virus méchant, rien ne s ouvre plus Fermé

Question

Bonjour,  

J'ai chopé un virus et mes antivirus, antispyware - et tout les programmes me semble-t-il ne s'ouvrent plus... Impossible de restaurer également... Y a-t-il quelque chose à faire???? 

Configuration: Windows XP / Internet Explorer 8.0

Destrio5 · Answer

Bonjour,

Seul Internet Explorer fonctionne ?

Helloween77 · Answer

Oui Internet Explorer fonctionne ; mais dès que je veux ouvrir un programme rien ou le pc s'éteint tout seul... Par ailleurs j'ai remarqué qu'il y a écrit "config auto" quand je lance le pc...

Destrio5 · Answer

J'ai vu ton rapport OTL dans l'autre sujet.

Tu es infecté par Bagle et d'autres infections.

--> Télécharge FindyKill (par El Desaparecido) sur ton Bureau.

--> Double-clique sur FindyKill présent sur ton Bureau.

--> Tape F puis Entrée pour Français.

--> Au menu principal, choisis l'option 1 (Recherche).

--> Poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Helloween77 · Answer

Impossible... Chaque fois que je clique sur le lien FindyKill, mes pages web se ferment.

Destrio5 · Answer

http://www.teamxscript.org/too/Setup.exe

Helloween77 · Answer

Bonjour. Voici le rapport Findykill :



############################## | FindyKill V5.052 |

# User : Anthony (Administrateurs) # tuswoman
# Update on 23/10/2010 by El Desaparecido
# Start at: 12:15:27 | 27/12/2010
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# AMD Athlon(tm) 64 Processor 3700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : Norton Internet Security 2005 [ (!) Disabled | (!) Outdated ]
# AV : avast! Antivirus 5.0.83886457 [ Enabled | (!) Outdated ]
# FW : Norton Internet Security[ (!) Disabled ]2005

# C:\ # Disque fixe local # 141,23 Go (49,81 Go free) [HDD] # NTFS
# D:\ # Disque fixe local # 149,05 Go (95,77 Go free) [DATA] # NTFS
# E:\ # Disque CD-ROM
 
############################## | Processus infectieux stoppés  | 

"D:\Documents and Settings\Anthony\Application Data\drivers\winupgro.exe"  (3052)
"C:\WINDOWS\wintems.exe"  (3060)
"D:\Documents and Settings\Anthony\Application Data\m\flec006.exe"  (2880)

################## | Eléments infectieux |

C:\WINDOWS\mdelk.exe  
C:\WINDOWS\wintems.exe  
C:\WINDOWS\prefetch\14879765.EXE-219F8BF0.pf  
C:\WINDOWS\prefetch\INSTALL_PATCH.EXE-2666B771.pf  
C:\WINDOWS\prefetch\WINUPGRO.EXE-00015770.pf  
C:\WINDOWS\prefetch\WINUPGRO.EXE-293E8A80.pf  
C:\WINDOWS\system32\srosa2.sys  
C:\WINDOWS\system32\wfsintwq.sys  
D:\Documents and Settings\Anthony\Application Data\drivers  
D:\Documents and Settings\Anthony\Application Data\drivers\downld  
D:\Documents and Settings\Anthony\Application Data\drivers\winupgro.exe  
D:\Documents and Settings\Anthony\Application Data\m  
D:\Documents and Settings\Anthony\Application Data\m\data.oct  
D:\Documents and Settings\Anthony\Application Data\m\flec006.exe  
D:\Documents and Settings\Anthony\Application Data\m\list.oct  

################## | Registre |

[HKLM\SYSTEM\CurrentControlSet\Services\sK9Ou0s]  
[HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]  
[HKLM\SYSTEM\ControlSet004\Services\sK9Ou0s]  
[HKLM\SYSTEM\CurrentControlSet\Services\srosa]  
[HKLM\SYSTEM\ControlSet001\Services\srosa]  
[HKLM\SYSTEM\ControlSet004\Services\srosa]  
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]  
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]  
[HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S]  
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]  
[HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]  
[HKCU\Software\bisoft]  
[HKCU\Software\DateTime4]  
[HKCU\Software\MuleAppData]  
[HKCR\ed2k]  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"  
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\bisoft]  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\DateTime4]  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\MuleAppData]  
[HKCU\Software\Local AppWizard-Generated Applications\winupgro]  
[HKU\S-1-5-21-75017042-3997265084-919806112-1009\Software\Local AppWizard-Generated Applications\winupgro]  

################## | Etat |

# Affichage des fichiers cachés : OK
 
Clé manquante : HKLM\...\SafeBoot | Mode sans echec non fonctionnel !  
 
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) 
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 ) 
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )  
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )  
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )  
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )  

################## | ! Fin du rapport # FindyKill V5.052 ! |

Destrio5 · Answer

Fais l'option 2 de FindyKill et poste le rapport.

Helloween77 · Answer

Voilà le rapport. Merci de votre aide.



############################## | FindyKill V5.052 |

# User : Anthony (Administrateurs) # tuswoman
# Update on 23/10/2010 by El Desaparecido
# Start at: 17:36:09 | 27/12/2010
# Website : http://www.teamxscript.org/
# Contact : eldesaparecido@teamxscript.org

# AMD Athlon(tm) 64 Processor 3700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : Norton Internet Security 2005 [ (!) Disabled | (!) Outdated ]
# AV : avast! Antivirus 5.0.83886457 [ Enabled | (!) Outdated ]
# FW : Norton Internet Security[ (!) Disabled ]2005

# C:\ # Disque fixe local # 141,23 Go (49,8 Go free) [HDD] # NTFS
# D:\ # Disque fixe local # 149,05 Go (95,27 Go free) [DATA] # NTFS
# E:\ # Disque CD-ROM
# F:\ # Disque fixe local # 298,02 Go (195,66 Go free) [IOMEGA_HDD] # FAT32

################## | Eléments infectieux |

Supprimé ! C:\WINDOWS\mdelk.exe 
Supprimé ! C:\WINDOWS\wintems.exe 
Supprimé ! C:\WINDOWS\prefetch\14879765.EXE-219F8BF0.pf 
Supprimé ! C:\WINDOWS\prefetch\INSTALL_PATCH.EXE-2666B771.pf 
Supprimé ! C:\WINDOWS\prefetch\WINUPGRO.EXE-00015770.pf 
Supprimé ! C:\WINDOWS\prefetch\WINUPGRO.EXE-293E8A80.pf 
Supprimé ! C:\WINDOWS\system32\srosa2.sys 
Supprimé ! C:\WINDOWS\system32\wfsintwq.sys 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\drivers\downld 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\drivers\winupgro.exe 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\drivers 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m\data.oct 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m\flec006.exe 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m\list.oct 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m\shared 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m\srvlist.oct 
Supprimé ! D:\Documents and Settings\Anthony\Application Data\m 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\drivers\downld 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\drivers\winupgro.exe 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\drivers 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m\data.oct 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m\flec006.exe 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m\list.oct 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m\shared 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m\srvlist.oct 
Supprimé ! D:\Documents and Settings\Tustus\Application Data\m 
Supprimé ! C:\FyK\Quarantine\C\WINDOWS\mdelk.exe 
Supprimé ! C:\FyK\Quarantine\C\WINDOWS\wintems.exe 
Supprimé ! C:\FyK\Quarantine\D\Documents and Settings\Anthony\Application Data\drivers\winupgro.exe 
Supprimé ! C:\FyK\Quarantine\D\Documents and Settings\Anthony\Application Data\m\flec006.exe 
Supprimé ! C:\FyK\Quarantine\D\Documents and Settings\Tustus\Application Data\drivers\winupgro.exe 
Supprimé ! C:\FyK\Quarantine\D\Documents and Settings\Tustus\Application Data\m\flec006.exe 
Supprimé ! C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
Supprimé ! C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPW32.exe 
Supprimé ! C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583592.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583593.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583621.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583622.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583952.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583953.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584200.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584201.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585213.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585214.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0581570.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0581571.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0582479.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0582480.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0582496.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0582497.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP730\A0582510.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP730\A0582511.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582531.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582532.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582686.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582687.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0582690.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0582691.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583588.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583589.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583592.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583593.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583618.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583619.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583621.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583622.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583943.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583944.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583952.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583953.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584196.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584197.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584200.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584201.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585210.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585211.sys 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585213.exe 
Supprimé ! C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585214.exe 
Supprimé ! D:\Documents and Settings\Anthony\Bureau\Nouveau dossier (3)\Fake Webcam V3.9 + Patch + MsgPlusLive - DRaGon\MsgPlusLive-450.exe 
Supprimé ! D:\Documents and Settings\Anthony\Bureau\Nouveau dossier (3)\Fake Webcam V3.9 + Patch + MsgPlusLive - DRaGon\Fake Webcam V3.9 + Patch\patch.exe 
Supprimé ! D:\Documents and Settings\Anthony\Bureau\Nouveau dossier (3)\Fake Webcam V3.9 + Patch + MsgPlusLive - DRaGon\Fake Webcam V3.9 + Patch\setup.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0581575.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582560.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582572.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583557.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583659.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583712.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583743.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583766.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583889.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583972.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583973.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584000.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584199.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584973.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585131.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585133.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585212.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585224.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585287.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585297.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585377.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585378.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585383.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585484.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585531.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585532.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP729\A0581575.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582560.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP731\A0582572.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583557.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583659.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583712.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583743.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583766.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583889.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583972.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0583973.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584000.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584199.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0584973.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585131.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585133.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585212.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585224.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585287.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585297.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585377.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585378.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585383.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585484.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585531.exe 
Supprimé ! D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP732\A0585532.exe 

################## | CRC32 ... |


################## | Registre | 

Supprimé ! [HKLM\SYSTEM\ControlSet004\Services\sK9Ou0s]  
Supprimé ! [HKLM\SYSTEM\ControlSet004\Services\srosa]  
Supprimé ! [HKLM\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S]  
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]  
Supprimé ! [HKCU\Software\bisoft]  
Supprimé ! [HKCU\Software\DateTime4]  
Supprimé ! [HKCU\Software\MuleAppData]  
Supprimé ! [HKCR\ed2k]  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "drvsyskit"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"  
Supprimé ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "mule_st_key"  
Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]  

################## | Etat |

# Mode sans echec restauré ! 

# Affichage des fichiers cachés : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) 
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) 
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) 
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) 
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) 
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) 

################## | Fichiers corrompus  |

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
[Offset = 000000F4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
[Offset = 000000F4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Norton Internet Security\ISSVC.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
[Offset = 000000F4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Spybot - Search & Destroy\blindman.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Spybot - Search & Destroy\Update.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : D:\Documents and Settings\Tustus\Bureau\antispy-etc\SUPERAntiSpyware.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : D:\Documents and Settings\Tustus\Bureau\HiJackThis.exe
[Offset = 000000C4 - Valeur = 0x0001]


################## | Upload |

Veuillez envoyer le fichier : D:\FindyKill_Upload_Me_tuswoman.zip : http://www.teamxscript.org/Upload.php 
Merci pour votre contribution . 

################## | ! Fin du rapport # FindyKill V5.052 ! |

Destrio5 · Answer

---> Relance FindyKill et choisis l'option 4 pour le désinstaller.

---> Télécharge et installe Malwarebytes' Anti-Malware.
---> Une fois le programme installé, lance-le.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour.
---> La mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme ton navigateur.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (laisse coché) et clique sur Supprimer la sélection.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Helloween77 · Answer

Le rapport MBAM :



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/12/2010 12:47:12
mbam-log-2010-12-28 (12-47-12).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 178205
Temps écoulé: 17 minute(s), 28 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 6
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Trojan.Chifrax) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bisoft (Worm.Bagle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Worm.Bagle) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
D:\Documents and Settings\Tustus\Local Settings\Temp\Setup.exe (Trojan.Chifrax) -> Quarantined and deleted successfully.

Destrio5 · Answer

--> Relance Malwarebytes' Anti-Malware, va dans Quarantaine et supprime tout.

--> Refais un scan OTL et poste le rapport.

Tu peux réinstaller ton antivirus.

Comment va le PC ?

Helloween77 · Answer

Bonjour. Le PC est encore infecté : "config auto" au démarrage, le firewall est toujours désactivé. J'ai réinstallé mon antivirus, ça fonctionne apparemment.
En ouvrant msn ça affiche "Windows ne peut pas ouvrir ce fichier : msn.msgr.FindyKill"... Dois-je réinstaller msn également?


Le rapport OTL :

OTL logfile created on: 28/12/2010 17:26:12 - Run 2
OTL by OldTimer - Version 3.2.18.0     Folder = D:\Documents and Settings\Anthony\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 023,00 Mb Total Physical Memory | 535,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141,23 Gb Total Space | 49,86 Gb Free Space | 35,30% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 95,93 Gb Free Space | 64,36% Space Free | Partition Type: NTFS
 
Computer Name: tuswoman | User Name: Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========/color
 
PRC - D:\Documents and Settings\Anthony\Bureau\OTL.exe (OldTimer Tools)
PRC - D:\Documents and Settings\Anthony\binternet.exe (MY-IWEB)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\APPS\Softex\OmniPass\OPXPApp.exe ()
PRC - C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()
PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()
PRC - c:\APPS\HIDSERVICE\HidService.exe ()
PRC - C:\Program Files\Wanadoo\EspaceWanadoo.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\ComComp.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\TaskBarIcon.exe ()
PRC - C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\CnxMon.exe ()
PRC - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe (THOMSON Telecom Belgium)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Modules (SafeList) ==========/color
 
MOD - D:\Documents and Settings\Anthony\Bureau\OTL.exe (OldTimer Tools)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========/color
 
SRV - (wuauserv) --  File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (navapsvc) -- C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe (Symantec Corporation)
SRV - (SPBBCSvc) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (ISSVC) -- C:\Program Files\Norton Internet Security\ISSVC.exe (Symantec Corporation)
SRV - (SNDSrvc) -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (ccProxy) -- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (SAVScan) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe (Symantec Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (omniserv) -- C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (CyberLink Media Library Service) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()
SRV - (KodakCCS) -- C:\WINDOWS\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (GenericHidService) -- c:\APPS\HIDSERVICE\HidService.exe ()
SRV - (MysqlInventime) -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe ()
SRV - (ccPwdSvc) -- C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (UleadBurningHelper) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========/color
 
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS File not found
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS File not found
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS File not found
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS File not found
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS File not found
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS File not found
DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS File not found
DRV - (NAVEX15) -- C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070702.017\NavEx15.Sys File not found
DRV - (NAVENG) -- C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070702.017\NAVENG.Sys File not found
DRV - (catchme) -- D:\DOCUME~1\Tustus\LOCALS~1\Temp\catchme.sys File not found
DRV - (SYMIDSCO) -- C:\Program Files\Fichiers communs\Symantec Shared\SymcData\idsdefs\20101215.003\SymIDSCo.sys (Symantec Corporation)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (WsAudioDevice_383) -- C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys (Wondershare)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (Ma-Config.com)
DRV - (CAM1210) -- C:\WINDOWS\system32\drivers\cam1210.sys (USB Generic Camera)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\system32\drivers
v4_mini.sys (NVIDIA Corporation)
DRV - (DcCam) -- C:\WINDOWS\system32\drivers\DcCam.sys (Eastman Kodak Company)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (Exportit) -- C:\WINDOWS\system32\drivers\ExportIt.sys (Eastman Kodak Company)
DRV - (DcPTP) -- C:\WINDOWS\system32\drivers\DcPtp.sys (Eastman Kodak Company)
DRV - (DcLps) -- C:\WINDOWS\system32\drivers\DcLps.sys (Eastman Kodak Company)
DRV - (DCFS2K) -- C:\WINDOWS\system32\drivers\DCFS2k.sys (Eastman Kodak Company)
DRV - (DcFpoint) -- C:\WINDOWS\system32\drivers\DcFpoint.sys (Eastman Kodak Company)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys (AuthenTec, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (SAVRTPEL) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (SAVRT) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (MosIrUsb) -- C:\WINDOWS\system32\drivers\MosIrUsb.sys ()
DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)
DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)
DRV - (viaagp) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (VIAPFD) -- C:\WINDOWS\System32\Drivers\VIAPFD.SYS (VIA Technologies. Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========/color
 
 
[color=#E56717]========== Internet Explorer ==========/color
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ww12.cherche.us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://ww12.cherche.us{searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = http://ww12.cherche.us
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========/color
 
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://ww12.cherche.us"
FF - prefs.js..browser.startup.homepage: "http://ww12.cherche.us"
 
FF - HKLM\software\mozilla\Firefox\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}: D:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/06 21:58:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010/02/06 21:58:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/06 21:58:47 | 000,000,000 | ---D | M]
 
[2009/05/18 16:28:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions
[2010/02/12 23:24:17 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/02/12 23:24:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\staged-xpis
[2010/10/02 18:06:58 | 000,001,575 | ---- | M] () -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\searchplugins\cherche.xml
[2010/02/12 23:24:24 | 000,005,462 | ---- | M] () -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\searchplugins\fast-browser-search.xml
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/24 21:43:03 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/12/26 00:05:26 | 000,000,000 | ---D | M] (peer2Peer-FR2 Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{9f23e207-7e05-4ee2-a90e-50cf3ae9b03f}
[2007/12/15 12:29:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2008/04/24 21:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-gzfb@partners.mozilla.com
[2006/03/06 21:44:09 | 001,312,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2009/12/22 04:51:01 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/12/22 04:51:01 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/12/22 04:51:01 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/12/22 04:51:01 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/12/22 04:51:01 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/01/23 16:37:38 | 000,000,790 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Value error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Barre d'outils MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [binternet] D:\Documents and Settings\Anthony\binternet.exe (MY-IWEB)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RelevantKnowledge] C:\Program Files\RelevantKnowledgelvknlg.exe File not found
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Wanadoo\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\TaskBarIcon.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\binternet.lnk = D:\Documents and Settings\Anthony\binternet.exe (MY-IWEB)
O4 - Startup: D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk.disabled ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O8 - Extra context menu item: Recherche avec cherche.us - D:\Documents and Settings\Anthony\scriptjava.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter	ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop Components:0 () - file:///D:/DOCUME~1/Anthony/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color
 
[2010/12/27 12:14:37 | 000,000,000 | ---D | C] -- C:\FyK
[2010/12/26 20:04:07 | 000,602,624 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Anthony\Bureau\OTL.exe
[2010/12/26 18:46:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/12/26 18:46:32 | 000,000,000 | --SD | C] -- C:\Coco13498C
[2010/12/19 19:36:40 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2010/12/19 19:36:40 | 000,369,152 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2010/12/19 19:36:39 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2010/12/19 19:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/12/19 19:21:22 | 000,186,880 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2010/12/19 19:21:22 | 000,092,672 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2010/12/19 19:21:22 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSSplitter.ax
[2010/12/19 19:21:22 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSDecoder.ax
[2010/12/19 19:21:22 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2010/12/19 19:21:21 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\WINDOWS\System32
bDX.dll
[2010/12/19 19:21:21 | 000,179,200 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2010/12/19 19:21:21 | 000,169,472 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2010/12/19 19:21:21 | 000,163,328 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2010/12/19 19:21:21 | 000,161,792 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2010/12/19 19:21:21 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2010/12/19 19:21:21 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2010/12/19 19:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2010/12/16 14:20:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Anthony\Local Settings\Application Data\WMTools Downloaded Files
[2010/12/14 17:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\fwc
[2010/12/14 13:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\FWeb
[2007/11/23 18:21:39 | 003,966,288 | ---- | C] (Patchou) -- C:\Program Files\MsgPlusLive-423.exe
[2007/09/29 21:12:43 | 020,256,064 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 D:\Documents and Settings\Anthony\*.tmp files -> D:\Documents and Settings\Anthony\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========/color
 
[2010/12/28 17:27:14 | 000,000,011 | ---- | M] () -- D:\Documents and Settings\Anthony\logie
[2010/12/28 17:27:14 | 000,000,011 | ---- | M] () -- D:\Documents and Settings\Anthony\logff
[2010/12/28 17:23:00 | 000,000,599 | ---- | M] () -- D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\binternet.lnk
[2010/12/28 17:22:54 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32
vapps.xml
[2010/12/28 17:22:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/28 17:17:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS	asks\Symantec NetDetect.job
[2010/12/28 17:09:48 | 000,000,330 | RHS- | M] () -- C:\BOOT.INI
[2010/12/28 16:38:54 | 000,001,000 | ---- | M] () -- C:\WINDOWS	asks\Google Software Updater.job
[2010/12/28 16:38:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/28 16:38:40 | 1073,139,712 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/27 12:14:26 | 001,401,213 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Setup.exe
[2010/12/26 20:04:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Anthony\Bureau\OTL.exe
[2010/12/26 17:49:33 | 000,006,362 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Fake_Webcam_V3.9___Patch___MsgPlusLive_-_DRaGon.3938909.TPB.torrent
[2010/12/26 14:34:14 | 000,200,192 | ---- | M] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/20 01:08:37 | 000,503,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/08 21:12:14 | 000,015,872 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Reglement.docx
[2010/12/08 20:58:15 | 000,014,024 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Programme.docx
[2010/12/08 20:57:02 | 000,012,965 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Inscription.docx
[2010/12/05 16:36:48 | 000,002,209 | ---- | M] () -- C:\b.mscz
[2010/12/03 19:03:36 | 000,002,092 | ---- | M] () -- C:\a.mscz
[2010/12/03 18:40:12 | 000,002,549 | ---- | M] () -- C:\.a.mscz,
[2010/12/02 17:25:22 | 009,108,160 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\This Autumn Day.mp3
[2010/11/30 14:16:13 | 000,130,780 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Stratovarius_Discografia__www_heavytorrents_tk_.torrent
[2010/11/29 17:49:02 | 000,237,937 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Helloween_Discografia_Completa_320_Kbps_heavytorrents_Org_by_Rata_406205218208.625[www.btmon.com].torrent
[2010/11/28 23:30:18 | 000,008,114 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Pop__-_Pop__Goes_My_Heart.3671677.TPB.torrent
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 D:\Documents and Settings\Anthony\*.tmp files -> D:\Documents and Settings\Anthony\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========/color
 
[2010/12/27 12:14:26 | 001,401,213 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Setup.exe
[2010/12/26 17:49:33 | 000,006,362 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Fake_Webcam_V3.9___Patch___MsgPlusLive_-_DRaGon.3938909.TPB.torrent
[2010/12/19 19:36:39 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010/12/19 19:21:22 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\RLMPCDec.ax
[2010/12/19 19:21:22 | 000,051,712 | RHS- | C] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2010/12/19 19:21:21 | 000,227,328 | RHS- | C] () -- C:\WINDOWS\System32\ac3DX.ax
[2010/12/19 19:21:21 | 000,175,104 | RHS- | C] () -- C:\WINDOWS\System32\CoreAAC.ax
[2010/12/19 19:21:21 | 000,120,832 | RHS- | C] () -- C:\WINDOWS\System32\MPCDx.ax
[2010/12/19 19:21:21 | 000,097,280 | RHS- | C] () -- C:\WINDOWS\System32\FLACDX.ax
[2010/12/19 19:21:21 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\aac_parser.ax
[2010/12/19 19:21:21 | 000,070,656 | RHS- | C] () -- C:\WINDOWS\System32\RLAPEDec.ax
[2010/12/08 20:38:15 | 000,015,872 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Reglement.docx
[2010/12/08 20:38:13 | 000,012,965 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Inscription.docx
[2010/12/08 20:34:52 | 000,014,024 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Programme.docx
[2010/12/05 16:36:48 | 000,002,209 | ---- | C] () -- C:\b.mscz
[2010/12/03 18:40:12 | 000,002,549 | ---- | C] () -- C:\.a.mscz,
[2010/12/03 18:40:12 | 000,002,092 | ---- | C] () -- C:\a.mscz
[2010/12/02 17:25:21 | 009,108,160 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\This Autumn Day.mp3
[2010/11/30 14:16:13 | 000,130,780 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Stratovarius_Discografia__www_heavytorrents_tk_.torrent
[2010/11/29 17:49:02 | 000,237,937 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Helloween_Discografia_Completa_320_Kbps_heavytorrents_Org_by_Rata_406205218208.625[www.btmon.com].torrent
[2010/11/28 23:30:18 | 000,008,114 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Pop__-_Pop__Goes_My_Heart.3671677.TPB.torrent
[2010/08/02 23:00:51 | 000,707,719 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-75017042-3997265084-919806112-1009-0.dat
[2010/08/01 19:24:05 | 000,327,546 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2009/09/22 17:30:37 | 000,000,325 | ---- | C] () -- C:\WINDOWS\KillProcess.INI
[2009/04/20 01:55:26 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/20 01:55:26 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/20 01:55:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/20 01:55:24 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/08/20 11:19:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/05 12:47:06 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/02/05 12:38:12 | 000,000,749 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/12/13 19:01:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/09/29 21:01:57 | 010,753,204 | ---- | C] () -- C:\Program Files\Satsuki.Decoder.Quicktime.Module.exe
[2007/09/29 20:57:22 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\satsukidecodersettings.ini
[2007/09/29 20:55:56 | 007,582,826 | ---- | C] () -- C:\Program Files\Satsuki.Decoder.Pack.3.1.1.7.exe
[2007/07/03 14:19:15 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\gspnDll.dll
[2007/07/03 14:19:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\instDll.dll
[2007/07/03 14:19:14 | 000,002,063 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2006/09/14 18:30:40 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/07/24 15:46:54 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cam1210.dll
[2006/06/29 15:37:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Cam1210M.dll
[2006/04/21 10:06:44 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/03/28 14:09:34 | 000,000,067 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/03/25 19:02:09 | 000,000,342 | ---- | C] () -- C:\WINDOWS\hpipcopy.INI
[2006/03/16 20:01:51 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/03/01 19:01:51 | 000,000,165 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/03/01 19:01:50 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2006/03/01 19:01:49 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2006/03/01 19:01:49 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2006/02/03 22:05:01 | 000,000,360 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/02/03 21:58:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/01/22 14:42:55 | 000,200,192 | ---- | C] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/21 18:26:25 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/01/21 18:26:20 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/01/21 18:15:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\hpgt33.dll
[2006/01/21 17:42:56 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/01/11 20:10:26 | 000,000,135 | ---- | C] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\fusioncache.dat
[2006/01/11 13:31:29 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2005/12/06 16:36:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/06 16:24:57 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/06 16:23:44 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/12/06 16:21:12 | 000,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/12/06 16:14:58 | 000,007,584 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/12/06 16:12:20 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/12/06 16:06:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/12/06 16:06:00 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/21 15:28:56 | 000,005,968 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/16 18:25:16 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/16 17:56:59 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/06/23 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000/09/08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1980/01/01 00:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32
vwdmcpl.dll
[1980/01/01 00:00:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32
view.dll
[1980/01/01 00:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32
vwimg.dll
[1980/01/01 00:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32
vhwvid.dll
[1980/01/01 00:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32
vshell.dll
[1980/01/01 00:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32
vnt4cpl.dll
[1980/01/01 00:00:00 | 000,020,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\MosIrUsb.sys
 
[color=#E56717]========== LOP Check ==========/color
 
[2006/01/21 17:43:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/01/23 17:00:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/06/08 22:37:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Emjysoft
[2009/09/27 20:01:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\GamesBar
[2009/02/23 15:25:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\JollyBear
[2007/07/03 12:23:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Live Bind Fork Help
[2006/06/03 16:21:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/09/22 12:11:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2010/01/23 17:07:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Skyline
[2009/09/24 15:21:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VadeRetro
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/11/10 23:02:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\.ABC
[2006/01/21 21:10:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\ACD Systems
[2010/12/17 18:00:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Audacity
[2009/01/05 17:42:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\CamfrogWEB
[2010/02/14 18:35:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\FMZilla
[2010/08/01 18:10:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Jeskola
[2006/06/19 18:21:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Leadertech
[2008/04/01 14:29:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\ma-config.com
[2010/08/13 19:35:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\MusE
[2006/01/20 22:00:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Norman
[2006/01/11 20:13:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\OD2
[2006/03/22 23:14:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Ulead Systems
[2006/02/15 20:39:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\VadeRetro
[2008/09/10 12:09:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Viewpoint
[2010/04/25 13:02:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Xi
[2006/01/27 23:22:50 | 000,000,194 | ---- | M] () -- C:\WINDOWS\Tasks\HDReg.job
 
[color=#E56717]========== Purity Check ==========/color
 
 
 
[color=#E56717]========== Alternate Data Streams ==========/color
 
@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:9E22BBE8
@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Destrio5 · Answer

Essaie de réactiver ton parefeu.

Je viens de remarquer que Malwarebytes' Anti-Malware n'était pas à jour donc mets-le à jour et refais un scan.

Oui, il faut réinstaller MSN.

Helloween77 · Answer

Le scan n'a rien changé. Et impossible de réinstaller msn, j'en ai essayé plusieurs, il me dit que le fichier n'est pas une application Win32 valide =S


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5363

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/12/2010 20:45:12
mbam-log-2010-12-28 (20-45-12).txt

Scan type: Quick scan
Objects scanned: 218530
Time elapsed: 21 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 8
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec cherche.us (Redir.ChercheUs) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Page (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page_bak (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://ww12.cherche.us Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL\(default) (Hijack.SearchPage) -> Bad: (http://www.cherche.us/keyword/%s) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchURL\SearchAssistant (Hijack.SearchPage) -> Bad: (http://www.cherche.us) Good: (https://www.google.com/?gws_rd=ssl -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://www.cherche.us) Good: (http://www.google.com) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Destrio5 · Answer

Tu as gardé Norton Internet Security ou Avast ?

Helloween77 · Answer

J'ai installé une nouvelle version d'Avast et réactivé Norton. Mais je lis que le message d'erreur, lorsqu'on installe certains programmes, est un symptome de Bagle...

Destrio5 · Answer

Il ne faut avoir qu'un seul antivirus.

Tu as supprimé MSN avant de le réinstaller ?

Helloween77 · Answer

Je sais mais quand j'enlève Norton qui est d'origine, ça me donne toujours de gros soucis, j'ai juste pris l'habitude de le désactiver et de laisser Avast. Quoiqu'il en soit ça marchait bien comme ça avant. 
Oui j'avais supprimé msn, et ça me fait pareil pour d'autres programmes. Avast vient de trouver des vers beagle, j'ai aussi essayé ComboFix et spybot, malheureusement l'infection est encore là...

Destrio5 · Answer

Tu peux utiliser cet utilitaire :
http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20050414110429924

Tu as le rapport de ComboFix ?

Helloween77 · Answer

Voilà le rapport ComboFix :



ComboFix 10-12-28.03 - Tustus 29/12/2010  13:34:47.5.1 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.1023.557 [GMT 1:00]
Lancé depuis: d:\documents and settings\Tustus\Bureau\antispy-etc\Coco.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Guard Plus
c:\program files\Search Guard Plus\fbsProtection.xml
c:\program files\Search Guard Plus\fbsSearchProvider.xml
c:\program files\Search Guard Plus\FbsSearchProviderIE8.exe
c:\program files\Search Guard Plus\SearchGuardPlus.exe
c:\program files\Search Guard Plus\SearchGuardPlus.ico
c:\program files\Search Guard Plus\uninstalSGP.exe
c:\program files\Search Guard PlusU
c:\program files\Search Guard PlusU\SGPU.ico
c:\program files\Search Guard PlusU\sgpUpdater.exe
c:\program files\Search Guard PlusU\sgpUpdater.xml
c:\program files\Search Guard PlusU\sgpUpdaters.exe
c:\program files\Search Guard PlusU\uninstalSGPU.exe
c:\windows\system32\AVSredirect.dll
c:\windows\system32\Oeminfo.ini
c:\windows\system32\Thumbs.db
d:\documents and settings\Anthony\binternet0014.exe
d:\documents and settings\Tustus\Recent\Thumbs.db

.
(((((((((((((((((((((((((((((   Fichiers créés du 2010-11-28 au 2010-12-29  ))))))))))))))))))))))))))))))))))))
.

2010-12-29 12:20 . 2010-12-29 12:18	401408	----a-w-	c:\windows\system32\CF18755.exe
2010-12-28 19:15 . 2010-12-28 19:15	--------	d-----w-	c:\program files\Fichiers communs\fwc
2010-12-28 16:56 . 2010-09-07 15:47	17744	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2010-12-28 16:56 . 2010-09-07 15:52	165584	----a-w-	c:\windows\system32\drivers\aswSP.sys
2010-12-28 16:56 . 2010-09-07 15:47	23376	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2010-12-28 16:56 . 2010-09-07 15:52	46672	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2010-12-28 16:56 . 2010-09-07 15:47	100176	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2010-12-28 16:56 . 2010-09-07 15:47	94544	----a-w-	c:\windows\system32\drivers\aswmon.sys
2010-12-28 16:56 . 2010-09-07 15:46	28880	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2010-12-28 16:56 . 2010-09-07 16:12	38848	----a-w-	c:\windows\avastSS.scr
2010-12-28 16:56 . 2010-09-07 16:11	167592	----a-w-	c:\windows\system32\aswBoot.exe
2010-12-27 11:14 . 2010-12-28 15:37	--------	d-----w-	C:\FyK
2010-12-19 18:36 . 2009-09-27 08:39	369152	----a-w-	c:\windows\system32\avisynth.dll
2010-12-19 18:36 . 2004-02-22 09:11	719872	----a-w-	c:\windows\system32\devil.dll
2010-12-19 18:36 . 2010-12-19 18:36	--------	d-----w-	c:\program files\AviSynth 2.5
2010-12-19 18:36 . 2004-01-24 23:00	70656	----a-w-	c:\windows\system32\i420vfw.dll
2010-12-14 12:37 . 2010-12-28 19:15	--------	d-----w-	c:\program files\FWeb

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-20 17:09 . 2009-09-24 18:37	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2009-09-24 18:37	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-11-03 13:56 . 2009-04-26 13:10	0	----a-w-	d:\documents and settings\Anthony\errorlog.tmp
2007-11-23 17:21 . 2007-11-23 17:21	3966288	----a-w-	c:\program files\MsgPlusLive-423.exe
2007-09-29 20:12 . 2007-09-29 20:12	20256064	----a-w-	c:\program files\QuickTimeInstaller.exe
2007-09-29 20:02 . 2007-09-29 20:01	10753204	----a-w-	c:\program files\Satsuki.Decoder.Quicktime.Module.exe
2007-09-29 19:56 . 2007-09-29 19:55	7582826	----a-w-	c:\program files\Satsuki.Decoder.Pack.3.1.1.7.exe
2006-05-02 23:00	163328	--sh--r-	c:\windows\system32\flvDX.dll
2007-02-20 23:00	31232	--sh--r-	c:\windows\system32\msfDX.dll
2008-03-15 23:00	216064	--sh--r-	c:\windows\system32
bDX.dll
.

------- Sigcheck -------

[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\ERDNT\cache\wuauclt.exe
[7] 2008-04-14 . 7E3DEFE771CB451B0FF630BFA435417E . 112640 . . [5.4.3790.5512] . . c:\windows\ServicePackFiles\i386\wuauclt.exe

c:\windows\System32\wuauclt.exe ... manque !!
.
(((((((((((((((((((((((((((((   SnapShot_2010-01-08_17.45.20   )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 23:02 . 2009-07-11 23:02	51008              c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	59728              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	42832              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	43344              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61264              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	62800              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61760              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	61776              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	53568              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	63296              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	36688              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	35648              c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05	59904              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2010-12-29 09:10 . 2010-12-29 09:10	16384              c:\windows	emp\Perflib_Perfdata_6fc.dat
+ 2009-04-20 00:55 . 2004-01-24 23:00	70656              c:\windows\system32\yv12vfw.dll
+ 2010-03-18 08:09 . 2010-03-18 08:09	99176              c:\windows\system32\PresentationHostProxy.dll
+ 2004-08-16 16:41 . 2010-12-28 16:36	95550              c:\windows\system32\perfc00C.dat
+ 2004-08-16 16:40 . 2010-12-28 16:36	80590              c:\windows\system32\perfc009.dat
+ 2010-03-18 08:09 . 2010-03-18 08:09	49488              c:\windows\system32
etfxperf.dll
+ 2009-11-11 18:06 . 2009-11-11 18:06	11600              c:\windows\system32\mui\0409\mscorees.dll
+ 2010-11-25 13:06 . 2010-11-25 13:06	53248              c:\windows\system32\Macromed\Shockwave 10\PostUpdate.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	70472              c:\windows\system32\dxva2.dll
+ 2010-02-12 22:57 . 2008-11-19 07:41	16640              c:\windows\system32\drivers\WsAudioDevice_383.sys
+ 2008-08-20 10:19 . 2008-04-13 18:45	49408              c:\windows\system32\drivers\stream.sys
- 2008-08-20 10:19 . 2008-04-13 18:45	49408              c:\windows\system32\drivers\stream.sys
+ 2008-08-20 10:19 . 2008-04-13 18:45	49408              c:\windows\system32\dllcache\stream.sys
+ 2008-08-20 10:19 . 2008-04-13 18:45	60160              c:\windows\system32\dllcache\drmk.sys
+ 2005-12-06 15:27 . 2010-12-29 09:10	32768              c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2005-12-06 15:27 . 2010-01-08 14:50	32768              c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2009-09-24 17:18 . 2010-01-08 14:50	16384              c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-01-13 21:52 . 2010-12-29 09:10	16384              c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-03-18 11:16 . 2010-03-18 11:16	87408              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsFormsIntegration.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	93024              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationTypes.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	35688              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationProvider.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	17784              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Presentation.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	58240              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Windows.Input.Manipulations.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	67912              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PenIMC.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	31576              c:\windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	44920              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.ApplicationServices.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	37240              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Channels.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	64352              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Numerics.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	45952              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Thunk.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	51032              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Device.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	50552              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.DataSetExtensions.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	81784              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Configuration.Install.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	81800              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.DataAnnotations.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	39784              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.Contract.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	68952              c:\windows\Microsoft.NET\Framework\v4.0.30319\SMDiagnostics.dll
+ 2010-03-18 19:58 . 2010-03-18 19:58	96088              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupUtility.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16	78152              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe
+ 2010-03-18 20:16 . 2010-03-18 20:16	18776              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\3082\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	14168              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\3076\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18776              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\2070\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	14168              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\2052\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	17752              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1055\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	17752              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1053\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1049\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1046\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1045\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	17752              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1044\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	19288              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1043\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	15192              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1042\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	15704              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1041\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1040\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18776              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1038\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	16728              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1037\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18776              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1036\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1035\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	17240              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1033\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	19288              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1032\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18776              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1031\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1030\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	18264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1029\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	14168              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1028\SetupResources.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	17240              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\1025\SetupResources.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\v4.0.30319\SbsNclPerf.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	58192              c:\windows\Microsoft.NET\Framework\v4.0.30319egtlibv12.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	32592              c:\windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	52040              c:\windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	21336              c:\windows\Microsoft.NET\Framework\v4.0.30319
ormalization.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	56656              c:\windows\Microsoft.NET\Framework\v4.0.30319
lssorting.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	27984              c:\windows\Microsoft.NET\Framework\v4.0.30319\MUI\0409\mscorsecr.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	40784              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpe.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	20816              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreeis.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	12128              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualC.Dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	97680              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	36168              c:\windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	78168              c:\windows\Microsoft.NET\Framework\v4.0.30319\ISymWrapper.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	58200              c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtilLib.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	27992              c:\windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	42312              c:\windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	11592              c:\windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	88904              c:\windows\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	31048              c:\windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	81248              c:\windows\Microsoft.NET\Framework\v4.0.30319\CustomMarshalers.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	44368              c:\windows\Microsoft.NET\Framework\v4.0.30319\Culture.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	95048              c:\windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	29008              c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	29528              c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	29016              c:\windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	17240              c:\windows\Microsoft.NET\Framework\v4.0.30319\Accessibility.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	10064              c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\CvtResUI.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	24400              c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\alinkui.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbscmp20_mscorlib.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	13648              c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	86864              c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-08-01 16:47 . 2010-08-01 16:47	87408              c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	93024              c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	35688              c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	17784              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	58240              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	44920              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	37240              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	64352              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	51032              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	50552              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	81784              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	81800              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	39784              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	68952              c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	12128              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	97680              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	17240              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	78168              c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	81248              c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-11-24 17:27 . 2010-11-24 17:27	49152              c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	96768              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\0eb3c18ec758534395684f3ca286a201\UIAutomationProvider.ni.dll
+ 2010-08-01 17:04 . 2010-08-01 17:04	35328              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\9bbefd2263d8f2169ab3695798208293\System.Windows.Presentation.ni.dll
+ 2010-08-01 17:04 . 2010-08-01 17:04	71680              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\02068ef9dafba3308b13444b8f4e5940\System.Web.ApplicationServices.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	82432              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c3831eb95ccf3904bab81a97a9b08ed3\System.ServiceModel.Channels.ni.dll
+ 2010-08-01 17:02 . 2010-08-01 17:02	78848              c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\5c87f21925d5a61059ee68cef72841f4\System.AddIn.Contract.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	11776              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\552a460a8bcf608aecc6418db0d40216\Microsoft.VisualC.ni.dll
+ 2010-08-01 17:00 . 2010-08-01 17:00	44544              c:\windows\assembly\NativeImages_v4.0.30319_32\Accessibility\01254caa0efc15b5cd48fb3178018701\Accessibility.ni.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.3082.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.3076.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.2070.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8024              c:\windows\Microsoft.NET\NETFXRepair.2052.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1055.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1053.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	9048              c:\windows\Microsoft.NET\NETFXRepair.1049.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1046.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1045.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1044.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1043.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1042.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1041.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1040.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1038.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1037.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	9048              c:\windows\Microsoft.NET\NETFXRepair.1036.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	9048              c:\windows\Microsoft.NET\NETFXRepair.1035.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1033.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	9048              c:\windows\Microsoft.NET\NETFXRepair.1032.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1031.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1030.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1029.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8024              c:\windows\Microsoft.NET\NETFXRepair.1028.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8536              c:\windows\Microsoft.NET\NETFXRepair.1025.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8032              c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelRegUI.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8040              c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	8032              c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
+ 2010-08-01 17:00 . 2010-08-01 17:00	9728              c:\windows\assembly\NativeImages_v4.0.30319_32\dfsvc\b9b6069e6da06eb57e89cc544397f735\dfsvc.ni.exe
+ 2010-08-01 16:46 . 2010-08-01 16:46	109568              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.Wrapper.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	246128              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492\System.EnterpriseServices.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	653120              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	569664              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05	225280              c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	159032              c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2007-01-29 11:49 . 2010-12-28 15:37	114452              c:\windows\system32\Restorestrlog.dat
+ 2010-03-18 08:09 . 2010-03-18 08:09	295264              c:\windows\system32\PresentationHost.exe
+ 2004-08-16 16:41 . 2010-12-28 16:36	556230              c:\windows\system32\perfh00C.dat
+ 2004-08-16 16:40 . 2010-12-28 16:36	485246              c:\windows\system32\perfh009.dat
+ 2010-03-18 11:16 . 2010-03-18 11:16	771424              c:\windows\system32\msvcr100_clr0400.dll
+ 2009-09-23 22:30 . 2009-09-23 22:30	156488              c:\windows\system32\mscorier.dll
+ 2010-03-18 08:09 . 2010-03-18 08:09	297808              c:\windows\system32\mscoree.dll
+ 2004-08-16 16:54 . 2010-12-20 00:08	503632              c:\windows\system32\FNTCACHE.DAT
+ 2010-03-18 11:16 . 2010-03-18 11:16	486216              c:\windows\system32\evr.dll
- 2008-08-20 10:19 . 2008-04-13 19:19	146048              c:\windows\system32\drivers\portcls.sys
+ 2008-08-20 10:19 . 2008-04-13 19:19	146048              c:\windows\system32\drivers\portcls.sys
+ 2008-08-20 10:19 . 2008-04-13 19:19	146048              c:\windows\system32\dllcache\portcls.sys
+ 2008-08-20 10:19 . 2008-04-13 19:16	141056              c:\windows\system32\dllcache\ks.sys
+ 2005-12-06 15:27 . 2010-12-29 09:10	163840              c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2005-12-06 15:27 . 2010-01-08 14:50	163840              c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-28 11:42 . 2010-12-29 09:10	245760              c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2009-06-28 11:42 . 2009-06-28 11:42	245760              c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2010-03-18 11:16 . 2010-03-18 11:16	114520              c:\windows\Microsoft.NET\NETFXRepair.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	915800              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpftxt_v0400.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	753504              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	350592              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClientsideProviders.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	163168              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\UIAutomationClient.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	675672              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Speech.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	334688              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\System.Printing.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	581464              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\ReachFramework.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	832856              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationUI.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	801136              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	181096              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationHost_v0400.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	194424              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Royale.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	478576              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Luna.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	167288              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Classic.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	232304              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.Aero.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	807264              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NaturalLanguage6.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	138592              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Linq.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	699224              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Xaml.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	857960              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Web.Services.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	269672              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Transactions.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	113512              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceProcess.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	129912              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Routing.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	390008              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Discovery.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	505208              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.Activities.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	261472              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Security.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	122264              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	291184              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Remoting.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	349568              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.DurableInstancing.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	231760              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Net.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	253280              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Messaging.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	134528              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.Instrumentation.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	378720              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Management.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	123736              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IO.Log.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	125816              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.Selectors.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	392552              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.IdentityModel.dll
+ 2010-03-17 22:51 . 2010-03-17 22:51	109568              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.Wrapper.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	246128              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.EnterpriseServices.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	120152              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Dynamic.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	607064              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	182144              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.Protocols.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	395120              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	285072              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.DirectoryServices.AccountManagement.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	829280              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Deployment.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	747360              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.SqlXml.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	436600              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Services.Client.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	683872              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Linq.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	409448              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.configuration.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	210816              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ComponentModel.Composition.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	149848              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.AddIn.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	122248              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.DurableInstancing.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	525704              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Core.Presentation.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	112976              c:\windows\Microsoft.NET\Framework\v4.0.30319\sysglobl.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	517448              c:\windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	124240              c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
+ 2009-08-31 10:44 . 2009-08-31 10:44	144416              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\sqmapi.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	295248              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupUi.dll
+ 2010-03-18 20:16 . 2010-03-18 20:16	807256              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\SetupEngine.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	173920              c:\windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	121688              c:\windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	150856              c:\windows\Microsoft.NET\Framework\v4.0.30319
gen.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	130384              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	335184              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	110936              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	372048              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	145752              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	413008              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	955728              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordbi.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	661352              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	349576              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Compatibility.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	170368              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	387960              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Transactions.Bridge.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	746336              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.JScript.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	505184              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.CSharp.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	794464              c:\windows\Microsoft.NET\Framework\v4.0.30319\EventLogMessages.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	688472              c:\windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	129880              c:\windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	385864              c:\windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	105808              c:\windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	105288              c:\windows\Microsoft.NET\Framework\v4.0.30319\alink.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	139088              c:\windows\Microsoft.NET\Framework\v4.0.30319\AdoNetDiag.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	255304              c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\vbc7ui.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	255896              c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\Microsoft.VisualBasic.Activities.CompilerUI.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	182088              c:\windows\Microsoft.NET\Framework\v4.0.30319\1033\cscui.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	350592              c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	163168              c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	138592              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	699224              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	857960              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	675672              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	113512              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	129912              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	390008              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	505208              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	261472              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	122264              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	291184              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	349568              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	231760              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	253280              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	378720              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	134528              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	123736              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	392552              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	125816              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	120152              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	607064              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	395120              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	182144              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	285072              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	829280              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	747360              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	436600              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	683872              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	409448              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	210816              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	149848              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	122248              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	525704              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	112976              c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	581464              c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	832856              c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	194424              c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	478576              c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	167288              c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	232304              c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	661352              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	349576              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	387960              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	746336              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	505184              c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	269672              c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	334688              c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	109568              c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	246128              c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	170368              c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2010-01-23 16:00 . 2010-01-23 16:00	219648              c:\windows\Installer\10648db.msi
+ 2010-08-01 17:04 . 2010-08-01 17:04	245760              c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\cc063533b04f9420d1aa571a36d1fabd\WindowsFormsIntegration.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	195584              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\5786f917a7b62d63ca8dd5b47aaf9610\UIAutomationTypes.ni.dll
+ 2010-08-01 17:04 . 2010-08-01 17:04	481792              c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\ece129234f9ba9ad856d0e77e4849137\UIAutomationClient.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	391680              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8eca92a64c232f34b5b559625b022369\System.Xml.Linq.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	187904              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\18419dd13ced512c5f8dc15a79a601eb\System.Windows.Input.Manipulations.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	645632              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
+ 2010-08-01 17:04 . 2010-08-01 17:04	220672              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\6e7f1bdc845816dfc797f8002b76b5e8\System.ServiceProcess.ni.dll
+ 2010-08-01 17:04 . 2010-08-01 17:04	365056              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\76a5d670ce969c0c65a905b7303d4bbf\System.ServiceModel.Routing.ni.dll
+ 2010-08-01 16:49 . 2010-08-01 16:49	721920              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Security\09a97525ae5583cc2685e2c39a3078bd\System.Security.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	310272              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	758784              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e30ded9b9c19a264a974b1cc40d7d2cc\System.Runtime.Remoting.ni.dll
+ 2010-08-01 16:49 . 2010-08-01 16:49	144896              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\b07f0d26a34ad53fc369248f289d1126\System.Numerics.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	651264              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\dd5c866d2462dd913ed0a0287396aa50\System.Net.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	625152              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\3ab3e80af8e5e95a5a62092cc9293c91\System.Messaging.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	392704              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\8b5fe7aff54a7aed07287257a9b8e420\System.Management.Instrumentation.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	405504              c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\150da10324f2811a48da58d3496bbe10\System.IO.Log.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	228352              c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\386f41f744eedacd1517c8a15750a48b\System.IdentityModel.Selectors.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	230912              c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	784896              c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
+ 2010-08-01 16:49 . 2010-08-01 16:49	373248              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\1331ee3a7146218388537aa7e41303af\System.Dynamic.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	461824              c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\7f4419b6f829a2485d83b3c3e7b26a97\System.DirectoryServices.Protocols.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	911872              c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\46a7f51ef1a9d917598b96f7a758a459\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-08-01 17:03 . 2010-08-01 17:03	112128              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\36342e6024e2844502d0bdaa9d30971a\System.Device.ni.dll
+ 2010-08-01 17:02 . 2010-08-01 17:02	134656              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\caecc65b5c0ede0fe0d55b9f48ada80f\System.Data.DataSetExtensions.ni.dll
+ 2010-08-01 16:49 . 2010-08-01 16:49	973312              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
+ 2010-08-01 17:02 . 2010-08-01 17:02	145920              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
+ 2010-08-01 17:02 . 2010-08-01 17:02	193536              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\7d8e51e92fede804332703770695afdb\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-08-01 16:49 . 2010-08-01 16:49	690176              c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\4a518b841f06ee4f07320159cf918a2c\System.ComponentModel.Composition.ni.dll
+ 2010-08-01 17:02 . 2010-08-01 17:02	613888              c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\767e70aec1ffb52f95c2b07c08fa0781\System.AddIn.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	402944              c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\8594d07d18330843968d649ed6ef6166\System.Activities.DurableInstancing.ni.dll
+ 2010-08-01 17:00 . 2010-08-01 17:00	316928              c:\windows\assembly\NativeImages_v4.0.30319_32\SMSvcHost\38f0d77629891e7808424103aaef0728\SMSvcHost.ni.exe
+ 2010-08-01 17:01 . 2010-08-01 17:01	142336              c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
+ 2010-08-01 16:50 . 2010-08-01 16:50	283648              c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f5e029e2215c95ab38a1eefef7b32ac9\PresentationFramework.Classic.ni.dll
+ 2010-08-01 16:50 . 2010-08-01 16:50	450048              c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\3555f5f74c56fa92c0ab7a635af91bfa\PresentationFramework.Aero.ni.dll
+ 2010-08-01 16:50 . 2010-08-01 16:50	327168              c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\040571d65dc822e5df020d5e084f4b45\PresentationFramework.Royale.ni.dll
+ 2010-08-01 16:50 . 2010-08-01 16:50	656896              c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\016f9a150fce0e0a4c93532d8fa4c749\PresentationFramework.Luna.ni.dll
+ 2010-08-01 17:01 . 2010-08-01 17:01	302592              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\95d92a700a1fba76f89a30ab46864f10\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2010-08-01 17:00 . 2010-08-01 17:00	418304              c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Transacti#\5f595338c63c2fdb5a171760c29d5bcf\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-08-01 17:00 . 2010-08-01 17:00	193024              c:\windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\d2574c8ae333ff959be2e0d83121ad10\CustomMarshalers.ni.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	3780424              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02	3765048              c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-11-11 18:06 . 2009-11-11 18:06	1130824              c:\windows\system32\dfshim.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1663320              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1303896              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WindowsBase.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	6346600              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationFramework.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	3545952              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationCore.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	2650464              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsLexicons0009.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	4881752              c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\NlsData0009.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	2199880              c:\windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	2207568              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.XML.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	4982120              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1711496              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.DataVisualization.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	6067048              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.ServiceModel.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1026936              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	3481928              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	4464480              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.Entity.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	2970968              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Data.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1339736              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Core.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1462648              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.Presentation.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1199968              c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Activities.dll
+ 2010-03-18 20:26 . 2010-03-18 20:26	1163264              c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client
etfx_core_x86.msi
+ 2010-03-18 11:16 . 2010-03-18 11:16	5196112              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1141592              c:\windows\Microsoft.NET\Framework\v4.0.30319\mscordacwks.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	2989456              c:\windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2010-03-18 11:16 . 2010-03-18 11:16	1972552              c:\windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
+ 2010-03-18 11:16 . 2010-03-18 11:16	6730056              c:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	1303896              c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-08-01 16:46 . 2010-08-01 16:46	3481928              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2010-08-01 16:47 . 2010-08-01 16:47	2207568              c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-08

Destrio5 · Answer

Réinstalle les applications qui ne fonctionnent plus.

Bagle n'est plus actif.

Fais un scan complet avec Avast.

Helloween77 · Answer

J'ai trouvé des vers "beagle" après avoir mis ComboFix, alors je doute qu'il ne soit plus actif?
C'est justement impossible de réinstaller... Enfin chaque fois que je lance un fichier .exe, il me dit que c'est une application Win32 non valide, n'est ce pas un souci lié au virus?

Destrio5 · Answer

Je pense que s'il aurait été actif, tu n'aurais pas pu réinstaller Avast.

--> Refais un scan OTL et poste le rapport.

Helloween77 · Answer

OTL logfile created on: 29/12/2010 19:43:20 - Run 3
OTL by OldTimer - Version 3.2.18.0     Folder = D:\Documents and Settings\Anthony\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
1 023,00 Mb Total Physical Memory | 533,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141,23 Gb Total Space | 49,52 Gb Free Space | 35,06% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 96,13 Gb Free Space | 64,49% Space Free | Partition Type: NTFS
 
Computer Name: tuswoman | User Name: Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - D:\Documents and Settings\Anthony\Bureau\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe (RealNetworks, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\APPS\Softex\OmniPass\OPXPApp.exe ()
PRC - C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe (Cyberlink)
PRC - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()
PRC - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()
PRC - c:\APPS\HIDSERVICE\HidService.exe ()
PRC - C:\Program Files\Wanadoo\EspaceWanadoo.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\ComComp.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\TaskBarIcon.exe ()
PRC - C:\Program Files\Wanadoo\Watch.exe (France Télécom R&D)
PRC - C:\Program Files\Wanadoo\CnxMon.exe ()
PRC - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe (THOMSON Telecom Belgium)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - D:\Documents and Settings\Anthony\Bureau\OTL.exe (OldTimer Tools)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (navapsvc) -- C:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe (Symantec Corporation)
SRV - (SPBBCSvc) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)
SRV - (ISSVC) -- C:\Program Files\Norton Internet Security\ISSVC.exe (Symantec Corporation)
SRV - (SNDSrvc) -- C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (ccProxy) -- C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (SAVScan) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe (Symantec Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (odserv) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (omniserv) -- C:\APPS\Softex\OmniPass\OmniServ.exe (Softex Inc.)
SRV - (CyberLink Media Library Service) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ()
SRV - (KodakCCS) -- C:\WINDOWS\system32\drivers\KodakCCS.exe (Eastman Kodak Company)
SRV - (GenericHidService) -- c:\APPS\HIDSERVICE\HidService.exe ()
SRV - (MysqlInventime) -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe ()
SRV - (ccPwdSvc) -- C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (UleadBurningHelper) -- C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)
SRV - (EPSONStatusAgent2) -- C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS File not found
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS File not found
DRV - (SYMNDIS) -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS File not found
DRV - (SYMIDS) -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS File not found
DRV - (SYMFW) -- C:\WINDOWS\System32\Drivers\SYMFW.SYS File not found
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS File not found
DRV - (SYMDNS) -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS File not found
DRV - (NAVEX15) -- C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070702.017\NavEx15.Sys File not found
DRV - (NAVENG) -- C:\PROGRA~1\FICHIE~1\SYMANT~1\VIRUSD~1\20070702.017\NAVENG.Sys File not found
DRV - (catchme) -- D:\DOCUME~1\Tustus\LOCALS~1\Temp\catchme.sys File not found
DRV - (SYMIDSCO) -- C:\Program Files\Fichiers communs\Symantec Shared\SymcData\idsdefs\20101215.003\SymIDSCo.sys (Symantec Corporation)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WsAudioDevice_383) -- C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys (Wondershare)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (Ma-Config.com)
DRV - (CAM1210) -- C:\WINDOWS\system32\drivers\cam1210.sys (USB Generic Camera)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (nv) -- C:\WINDOWS\system32\drivers
v4_mini.sys (NVIDIA Corporation)
DRV - (DcCam) -- C:\WINDOWS\system32\drivers\DcCam.sys (Eastman Kodak Company)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (Exportit) -- C:\WINDOWS\system32\drivers\ExportIt.sys (Eastman Kodak Company)
DRV - (DcPTP) -- C:\WINDOWS\system32\drivers\DcPtp.sys (Eastman Kodak Company)
DRV - (DcLps) -- C:\WINDOWS\system32\drivers\DcLps.sys (Eastman Kodak Company)
DRV - (DCFS2K) -- C:\WINDOWS\system32\drivers\DCFS2k.sys (Eastman Kodak Company)
DRV - (DcFpoint) -- C:\WINDOWS\system32\drivers\DcFpoint.sys (Eastman Kodak Company)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500) -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys (AuthenTec, Inc.)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (SAVRTPEL) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys (Symantec Corporation)
DRV - (SAVRT) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (MosIrUsb) -- C:\WINDOWS\system32\drivers\MosIrUsb.sys ()
DRV - (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) -- C:\WINDOWS\system32\drivers\alcan5wn.sys (THOMSON)
DRV - (alcaudsl) -- C:\WINDOWS\system32\drivers\alcaudsl.sys (THOMSON)
DRV - (viaagp) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (VIAPFD) -- C:\WINDOWS\System32\Drivers\VIAPFD.SYS (VIA Technologies. Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://ww12.cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = cherche.us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://ww12.cherche.us{searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_bak = https://www.google.com/?gws_rd=ssl
IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Wanadoo\SearchPageURL.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://ww12.cherche.us"
FF - prefs.js..browser.startup.homepage: "http://ww12.cherche.us"
 
FF - HKLM\software\mozilla\Firefox\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}: D:\Documents and Settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/06 21:58:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Components: C:\Program Files\Mozilla Firefox\components [2010/02/06 21:58:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/06 21:58:47 | 000,000,000 | ---D | M]
 
[2009/05/18 16:28:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions
[2010/02/12 23:24:17 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/02/12 23:24:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\extensions\staged-xpis
[2010/10/02 18:06:58 | 000,001,575 | ---- | M] () -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\searchplugins\cherche.xml
[2010/02/12 23:24:24 | 000,005,462 | ---- | M] () -- D:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\f68dyirz.default\searchplugins\fast-browser-search.xml
[2010/02/12 23:24:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/04/24 21:43:03 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/12/26 00:05:26 | 000,000,000 | ---D | M] (peer2Peer-FR2 Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{9f23e207-7e05-4ee2-a90e-50cf3ae9b03f}
[2007/12/15 12:29:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-cjk@partners.mozilla.com
[2008/04/24 21:43:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\google-gzfb@partners.mozilla.com
[2006/03/06 21:44:09 | 001,312,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2009/12/22 04:51:01 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2009/12/22 04:51:01 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/12/22 04:51:01 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009/12/22 04:51:01 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2009/12/22 04:51:01 | 000,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/12/29 13:40:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Internet Security) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Barre d'outils MSN) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Reg Error: Value error. File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Internet Security) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WooCnxMon] C:\Program Files\Wanadoo\CnxMon.exe ()
O4 - HKLM..\Run: [WOOTASKBARICON] C:\Program Files\Wanadoo\TaskBarIcon.exe ()
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Kodak software updater.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logiciel Kodak EasyShare.lnk.disabled ()
O4 - Startup: D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\binternet.lnk = D:\Documents and Settings\Anthony\binternet.exe File not found
O4 - Startup: D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk.disabled ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O15 - HKCU\..Trusted Domains: chat-land.org ([]* in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter	ext/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\OPXPGina: DllName - C:\Apps\Softex\OmniPass\opxpgina.dll - C:\APPS\Softex\OmniPass\OPXPGina.dll ()
O24 - Desktop Components:0 () - file:///D:/DOCUME~1/Anthony/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
O24 - Desktop Components:1 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: D:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: D:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/12/29 14:24:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/12/29 13:33:38 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/12/29 13:24:43 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/12/29 13:24:43 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/12/29 13:24:43 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/12/28 20:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\fwc
[2010/12/28 19:45:44 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Anthony\Application Data\GetRightToGo
[2010/12/28 17:56:56 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/12/28 17:56:55 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/12/28 17:56:54 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/12/28 17:56:53 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/12/28 17:56:52 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/12/28 17:56:52 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/12/28 17:56:51 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/12/28 17:56:41 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/12/28 17:56:41 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010/12/27 12:14:37 | 000,000,000 | ---D | C] -- C:\FyK
[2010/12/26 20:04:07 | 000,602,624 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\Anthony\Bureau\OTL.exe
[2010/12/26 18:46:42 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/12/19 19:36:40 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll
[2010/12/19 19:36:40 | 000,369,152 | ---- | C] (The Public) -- C:\WINDOWS\System32\avisynth.dll
[2010/12/19 19:36:39 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2010/12/19 19:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010/12/19 19:21:22 | 000,186,880 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2010/12/19 19:21:22 | 000,092,672 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2010/12/19 19:21:22 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSSplitter.ax
[2010/12/19 19:21:22 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSDecoder.ax
[2010/12/19 19:21:22 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2010/12/19 19:21:21 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\WINDOWS\System32
bDX.dll
[2010/12/19 19:21:21 | 000,179,200 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2010/12/19 19:21:21 | 000,169,472 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2010/12/19 19:21:21 | 000,163,328 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2010/12/19 19:21:21 | 000,161,792 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2010/12/19 19:21:21 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2010/12/19 19:21:21 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2010/12/19 19:21:14 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2010/12/16 14:20:47 | 000,000,000 | ---D | C] -- D:\Documents and Settings\Anthony\Local Settings\Application Data\WMTools Downloaded Files
[2010/12/14 13:37:11 | 000,000,000 | ---D | C] -- C:\Program Files\FWeb
[2007/11/23 18:21:39 | 003,966,288 | ---- | C] (Patchou) -- C:\Program Files\MsgPlusLive-423.exe
[2007/09/29 21:12:43 | 020,256,064 | ---- | C] (Apple Inc.) -- C:\Program Files\QuickTimeInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 D:\Documents and Settings\Anthony\*.tmp files -> D:\Documents and Settings\Anthony\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/12/29 19:41:22 | 000,029,204 | ---- | M] () -- C:\WINDOWS\System32
vapps.xml
[2010/12/29 19:41:19 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/29 19:37:22 | 000,001,000 | ---- | M] () -- C:\WINDOWS	asks\Google Software Updater.job
[2010/12/29 19:37:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/29 19:37:02 | 1073,139,712 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/29 17:17:01 | 000,000,366 | ---- | M] () -- C:\WINDOWS	asks\Symantec NetDetect.job
[2010/12/29 13:40:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/12/29 13:33:42 | 000,000,359 | RHS- | M] () -- C:\BOOT.INI
[2010/12/28 22:08:11 | 000,000,011 | ---- | M] () -- D:\Documents and Settings\Anthony\logie
[2010/12/28 22:08:11 | 000,000,011 | ---- | M] () -- D:\Documents and Settings\Anthony\logff
[2010/12/28 18:02:32 | 000,000,599 | ---- | M] () -- D:\Documents and Settings\Anthony\Menu Démarrer\Programmes\Démarrage\binternet.lnk
[2010/12/28 17:56:56 | 000,001,589 | ---- | M] () -- D:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/12/28 17:56:52 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/12/28 17:36:19 | 000,556,230 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/12/28 17:36:19 | 000,485,246 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/28 17:36:19 | 000,095,550 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/12/28 17:36:19 | 000,080,590 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/28 17:09:48 | 000,000,330 | ---- | M] () -- C:\Boot.bak
[2010/12/27 12:14:26 | 001,401,213 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Setup.exe
[2010/12/26 20:04:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Anthony\Bureau\OTL.exe
[2010/12/26 14:34:14 | 000,200,192 | ---- | M] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/12/20 01:08:37 | 000,503,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/08 21:12:14 | 000,015,872 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Reglement.docx
[2010/12/08 20:58:15 | 000,014,024 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Programme.docx
[2010/12/08 20:57:02 | 000,012,965 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Inscription.docx
[2010/12/05 16:36:48 | 000,002,209 | ---- | M] () -- C:\b.mscz
[2010/12/03 19:03:36 | 000,002,092 | ---- | M] () -- C:\a.mscz
[2010/12/03 18:40:12 | 000,002,549 | ---- | M] () -- C:\.a.mscz,
[2010/12/02 17:25:22 | 009,108,160 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\This Autumn Day.mp3
[2010/11/30 14:16:13 | 000,130,780 | ---- | M] () -- D:\Documents and Settings\Anthony\Bureau\Stratovarius_Discografia__www_heavytorrents_tk_.torrent
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 D:\Documents and Settings\Anthony\*.tmp files -> D:\Documents and Settings\Anthony\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/12/29 13:24:43 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/12/29 13:24:43 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/12/29 13:24:43 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/12/29 13:24:43 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/12/29 13:24:43 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/12/28 17:56:56 | 000,001,589 | ---- | C] () -- D:\Documents and Settings\All Users\Bureau\avast! Free Antivirus.lnk
[2010/12/27 12:14:26 | 001,401,213 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Setup.exe
[2010/12/19 19:21:22 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\RLMPCDec.ax
[2010/12/19 19:21:22 | 000,051,712 | RHS- | C] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2010/12/19 19:21:21 | 000,227,328 | RHS- | C] () -- C:\WINDOWS\System32\ac3DX.ax
[2010/12/19 19:21:21 | 000,175,104 | RHS- | C] () -- C:\WINDOWS\System32\CoreAAC.ax
[2010/12/19 19:21:21 | 000,120,832 | RHS- | C] () -- C:\WINDOWS\System32\MPCDx.ax
[2010/12/19 19:21:21 | 000,097,280 | RHS- | C] () -- C:\WINDOWS\System32\FLACDX.ax
[2010/12/19 19:21:21 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\aac_parser.ax
[2010/12/19 19:21:21 | 000,070,656 | RHS- | C] () -- C:\WINDOWS\System32\RLAPEDec.ax
[2010/12/08 20:38:15 | 000,015,872 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Reglement.docx
[2010/12/08 20:38:13 | 000,012,965 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Inscription.docx
[2010/12/08 20:34:52 | 000,014,024 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Programme.docx
[2010/12/05 16:36:48 | 000,002,209 | ---- | C] () -- C:\b.mscz
[2010/12/03 18:40:12 | 000,002,549 | ---- | C] () -- C:\.a.mscz,
[2010/12/03 18:40:12 | 000,002,092 | ---- | C] () -- C:\a.mscz
[2010/12/02 17:25:21 | 009,108,160 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\This Autumn Day.mp3
[2010/11/30 14:16:13 | 000,130,780 | ---- | C] () -- D:\Documents and Settings\Anthony\Bureau\Stratovarius_Discografia__www_heavytorrents_tk_.torrent
[2010/08/02 23:00:51 | 000,707,719 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-75017042-3997265084-919806112-1009-0.dat
[2010/08/01 19:24:05 | 000,327,546 | ---- | C] () -- D:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2009/09/22 17:30:37 | 000,000,325 | ---- | C] () -- C:\WINDOWS\KillProcess.INI
[2009/04/20 01:55:26 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/20 01:55:26 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/20 01:55:25 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/20 01:55:24 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/08/20 11:19:57 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008/02/05 12:47:06 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008/02/05 12:38:12 | 000,000,749 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/12/13 19:01:50 | 000,000,028 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/09/29 21:01:57 | 010,753,204 | ---- | C] () -- C:\Program Files\Satsuki.Decoder.Quicktime.Module.exe
[2007/09/29 20:57:22 | 000,000,026 | ---- | C] () -- C:\WINDOWS\System32\satsukidecodersettings.ini
[2007/09/29 20:55:56 | 007,582,826 | ---- | C] () -- C:\Program Files\Satsuki.Decoder.Pack.3.1.1.7.exe
[2007/07/03 14:19:15 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\gspnDll.dll
[2007/07/03 14:19:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\instDll.dll
[2007/07/03 14:19:14 | 000,002,063 | ---- | C] () -- C:\WINDOWS\wwdslcfg.ini
[2006/09/14 18:30:40 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/07/24 15:46:54 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cam1210.dll
[2006/06/29 15:37:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\Cam1210M.dll
[2006/04/21 10:06:44 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/03/28 14:09:34 | 000,000,067 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/03/25 19:02:09 | 000,000,342 | ---- | C] () -- C:\WINDOWS\hpipcopy.INI
[2006/03/16 20:01:51 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006/03/01 19:01:51 | 000,000,165 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/03/01 19:01:50 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2006/03/01 19:01:49 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2006/03/01 19:01:49 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2006/02/03 22:05:01 | 000,000,360 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2006/02/03 21:58:23 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/01/22 14:42:55 | 000,200,192 | ---- | C] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/21 18:26:25 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2006/01/21 18:26:20 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006/01/21 18:15:23 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\hpgt33.dll
[2006/01/21 17:42:56 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2006/01/11 20:10:26 | 000,000,135 | ---- | C] () -- D:\Documents and Settings\Anthony\Local Settings\Application Data\fusioncache.dat
[2006/01/11 13:31:29 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2005/12/06 16:36:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/06 16:24:57 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/06 16:23:44 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/12/06 16:21:12 | 000,000,501 | ---- | C] () -- C:\WINDOWS\System32\SETUPPC.INI
[2005/12/06 16:14:58 | 000,007,584 | ---- | C] () -- C:\WINDOWS\HDReg.ini
[2005/12/06 16:12:20 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005/12/06 16:06:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/12/06 16:06:00 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2004/08/16 18:25:16 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/16 17:56:59 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/06/23 13:14:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2001/07/07 03:00:00 | 000,003,279 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[2000/09/08 17:53:50 | 000,073,839 | ---- | C] () -- C:\WINDOWS\System32\KodakOneTouch.dll
[1980/01/01 00:00:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32
vwdmcpl.dll
[1980/01/01 00:00:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32
view.dll
[1980/01/01 00:00:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32
vwimg.dll
[1980/01/01 00:00:00 | 000,540,672 | ---- | C] () -- C:\WINDOWS\System32
vhwvid.dll
[1980/01/01 00:00:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32
vshell.dll
[1980/01/01 00:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32
vnt4cpl.dll
[1980/01/01 00:00:00 | 000,020,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\MosIrUsb.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2006/01/21 17:43:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ACD Systems
[2010/12/28 17:56:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Alwil Software
[2008/06/08 22:37:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Emjysoft
[2009/09/27 20:01:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\GamesBar
[2009/02/23 15:25:50 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\JollyBear
[2007/07/03 12:23:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Live Bind Fork Help
[2006/06/03 16:21:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2009/09/22 12:11:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\OD2
[2010/01/23 17:07:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Skyline
[2009/09/24 15:21:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\TEMP
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Ulead Systems
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\VadeRetro
[2005/12/07 22:29:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/11/10 23:02:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\.ABC
[2006/01/21 21:10:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\ACD Systems
[2010/12/17 18:00:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Audacity
[2009/01/05 17:42:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\CamfrogWEB
[2010/02/14 18:35:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\FMZilla
[2010/12/28 19:46:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\GetRightToGo
[2010/08/01 18:10:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Jeskola
[2006/06/19 18:21:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Leadertech
[2008/04/01 14:29:47 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\ma-config.com
[2010/08/13 19:35:06 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\MusE
[2006/01/20 22:00:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Norman
[2006/01/11 20:13:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\OD2
[2006/03/22 23:14:16 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Ulead Systems
[2006/02/15 20:39:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\VadeRetro
[2008/09/10 12:09:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Viewpoint
[2010/04/25 13:02:38 | 000,000,000 | ---D | M] -- D:\Documents and Settings\Anthony\Application Data\Xi
[2006/01/27 23:22:50 | 000,000,194 | ---- | M] () -- C:\WINDOWS\Tasks\HDReg.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 127 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:9E22BBE8
@Alternate Data Stream - 110 bytes -> D:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >

Destrio5 · Answer

Quelles applications ne fonctionnent plus ?

Helloween77 · Answer

Je n'ai pas pu réinstaller certains antispywares, ni msn (certains fichiers en rapport avec ces applications sont en quarantaine dans Findykill, je ne sais pas si ça peut jouer?). 
Sinon même après avoir pu installer avast, l'icone du firewall n'a jamais réapparu, et la restauration système était toujours impossible.

Helloween77 · Answer

Peut-être que c'est bon finalement... J'ai rereréessayé avec une autre version de msn, et pas de message d'erreur, un vrai mystère =D 
Par contre je me demande pourquoi la restauration n'avait pas marché... Y a t-il autre chose à faire à ce sujet? J'ai lu qu'il valait mieux désactiver puis réactiver la restauration système? 
En tout cas, merci beaucoup pour votre aide !

Virus méchant, rien ne s ouvre plus

27 réponses

Discussions similaires