 MB (58% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:32:24, on 14/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Dofus 2\app\reg\Reg.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Administrateur\Bureau\RSIT.exe C:\Program Files\trend micro\Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.idjib.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing : R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\explorer.vbe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [3D3A13] C:\WINDOWS\system32\088623\3D3A13.EXE O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 3D3A13.lnk = C:\WINDOWS\system32\088623\3D3A13.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 6573 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1801674531-682003330-500UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688] "Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360] "DrvLsnr"=C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [2003-05-08 69632] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-09-07 949376] "3D3A13"=C:\WINDOWS\system32\088623\3D3A13.EXE [] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "Google Update"=C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-10 136176] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage 3D3A13.lnk - C:\WINDOWS\system32\088623\3D3A13.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2010-09-14 13:32:08 ----D---- C:\Program Files\trend micro 2010-09-14 13:32:07 ----D---- C:\rsit 2010-09-14 13:31:41 ----A---- C:\WINDOWS\system32\drivers\osytrnu.sys 2010-09-14 12:54:29 ----D---- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes 2010-09-14 12:54:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-14 12:54:21 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-09-14 12:54:21 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-14 12:54:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-13 19:57:48 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 23:29:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-09-11 23:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-09-11 23:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-09-11 16:44:53 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:28:25 ----D---- C:\Documents and Settings\Administrateur\Application Data\app 2010-09-11 13:28:24 ----D---- C:\Documents and Settings\Administrateur\Application Data\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:27:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 2010-09-11 13:27:20 ----D---- C:\Documents and Settings\Administrateur\Application Data\Dofus 2 2010-09-11 00:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-09-11 00:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-09-11 00:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-09-11 00:24:00 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-09-11 00:23:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-09-11 00:23:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-09-11 00:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-09-11 00:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-09-11 00:23:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-09-11 00:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-09-11 00:22:55 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-09-11 00:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-09-11 00:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-09-11 00:22:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$ 2010-09-11 00:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-09-11 00:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-09-11 00:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-09-11 00:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-09-11 00:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-09-11 00:21:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-09-11 00:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-09-11 00:21:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-09-11 00:21:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-09-11 00:21:27 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-09-11 00:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-09-11 00:20:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-09-11 00:20:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-09-11 00:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-09-11 00:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-09-11 00:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-09-11 00:20:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-09-11 00:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-09-11 00:19:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-09-11 00:19:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-09-11 00:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-09-11 00:19:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-09-11 00:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-09-11 00:19:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-09-11 00:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-09-11 00:18:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-09-11 00:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-09-11 00:18:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-09-11 00:18:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-09-11 00:18:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-09-11 00:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-09-11 00:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-09-11 00:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-09-11 00:17:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-09-11 00:17:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-09-11 00:17:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-09-11 00:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-09-11 00:17:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-09-11 00:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-09-11 00:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-09-11 00:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-09-11 00:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-09-11 00:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-09-11 00:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-09-11 00:16:41 ----D---- C:\WINDOWS\ServicePackFiles 2010-09-11 00:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-09-11 00:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-09-11 00:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-09-11 00:16:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-09-11 00:16:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-09-11 00:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-09-11 00:15:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-09-11 00:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$ 2010-09-11 00:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-09-11 00:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$ 2010-09-11 00:15:11 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-09-11 00:15:03 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-09-11 00:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-09-11 00:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\muweb.dll 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-09-10 16:31:34 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-09-10 11:31:57 ----D---- C:\Program Files\Dofus 2 2010-09-10 11:31:50 ----D---- C:\Program Files\Fichiers communs\Adobe AIR 2010-09-10 10:30:09 ----SHD---- C:\RECYCLER 2010-09-09 20:06:49 ----D---- C:\Program Files\Microsoft 2010-09-09 20:06:33 ----D---- C:\Program Files\Windows Live SkyDrive 2010-09-09 20:06:10 ----D---- C:\Program Files\Windows Live 2010-09-09 19:55:37 ----D---- C:\WINDOWS\system32\CatRoot_bak 2010-09-09 19:39:28 ----N---- C:\WINDOWS\system32\drivers\bthport.sys 2010-09-09 19:30:29 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2010-09-09 19:30:07 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2010-09-09 19:19:27 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-09-09 19:09:51 ----D---- C:\Program Files\Fichiers communs\Windows Live 2010-09-09 19:05:05 ----D---- C:\WINDOWS\system32\PreInstall 2010-09-09 19:05:04 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2010-09-09 19:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-09-09 19:05:02 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-09 19:00:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Macromedia 2010-09-09 19:00:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Adobe 2010-09-09 18:59:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan 2010-09-09 18:59:10 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee 2010-09-09 18:59:08 ----D---- C:\Program Files\McAfee Security Scan 2010-09-07 11:50:38 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-09-07 11:50:17 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2010-09-07 11:48:40 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-09-07 11:47:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Mozilla 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\imon.dll 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\drivers\nod32drv.sys 2010-09-07 11:44:35 ----A---- C:\WINDOWS\system32\drivers\amon.sys 2010-09-07 11:44:19 ----D---- C:\Program Files\ESET 2010-09-07 11:42:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-09-07 11:42:41 ----D---- C:\Program Files\Fichiers communs\Adobe 2010-09-07 11:42:41 ----D---- C:\Program Files\Adobe 2010-09-07 11:41:43 ----D---- C:\Program Files\Mozilla Firefox 2010-09-07 11:41:05 ----D---- C:\Program Files\VideoLAN 2010-09-07 11:40:49 ----D---- C:\Program Files\SuperCopier2 2010-09-07 11:38:57 ----D---- C:\Program Files\Microsoft Works 2010-09-07 11:38:48 ----D---- C:\Program Files\MSBuild 2010-09-07 11:38:34 ----D---- C:\Program Files\Microsoft Visual Studio 2010-09-07 11:38:33 ----D---- C:\Program Files\Fichiers communs\DESIGNER 2010-09-07 11:35:08 ----D---- C:\WINDOWS\SHELLNEW 2010-09-07 11:34:38 ----D---- C:\Program Files\Microsoft Office 2010-09-07 11:34:37 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2010-09-07 11:34:18 ----RHD---- C:\MSOCache 2010-09-07 11:33:10 ----HD---- C:\WINDOWS\system32\BA69BF 2010-09-07 11:33:10 ----HD---- C:\WINDOWS\system32\A6F0DD 2010-09-07 11:33:10 ----HD---- C:\WINDOWS\system32\0A092D 2010-09-07 11:33:10 ----HD---- C:\WINDOWS\system32\088623 2010-09-07 11:28:29 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys 2010-09-07 04:54:05 ----A---- C:\WINDOWS\system32\igfxres.dll 2010-09-04 12:23:26 ----A---- C:\WINDOWS\system32\h323log.txt 2010-09-04 12:21:03 ----A---- C:\WINDOWS\system32\drivers\audstub.sys 2010-09-04 12:20:31 ----A---- C:\WINDOWS\system32\drivers\redbook.sys 2010-09-04 12:20:10 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys 2010-09-04 12:19:55 ----A---- C:\WINDOWS\system32\drivers\intelide.sys 2010-09-04 12:19:53 ----A---- C:\WINDOWS\system32\usbui.dll 2010-09-04 12:18:56 ----A---- C:\WINDOWS\imsins.BAK 2010-09-04 12:18:53 ----SHD---- C:\WINDOWS\Installer 2010-09-04 12:18:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-04 12:18:52 ----D---- C:\Program Files\Fichiers communs\ODBC 2010-09-04 12:18:52 ----A---- C:\WINDOWS\ODBCINST.INI 2010-09-04 12:18:49 ----RD---- C:\Program Files 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs\SpeechEngines 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2010-09-04 12:18:49 ----D---- C:\Program Files\Fichiers communs 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2010-09-04 12:18:46 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdur.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdru.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2010-09-04 12:18:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2010-09-04 12:18:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2010-09-04 12:18:42 ----RA---- C:\WINDOWS\system32\kbdest.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdro.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2010-09-04 12:18:41 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\irclass.dll 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\dgsetup.dll 2010-09-04 12:18:39 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2010-09-04 12:18:38 ----A---- C:\WINDOWS\system32\spxcoins.dll 2010-09-04 12:18:38 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2010-09-04 12:18:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2010-09-04 12:18:37 ----A---- C:\WINDOWS\TASKMAN.EXE 2010-09-04 12:18:37 ----A---- C:\WINDOWS\system32\drivers\irenum.sys 2010-09-04 12:18:36 ----A---- C:\WINDOWS\system32\batt.dll 2010-09-04 12:18:36 ----A---- C:\WINDOWS\NOTEPAD.EXE 2010-09-04 12:18:35 ----A---- C:\WINDOWS\system32\storprop.dll 2010-09-04 12:18:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2010-09-04 12:18:24 ----RA---- C:\WINDOWS\SET8.tmp 2010-09-04 12:18:21 ----RA---- C:\WINDOWS\SET4.tmp 2010-09-04 12:18:20 ----RA---- C:\WINDOWS\SET3.tmp 2010-09-04 12:18:15 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-04 12:18:15 ----D---- C:\WINDOWS\system32\CatRoot 2010-09-04 12:18:09 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-09-04 12:17:52 ----A---- C:\WINDOWS\setuplog.txt 2010-09-04 12:17:48 ----SHD---- C:\System Volume Information 2010-09-04 12:17:48 ----D---- C:\Documents and Settings 2010-09-04 12:17:19 ----SH---- C:\boot.ini 2010-09-04 12:12:22 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-04 12:12:22 ----RSD---- C:\WINDOWS\Fonts 2010-09-04 12:12:22 ----RD---- C:\WINDOWS\Web 2010-09-04 12:12:22 ----HD---- C:\WINDOWS\inf 2010-09-04 12:12:22 ----D---- C:\WINDOWS\WinSxS 2010-09-04 12:12:22 ----D---- C:\WINDOWS\twain_32 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Temp 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\wins 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\wbem 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\usmt 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\spool 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ShellExt 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\Setup 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ras 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\oobe 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\npp 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\mui 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\inetsrv 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\IME 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\icsxml 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\ias 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\export 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers\etc 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers\disdn 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\drivers 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\dhcp 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\config 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\3com_dmi 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\3076 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\2052 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1054 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1042 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1041 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1037 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1036 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1033 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1031 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1028 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32\1025 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system32 2010-09-04 12:12:22 ----D---- C:\WINDOWS\system 2010-09-04 12:12:22 ----D---- C:\WINDOWS\security 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Resources 2010-09-04 12:12:22 ----D---- C:\WINDOWS\repair 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Provisioning 2010-09-04 12:12:22 ----D---- C:\WINDOWS\PeerNet 2010-09-04 12:12:22 ----D---- C:\WINDOWS\pchealth 2010-09-04 12:12:22 ----D---- C:\WINDOWS\mui 2010-09-04 12:12:22 ----D---- C:\WINDOWS\msapps 2010-09-04 12:12:22 ----D---- C:\WINDOWS\msagent 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Media 2010-09-04 12:12:22 ----D---- C:\WINDOWS\java 2010-09-04 12:12:22 ----D---- C:\WINDOWS\ime 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Help 2010-09-04 12:12:22 ----D---- C:\WINDOWS\ehome 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Driver Cache 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Debug 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Cursors 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Connection Wizard 2010-09-04 12:12:22 ----D---- C:\WINDOWS\Config 2010-09-04 12:12:22 ----D---- C:\WINDOWS\AppPatch 2010-09-04 12:12:22 ----D---- C:\WINDOWS\addins 2010-09-04 12:12:22 ----D---- C:\WINDOWS 2010-09-04 12:12:21 ----ASH---- C:\pagefile.sys 2010-09-04 10:49:32 ----A---- C:\WINDOWS\system32\drivers\splitter.sys 2010-09-04 10:49:30 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys 2010-09-04 10:49:28 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys 2010-09-04 10:49:27 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys 2010-09-04 10:49:26 ----A---- C:\WINDOWS\system32\drivers\aec.sys 2010-09-04 10:49:24 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys 2010-09-04 10:49:23 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys 2010-09-04 10:49:22 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys 2010-09-04 10:49:21 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys 2010-09-04 10:49:19 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys 2010-09-04 10:49:17 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\ksuser.dll 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\drivers\portcls.sys 2010-09-04 10:49:13 ----A---- C:\WINDOWS\system32\drivers\drmk.sys 2010-09-04 10:49:11 ----A---- C:\WINDOWS\system32\drivers\smsens.sys 2010-09-04 10:49:11 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys 2010-09-04 10:49:10 ----D---- C:\Program Files\Analog Devices 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\wdmioctl.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\Syncor11.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\SMMedia.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\S11thk32.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\DSndUp.exe 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\CleanUp.exe 2010-09-04 10:49:10 ----A---- C:\WINDOWS\system32\a3d.dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\SynthCoreA.Dll 2010-09-04 10:49:10 ----A---- C:\WINDOWS\SynCor.exe 2010-09-04 10:49:09 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-04 10:49:09 ----A---- C:\WINDOWS\system32\msssc.dll 2010-09-04 10:49:01 ----D---- C:\Program Files\Fichiers communs\InstallShield 2010-09-04 10:47:51 ----D---- C:\swsetup 2010-09-04 10:47:26 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys 2010-09-04 10:47:23 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys 2010-09-04 10:47:16 ----A---- C:\WINDOWS\system32\Baspxp32.dll 2010-09-04 10:47:06 ----D---- C:\WINDOWS\Downloaded Installations 2010-09-04 10:46:48 ----DC---- C:\WINDOWS\system32\DRVSTORE 2010-09-04 10:46:48 ----A---- C:\WINDOWS\system32\drivers\b57xp32.sys 2010-09-04 10:46:47 ----D---- C:\Program Files\Broadcom 2010-09-04 10:45:57 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS 2010-09-04 10:37:37 ----D---- C:\Documents and Settings\Administrateur\Application Data\Identities 2010-09-04 10:37:35 ----HD---- C:\Program Files\Uninstall Information 2010-09-04 10:37:25 ----ASH---- C:\Documents and Settings\Administrateur\Application Data\desktop.ini 2010-09-04 10:37:24 ----SD---- C:\Documents and Settings\Administrateur\Application Data\Microsoft 2010-09-04 10:37:19 ----D---- C:\WINDOWS\SoftwareDistribution 2010-09-04 10:37:16 ----SD---- C:\WINDOWS\system32\Microsoft 2010-09-04 10:37:16 ----D---- C:\WINDOWS\Prefetch 2010-09-04 10:37:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-04 10:28:57 ----D---- C:\WINDOWS\system32\xircom 2010-09-04 10:28:57 ----D---- C:\Program Files\xerox 2010-09-04 10:28:57 ----D---- C:\Program Files\microsoft frontpage 2010-09-04 10:28:35 ----RASH---- C:\MSDOS.SYS 2010-09-04 10:28:35 ----RASH---- C:\IO.SYS 2010-09-04 10:28:35 ----A---- C:\WINDOWS\control.ini 2010-09-04 10:28:35 ----A---- C:\CONFIG.SYS 2010-09-04 10:28:35 ----A---- C:\AUTOEXEC.BAT 2010-09-04 10:28:19 ----A---- C:\WINDOWS\OEWABLog.txt 2010-09-04 10:28:14 ----A---- C:\WINDOWS\system32\mapi32.dll 2010-09-04 10:27:14 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-04 10:27:14 ----RD---- C:\WINDOWS\Offline Web Pages 2010-09-04 10:27:14 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2010-09-04 10:27:08 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2010-09-04 10:27:03 ----HD---- C:\Program Files\WindowsUpdate 2010-09-04 10:26:59 ----D---- C:\Program Files\Services en ligne 2010-09-04 10:26:44 ----D---- C:\WINDOWS\system32\DirectX 2010-09-04 10:26:29 ----A---- C:\WINDOWS\system32\atrace.dll 2010-09-04 10:26:27 ----A---- C:\WINDOWS\system32\desktop.ini 2010-09-04 10:26:27 ----A---- C:\WINDOWS\desktop.ini 2010-09-04 10:26:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2010-09-04 10:26:21 ----A---- C:\WINDOWS\system32\acctres.dll 2010-09-04 10:26:20 ----D---- C:\Program Files\Fichiers communs\Services 2010-09-04 10:26:19 ----SD---- C:\WINDOWS\Tasks 2010-09-04 10:26:19 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2010-09-04 10:26:18 ----D---- C:\Program Files\Fichiers communs\MSSoap 2010-09-04 10:26:15 ----D---- C:\WINDOWS\srchasst 2010-09-04 10:26:14 ----D---- C:\WINDOWS\system32\Macromed 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuweb.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wucltui.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuauserv.dll 2010-09-04 10:26:12 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wups.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuaueng.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuauclt.exe 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\wuapi.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\qmgr.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2010-09-04 10:26:11 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2010-09-04 10:26:08 ----D---- C:\Program Files\Movie Maker 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrslv.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrdm.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2010-09-04 10:26:05 ----A---- C:\WINDOWS\system32\racpldlg.dll 2010-09-04 10:26:02 ----D---- C:\WINDOWS\system32\Restore 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\fltMc.exe 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\fltlib.dll 2010-09-04 10:26:02 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srsvc.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srrstr.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\srclient.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\mnmdd.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\ils.dll 2010-09-04 10:26:01 ----A---- C:\WINDOWS\system32\drivers\sr.sys 2010-09-04 10:26:00 ----A---- C:\WINDOWS\system32\msconf.dll 2010-09-04 10:26:00 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2010-09-04 10:25:58 ----D---- C:\Program Files\NetMeeting 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\msoert2.dll 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\msoeacct.dll 2010-09-04 10:25:58 ----A---- C:\WINDOWS\system32\inetres.dll 2010-09-04 10:25:57 ----A---- C:\WINDOWS\system32\inetcomm.dll 2010-09-04 10:25:56 ----D---- C:\Program Files\Outlook Express 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\schedsvc.dll 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\mstinit.exe 2010-09-04 10:25:56 ----A---- C:\WINDOWS\system32\mstask.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\isign32.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\inetcfg.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\icwphbk.dll 2010-09-04 10:25:55 ----A---- C:\WINDOWS\system32\icwdial.dll 2010-09-04 10:25:51 ----D---- C:\Program Files\Fichiers communs\System 2010-09-04 10:25:50 ----D---- C:\Program Files\Internet Explorer 2010-09-04 10:25:11 ----D---- C:\Program Files\ComPlus Applications 2010-09-04 10:25:09 ----A---- C:\WINDOWS\vbaddin.ini 2010-09-04 10:25:09 ----A---- C:\WINDOWS\vb.ini 2010-09-04 10:25:05 ----D---- C:\WINDOWS\Registration 2010-09-04 10:24:57 ----D---- C:\Program Files\Windows Media Player 2010-09-04 10:24:57 ----D---- C:\Program Files\Online Services 2010-09-04 10:24:52 ----D---- C:\Program Files\Messenger 2010-09-04 10:24:49 ----D---- C:\Program Files\MSN Gaming Zone 2010-09-04 10:24:49 ----A---- C:\WINDOWS\system32\write.exe 2010-09-04 10:24:43 ----A---- C:\WINDOWS\system32\sndvol32.exe 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\winchat.exe 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\hticons.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avwav.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avtapi.dll 2010-09-04 10:24:42 ----A---- C:\WINDOWS\system32\avmeter.dll 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\getuname.dll 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\charmap.exe 2010-09-04 10:24:37 ----A---- C:\WINDOWS\system32\calc.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\winmine.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tslabels.ini 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\tskill.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\sol.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\reset.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\mshearts.exe 2010-09-04 10:24:36 ----A---- C:\WINDOWS\system32\freecell.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\tscon.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\shadow.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\rwinsta.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\regini.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\qwinsta.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\qappsrv.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\msg.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\logoff.exe 2010-09-04 10:24:35 ----A---- C:\WINDOWS\system32\cdmodem.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\stclient.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxex.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\mtxdm.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comsnap.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comrepl.dll 2010-09-04 10:24:34 ----A---- C:\WINDOWS\system32\comaddin.dll 2010-09-04 10:24:30 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2010-09-04 10:24:22 ----D---- C:\Program Files\MSN 2010-09-04 10:24:22 ----A---- C:\WINDOWS\system32\accwiz.exe 2010-09-04 10:24:21 ----D---- C:\Program Files\Windows NT 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\sndrec32.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\mspaint.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\mplay32.exe 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\hypertrm.dll 2010-09-04 10:24:21 ----A---- C:\WINDOWS\system32\clipbrd.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\spider.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\remotepg.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\rdshost.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\mstscax.dll 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\mstsc.exe 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys 2010-09-04 10:24:20 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys 2010-09-04 10:24:19 ----D---- C:\WINDOWS\system32\MsDtc 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\termsrv.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\sessmgr.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdpclip.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\rdchost.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\qprocess.exe 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\icaapi.dll 2010-09-04 10:24:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\xolehlp.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\mtxoci.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtctm.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtclog.dll 2010-09-04 10:24:18 ----A---- C:\WINDOWS\system32\msdtc.exe 2010-09-04 10:24:17 ----D---- C:\WINDOWS\system32\Com 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\colbact.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\clbcatex.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrvut.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrvps.dll 2010-09-04 10:24:17 ----A---- C:\WINDOWS\system32\catsrv.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\comuid.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\comsvcs.dll 2010-09-04 10:24:16 ----A---- C:\WINDOWS\system32\clbcatq.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\servdeps.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\mmfutil.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\licwmi.dll 2010-09-04 10:24:11 ----A---- C:\WINDOWS\system32\cmprops.dll 2010-09-04 10:24:08 ----A---- C:\WINDOWS\system32\drivers\termdd.sys 2010-09-04 10:24:08 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys ======List of files/folders modified in the last 1 months====== 2010-09-11 23:26:41 ----A---- C:\WINDOWS\win.ini 2010-09-04 12:18:48 ----A---- C:\WINDOWS\system.ini 2010-09-04 10:28:01 ----ASH---- C:\WINDOWS\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 40320] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848] R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-09-07 15424] R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-28 12032] R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-09-07 512096] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224] R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-27 578304] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S0 fcruptv;fcruptv; C:\WINDOWS\System32\drivers\osytrnu.sys [2010-09-14 54016] S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2008-06-06 98816] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-09-07 552064] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- Et enfin le rapport de Info.txt : info.txt logfile of random's system information tool 1.08 2010-09-14 13:32:26 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe AIR-->c:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Broadcom Management Programs-->MsiExec.exe /I{7BB045C3-D5E4-4620-B536-DC11AACD5942} Broadcom NetXtreme Ethernet Controller-->MsiExec.exe /X{F870B987-18BC-45FC-9BE8-35C02DCDA10F} Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8} Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB981350)-->"C:\WINDOWS\$NtUninstallKB981350$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} NOD32 Antivirus System-->C:\Program Files\Eset\Setup\setup.exe /UNINSTALL NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4} Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060} Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F} VLC media player 1.0.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B} ======Security center information====== AV: ESET NOD32 antivirus system 2.70 ======System event log====== Computer Name: USER-C73C03E600 Event Code: 6011 Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers USER-C73C03E600. Record Number: 5 Source Name: EventLog Time Written: 20100904102329.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 2 Message: Pendant la validation de \Device\Serial1 en tant que port série, une FIFO a été détectée. La FIFO sera utilisée. Record Number: 4 Source Name: Serial Time Written: 20100904122107.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 2 Message: Pendant la validation de \Device\Serial0 en tant que port série, une FIFO a été détectée. La FIFO sera utilisée. Record Number: 3 Source Name: Serial Time Written: 20100904121815.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 2 Source Name: EventLog Time Written: 20100904121754.000000+060 Event Type: Informations User: Computer Name: MACHINENAME Event Code: 6009 Message: Microsoft ® Windows ® 5.01. 2600 Service Pack 2 Uniprocessor Free. Record Number: 1 Source Name: EventLog Time Written: 20100904121754.000000+060 Event Type: Informations User: =====Application event log===== Computer Name: USER-C73C03E600 Event Code: 1000 Message: Les compteurs de performances pour le service MSDTC (MSDTC) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 5 Source Name: LoadPerf Time Written: 20100904102500.000000+060 Event Type: Informations User: Computer Name: USER-C73C03E600 Event Code: 1000 Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 4 Source Name: LoadPerf Time Written: 20100904102457.000000+060 Event Type: Informations User: Computer Name: USER-C73C03E600 Event Code: 1000 Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 3 Source Name: LoadPerf Time Written: 20100904102404.000000+060 Event Type: Informations User: Computer Name: USER-C73C03E600 Event Code: 1000 Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 2 Source Name: LoadPerf Time Written: 20100904102339.000000+060 Event Type: Informations User: Computer Name: USER-C73C03E600 Event Code: 1000 Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés. Les données d'enregistrement contiennent les nouvelles valeurs d'index assignées à ce service. Record Number: 1 Source Name: LoadPerf Time Written: 20100904102338.000000+060 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0209 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
  11. Kleen
    Bonjour. Voilà j'ai un petit problème :s Deux virus ( Win32/Packed.Flystudio.P.Gen application et un autre similaire ) ont été récemment détectés par le système. Ils sont mis en quarantaine mais reviennent quand même à chaque fois que ma machine est allumée ( de même qu'un site chinois alors que je n'ouvre point internet :s ). Quand j'ai fait la mise à jour du système il n'a pas détecté les virus au démarrage. J'ai donc fait une analyse avec Nod32 qui me détecte le virus ainsi que ce fameux site qui s'ouvre à la fin de l'analyse O_O ! Je travaille sous XP et voilà mon rapport HijackThis ( PS: Merci de votre aide ) : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:48:16, on 11/09/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\088623\3D3A13.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Eset\nod32.exe C:\Documents and Settings\Administrateur\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing : R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrateur\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: 3D3A13.lnk = C:\WINDOWS\system32\088623\3D3A13.EXE O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 5961 bytes
×
×
  • Créer...