Voici mon rapport
reda8182
-
Xplode Messages postés 9212 Statut Contributeur sécurité -
Xplode Messages postés 9212 Statut Contributeur sécurité -
Bonjour,
Logfile of random's system information tool 1.06 (written by random/random)
Run by medjeroub receptionn at 2009-10-10 15:12:21
Microsoft Windows XP Professionnel Service Pack 2
System drive E: has 67 GB (91%) free of 74 GB
Total RAM: 895 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:28:26, on 10/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Google\Update\GoogleUpdate.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
E:\WINDOWS\system32\dwwin.exe
E:\Documents and Settings\tazebama.dl_
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
E:\WINDOWS\TEMP\winordq.exe
E:\Documents and Settings\medjeroub receptionn\Bureau\RSIT.exe
E:\Program Files\trend micro\medjeroub receptionn.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Démarrage .exe (User 'Default user')
O4 - .DEFAULT User Startup: RecycleBinProtect.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: QLink.lnk = E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
--
End of file - 2876 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-22 18749440]
"UserFaultCheck"=E:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
QLink.lnk - E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
E:\Documents and Settings\medjeroub receptionn\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\zPharaoh.exe"="G:\zPharaoh.exe:*:Enabled:ipsec"
"E:\WINDOWS\Explorer.EXE"="E:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"E:\Documents and Settings\medjeroub receptionn\Bureau\mourad\DEMANDE D.doc .exe"="E:\Documents and Settings\medjeroub receptionn\Bureau\mourad\DEMANDE D.doc .exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\ehvt.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\ehvt.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\afcq.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\afcq.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\wineeamll.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\wineeamll.exe:*:Enabled:ipsec"
"E:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE"="E:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE:*:Enabled:ipsec"
"E:\Program Files\Messenger\msmsgs.exe"="E:\Program Files\Messenger\msmsgs.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\rgunm.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\rgunm.exe:*:Enabled:ipsec"
"E:\Program Files\Google\Update\GoogleUpdate.exe"="E:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\xwbjba.exe"="E:\WINDOWS\TEMP\xwbjba.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winxyiq.exe"="E:\WINDOWS\TEMP\winxyiq.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winfacw.exe"="E:\WINDOWS\TEMP\winfacw.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\njfuf.exe"="E:\WINDOWS\TEMP\njfuf.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winyosysi.exe"="E:\WINDOWS\TEMP\winyosysi.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\owstg.exe"="E:\WINDOWS\TEMP\owstg.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winmdoh.exe"="E:\WINDOWS\TEMP\winmdoh.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winexwwj.exe"="E:\WINDOWS\TEMP\winexwwj.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\qyyn.exe"="E:\WINDOWS\TEMP\qyyn.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winordq.exe"="E:\WINDOWS\TEMP\winordq.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\bqmxba.exe"="E:\WINDOWS\TEMP\bqmxba.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03bb2f69-b4c9-11de-94ca-f740a58e88ff}]
shell\AutoRun\command - G:\zPharaoh.exe
shell\explore\command - G:\zPharaoh.exe
shell\open\command - G:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ce2d7df-b4d2-11de-b0cf-806d6172696f}]
shell\AutoRun\command - D:\zPharaoh.exe
shell\explore\command - D:\zPharaoh.exe
shell\open\command - D:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ce2d7e1-b4d2-11de-b0cf-806d6172696f}]
shell\AutoRun\command - E:\zPharaoh.exe
shell\explore\command - E:\zPharaoh.exe
shell\open\command - E:\zPharaoh.exe
======List of files/folders created in the last 1 months======
2009-10-10 14:59:58 ----D---- E:\WINDOWS\system32\CatRoot_bak
2009-10-10 14:15:05 ----D---- E:\Documents and Settings\All Users\Application Data\Google
2009-10-10 13:23:23 ----D---- E:\Program Files\trend micro
2009-10-10 13:23:22 ----D---- E:\rsit
2009-10-10 08:57:13 ----D---- E:\Program Files\Microsoft Office
2009-10-10 08:49:06 ----HDC---- E:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-10 08:48:57 ----HDC---- E:\WINDOWS\$NtUninstallKB957097$
2009-10-10 07:02:07 ----HDC---- E:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-10-10 07:01:53 ----N---- E:\WINDOWS\system32\spmsg.dll
2009-10-10 07:01:53 ----D---- E:\WINDOWS\system32\PreInstall
2009-10-10 07:01:52 ----HDC---- E:\WINDOWS\$NtUninstallKB898461$
2009-10-09 18:23:27 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\Google
2009-10-09 18:10:20 ----D---- E:\Program Files\Google
2009-10-09 17:16:41 ----D---- E:\Program Files\Microsoft.NET
2009-10-09 17:15:14 ----D---- E:\Program Files\Fichiers communs\DESIGNER
2009-10-09 17:14:20 ----D---- E:\WINDOWS\SHELLNEW
2009-10-09 16:03:31 ----D---- E:\WINDOWS\system32\Lang
2009-10-09 16:02:05 ----D---- E:\WINDOWS\system32\RTCOM
2009-10-09 16:02:03 ----A---- E:\WINDOWS\system32\ksuser.dll
2009-10-09 16:01:40 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2009-10-09 16:01:39 ----HDC---- E:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-10-09 16:01:37 ----A---- E:\WINDOWS\vncutil.exe
2009-10-09 16:01:37 ----A---- E:\WINDOWS\SOUNDMAN.EXE
2009-10-09 16:01:37 ----A---- E:\WINDOWS\SkyTel.exe
2009-10-09 16:01:37 ----A---- E:\WINDOWS\RtlUpd.exe
2009-10-09 16:01:36 ----A---- E:\WINDOWS\RTLCPL.EXE
2009-10-09 16:01:35 ----A---- E:\WINDOWS\system32\RtkCoInstXP.dll
2009-10-09 16:01:35 ----A---- E:\WINDOWS\RtkAudioService.exe
2009-10-09 16:01:34 ----N---- E:\WINDOWS\RTHDCPL.EXE
2009-10-09 16:01:34 ----A---- E:\WINDOWS\MicCal.exe
2009-10-09 16:01:33 ----HD---- E:\Program Files\InstallShield Installation Information
2009-10-09 16:01:33 ----D---- E:\Program Files\Realtek
2009-10-09 16:01:33 ----A---- E:\WINDOWS\ALCWZRD.EXE
2009-10-09 16:01:33 ----A---- E:\WINDOWS\ALCMTR.EXE
2009-10-09 16:01:27 ----A---- E:\WINDOWS\RtlExUpd.dll
2009-10-09 16:01:23 ----D---- E:\Program Files\Fichiers communs\InstallShield
2009-10-09 15:23:44 ----A---- E:\WINDOWS\system32\MRT.exe
2009-10-09 15:23:30 ----HDC---- E:\WINDOWS\$NtUninstallKB932823-v3$
2009-10-09 15:23:30 ----HD---- E:\WINDOWS\$hf_mig$
2009-10-09 14:34:07 ----A---- E:\WINDOWS\system32\h323log.txt
2009-10-09 14:28:35 ----A---- E:\WINDOWS\system32\usbui.dll
2009-10-09 14:27:33 ----A---- E:\WINDOWS\imsins.BAK
2009-10-09 14:27:31 ----SHD---- E:\WINDOWS\Installer
2009-10-09 14:27:31 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2009-10-09 14:27:30 ----D---- E:\Program Files\Fichiers communs\ODBC
2009-10-09 14:27:30 ----A---- E:\WINDOWS\ODBCINST.INI
2009-10-09 14:27:28 ----D---- E:\Program Files\Fichiers communs\SpeechEngines
2009-10-09 14:27:27 ----RD---- E:\Program Files
2009-10-09 14:27:27 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2009-10-09 14:27:27 ----D---- E:\Program Files\Fichiers communs
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdur.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdru.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdest.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdro.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz2.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\spxcoins.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\irclass.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\dgsetup.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2009-10-09 14:27:12 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2009-10-09 14:27:10 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2009-10-09 14:27:10 ----A---- E:\WINDOWS\TASKMAN.EXE
2009-10-09 14:27:10 ----A---- E:\WINDOWS\system32\batt.dll
2009-10-09 14:27:09 ----A---- E:\WINDOWS\system32\storprop.dll
2009-10-09 14:27:02 ----ASH---- E:\Documents and Settings\All Users\Application Data\desktop.ini
2009-10-09 14:26:59 ----RA---- E:\WINDOWS\SET8.tmp
2009-10-09 14:26:57 ----RA---- E:\WINDOWS\SET4.tmp
2009-10-09 14:26:56 ----RA---- E:\WINDOWS\SET3.tmp
2009-10-09 14:26:51 ----D---- E:\WINDOWS\system32\CatRoot2
2009-10-09 14:26:51 ----D---- E:\WINDOWS\system32\CatRoot
2009-10-09 14:26:46 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-09 14:26:28 ----A---- E:\WINDOWS\setuplog.txt
2009-10-09 14:26:25 ----SHD---- E:\System Volume Information
2009-10-09 14:26:25 ----D---- E:\Documents and Settings
2009-10-09 14:21:31 ----RSHDC---- E:\WINDOWS\system32\dllcache
2009-10-09 14:21:31 ----RSD---- E:\WINDOWS\Fonts
2009-10-09 14:21:31 ----RD---- E:\WINDOWS\Web
2009-10-09 14:21:31 ----HD---- E:\WINDOWS\inf
2009-10-09 14:21:31 ----D---- E:\WINDOWS\WinSxS
2009-10-09 14:21:31 ----D---- E:\WINDOWS\twain_32
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Temp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\wins
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\wbem
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\usmt
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\spool
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ShellExt
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\Setup
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ras
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\oobe
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\npp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\mui
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\inetsrv
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\IME
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\icsxml
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ias
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\export
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\drivers
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\dhcp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\config
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\3com_dmi
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\3076
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\2052
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1054
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1042
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1041
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1037
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1036
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1033
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1031
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1028
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1025
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system
2009-10-09 14:21:31 ----D---- E:\WINDOWS\security
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Resources
2009-10-09 14:21:31 ----D---- E:\WINDOWS\repair
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Provisioning
2009-10-09 14:21:31 ----D---- E:\WINDOWS\PeerNet
2009-10-09 14:21:31 ----D---- E:\WINDOWS\pchealth
2009-10-09 14:21:31 ----D---- E:\WINDOWS\mui
2009-10-09 14:21:31 ----D---- E:\WINDOWS\msapps
2009-10-09 14:21:31 ----D---- E:\WINDOWS\msagent
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Media
2009-10-09 14:21:31 ----D---- E:\WINDOWS\java
2009-10-09 14:21:31 ----D---- E:\WINDOWS\ime
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Help
2009-10-09 14:21:31 ----D---- E:\WINDOWS\ehome
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Driver Cache
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Debug
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Cursors
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Connection Wizard
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Config
2009-10-09 14:21:31 ----D---- E:\WINDOWS\AppPatch
2009-10-09 14:21:31 ----D---- E:\WINDOWS\addins
2009-10-09 14:21:31 ----D---- E:\WINDOWS
2009-10-09 14:00:23 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2009-10-09 13:57:38 ----A---- E:\WINDOWS\system32\CoInst.dll
2009-10-09 13:57:37 ----N---- E:\WINDOWS\wwdslcfg.ini
2009-10-09 13:57:37 ----D---- E:\Program Files\MT882
2009-10-09 13:10:20 ----D---- E:\WINDOWS\system32\appmgmt
2009-10-09 13:03:21 ----SHD---- E:\RECYCLER
2009-10-09 13:01:05 ----RSH---- E:\zPharaoh.exe
2009-10-09 13:01:05 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\tazebama
2009-10-09 12:58:51 ----A---- E:\WINDOWS\ODBC.INI
2009-10-09 12:58:49 ----A---- E:\WINDOWS\system32\mdimon.dll
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaSM.ini
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaSM.exe
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaLM.dll
2009-10-09 12:51:29 ----D---- E:\WINDOWS\system32\ReinstallBackups
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\lttwn12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltkrn12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltimg12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltfil12n.DLL
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\ltefx12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\LTDIS12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lftif12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lftga12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lfpcx12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lfimg12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lffax12n.dll
2009-10-09 12:51:25 ----N---- E:\WINDOWS\system32\LFCMP12n.DLL
2009-10-09 12:51:25 ----N---- E:\WINDOWS\system32\lfbmp12n.dll
2009-10-09 12:51:13 ----D---- E:\Program Files\Kyocera
2009-10-09 12:47:54 ----D---- E:\temp
2009-10-09 12:43:55 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\Identities
2009-10-09 12:43:54 ----HD---- E:\Program Files\Uninstall Information
2009-10-09 12:43:49 ----SD---- E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft
2009-10-09 12:43:49 ----ASH---- E:\Documents and Settings\medjeroub receptionn\Application Data\desktop.ini
2009-10-09 12:42:18 ----D---- E:\WINDOWS\SoftwareDistribution
2009-10-09 12:42:16 ----SD---- E:\WINDOWS\system32\Microsoft
2009-10-09 12:42:16 ----D---- E:\WINDOWS\Prefetch
2009-10-09 12:42:16 ----A---- E:\WINDOWS\SchedLgU.Txt
2009-10-09 12:39:15 ----D---- E:\WINDOWS\system32\xircom
2009-10-09 12:39:15 ----D---- E:\Program Files\xerox
2009-10-09 12:39:15 ----D---- E:\Program Files\microsoft frontpage
2009-10-09 12:39:01 ----A---- E:\WINDOWS\control.ini
2009-10-09 12:38:53 ----A---- E:\WINDOWS\OEWABLog.txt
2009-10-09 12:38:50 ----A---- E:\WINDOWS\system32\mapi32.dll
2009-10-09 12:38:11 ----SD---- E:\WINDOWS\Downloaded Program Files
2009-10-09 12:38:11 ----RD---- E:\WINDOWS\Offline Web Pages
2009-10-09 12:38:11 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2009-10-09 12:38:06 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2009-10-09 12:38:03 ----HD---- E:\Program Files\WindowsUpdate
2009-10-09 12:38:00 ----D---- E:\Program Files\Services en ligne
2009-10-09 12:37:44 ----D---- E:\WINDOWS\system32\DirectX
2009-10-09 12:37:22 ----A---- E:\WINDOWS\system32\atrace.dll
2009-10-09 12:37:20 ----A---- E:\WINDOWS\system32\desktop.ini
2009-10-09 12:37:20 ----A---- E:\WINDOWS\desktop.ini
2009-10-09 12:37:13 ----A---- E:\WINDOWS\system32\nmevtmsg.dll
2009-10-09 12:37:11 ----D---- E:\Program Files\Fichiers communs\Services
2009-10-09 12:37:11 ----A---- E:\WINDOWS\system32\acctres.dll
2009-10-09 12:37:08 ----SD---- E:\WINDOWS\Tasks
2009-10-09 12:37:08 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2009-10-09 12:37:07 ----D---- E:\Program Files\Fichiers communs\MSSoap
2009-10-09 12:37:03 ----D---- E:\WINDOWS\system32\Macromed
2009-10-09 12:37:03 ----D---- E:\WINDOWS\srchasst
2009-10-09 12:37:00 ----A---- E:\WINDOWS\system32\wuweb.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wups.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wucltui.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauserv.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuaueng.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauclt.exe
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuapi.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\qmgr.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2009-10-09 12:36:55 ----D---- E:\Program Files\Movie Maker
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrslv.dll
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrdm.dll
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2009-10-09 12:36:50 ----A---- E:\WINDOWS\system32\racpldlg.dll
2009-10-09 12:36:47 ----D---- E:\WINDOWS\system32\Restore
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srsvc.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srrstr.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srclient.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\fltMc.exe
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\fltlib.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\mnmdd.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\ils.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\nmmkcert.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\msconf.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2009-10-09 12:36:42 ----D---- E:\Program Files\NetMeeting
2009-10-09 12:36:42 ----A---- E:\WINDOWS\system32\msoert2.dll
2009-10-09 12:36:42 ----A---- E:\WINDOWS\system32\msoeacct.dll
2009-10-09 12:36:41 ----A---- E:\WINDOWS\system32\inetres.dll
2009-10-09 12:36:41 ----A---- E:\WINDOWS\system32\inetcomm.dll
2009-10-09 12:36:39 ----D---- E:\Program Files\Outlook Express
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\schedsvc.dll
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\mstinit.exe
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\mstask.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\isign32.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\inetcfg.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\icwphbk.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\icwdial.dll
2009-10-09 12:36:32 ----D---- E:\Program Files\Fichiers communs\System
2009-10-09 12:36:31 ----D---- E:\Program Files\Internet Explorer
2009-10-09 12:36:03 ----D---- E:\Program Files\ComPlus Applications
2009-10-09 12:36:02 ----A---- E:\WINDOWS\vbaddin.ini
2009-10-09 12:36:02 ----A---- E:\WINDOWS\vb.ini
2009-10-09 12:35:58 ----D---- E:\WINDOWS\Registration
2009-10-09 12:35:52 ----D---- E:\Program Files\Windows Media Player
2009-10-09 12:35:52 ----D---- E:\Program Files\Online Services
2009-10-09 12:35:47 ----D---- E:\Program Files\Messenger
2009-10-09 12:35:44 ----D---- E:\Program Files\MSN Gaming Zone
2009-10-09 12:35:44 ----A---- E:\WINDOWS\system32\write.exe
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\sndvol32.exe
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\hticons.dll
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\avwav.dll
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\winchat.exe
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\avtapi.dll
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\avmeter.dll
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\getuname.dll
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\charmap.exe
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\calc.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\winmine.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\sol.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\reset.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\mshearts.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\freecell.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tsshutdn.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tslabels.ini
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tskill.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tsdiscon.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tscon.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\shadow.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\rwinsta.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\regini.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\rdpcfgex.dll
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\qwinsta.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\qappsrv.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\msg.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\logoff.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\cdmodem.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\stclient.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxex.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxdm.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\comrepl.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\comaddin.dll
2009-10-09 12:35:19 ----A---- E:\WINDOWS\system32\comsnap.dll
2009-10-09 12:35:14 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2009-10-09 12:35:06 ----D---- E:\Program Files\MSN
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\sndrec32.exe
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\mplay32.exe
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\hypertrm.dll
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\accwiz.exe
2009-10-09 12:35:04 ----D---- E:\Program Files\Windows NT
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\spider.exe
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\mspaint.exe
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\clipbrd.exe
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\tscfgwmi.dll
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\mstscax.dll
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\mstsc.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\tscupgrd.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\termsrv.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\sessmgr.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\remotepg.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdshost.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdsaddin.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdpwsx.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdpsnd.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdchost.dll
2009-10-09 12:35:01 ----D---- E:\WINDOWS\system32\MsDtc
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\rdpclip.exe
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\qprocess.exe
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\mtxoci.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\icaapi.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\xolehlp.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtctm.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtclog.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtc.exe
2009-10-09 12:34:59 ----D---- E:\WINDOWS\system32\Com
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\colbact.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\clbcatex.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrvut.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrvps.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrv.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\comuid.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\comsvcs.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\clbcatq.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\servdeps.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\mmfutil.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\licwmi.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2009-10-10 09:00:00 ----A---- E:\WINDOWS\win.ini
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netstat.exe
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netsetup.exe
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netdde.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\net.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\narrator.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\mshta.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\mpnotify.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\logonui.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ipv6.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ipsec6.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\imapi.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\iexpress.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ie4uinit.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\gpupdate.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\eudcedit.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\esentutl.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dxdiag.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dwwin.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\drwtsn32.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dpvsetup.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\dplaysvr.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\dmadmin.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\diskpart.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\ddeshare.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\cscript.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\cipher.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\blastcln.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\logagent.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\asr_pfu.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\arp.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\ahui.exe
2009-10-09 23:04:20 ----A---- E:\WINDOWS\winhlp32.exe
2009-10-09 23:04:20 ----A---- E:\WINDOWS\twunk_32.exe
2009-10-09 22:59:20 ----A---- E:\WINDOWS\regedit.exe
2009-10-09 22:59:19 ----A---- E:\WINDOWS\notepad.exe
2009-10-09 22:59:19 ----A---- E:\WINDOWS\hh.exe
2009-10-09 20:42:54 ----A---- E:\WINDOWS\system32\mmc.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\osk.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\odbcad32.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\ntbackup.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\notepad.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\mobsync.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\magnify.exe
2009-10-09 19:04:53 ----A---- E:\WINDOWS\system32\cmd.exe
2009-10-09 18:59:45 ----A---- E:\WINDOWS\system32\HdAShCut.exe
2009-10-09 13:01:05 ----A---- E:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R3 abp470n5;abp470n5; \??\E:\WINDOWS\system32\drivers\fnqjlg.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 iadusb;MT882; E:\WINDOWS\system32\DRIVERS\glauiad.sys [2007-04-21 29696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-22 5915136]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S3 ose;Office Source Engine; E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-10-09 323999]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by medjeroub receptionn at 2009-10-10 15:12:21
Microsoft Windows XP Professionnel Service Pack 2
System drive E: has 67 GB (91%) free of 74 GB
Total RAM: 895 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:28:26, on 10/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Google\Update\GoogleUpdate.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\RTHDCPL.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
E:\WINDOWS\system32\dwwin.exe
E:\Documents and Settings\tazebama.dl_
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
E:\WINDOWS\TEMP\winordq.exe
E:\Documents and Settings\medjeroub receptionn\Bureau\RSIT.exe
E:\Program Files\trend micro\medjeroub receptionn.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?cc=fr&toHttps=1&redig=D4322FEE7CF74A348CB9CE970F098EF5
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: Démarrage .exe (User 'Default user')
O4 - .DEFAULT User Startup: RecycleBinProtect.exe (User 'Default user')
O4 - Startup: Notification de cadeaux MSN.lnk = E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: QLink.lnk = E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
--
End of file - 2876 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=E:\WINDOWS\RTHDCPL.EXE [2009-09-22 18749440]
"UserFaultCheck"=E:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2004-08-19 15360]
E:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
QLink.lnk - E:\Program Files\Kyocera\FS-1016MFP_FS-1116MFP\FS-1016MFP\QLINK.exe
E:\Documents and Settings\medjeroub receptionn\Menu Démarrer\Programmes\Démarrage
Notification de cadeaux MSN.lnk - E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1
"DisableRegistryTools"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"G:\zPharaoh.exe"="G:\zPharaoh.exe:*:Enabled:ipsec"
"E:\WINDOWS\Explorer.EXE"="E:\WINDOWS\Explorer.EXE:*:Enabled:ipsec"
"E:\Documents and Settings\medjeroub receptionn\Bureau\mourad\DEMANDE D.doc .exe"="E:\Documents and Settings\medjeroub receptionn\Bureau\mourad\DEMANDE D.doc .exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\ehvt.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\ehvt.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\afcq.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\afcq.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\wineeamll.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\wineeamll.exe:*:Enabled:ipsec"
"E:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE"="E:\Program Files\Microsoft Office\OFFICE11\MSOHTMED.EXE:*:Enabled:ipsec"
"E:\Program Files\Messenger\msmsgs.exe"="E:\Program Files\Messenger\msmsgs.exe:*:Enabled:ipsec"
"E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\rgunm.exe"="E:\DOCUME~1\MEDJER~1\LOCALS~1\Temp\rgunm.exe:*:Enabled:ipsec"
"E:\Program Files\Google\Update\GoogleUpdate.exe"="E:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\xwbjba.exe"="E:\WINDOWS\TEMP\xwbjba.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winxyiq.exe"="E:\WINDOWS\TEMP\winxyiq.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winfacw.exe"="E:\WINDOWS\TEMP\winfacw.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\njfuf.exe"="E:\WINDOWS\TEMP\njfuf.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winyosysi.exe"="E:\WINDOWS\TEMP\winyosysi.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\owstg.exe"="E:\WINDOWS\TEMP\owstg.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winmdoh.exe"="E:\WINDOWS\TEMP\winmdoh.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winexwwj.exe"="E:\WINDOWS\TEMP\winexwwj.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\qyyn.exe"="E:\WINDOWS\TEMP\qyyn.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\winordq.exe"="E:\WINDOWS\TEMP\winordq.exe:*:Enabled:ipsec"
"E:\WINDOWS\TEMP\bqmxba.exe"="E:\WINDOWS\TEMP\bqmxba.exe:*:Enabled:ipsec"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03bb2f69-b4c9-11de-94ca-f740a58e88ff}]
shell\AutoRun\command - G:\zPharaoh.exe
shell\explore\command - G:\zPharaoh.exe
shell\open\command - G:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ce2d7df-b4d2-11de-b0cf-806d6172696f}]
shell\AutoRun\command - D:\zPharaoh.exe
shell\explore\command - D:\zPharaoh.exe
shell\open\command - D:\zPharaoh.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9ce2d7e1-b4d2-11de-b0cf-806d6172696f}]
shell\AutoRun\command - E:\zPharaoh.exe
shell\explore\command - E:\zPharaoh.exe
shell\open\command - E:\zPharaoh.exe
======List of files/folders created in the last 1 months======
2009-10-10 14:59:58 ----D---- E:\WINDOWS\system32\CatRoot_bak
2009-10-10 14:15:05 ----D---- E:\Documents and Settings\All Users\Application Data\Google
2009-10-10 13:23:23 ----D---- E:\Program Files\trend micro
2009-10-10 13:23:22 ----D---- E:\rsit
2009-10-10 08:57:13 ----D---- E:\Program Files\Microsoft Office
2009-10-10 08:49:06 ----HDC---- E:\WINDOWS\$NtUninstallKB952069_WM9$
2009-10-10 08:48:57 ----HDC---- E:\WINDOWS\$NtUninstallKB957097$
2009-10-10 07:02:07 ----HDC---- E:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-10-10 07:01:53 ----N---- E:\WINDOWS\system32\spmsg.dll
2009-10-10 07:01:53 ----D---- E:\WINDOWS\system32\PreInstall
2009-10-10 07:01:52 ----HDC---- E:\WINDOWS\$NtUninstallKB898461$
2009-10-09 18:23:27 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\Google
2009-10-09 18:10:20 ----D---- E:\Program Files\Google
2009-10-09 17:16:41 ----D---- E:\Program Files\Microsoft.NET
2009-10-09 17:15:14 ----D---- E:\Program Files\Fichiers communs\DESIGNER
2009-10-09 17:14:20 ----D---- E:\WINDOWS\SHELLNEW
2009-10-09 16:03:31 ----D---- E:\WINDOWS\system32\Lang
2009-10-09 16:02:05 ----D---- E:\WINDOWS\system32\RTCOM
2009-10-09 16:02:03 ----A---- E:\WINDOWS\system32\ksuser.dll
2009-10-09 16:01:40 ----A---- E:\WINDOWS\system32\spupdsvc.exe
2009-10-09 16:01:39 ----HDC---- E:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-10-09 16:01:37 ----A---- E:\WINDOWS\vncutil.exe
2009-10-09 16:01:37 ----A---- E:\WINDOWS\SOUNDMAN.EXE
2009-10-09 16:01:37 ----A---- E:\WINDOWS\SkyTel.exe
2009-10-09 16:01:37 ----A---- E:\WINDOWS\RtlUpd.exe
2009-10-09 16:01:36 ----A---- E:\WINDOWS\RTLCPL.EXE
2009-10-09 16:01:35 ----A---- E:\WINDOWS\system32\RtkCoInstXP.dll
2009-10-09 16:01:35 ----A---- E:\WINDOWS\RtkAudioService.exe
2009-10-09 16:01:34 ----N---- E:\WINDOWS\RTHDCPL.EXE
2009-10-09 16:01:34 ----A---- E:\WINDOWS\MicCal.exe
2009-10-09 16:01:33 ----HD---- E:\Program Files\InstallShield Installation Information
2009-10-09 16:01:33 ----D---- E:\Program Files\Realtek
2009-10-09 16:01:33 ----A---- E:\WINDOWS\ALCWZRD.EXE
2009-10-09 16:01:33 ----A---- E:\WINDOWS\ALCMTR.EXE
2009-10-09 16:01:27 ----A---- E:\WINDOWS\RtlExUpd.dll
2009-10-09 16:01:23 ----D---- E:\Program Files\Fichiers communs\InstallShield
2009-10-09 15:23:44 ----A---- E:\WINDOWS\system32\MRT.exe
2009-10-09 15:23:30 ----HDC---- E:\WINDOWS\$NtUninstallKB932823-v3$
2009-10-09 15:23:30 ----HD---- E:\WINDOWS\$hf_mig$
2009-10-09 14:34:07 ----A---- E:\WINDOWS\system32\h323log.txt
2009-10-09 14:28:35 ----A---- E:\WINDOWS\system32\usbui.dll
2009-10-09 14:27:33 ----A---- E:\WINDOWS\imsins.BAK
2009-10-09 14:27:31 ----SHD---- E:\WINDOWS\Installer
2009-10-09 14:27:31 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2009-10-09 14:27:30 ----D---- E:\Program Files\Fichiers communs\ODBC
2009-10-09 14:27:30 ----A---- E:\WINDOWS\ODBCINST.INI
2009-10-09 14:27:28 ----D---- E:\Program Files\Fichiers communs\SpeechEngines
2009-10-09 14:27:27 ----RD---- E:\Program Files
2009-10-09 14:27:27 ----D---- E:\Program Files\Fichiers communs\Microsoft Shared
2009-10-09 14:27:27 ----D---- E:\Program Files\Fichiers communs
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2009-10-09 14:27:24 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdur.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2009-10-09 14:27:22 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdru.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2009-10-09 14:27:21 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2009-10-09 14:27:19 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2009-10-09 14:27:18 ----RA---- E:\WINDOWS\system32\kbdest.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdro.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz2.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz1.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcz.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2009-10-09 14:27:15 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\spxcoins.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\irclass.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\dgsetup.dll
2009-10-09 14:27:13 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2009-10-09 14:27:12 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2009-10-09 14:27:10 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2009-10-09 14:27:10 ----A---- E:\WINDOWS\TASKMAN.EXE
2009-10-09 14:27:10 ----A---- E:\WINDOWS\system32\batt.dll
2009-10-09 14:27:09 ----A---- E:\WINDOWS\system32\storprop.dll
2009-10-09 14:27:02 ----ASH---- E:\Documents and Settings\All Users\Application Data\desktop.ini
2009-10-09 14:26:59 ----RA---- E:\WINDOWS\SET8.tmp
2009-10-09 14:26:57 ----RA---- E:\WINDOWS\SET4.tmp
2009-10-09 14:26:56 ----RA---- E:\WINDOWS\SET3.tmp
2009-10-09 14:26:51 ----D---- E:\WINDOWS\system32\CatRoot2
2009-10-09 14:26:51 ----D---- E:\WINDOWS\system32\CatRoot
2009-10-09 14:26:46 ----SD---- E:\Documents and Settings\All Users\Application Data\Microsoft
2009-10-09 14:26:28 ----A---- E:\WINDOWS\setuplog.txt
2009-10-09 14:26:25 ----SHD---- E:\System Volume Information
2009-10-09 14:26:25 ----D---- E:\Documents and Settings
2009-10-09 14:21:31 ----RSHDC---- E:\WINDOWS\system32\dllcache
2009-10-09 14:21:31 ----RSD---- E:\WINDOWS\Fonts
2009-10-09 14:21:31 ----RD---- E:\WINDOWS\Web
2009-10-09 14:21:31 ----HD---- E:\WINDOWS\inf
2009-10-09 14:21:31 ----D---- E:\WINDOWS\WinSxS
2009-10-09 14:21:31 ----D---- E:\WINDOWS\twain_32
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Temp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\wins
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\wbem
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\usmt
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\spool
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ShellExt
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\Setup
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ras
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\oobe
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\npp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\mui
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\inetsrv
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\IME
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\icsxml
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\ias
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\export
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\drivers
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\dhcp
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\config
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\3com_dmi
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\3076
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\2052
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1054
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1042
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1041
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1037
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1036
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1033
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1031
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1028
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32\1025
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system32
2009-10-09 14:21:31 ----D---- E:\WINDOWS\system
2009-10-09 14:21:31 ----D---- E:\WINDOWS\security
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Resources
2009-10-09 14:21:31 ----D---- E:\WINDOWS\repair
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Provisioning
2009-10-09 14:21:31 ----D---- E:\WINDOWS\PeerNet
2009-10-09 14:21:31 ----D---- E:\WINDOWS\pchealth
2009-10-09 14:21:31 ----D---- E:\WINDOWS\mui
2009-10-09 14:21:31 ----D---- E:\WINDOWS\msapps
2009-10-09 14:21:31 ----D---- E:\WINDOWS\msagent
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Media
2009-10-09 14:21:31 ----D---- E:\WINDOWS\java
2009-10-09 14:21:31 ----D---- E:\WINDOWS\ime
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Help
2009-10-09 14:21:31 ----D---- E:\WINDOWS\ehome
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Driver Cache
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Debug
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Cursors
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Connection Wizard
2009-10-09 14:21:31 ----D---- E:\WINDOWS\Config
2009-10-09 14:21:31 ----D---- E:\WINDOWS\AppPatch
2009-10-09 14:21:31 ----D---- E:\WINDOWS\addins
2009-10-09 14:21:31 ----D---- E:\WINDOWS
2009-10-09 14:00:23 ----D---- E:\WINDOWS\system32\SoftwareDistribution
2009-10-09 13:57:38 ----A---- E:\WINDOWS\system32\CoInst.dll
2009-10-09 13:57:37 ----N---- E:\WINDOWS\wwdslcfg.ini
2009-10-09 13:57:37 ----D---- E:\Program Files\MT882
2009-10-09 13:10:20 ----D---- E:\WINDOWS\system32\appmgmt
2009-10-09 13:03:21 ----SHD---- E:\RECYCLER
2009-10-09 13:01:05 ----RSH---- E:\zPharaoh.exe
2009-10-09 13:01:05 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\tazebama
2009-10-09 12:58:51 ----A---- E:\WINDOWS\ODBC.INI
2009-10-09 12:58:49 ----A---- E:\WINDOWS\system32\mdimon.dll
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaSM.ini
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaSM.exe
2009-10-09 12:51:36 ----A---- E:\WINDOWS\system32\kygaLM.dll
2009-10-09 12:51:29 ----D---- E:\WINDOWS\system32\ReinstallBackups
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\lttwn12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltkrn12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltimg12n.dll
2009-10-09 12:51:27 ----N---- E:\WINDOWS\system32\ltfil12n.DLL
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\ltefx12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\LTDIS12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lftif12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lftga12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lfpcx12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lfimg12n.dll
2009-10-09 12:51:26 ----N---- E:\WINDOWS\system32\lffax12n.dll
2009-10-09 12:51:25 ----N---- E:\WINDOWS\system32\LFCMP12n.DLL
2009-10-09 12:51:25 ----N---- E:\WINDOWS\system32\lfbmp12n.dll
2009-10-09 12:51:13 ----D---- E:\Program Files\Kyocera
2009-10-09 12:47:54 ----D---- E:\temp
2009-10-09 12:43:55 ----D---- E:\Documents and Settings\medjeroub receptionn\Application Data\Identities
2009-10-09 12:43:54 ----HD---- E:\Program Files\Uninstall Information
2009-10-09 12:43:49 ----SD---- E:\Documents and Settings\medjeroub receptionn\Application Data\Microsoft
2009-10-09 12:43:49 ----ASH---- E:\Documents and Settings\medjeroub receptionn\Application Data\desktop.ini
2009-10-09 12:42:18 ----D---- E:\WINDOWS\SoftwareDistribution
2009-10-09 12:42:16 ----SD---- E:\WINDOWS\system32\Microsoft
2009-10-09 12:42:16 ----D---- E:\WINDOWS\Prefetch
2009-10-09 12:42:16 ----A---- E:\WINDOWS\SchedLgU.Txt
2009-10-09 12:39:15 ----D---- E:\WINDOWS\system32\xircom
2009-10-09 12:39:15 ----D---- E:\Program Files\xerox
2009-10-09 12:39:15 ----D---- E:\Program Files\microsoft frontpage
2009-10-09 12:39:01 ----A---- E:\WINDOWS\control.ini
2009-10-09 12:38:53 ----A---- E:\WINDOWS\OEWABLog.txt
2009-10-09 12:38:50 ----A---- E:\WINDOWS\system32\mapi32.dll
2009-10-09 12:38:11 ----SD---- E:\WINDOWS\Downloaded Program Files
2009-10-09 12:38:11 ----RD---- E:\WINDOWS\Offline Web Pages
2009-10-09 12:38:11 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2009-10-09 12:38:06 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2009-10-09 12:38:03 ----HD---- E:\Program Files\WindowsUpdate
2009-10-09 12:38:00 ----D---- E:\Program Files\Services en ligne
2009-10-09 12:37:44 ----D---- E:\WINDOWS\system32\DirectX
2009-10-09 12:37:22 ----A---- E:\WINDOWS\system32\atrace.dll
2009-10-09 12:37:20 ----A---- E:\WINDOWS\system32\desktop.ini
2009-10-09 12:37:20 ----A---- E:\WINDOWS\desktop.ini
2009-10-09 12:37:13 ----A---- E:\WINDOWS\system32\nmevtmsg.dll
2009-10-09 12:37:11 ----D---- E:\Program Files\Fichiers communs\Services
2009-10-09 12:37:11 ----A---- E:\WINDOWS\system32\acctres.dll
2009-10-09 12:37:08 ----SD---- E:\WINDOWS\Tasks
2009-10-09 12:37:08 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2009-10-09 12:37:07 ----D---- E:\Program Files\Fichiers communs\MSSoap
2009-10-09 12:37:03 ----D---- E:\WINDOWS\system32\Macromed
2009-10-09 12:37:03 ----D---- E:\WINDOWS\srchasst
2009-10-09 12:37:00 ----A---- E:\WINDOWS\system32\wuweb.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wups.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wucltui.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauserv.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuaueng.dll
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuauclt.exe
2009-10-09 12:36:59 ----A---- E:\WINDOWS\system32\wuapi.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\qmgr.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2009-10-09 12:36:58 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2009-10-09 12:36:55 ----D---- E:\Program Files\Movie Maker
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrslv.dll
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrdm.dll
2009-10-09 12:36:51 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2009-10-09 12:36:50 ----A---- E:\WINDOWS\system32\racpldlg.dll
2009-10-09 12:36:47 ----D---- E:\WINDOWS\system32\Restore
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srsvc.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srrstr.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\srclient.dll
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\fltMc.exe
2009-10-09 12:36:47 ----A---- E:\WINDOWS\system32\fltlib.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\mnmdd.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2009-10-09 12:36:46 ----A---- E:\WINDOWS\system32\ils.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\nmmkcert.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\msconf.dll
2009-10-09 12:36:45 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2009-10-09 12:36:42 ----D---- E:\Program Files\NetMeeting
2009-10-09 12:36:42 ----A---- E:\WINDOWS\system32\msoert2.dll
2009-10-09 12:36:42 ----A---- E:\WINDOWS\system32\msoeacct.dll
2009-10-09 12:36:41 ----A---- E:\WINDOWS\system32\inetres.dll
2009-10-09 12:36:41 ----A---- E:\WINDOWS\system32\inetcomm.dll
2009-10-09 12:36:39 ----D---- E:\Program Files\Outlook Express
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\schedsvc.dll
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\mstinit.exe
2009-10-09 12:36:39 ----A---- E:\WINDOWS\system32\mstask.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\isign32.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\inetcfg.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\icwphbk.dll
2009-10-09 12:36:38 ----A---- E:\WINDOWS\system32\icwdial.dll
2009-10-09 12:36:32 ----D---- E:\Program Files\Fichiers communs\System
2009-10-09 12:36:31 ----D---- E:\Program Files\Internet Explorer
2009-10-09 12:36:03 ----D---- E:\Program Files\ComPlus Applications
2009-10-09 12:36:02 ----A---- E:\WINDOWS\vbaddin.ini
2009-10-09 12:36:02 ----A---- E:\WINDOWS\vb.ini
2009-10-09 12:35:58 ----D---- E:\WINDOWS\Registration
2009-10-09 12:35:52 ----D---- E:\Program Files\Windows Media Player
2009-10-09 12:35:52 ----D---- E:\Program Files\Online Services
2009-10-09 12:35:47 ----D---- E:\Program Files\Messenger
2009-10-09 12:35:44 ----D---- E:\Program Files\MSN Gaming Zone
2009-10-09 12:35:44 ----A---- E:\WINDOWS\system32\write.exe
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\sndvol32.exe
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\hticons.dll
2009-10-09 12:35:33 ----A---- E:\WINDOWS\system32\avwav.dll
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\winchat.exe
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\avtapi.dll
2009-10-09 12:35:32 ----A---- E:\WINDOWS\system32\avmeter.dll
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\getuname.dll
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\charmap.exe
2009-10-09 12:35:24 ----A---- E:\WINDOWS\system32\calc.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\winmine.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\sol.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\reset.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\mshearts.exe
2009-10-09 12:35:23 ----A---- E:\WINDOWS\system32\freecell.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tsshutdn.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tslabels.ini
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tskill.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tsdiscon.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\tscon.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\shadow.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\rwinsta.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\regini.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\rdpcfgex.dll
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\qwinsta.exe
2009-10-09 12:35:22 ----A---- E:\WINDOWS\system32\qappsrv.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\msg.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\logoff.exe
2009-10-09 12:35:21 ----A---- E:\WINDOWS\system32\cdmodem.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\stclient.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxex.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\mtxdm.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\comrepl.dll
2009-10-09 12:35:20 ----A---- E:\WINDOWS\system32\comaddin.dll
2009-10-09 12:35:19 ----A---- E:\WINDOWS\system32\comsnap.dll
2009-10-09 12:35:14 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2009-10-09 12:35:06 ----D---- E:\Program Files\MSN
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\sndrec32.exe
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\mplay32.exe
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\hypertrm.dll
2009-10-09 12:35:05 ----A---- E:\WINDOWS\system32\accwiz.exe
2009-10-09 12:35:04 ----D---- E:\Program Files\Windows NT
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\spider.exe
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\mspaint.exe
2009-10-09 12:35:04 ----A---- E:\WINDOWS\system32\clipbrd.exe
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\tscfgwmi.dll
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\mstscax.dll
2009-10-09 12:35:03 ----A---- E:\WINDOWS\system32\mstsc.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\tscupgrd.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\termsrv.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\sessmgr.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\remotepg.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdshost.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdsaddin.exe
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdpwsx.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdpsnd.dll
2009-10-09 12:35:02 ----A---- E:\WINDOWS\system32\rdchost.dll
2009-10-09 12:35:01 ----D---- E:\WINDOWS\system32\MsDtc
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\rdpclip.exe
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\qprocess.exe
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\mtxoci.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\icaapi.dll
2009-10-09 12:35:01 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\xolehlp.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtctm.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtclog.dll
2009-10-09 12:35:00 ----A---- E:\WINDOWS\system32\msdtc.exe
2009-10-09 12:34:59 ----D---- E:\WINDOWS\system32\Com
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\colbact.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\clbcatex.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrvut.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrvps.dll
2009-10-09 12:34:59 ----A---- E:\WINDOWS\system32\catsrv.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\comuid.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\comsvcs.dll
2009-10-09 12:34:58 ----A---- E:\WINDOWS\system32\clbcatq.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\servdeps.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\mmfutil.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\licwmi.dll
2009-10-09 12:34:51 ----A---- E:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2009-10-10 09:00:00 ----A---- E:\WINDOWS\win.ini
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netstat.exe
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netsetup.exe
2009-10-09 23:14:31 ----A---- E:\WINDOWS\system32\netdde.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\net.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\narrator.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\mshta.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\mpnotify.exe
2009-10-09 23:14:30 ----A---- E:\WINDOWS\system32\logonui.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ipv6.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ipsec6.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\imapi.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\iexpress.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\ie4uinit.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\gpupdate.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\eudcedit.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\esentutl.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dxdiag.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dwwin.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\drwtsn32.exe
2009-10-09 23:14:29 ----A---- E:\WINDOWS\system32\dpvsetup.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\dplaysvr.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\dmadmin.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\diskpart.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\ddeshare.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\cscript.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\cipher.exe
2009-10-09 23:14:28 ----A---- E:\WINDOWS\system32\blastcln.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\logagent.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\asr_pfu.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\arp.exe
2009-10-09 23:14:27 ----A---- E:\WINDOWS\system32\ahui.exe
2009-10-09 23:04:20 ----A---- E:\WINDOWS\winhlp32.exe
2009-10-09 23:04:20 ----A---- E:\WINDOWS\twunk_32.exe
2009-10-09 22:59:20 ----A---- E:\WINDOWS\regedit.exe
2009-10-09 22:59:19 ----A---- E:\WINDOWS\notepad.exe
2009-10-09 22:59:19 ----A---- E:\WINDOWS\hh.exe
2009-10-09 20:42:54 ----A---- E:\WINDOWS\system32\mmc.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\osk.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\odbcad32.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\ntbackup.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\notepad.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\mobsync.exe
2009-10-09 19:15:05 ----A---- E:\WINDOWS\system32\magnify.exe
2009-10-09 19:04:53 ----A---- E:\WINDOWS\system32\cmd.exe
2009-10-09 18:59:45 ----A---- E:\WINDOWS\system32\HdAShCut.exe
2009-10-09 13:01:05 ----A---- E:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 intelppm;Pilote de processeur Intel; E:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R3 abp470n5;abp470n5; \??\E:\WINDOWS\system32\drivers\fnqjlg.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 iadusb;MT882; E:\WINDOWS\system32\DRIVERS\glauiad.sys [2007-04-21 29696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-09-22 5915136]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Concentrateur USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 Ambfilt;Ambfilt; E:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 HidUsb;Pilote de classe HID Microsoft; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 Monfilt;Monfilt; E:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbccgp;Pilote parent générique USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; E:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; E:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S3 ose;Office Source Engine; E:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2009-10-09 323999]
-----------------EOF-----------------
Configuration: Windows XP Internet Explorer 6.0
A voir également:
- Voici mon rapport
- Rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
- Exemple de thème de rapport de stage en ressources humaines - Forum Réseau
1 réponse
Salut, tu es infecté.
Fais ceci pour commencer :
-+-+-+-> USBfix <-+-+-+-
[x] Télécharge USBfix à cette adresse : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
[x] Un tutoriel est disponible ici : https://www.malekal.com/usbfix-supprimer-virus-usb/
[x] Installe le
[x] Branche tout tes médias amovibles ( clés USB, DD externe )
[x] Lance USBfix en cliquant sur l'icône qui est sur ton bureau ( Clique droit -> Executer en tant qu'administrateur pour vista )
[x] Choisis l'option F ( pour français ) et valide en appuyant sur entrée.
[x] Au menu principal, choisi l'option 1
[x] Laisse l'outil travailler puis poste le rapport dans ton prochain message
-------------
-+-+-+-+-> ComboFix <-+-+-+-
[x] Télécharge ComboFIX ( de sUBs ) à cette adresse : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\
[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\
[x] Double clique sur " Combofix.exe "
[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le
[x] Combofix va maintenant déconnecter ton PC d'internet
[x] Pendant le scan, ne touche à rien ( souris, clavier )
[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.
[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
Fais ceci pour commencer :
-+-+-+-> USBfix <-+-+-+-
[x] Télécharge USBfix à cette adresse : http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
[x] Un tutoriel est disponible ici : https://www.malekal.com/usbfix-supprimer-virus-usb/
[x] Installe le
[x] Branche tout tes médias amovibles ( clés USB, DD externe )
[x] Lance USBfix en cliquant sur l'icône qui est sur ton bureau ( Clique droit -> Executer en tant qu'administrateur pour vista )
[x] Choisis l'option F ( pour français ) et valide en appuyant sur entrée.
[x] Au menu principal, choisi l'option 1
[x] Laisse l'outil travailler puis poste le rapport dans ton prochain message
-------------
-+-+-+-+-> ComboFix <-+-+-+-
[x] Télécharge ComboFIX ( de sUBs ) à cette adresse : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
[x] /!\ Fermez toutes les fenêtres de programme ouvertes /!\
[x] /!\ Désactivez toutes les protections résidentes ( Antivirus, Pare-Feu, AntiSpyware ) /!\
[x] Double clique sur " Combofix.exe "
[x] Suis les indications qui sont données à l'écran, à un moment tu auras un message te demandant d'installer la console de récupération, fais le
[x] Combofix va maintenant déconnecter ton PC d'internet
[x] Pendant le scan, ne touche à rien ( souris, clavier )
[x] A la fin du scan, le rapport s'ouvrira automatiquement, copie/colle le dans ton prochain message.
[o] Nb : Si jamais il ne s'ouvrait pas, il se trouve sous C:\Combofix.txt
