salut cricri 58
voilà rapport findy kill
############################## | FindyKill V5.005 |
User : rozier () # ROZIER-528DC0E8
Update on 27/07/09 by Chiquitine29
Start at: 16:10:41 | 10/08/2009
Internet Explorer 6.0.2900.5512
Windows Firewall Status : Enabled
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
################## | C: |
################## | C:\WINDOWS |
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\rozier\Application Data |
################## | C:\Documents and Settings\rozier\Temporary Internet Files |
-----------\ ToolBar S&D 1.2.8 XP/Vista
( : )
USER : rozier ( Administrator )
“C:\ToolBar SD” ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 10/08/2009|16:45 )
-----------\ Recherche de Fichiers / Dossiers …
-----------\ […\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Start Page”=“http://www.club-internet.fr”
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Default_Page_URL”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome”
“Default_Search_URL”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Search Page”=“http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch”
“Start Page”=“http://www.msn.com/”
--------------------\ Recherche d’autres infections
Aucune autre infection trouvée !
1 - “C:\ToolBar SD\TB_1.txt” - 10/08/2009|16:46 - Option : [2]
-----------\ Fin du rapport a 16:46:25,50
ComboFix 09-08-09.04 - rozier 10/08/2009 16:49.1.1 - NTFSx86 MINIMAL
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.654 [GMT 2:00]
Running from: c:\documents and settings\rozier\Bureau\popo66.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\setup.exe
.
((((((((((((((((((((((((( Files Created from 2009-07-10 to 2009-08-10 )))))))))))))))))))))))))))))))
.
2009-08-10 14:45 . 2009-08-10 14:46 -------- d-----w- C:\ToolBar SD
2009-08-10 14:39 . 2009-08-10 14:39 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-10 14:31 . 2009-08-10 14:31 -------- d-----w- C:_OTMoveIt
2009-08-10 14:26 . 2009-08-10 14:26 -------- d-----w- c:\documents and settings\rozier\Local Settings\Application Data\COMODO
2009-08-10 14:10 . 2009-08-10 14:10 -------- d-----w- C:\FindyKill
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-10 14:53 . 2009-08-10 12:05 466592 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-08-10 14:52 . 2004-08-05 12:00 48616 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-10 14:52 . 2004-08-05 12:00 367658 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-10 13:38 . 2009-08-10 13:38 -------- d-----w- c:\program files\redist
2009-08-10 13:38 . 2009-08-10 13:38 -------- d-----w- c:\program files\readmes
2009-08-10 13:38 . 2009-08-10 13:38 -------- d-----w- c:\program files\licenses
2009-08-10 13:38 . 2009-08-10 13:38 -------- d-----w- c:\program files\java
2009-08-10 13:17 . 2009-08-10 13:17 1961720 ----a-w- c:\documents and settings\rozier\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-08-10 13:16 . 2009-08-10 13:16 -------- d-----w- c:\program files\e-Carte Bleue Banque Populaire
2009-08-10 13:16 . 2009-08-10 13:16 -------- d–h--w- c:\program files\InstallShield Installation Information
2009-08-10 13:06 . 2009-08-10 13:06 0 ----a-w- c:\windows\nsreg.dat
2009-08-10 12:53 . 2009-08-10 12:07 -------- d-----w- c:\program files\Club-Internet
2009-08-10 12:29 . 2009-08-10 12:29 -------- d-----w- c:\program files\Fichiers communs\logishrd
2009-08-10 12:09 . 2009-08-10 12:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2009-08-10 12:07 . 2009-08-10 12:07 -------- d-----w- c:\program files\Common Files
2009-08-10 12:06 . 2009-08-10 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo
2009-08-10 12:06 . 2009-08-10 12:06 12328 ----a-w- c:\documents and settings\rozier\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-10 12:04 . 2009-08-10 12:04 2232 ----a-w- c:\windows\java\Packages\Data\HNPZHFX3.DAT
2009-08-10 12:04 . 2009-08-10 12:04 155995 ----a-w- c:\windows\java\Packages\EZ5N3VNB.ZIP
2009-08-10 12:04 . 2009-08-10 12:04 2678 ----a-w- c:\windows\java\Packages\Data\7B1FXV1N.DAT
2009-08-10 12:04 . 2009-08-10 12:04 2678 ----a-w- c:\windows\java\Packages\Data\E1VHJRFX.DAT
2009-08-10 12:04 . 2009-08-10 12:04 2678 ----a-w- c:\windows\java\Packages\Data\BTZLZVV7.DAT
2009-08-10 12:04 . 2009-08-10 12:04 2678 ----a-w- c:\windows\java\Packages\Data\7XB3TJPV.DAT
2009-08-10 12:04 . 2009-08-10 12:04 2678 ----a-w- c:\windows\java\Packages\Data\QOCP3J7P.DAT
2009-08-10 12:04 . 2009-08-10 12:04 -------- d-----w- c:\program files\BroadJump
2009-08-10 12:00 . 2009-08-10 12:00 -------- d-----w- c:\program files\COMODO
2009-08-10 12:00 . 2009-08-10 12:00 86976 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-08-10 12:00 . 2009-08-10 12:00 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-08-10 12:00 . 2009-08-10 12:00 179792 ----a-w- c:\windows\system32\guard32.dll
2009-08-10 12:00 . 2009-08-10 12:00 132040 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-08-10 11:52 . 2009-08-10 11:52 -------- d-----w- c:\program files\microsoft frontpage
2009-08-10 11:51 . 2009-08-10 11:51 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-08-10 11:50 . 2009-08-10 11:50 -------- d-----w- c:\program files\Services en ligne
2009-08-10 11:49 . 2009-08-10 11:49 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-24 15:13 . 2009-04-24 15:13 128023281 ----a-w- c:\program files\openofficeorg1.cab
2009-04-24 15:13 . 2009-04-24 15:13 9817600 ----a-w- c:\program files\openofficeorg31.msi
2009-04-23 16:47 . 2009-04-23 16:47 336 ----a-w- c:\program files\setup.ini
2002-03-11 09:06 . 2002-03-11 09:06 1822520 ----a-w- c:\program files\instmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45 1708856 ----a-w- c:\program files\instmsia.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“MSMSGS”=“c:\program files\Messenger\msmsgs.exe” [2008-04-14 1695232]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
“TSClientMSIUninstaller”=“c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs” [2007-10-30 13801]
“TSClientAXDisabler”=“c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat” [2008-01-18 2247]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“COMODO Internet Security”=“c:\program files\COMODO\COMODO Internet Security\cfp.exe” [2009-08-10 1793808]
“BJCFD”=“c:\program files\BroadJump\Client Foundation\CFD.exe” [2003-01-27 376912]
“NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-09-17 13574144]
“NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-09-17 86016]
“MSConfig”=“c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe” [2008-04-14 172544]
“nwiz”=“nwiz.exe” - c:\windows\system32\nwiz.exe [2008-09-17 1657376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
“GrpConv”=“grpconv -o” [X]
“OE_WMPWMP7_Install_8”=“c:\windows\system32\wmpshell.dll” [2008-04-14 102400]
“OE_WMPWMP7_Install_9”=“c:\windows\system32\wmpasf.dll” [2008-04-14 114688]
“OE_WMPWMP7_Install_10”=“c:\windows\system32\wmpdxm.dll” [2008-04-14 233472]
“OE_WMPWMP7_Install_11”=“c:\program files\Windows Media Player\mpvis.dll” [2008-04-14 368640]
“OE_WMPWMDM_Install_7”=“c:\windows\system32\mspmsnsv.dll” [2008-04-14 52736]
“OE_WMPWMP7_Install_20”=“c:\windows\INF\unregmp2.exe” [2008-04-14 208896]
“KB923561”=“apphelp.dll” - c:\windows\system32\apphelp.dll [2008-04-14 125952]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
“CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360]
c:\documents and settings\rozier\Menu D?marrer\Programmes\D?marrage
Club Internet.lnk - c:\program files\Club-Internet\Lanceur\lanceur.exe [2005-10-19 5201920]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\windows\system32\guard32.dll
[HKLM~\startupfolder\C:^Documents and Settings^rozier^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
path=c:\documents and settings\rozier\Menu Démarrer\Programmes\Démarrage\Club Internet.lnk
backup=c:\windows\pss\Club Internet.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“xmlprov”=3 (0x3)
“WZCSVC”=2 (0x2)
“wuauserv”=2 (0x2)
“wscsvc”=2 (0x2)
“WmiApSrv”=3 (0x3)
“WmdmPmSN”=3 (0x3)
“winmgmt”=2 (0x2)
“WebClient”=2 (0x2)
“W32Time”=2 (0x2)
“VSS”=3 (0x3)
“UPS”=3 (0x3)
“upnphost”=3 (0x3)
“TrkWks”=2 (0x2)
“Themes”=2 (0x2)
“TermService”=3 (0x3)
“TapiSrv”=3 (0x3)
“SysmonLog”=3 (0x3)
“SwPrv”=3 (0x3)
“stisvc”=2 (0x2)
“SSDPSRV”=3 (0x3)
“srservice”=2 (0x2)
“Spooler”=2 (0x2)
“ShellHWDetection”=2 (0x2)
“SharedAccess”=2 (0x2)
“SENS”=2 (0x2)
“seclogon”=2 (0x2)
“Schedule”=2 (0x2)
“SCardSvr”=3 (0x3)
“SamSs”=2 (0x2)
“RSVP”=3 (0x3)
“RDSessMgr”=3 (0x3)
“RasMan”=3 (0x3)
“RasAuto”=3 (0x3)
“ProtectedStorage”=2 (0x2)
“PolicyAgent”=2 (0x2)
“PlugPlay”=2 (0x2)
“NVSvc”=2 (0x2)
“NtmsSvc”=3 (0x3)
“NtLmSsp”=3 (0x3)
“Nla”=3 (0x3)
“Netman”=3 (0x3)
“Netlogon”=3 (0x3)
“MSIServer”=3 (0x3)
“MSDTC”=3 (0x3)
“mnmsrvc”=3 (0x3)
“LmHosts”=2 (0x2)
“lanmanworkstation”=2 (0x2)
“lanmanserver”=2 (0x2)
“ImapiService”=3 (0x3)
“HTTPFilter”=3 (0x3)
“helpsvc”=2 (0x2)
“FastUserSwitchingCompatibility”=3 (0x3)
“EventSystem”=3 (0x3)
“Eventlog”=2 (0x2)
“ERSvc”=2 (0x2)
“Dnscache”=2 (0x2)
“dmserver”=3 (0x3)
“dmadmin”=3 (0x3)
“Dhcp”=2 (0x2)
“CryptSvc”=3 (0x3)
“COMSysApp”=3 (0x3)
“cmdAgent”=2 (0x2)
“CiSvc”=3 (0x3)
“Browser”=2 (0x2)
“BITS”=3 (0x3)
“AudioSrv”=2 (0x2)
“AppMgmt”=3 (0x3)
“ALG”=3 (0x3)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
“c:\Program Files\Messenger\msmsgs.exe”=
“%windir%\Network Diagnostic\xpnetdiag.exe”=
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [10/08/2009 14:00 132040]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [10/08/2009 14:00 25160]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [10/08/2009 14:33 26488]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;c:\windows\system32\drivers\usb8023.sys [05/08/2004 14:00 12800]
.
HKLM-RunOnce- - (no file)
.
------- Supplementary Scan -------
.
uStart Page = www.club-internet.fr…
mWindow Title =
uInternet Settings,ProxyOverride = 127.0.0.1
DPF: Microsoft XML Parser for Java - [c:\windows\Java\classes\xmldso.cab…](file://c:\windows\Java\classes\xmldso.cab)
FF - ProfilePath - c:\documents and settings\rozier\Application Data\Mozilla\Firefox\Profiles\6t96ewfx.default
FF - prefs.js: browser.startup.homepage - www.club-internet.fr…
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“media.enforce_same_site_origin”, false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“media.cache_size”, 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“media.ogg.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“media.wave.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“media.autoplay.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“browser.urlbar.autocomplete.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“capability.policy.mailnews.*.wholeText”, “noAccess”);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“dom.storage.default_quota”, 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“content.sink.event_probe_rate”, 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.http.prompt-temp-redirect”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“layout.css.dpi”, -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“layout.css.devPixelsPerPx”, -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“gestures.enable_single_finger_input”, true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“dom.max_chrome_script_run_time”, 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“network.tcp.sendbuffer”, 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref(“geo.enabled”, true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref(“security.remember_cert_checkbox_default_setting”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref(“browser.search.param.yahoo-fr”, “moz35”);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref(“browser.search.param.yahoo-fr-cjkt”, “moz35”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“extensions.blocklist.level”, 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.urlbar.restrict.typed”, “~”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.urlbar.default.behavior”, 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.history”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.formdata”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.passwords”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.downloads”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.cookies”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.cache”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.sessions”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.offlineApps”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.clearOnShutdown.siteSettings”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.history”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.formdata”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.passwords”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.downloads”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.cookies”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.cache”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.sessions”, true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.offlineApps”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.cpd.siteSettings”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“privacy.sanitize.migrateFx3Prefs”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.ssl_override_behavior”, 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“security.alternate_certificate_error_page”, “certerror”);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.privatebrowsing.autostart”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“browser.privatebrowsing.dont_prompt_on_enter”, false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref(“geo.wifi.uri”, “https://www.google.com/loc/json”);
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, www.gmer.net…
Rootkit scan 2009-08-10 16:55
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully
hidden files: 0
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”="@c:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
“Enabled”=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@=“c:\WINDOWS\system32\Macromed\Flash\FlashUtil10c.exe”
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker3”
[HKEY_LOCAL_MACHINE\software\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
“Version”=“1.0”
.
--------------------- DLLs Loaded Under Running Processes ---------------------
-
-
-
-
-
-
-
‘explorer.exe’(2008)
c:\windows\system32\eappprxy.dll
.
Completion time: 2009-08-10 16:57 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-10 14:57
Pre-Run: 154 858 106 880 octets libres
Post-Run: 154 842 738 688 octets libres
272 — E O F — 2009-08-10 14:00
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
Affichage des fichiers cachés : OK
Mode sans echec : OK
Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
(!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.005 ! |
mbam ne peut se mettre à jour (pas de connexion internet). de plus mode sans echec en permancence sinon cela ne marche pas. de toute façon mbam à jour ne l’avait pas detecté vendredi.
je te signale que j’avais fait un formatage car mon ordin ne redemarrait pas . J’ai réinstallé xp pack 2 et quand il s’est mis à jour en sp3 autorité nt system a recommencé. Belle merde.
merci de regarder
Voici les 2 rapports de RSIT
info.txt logfile of random’s system information tool 1.06 2009-08-10 17:12:57
======Uninstall list======
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
COMODO Internet Security–>C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -u
Configurateur Modem–>“C:\Program Files\Club-Internet\Assistance\uninstall.exe”
Correctif pour Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
e-Carte Bleue Banque Populaire–>“C:\Program Files\InstallShield Installation Information{B0900CB5-8EC0-43B4-9DAC-A32FE52DC864}\setup.exe” -runfromtemp -l0x040c -removeonly
FindyKill–>C:\FindyKill\Uninstal.exe
Kit Club Internet V6–>“C:\Program Files\Club-Internet\Lanceur\uninstall.exe”
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB938464-v2)–>“C:\WINDOWS$NtUninstallKB938464-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961371)–>“C:\WINDOWS$NtUninstallKB961371$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961501)–>“C:\WINDOWS$NtUninstallKB961501$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB968537)–>“C:\WINDOWS$NtUninstallKB968537$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB970238)–>“C:\WINDOWS$NtUninstallKB970238$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971633)–>“C:\WINDOWS$NtUninstallKB971633$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB972260)–>“C:\WINDOWS$NtUninstallKB972260$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973346)–>“C:\WINDOWS$NtUninstallKB973346$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB955839)–>“C:\WINDOWS$NtUninstallKB955839$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Mozilla Firefox (3.5.2)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers–>C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Windows XP Service Pack 3–>“C:\WINDOWS$NtServicePackUninstall$\spuninst\spuninst.exe”
======Security center information======
AV: COMODO Antivirus
FW: COMODO Firewall
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=15
“PROCESSOR_IDENTIFIER”=x86 Family 15 Model 44 Stepping 2, AuthenticAMD
“PROCESSOR_REVISION”=2c02
“NUMBER_OF_PROCESSORS”=1
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“SAFEBOOT_OPTION”=MINIMAL
-----------------EOF-----------------
Logfile of random’s system information tool 1.06 (written by random/random)
Run by rozier at 2009-08-10 17:12:52
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 148 GB (97%) free of 153 GB
Total RAM: 767 MB (81% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“COMODO Internet Security”=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-08-10 1793808]
“BJCFD”=C:\Program Files\BroadJump\Client Foundation\CFD.exe [2003-01-27 376912]
“NvCplDaemon”=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
“nwiz”=nwiz.exe /install []
“NvMediaCenter”=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
“MSConfig”=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 172544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“OE_WMPWMP7_Install_8”=C:\WINDOWS\system32\regsvr32 /s C:\WINDOWS\system32\wmpshell.dll []
“OE_WMPWMP7_Install_9”=C:\WINDOWS\system32\regsvr32 /s C:\WINDOWS\system32\wmpasf.dll []
“OE_WMPWMP7_Install_10”=C:\WINDOWS\system32\regsvr32 /s C:\WINDOWS\system32\wmpdxm.dll []
“OE_WMPWMP7_Install_11”=C:\WINDOWS\system32\regsvr32 /s C:\Program Files\Windows Media Player\mpvis.dll []
“OE_WMPWMDM_Install_7”=C:\WINDOWS\system32\regsvr32 /s C:\WINDOWS\system32\mspmsnsv.dll []
“OE_WMPWMP7_Install_20”=C:\WINDOWS\INF\unregmp2.exe [2008-04-14 208896]
“KB923561”=apphelp.dll,ShimFlushCache []
“”= []
“GrpConv”=grpconv -o []
“Malwarebytes’ Anti-Malware”=C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe [2009-08-03 419088]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“MSMSGS”=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
“TSClientMSIUninstaller”=cmd.exe /C cscript C:\WINDOWS\Installer\TSClientMsiTrans\tscuinst.vbs []
“TSClientAXDisabler”=cmd.exe /C C:\WINDOWS\Installer\TSClientMsiTrans\tscdsbl.bat []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^rozier^Menu Démarrer^Programmes^Démarrage^Club Internet.lnk]
C:\PROGRA~1\CLUB-I~1\Lanceur\lanceur.exe [2005-10-19 5201920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
“xmlprov”=3
“WZCSVC”=2
“wuauserv”=2
“wscsvc”=2
“WmiApSrv”=3
“WmdmPmSN”=3
“winmgmt”=2
“WebClient”=2
“W32Time”=2
“VSS”=3
“UPS”=3
“upnphost”=3
“TrkWks”=2
“Themes”=2
“TermService”=3
“TapiSrv”=3
“SysmonLog”=3
“SwPrv”=3
“stisvc”=2
“SSDPSRV”=3
“srservice”=2
“Spooler”=2
“ShellHWDetection”=2
“SharedAccess”=2
“SENS”=2
“seclogon”=2
“Schedule”=2
“SCardSvr”=3
“SamSs”=2
“RSVP”=3
“RDSessMgr”=3
“RasMan”=3
“RasAuto”=3
“ProtectedStorage”=2
“PolicyAgent”=2
“PlugPlay”=2
“NVSvc”=2
“NtmsSvc”=3
“NtLmSsp”=3
“Nla”=3
“Netman”=3
“Netlogon”=3
“MSIServer”=3
“MSDTC”=3
“mnmsrvc”=3
“LmHosts”=2
“lanmanworkstation”=2
“lanmanserver”=2
“ImapiService”=3
“HTTPFilter”=3
“helpsvc”=2
“FastUserSwitchingCompatibility”=3
“EventSystem”=3
“Eventlog”=2
“ERSvc”=2
“Dnscache”=2
“dmserver”=3
“dmadmin”=3
“Dhcp”=2
“CryptSvc”=3
“COMSysApp”=3
“cmdAgent”=2
“CiSvc”=3
“Browser”=2
“BITS”=3
“AudioSrv”=2
“AppMgmt”=3
“ALG”=3
C:\Documents and Settings\rozier\Menu Démarrer\Programmes\Démarrage
Club Internet.lnk - C:\Program Files\Club-Internet\Lanceur\lanceur.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=“C:\WINDOWS\system32\guard32.dll”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=323
“NoDriveAutoRun”=67108863
“NoDrives”=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
“NoDriveAutoRun”=
“NoDriveTypeAutoRun”=
“NoDrives”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Messenger\msmsgs.exe”="C:\Program Files\Messenger\msmsgs.exe::Enabled:Windows Messenger"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
======File associations======
.scr - config - “%1” /S
======List of files/folders created in the last 1 months======
2009-08-10 17:12:55 ----D---- C:\Program Files\trend micro
2009-08-10 17:12:52 ----D---- C:\rsit
2009-08-10 16:59:38 ----A---- C:\WINDOWS\resetlog.txt
2009-08-10 16:59:10 ----D---- C:\Documents and Settings\rozier\Application Data\Malwarebytes
2009-08-10 16:59:03 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-08-10 16:59:03 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-08-10 16:57:41 ----D---- C:\WINDOWS\temp
2009-08-10 16:57:38 ----A---- C:\ComboFix.txt
2009-08-10 16:48:17 ----A---- C:\WINDOWS\zip.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\SWSC.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\SWREG.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\sed.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\PEV.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\NIRCMD.exe
2009-08-10 16:48:17 ----A---- C:\WINDOWS\grep.exe
2009-08-10 16:48:14 ----D---- C:\WINDOWS\ERDNT
2009-08-10 16:48:11 ----D---- C:\Qoobox
2009-08-10 16:45:51 ----A---- C:\TB.txt
2009-08-10 16:45:22 ----D---- C:\ToolBar SD
2009-08-10 16:31:45 ----D---- C:_OTMoveIt
2009-08-10 16:10:40 ----A---- C:\FindyKill.txt
2009-08-10 16:10:25 ----D---- C:\FindyKill
2009-08-10 16:05:07 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-10 15:59:42 ----HDC---- C:\WINDOWS$NtUninstallKB952004$
2009-08-10 15:59:27 ----HDC---- C:\WINDOWS$NtUninstallKB951748$
2009-08-10 15:59:12 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2$
2009-08-10 15:58:55 ----HDC---- C:\WINDOWS$NtUninstallKB951066$
2009-08-10 15:58:39 ----HDC---- C:\WINDOWS$NtUninstallKB950974$
2009-08-10 15:58:23 ----HDC---- C:\WINDOWS$NtUninstallKB950762$
2009-08-10 15:57:56 ----HDC---- C:\WINDOWS$NtUninstallKB946648$
2009-08-10 15:56:09 ----HDC---- C:\WINDOWS$NtUninstallKB938464-v2$
2009-08-10 15:55:53 ----HDC---- C:\WINDOWS$NtUninstallKB923561$
2009-08-10 15:55:50 ----D---- C:\WINDOWS\LastGood.Tmp
2009-08-10 15:52:13 ----D---- C:\WINDOWS\system32\fr-fr
2009-08-10 15:52:12 ----D---- C:\WINDOWS\l2schemas
2009-08-10 15:52:11 ----D---- C:\WINDOWS\system32\fr
2009-08-10 15:52:11 ----D---- C:\WINDOWS\system32\bits
2009-08-10 15:50:32 ----D---- C:\WINDOWS\ServicePackFiles
2009-08-10 15:48:33 ----D---- C:\WINDOWS\network diagnostic
2009-08-10 15:46:11 ----A---- C:\WINDOWS\system32\h323log.txt
2009-08-10 15:44:34 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-08-10 15:44:10 ----HDC---- C:\WINDOWS$NtServicePackUninstall$
2009-08-10 15:44:09 ----D---- C:\WINDOWS\EHome
2009-08-10 15:43:37 ----A---- C:\WINDOWS\system32\usbui.dll
2009-08-10 15:42:29 ----SHD---- C:\WINDOWS\Installer
2009-08-10 15:42:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-10 15:42:28 ----A---- C:\WINDOWS\ODBCINST.INI
2009-08-10 15:42:25 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-08-10 15:42:24 ----RD---- C:\Program Files
2009-08-10 15:42:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-08-10 15:42:24 ----D---- C:\Program Files\Fichiers communs
2009-08-10 15:42:21 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-08-10 15:42:21 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-08-10 15:42:20 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-08-10 15:42:18 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-08-10 15:42:17 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-08-10 15:42:15 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-08-10 15:42:13 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-08-10 15:42:13 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-08-10 15:42:13 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-08-10 15:42:13 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-08-10 15:42:13 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-08-10 15:42:11 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-08-10 15:42:11 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-08-10 15:42:11 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-08-10 15:42:11 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-08-10 15:42:10 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-08-10 15:42:08 ----A---- C:\WINDOWS\system32\irclass.dll
2009-08-10 15:42:07 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-08-10 15:42:07 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-08-10 15:42:07 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-08-10 15:42:07 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-08-10 15:42:04 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-08-10 15:42:04 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-08-10 15:42:04 ----A---- C:\WINDOWS\system32\batt.dll
2009-08-10 15:42:03 ----A---- C:\WINDOWS\notepad.exe
2009-08-10 15:42:02 ----A---- C:\WINDOWS\system32\storprop.dll
2009-08-10 15:41:54 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-08-10 15:41:49 ----RA---- C:\WINDOWS\SET8.tmp
2009-08-10 15:41:47 ----RA---- C:\WINDOWS\SET4.tmp
2009-08-10 15:41:45 ----RA---- C:\WINDOWS\SET3.tmp
2009-08-10 15:41:40 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-10 15:41:40 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-10 15:41:34 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-08-10 15:40:45 ----A---- C:\WINDOWS\setuplog.txt
2009-08-10 15:40:41 ----SHD---- C:\System Volume Information
2009-08-10 15:40:41 ----D---- C:\Documents and Settings
2009-08-10 15:38:44 ----D---- C:\Program Files\redist
2009-08-10 15:38:44 ----D---- C:\Program Files\readmes
2009-08-10 15:38:44 ----D---- C:\Program Files\licenses
2009-08-10 15:38:44 ----D---- C:\Program Files\java
2009-08-10 15:37:55 ----SH---- C:\boot.ini
2009-08-10 15:35:22 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2_0$
2009-08-10 15:35:09 ----HDC---- C:\WINDOWS$NtUninstallKB952954_0$
2009-08-10 15:34:53 ----HDC---- C:\WINDOWS$NtUninstallKB959426$
2009-08-10 15:34:36 ----HDC---- C:\WINDOWS$NtUninstallKB946648_0$
2009-08-10 15:34:22 ----HDC---- C:\WINDOWS$NtUninstallKB956803$
2009-08-10 15:34:09 ----HDC---- C:\WINDOWS$NtUninstallKB955839$
2009-08-10 15:33:16 ----HDC---- C:\WINDOWS$NtUninstallKB972260$
2009-08-10 15:32:57 ----HDC---- C:\WINDOWS$NtUninstallKB950974_0$
2009-08-10 15:32:46 ----HDC---- C:\WINDOWS$NtUninstallKB960225$
2009-08-10 15:32:35 ----HDC---- C:\WINDOWS$NtUninstallKB973346$
2009-08-10 15:31:47 ----HDC---- C:\WINDOWS$NtUninstallKB956572$
2009-08-10 15:31:31 ----HDC---- C:\WINDOWS$NtUninstallKB961501$
2009-08-10 15:31:14 ----HDC---- C:\WINDOWS$NtUninstallKB938464-v2_0$
2009-08-10 15:31:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-10 15:31:13 ----RSD---- C:\WINDOWS\Fonts
2009-08-10 15:31:13 ----RD---- C:\WINDOWS\Web
2009-08-10 15:31:13 ----HD---- C:\WINDOWS\inf
2009-08-10 15:31:13 ----D---- C:\WINDOWS\WinSxS
2009-08-10 15:31:13 ----D---- C:\WINDOWS\twain_32
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\wins
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\wbem
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\usmt
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\spool
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\ShellExt
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\Setup
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\ras
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\oobe
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\npp
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\mui
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\inetsrv
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\IME
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\icsxml
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\ias
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\export
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\drivers
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\dhcp
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\config
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\3com_dmi
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\3076
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\2052
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1054
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1042
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1041
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1037
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1036
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1033
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1031
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1028
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32\1025
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system32
2009-08-10 15:31:13 ----D---- C:\WINDOWS\system
2009-08-10 15:31:13 ----D---- C:\WINDOWS\security
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Resources
2009-08-10 15:31:13 ----D---- C:\WINDOWS\repair
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Provisioning
2009-08-10 15:31:13 ----D---- C:\WINDOWS\PeerNet
2009-08-10 15:31:13 ----D---- C:\WINDOWS\pchealth
2009-08-10 15:31:13 ----D---- C:\WINDOWS\mui
2009-08-10 15:31:13 ----D---- C:\WINDOWS\msapps
2009-08-10 15:31:13 ----D---- C:\WINDOWS\msagent
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Media
2009-08-10 15:31:13 ----D---- C:\WINDOWS\java
2009-08-10 15:31:13 ----D---- C:\WINDOWS\ime
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Help
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Driver Cache
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Debug
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Cursors
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Connection Wizard
2009-08-10 15:31:13 ----D---- C:\WINDOWS\Config
2009-08-10 15:31:13 ----D---- C:\WINDOWS\AppPatch
2009-08-10 15:31:13 ----D---- C:\WINDOWS\addins
2009-08-10 15:31:13 ----D---- C:\WINDOWS
2009-08-10 15:31:00 ----HDC---- C:\WINDOWS$NtUninstallKB971633$
2009-08-10 15:30:46 ----HDC---- C:\WINDOWS$NtUninstallKB952069_WM9$
2009-08-10 15:30:30 ----HDC---- C:\WINDOWS$NtUninstallKB952004_0$
2009-08-10 15:30:18 ----HDC---- C:\WINDOWS$NtUninstallKB950762_0$
2009-08-10 15:30:00 ----HDC---- C:\WINDOWS$NtUninstallKB957097$
2009-08-10 15:29:48 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-08-10 15:29:36 ----HDC---- C:\WINDOWS$NtUninstallKB952287$
2009-08-10 15:29:07 ----HDC---- C:\WINDOWS$NtUninstallKB967715$
2009-08-10 15:28:52 ----HDC---- C:\WINDOWS$NtUninstallKB951066_0$
2009-08-10 15:28:12 ----HDC---- C:\WINDOWS$NtUninstallKB951748_0$
2009-08-10 15:28:03 ----HDC---- C:\WINDOWS$NtUninstallKB970238$
2009-08-10 15:27:55 ----HDC---- C:\WINDOWS$NtUninstallKB960803$
2009-08-10 15:27:15 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-10 15:26:52 ----HDC---- C:\WINDOWS$NtUninstallKB968537$
2009-08-10 15:26:44 ----HDC---- C:\WINDOWS$NtUninstallKB954600$
2009-08-10 15:26:36 ----HDC---- C:\WINDOWS$NtUninstallKB958644$
2009-08-10 15:26:27 ----HDC---- C:\WINDOWS$NtUninstallKB961371$
2009-08-10 15:26:18 ----HDC---- C:\WINDOWS$NtUninstallKB955069$
2009-08-10 15:26:09 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2009-08-10 15:25:56 ----HDC---- C:\WINDOWS$NtUninstallKB944338-v2$
2009-08-10 15:25:41 ----HDC---- C:\WINDOWS$NtUninstallKB923561_0$
2009-08-10 15:17:13 ----D---- C:\Documents and Settings\rozier\Application Data\Adobe
2009-08-10 15:16:07 ----D---- C:\Program Files\e-Carte Bleue Banque Populaire
2009-08-10 15:16:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-10 15:06:27 ----D---- C:\Documents and Settings\rozier\Application Data\Mozilla
2009-08-10 15:06:19 ----D---- C:\Program Files\Mozilla Firefox
2009-08-10 15:00:16 ----D---- C:\WINDOWS\pss
2009-08-10 14:57:51 ----D---- C:\Documents and Settings\rozier\Application Data\Macromedia
2009-08-10 14:41:47 ----D---- C:\WINDOWS\nview
2009-08-10 14:41:42 ----A---- C:\WINDOWS\system32\nvuninst.exe
2009-08-10 14:41:35 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-08-10 14:39:53 ----A---- C:\WINDOWS\cfplogvw.INI
2009-08-10 14:37:37 ----A---- C:\WINDOWS\system32\wpa.bak
2009-08-10 14:33:43 ----D---- C:\WINDOWS\system32\PreInstall
2009-08-10 14:33:43 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-08-10 14:33:42 ----HDC---- C:\WINDOWS$NtUninstallKB898461$
2009-08-10 14:33:42 ----HD---- C:\WINDOWS$hf_mig$
2009-08-10 14:33:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-08-10 14:33:11 ----HDC---- C:\WINDOWS$MSI31Uninstall_KB893803v2$
2009-08-10 14:29:51 ----D---- C:\Program Files\Fichiers communs\logishrd
2009-08-10 14:29:43 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-08-10 14:27:49 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-08-10 14:09:05 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2009-08-10 14:09:03 ----A---- C:\WINDOWS\system32\W32n50.dll
2009-08-10 14:08:14 ----D---- C:\WINDOWS\Motive
2009-08-10 14:07:58 ----D---- C:\Program Files\Common Files
2009-08-10 14:07:22 ----D---- C:\Program Files\Club-Internet
2009-08-10 14:04:29 ----A---- C:\WINDOWS\system32\jit.dll
2009-08-10 14:04:29 ----A---- C:\WINDOWS\setdebug.exe
2009-08-10 14:04:28 ----A---- C:\WINDOWS\system32\javaee.dll
2009-08-10 14:04:28 ----A---- C:\WINDOWS\system32\dx3j.dll
2009-08-10 14:04:25 ----A---- C:\WINDOWS\system32\wjview.exe
2009-08-10 14:04:25 ----A---- C:\WINDOWS\system32\vmhelper.dll
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\msjdbc10.dll
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\msjava.dll
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\msawt.dll
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\jview.exe
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\jdbgmgr.exe
2009-08-10 14:04:24 ----A---- C:\WINDOWS\system32\javart.dll
2009-08-10 14:04:23 ----A---- C:\WINDOWS\system32\javaprxy.dll
2009-08-10 14:04:23 ----A---- C:\WINDOWS\system32\javacypt.dll
2009-08-10 14:04:23 ----A---- C:\WINDOWS\system32\clspack.exe
2009-08-10 14:04:05 ----A---- C:\WINDOWS\system32\ssleay32_1-1-0_DDR.dll
2009-08-10 14:04:04 ----A---- C:\WINDOWS\system32\xerces-c_1_40_0_DDR.dll
2009-08-10 14:04:04 ----A---- C:\WINDOWS\system32\stlport_4_0_0_DDR.dll
2009-08-10 14:04:04 ----A---- C:\WINDOWS\system32\libeay32_1-1-0_DDR.dll
2009-08-10 14:04:04 ----A---- C:\WINDOWS\system32\BJBase_2-2-2_DDR.dll
2009-08-10 14:04:00 ----D---- C:\Program Files\BroadJump
2009-08-10 14:03:59 ----A---- C:\WINDOWS\IsUninst.exe
2009-08-10 14:00:53 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2009-08-10 14:00:52 ----A---- C:\WINDOWS\system32\guard32.dll
2009-08-10 14:00:48 ----D---- C:\Program Files\COMODO
2009-08-10 13:56:43 ----D---- C:\Documents and Settings\rozier\Application Data\Identities
2009-08-10 13:56:37 ----ASH---- C:\Documents and Settings\rozier\Application Data\desktop.ini
2009-08-10 13:56:36 ----SD---- C:\Documents and Settings\rozier\Application Data\Microsoft
2009-08-10 13:55:39 ----D---- C:\WINDOWS\SoftwareDistribution
2009-08-10 13:55:38 ----SD---- C:\WINDOWS\system32\Microsoft
2009-08-10 13:55:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-10 13:52:33 ----D---- C:\WINDOWS\system32\xircom
2009-08-10 13:52:33 ----D---- C:\Program Files\xerox
2009-08-10 13:52:33 ----D---- C:\Program Files\microsoft frontpage
2009-08-10 13:52:20 ----A---- C:\WINDOWS\control.ini
2009-08-10 13:52:20 ----A---- C:\AUTOEXEC.BAT
2009-08-10 13:52:04 ----A---- C:\WINDOWS\OEWABLog.txt
2009-08-10 13:51:59 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-08-10 13:51:14 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-10 13:51:14 ----RD---- C:\WINDOWS\Offline Web Pages
2009-08-10 13:51:14 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-08-10 13:51:08 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-08-10 13:50:59 ----D---- C:\Program Files\Services en ligne
2009-08-10 13:50:40 ----D---- C:\WINDOWS\system32\DirectX
2009-08-10 13:50:16 ----A---- C:\WINDOWS\system32\atrace.dll
2009-08-10 13:50:13 ----A---- C:\WINDOWS\system32\desktop.ini
2009-08-10 13:50:13 ----A---- C:\WINDOWS\desktop.ini
2009-08-10 13:50:05 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-08-10 13:50:03 ----D---- C:\Program Files\Fichiers communs\Services
2009-08-10 13:50:03 ----A---- C:\WINDOWS\system32\acctres.dll
2009-08-10 13:49:59 ----SD---- C:\WINDOWS\Tasks
2009-08-10 13:49:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-08-10 13:49:58 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-08-10 13:49:54 ----D---- C:\WINDOWS\srchasst
2009-08-10 13:49:53 ----D---- C:\WINDOWS\system32\Macromed
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wups.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-08-10 13:49:49 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-08-10 13:49:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-08-10 13:49:43 ----D---- C:\Program Files\Movie Maker
2009-08-10 13:49:39 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-08-10 13:49:39 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-08-10 13:49:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-08-10 13:49:39 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-08-10 13:49:35 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-08-10 13:49:35 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-08-10 13:49:34 ----D---- C:\WINDOWS\system32\Restore
2009-08-10 13:49:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-08-10 13:49:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-08-10 13:49:34 ----A---- C:\WINDOWS\system32\srclient.dll
2009-08-10 13:49:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-08-10 13:49:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-08-10 13:49:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-08-10 13:49:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-08-10 13:49:33 ----A---- C:\WINDOWS\system32\ils.dll
2009-08-10 13:49:32 ----A---- C:\WINDOWS\system32\msconf.dll
2009-08-10 13:49:29 ----D---- C:\Program Files\NetMeeting
2009-08-10 13:49:29 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-08-10 13:49:29 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-08-10 13:49:28 ----A---- C:\WINDOWS\system32\inetres.dll
2009-08-10 13:49:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-08-10 13:49:25 ----D---- C:\Program Files\Outlook Express
2009-08-10 13:49:25 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-08-10 13:49:25 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-08-10 13:49:25 ----A---- C:\WINDOWS\system32\mstask.dll
2009-08-10 13:49:24 ----A---- C:\WINDOWS\system32\isign32.dll
2009-08-10 13:49:24 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-08-10 13:49:24 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-08-10 13:49:24 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-08-10 13:49:17 ----D---- C:\Program Files\Fichiers communs\System
2009-08-10 13:49:16 ----D---- C:\Program Files\Internet Explorer
2009-08-10 13:49:01 ----A---- C:\WINDOWS\vbaddin.ini
2009-08-10 13:49:01 ----A---- C:\WINDOWS\vb.ini
2009-08-10 13:48:56 ----D---- C:\WINDOWS\Registration
2009-08-10 13:48:23 ----D---- C:\Program Files\Windows Media Player
2009-08-10 13:48:23 ----D---- C:\Program Files\Online Services
2009-08-10 13:48:18 ----D---- C:\Program Files\Messenger
2009-08-10 13:48:14 ----D---- C:\Program Files\MSN Gaming Zone
2009-08-10 13:48:14 ----A---- C:\WINDOWS\system32\write.exe
2009-08-10 13:48:03 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-08-10 13:48:03 ----A---- C:\WINDOWS\system32\hticons.dll
2009-08-10 13:48:02 ----A---- C:\WINDOWS\system32\winchat.exe
2009-08-10 13:48:02 ----A---- C:\WINDOWS\system32\avwav.dll
2009-08-10 13:48:02 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-08-10 13:48:02 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-08-10 13:47:52 ----A---- C:\WINDOWS\system32\getuname.dll
2009-08-10 13:47:52 ----A---- C:\WINDOWS\system32\charmap.exe
2009-08-10 13:47:52 ----A---- C:\WINDOWS\system32\calc.exe
2009-08-10 13:47:51 ----A---- C:\WINDOWS\system32\winmine.exe
2009-08-10 13:47:51 ----A---- C:\WINDOWS\system32\sol.exe
2009-08-10 13:47:51 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-08-10 13:47:51 ----A---- C:\WINDOWS\system32\freecell.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\tskill.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\tscon.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\shadow.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\reset.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\regini.exe
2009-08-10 13:47:50 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\msg.exe
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\logoff.exe
2009-08-10 13:47:49 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-08-10 13:47:48 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-08-10 13:47:47 ----A---- C:\WINDOWS\system32\stclient.dll
2009-08-10 13:47:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-08-10 13:47:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-08-10 13:47:31 ----D---- C:\Program Files\MSN
2009-08-10 13:47:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-08-10 13:47:29 ----D---- C:\Program Files\Windows NT
2009-08-10 13:47:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-08-10 13:47:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-08-10 13:47:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-08-10 13:47:28 ----A---- C:\WINDOWS\system32\spider.exe
2009-08-10 13:47:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-08-10 13:47:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-08-10 13:47:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-08-10 13:47:27 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-08-10 13:47:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-08-10 13:47:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-08-10 13:47:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-08-10 13:47:25 ----D---- C:\WINDOWS\system32\MsDtc
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-08-10 13:47:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-08-10 13:47:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-08-10 13:47:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-08-10 13:47:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-08-10 13:47:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-08-10 13:47:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-08-10 13:47:23 ----D---- C:\WINDOWS\system32\Com
2009-08-10 13:47:23 ----A---- C:\WINDOWS\system32\colbact.dll
2009-08-10 13:47:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-08-10 13:47:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-08-10 13:47:22 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-08-10 13:47:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-08-10 13:47:22 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-08-10 13:47:21 ----A---- C:\WINDOWS\system32\comuid.dll
2009-08-10 13:47:21 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-08-10 13:47:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-08-10 13:47:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-08-10 13:47:15 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-08-10 13:47:15 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2009-08-10 16:55:30 ----A---- C:\WINDOWS\system.ini
2009-08-10 15:50:04 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-08-10 132040]
S1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-08-10 25160]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
S3 catchme;catchme; ??\C:\popo66\catchme.sys []
S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2007-02-03 41504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2007-08-10 26488]
S4 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2009-08-10 707152]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
-----------------EOF-----------------
