Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Rapport ComboFix infecté apres reformatage:

 

lemarin et 1 utilisateur anonyme
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Rapport ComboFix infecté apres reformatage:

Prévenir les modérateurs en cas d'abus 
Pierre9052
pierre9052
  1. Posté le 25/11/2011 à 20:36:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour à tous,

 Après chaque reformatage le pc reste infecté quoi que je fasse.

 un dir c:\ me montre des fichiers d'origine de 2002 et plusieurs autres fichiers de  2006 et 2008

 j'ai réinstaller xp sur une nouvelle partition sur c:\c:\ Résultat dès ma nouvelle installation un combofix me dit que qmgr.dll est déjà infecté

 voici le rapport combofix avecconsole de recupération installée:


 ComboFix 11-11-25.02 - Update 25/11/2011  18:57:22.2.1 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.1.1252.32.1036.18.512​.264 [GMT 1:00]
 Lancé depuis: c:\documents and settings\Update.´´\Bureau\Comb​oFix.exe
 .
 .
 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 Une copie infectée de c:\c\system32\qmgr.dll a été trouvée et désinfectée
 Copie restaurée à partir de - c:\c\ERDNT\cache\qmgr.dll
 .
 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2011-10-25 au 2011-11-25  ))))))))))))))))))))))))))))))​))))))
 .
 .
 .
 .
 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2011-11-05 07:18 . 2011-11-19 15:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomp​s.dll
 .
 .
 (((((((((((((((((((((((((((((   SnapShot@2011-11-25_17.37.50   ))))))))))))))))))))))))))))))​)))))))))))
 .
 + 2011-11-25 17:44 . 2011-11-25 17:44 32768              c:\c\system32\config\systempro​file\Local Settings\Temporary Internet Files\Content.IE5\index.dat
 - 2011-11-25 16:47 . 2011-11-25 17:09 32768              c:\c\system32\config\systempro​file\Local Settings\Temporary Internet Files\Content.IE5\index.dat
 + 2011-11-25 16:47 . 2011-11-25 17:37 32768              c:\c\system32\config\systempro​file\Local Settings\Historique\History.IE​5\index.dat
 - 2011-11-25 16:47 . 2011-11-25 17:09 32768              c:\c\system32\config\systempro​file\Local Settings\Historique\History.IE​5\index.dat
 + 2011-11-25 17:44 . 2011-11-25 17:37 16384              c:\c\system32\config\systempro​file\Cookies\index.dat
 - 2011-11-25 16:47 . 2011-11-25 17:09 16384              c:\c\system32\config\systempro​file\Cookies\index.dat
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4
 .
 .
 .
 ------- Examen supplémentaire -------
 .
 IE: {{c95fe080-8f5d-11d2-a20b-00aa​003c157a} - %SystemRoot%\web\related.htm
 TCP: DhcpNameServer = 192.168.1.1
 TCP: Interfaces\{367287DC-EFAF-4FE0​-B351-B99464F9E755}: NameServer = 192.168.1.1,0.0.0.0
 DPF: DirectAnimation Java Classes - file://c:\c\Java\classes\dajav​a.cab
 DPF: Microsoft XML Parser for Java - file://c:\c\Java\classes\xmlds​o.cab
 .
 .
 ******************************​******************************​**************
 .
 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2011-11-25 19:04
 Windows 5.1.2600 Service Pack 1 NTFS
 .
 Recherche de processus cachés ...
 .
 Recherche d'éléments en démarrage automatique cachés ...
 .
 Recherche de fichiers cachés ...
 .
 Scan terminé avec succès
 Fichiers cachés: 0
 .
 ******************************​******************************​**************
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------
 .
 - - - - - - - > 'winlogon.exe'(492)
 c:\c\System32\ODBC32.dll
 .
 - - - - - - - > 'lsass.exe'(548)
 c:\c\system32\MSVCRT40.dll
 c:\c\system32\MSVCIRT.dll
 c:\c\System32\dssenh.dll
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\c\system32\imapi.exe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2011-11-25  19:06:30 - La machine a redémarré
 ComboFix-quarantined-files.txt  2011-11-25 18:06
 ComboFix2.txt  2011-11-25 17:40
 .
 Avant-CF: 148.083.662.848 octets libres
 Après-CF: 148.081.512.448 octets libres
 .
 - - End Of File - - E4D6019CE2B19A00AD5E594E16AD9F​83


 Ici sans console de recupération:

 ComboFix 11-11-25.01 - Update 25/11/2011  18:32:03.1.1 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.1.1252.32.1036.18.512​.384 [GMT 1:00]
 Lancé depuis: c:\documents and settings\Update.¦¦\Bureau\Comb​oFix.exe
 .
 AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
 .
 .
 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 Une copie infectée de c:\c\system32\qmgr.dll a été trouvée et désinfectée
 Copie restaurée à partir de - c:\system volume information\_restore{44F120E8-​1273-42B3-ACD3-D4D52FE6CB79}\R​P1\A0000038.dll
 .
 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2011-10-25 au 2011-11-25  ))))))))))))))))))))))))))))))​))))))
 .
 .
 .
 .
 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2011-11-05 07:18 . 2011-11-19 15:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomp​s.dll
 .
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4
 .
 .
 .
 ------- Examen supplémentaire -------
 .
 IE: {{c95fe080-8f5d-11d2-a20b-00aa​003c157a} - %SystemRoot%\web\related.htm
 TCP: DhcpNameServer = 192.168.1.1
 TCP: Interfaces\{367287DC-EFAF-4FE0​-B351-B99464F9E755}: NameServer = 192.168.1.1,0.0.0.0
 DPF: DirectAnimation Java Classes - file://c:\c\Java\classes\dajav​a.cab
 DPF: Microsoft XML Parser for Java - file://c:\c\Java\classes\xmlds​o.cab
 .
 .
 ******************************​******************************​**************
 .
 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2011-11-25 18:37
 Windows 5.1.2600 Service Pack 1 NTFS
 .
 Recherche de processus cachés ...
 .
 Recherche d'éléments en démarrage automatique cachés ...
 .
 Recherche de fichiers cachés ...
 .
 Scan terminé avec succès
 Fichiers cachés: 0
 .
 ******************************​******************************​**************
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------
 .
 - - - - - - - > 'winlogon.exe'(436)
 c:\c\System32\ODBC32.dll
 .
 - - - - - - - > 'lsass.exe'(492)
 c:\c\system32\MSVCRT40.dll
 c:\c\system32\MSVCIRT.dll
 c:\c\System32\dssenh.dll
 .
 ------------------------ Autres processus actifs ------------------------
 .
 c:\c\system32\imapi.exe
 .
 ******************************​******************************​**************
 .
 Heure de fin: 2011-11-25  18:40:06 - La machine a redémarré
 ComboFix-quarantined-files.txt  2011-11-25 17:40
 .
 Avant-CF: 148.043.612.160 octets libres
 Après-CF: 148.103.983.104 octets libres
 .
 - - End Of File - - 681E795F3D304E2CEB8928279F73C3​01

pierre9052
  1. Posté le 25/11/2011 à 20:40:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Ici un rapport otl:

 merci pour votre aide, dois attendre avant de repassé en sp3 ou je peux déjà faire les maj ?

 OTL logfile created on: 25/11/2011 20:03:50 - Run 1
 OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Update.´´\Bureau
 Windows XP Home Edition Service Pack 1 (Version = 5.1.2600) - Type = NTWorkstation
 Internet Explorer (Version = 6.0.2800.1106)
 Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
 511,53 Mb Total Physical Memory | 170,35 Mb Available Physical Memory | 33,30% Memory free
 1,22 Gb Paging File | 0,78 Gb Available in Paging File | 64,13% Paging File free
 Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
 %SystemDrive% = C: | %SystemRoot% = C:\C | %ProgramFiles% = C:\Program Files
 Drive C: | 149,05 Gb Total Space | 137,86 Gb Free Space | 92,49% Space Free | Partition Type: NTFS
 
 Computer Name: ´´ | User Name: Update | Logged in as Administrator.
 Boot Mode: Normal | Scan Mode: All users
 Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
 ========== Processes (SafeList) ==========
 
 PRC - [2011/11/25 20:03:26 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Update.´´\Bureau\OTL.​exe
 PRC - [2011/11/05 08:18:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
 PRC - [2011/08/31 17:00:48 | 001,047,208 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
 PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
 PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 PRC - [2002/08/30 13:00:00 | 001,008,128 | ---- | M] (Microsoft Corporation) -- C:\C\explorer.exe
 
 
 ========== Modules (No Company Name) ==========
 
 MOD - [2011/11/05 08:18:03 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
 
 
 ========== Win32 Services (SafeList) ==========
 
 SRV - File not found [On_Demand | Stopped] --  -- (xmlprov)
 SRV - File not found [Auto | Stopped] --  -- (wscsvc)
 SRV - File not found [Disabled | Stopped] --  -- (HidServ)
 SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
 SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
 SRV - [2008/04/14 03:33:50 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.d​ll -- (wuauserv)
 SRV - [2002/08/30 13:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\C\system32\mspmspsv.dll -- (WmdmPmSp)
 
 
 ========== Driver Services (SafeList) ==========
 
 DRV - File not found [Kernel | On_Demand | Running] --  -- (catchme)
 DRV - [2011/11/25 19:40:46 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\C\system32\drivers\mbamswis​sarmy.sys -- (MBAMSwissArmy)
 DRV - [2011/08/31 17:00:50 | 000,020,552 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\C\system32\drivers\mbam.sys -- (MBAMProtector)
 DRV - [2008/01/15 21:50:50 | 000,459,520 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\C\system32\drivers\rt73.sys -- (RT73)
 DRV - [2001/08/17 21:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_V124​.sys -- (V124)
 DRV - [2001/08/17 21:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_TONE​.sys -- (Tones)
 DRV - [2001/08/17 21:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\C\system32\drivers\HSF_MSFT​.sys -- (hsf_msft)
 DRV - [2001/08/17 21:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\C\system32\drivers\HSF_SAMP​.sys -- (Rksample)
 DRV - [2001/08/17 21:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_K56K​.sys -- (K56)
 DRV - [2001/08/17 21:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_FALL​.sys -- (Fallback)
 DRV - [2001/08/17 21:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_FAXX​.sys -- (SoftFax)
 DRV - [2001/08/17 21:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\C\system32\drivers\HSF_FSKS​.sys -- (Fsks)
 DRV - [2001/08/17 21:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Running] -- C:\C\system32\drivers\HSF_BSC2​.sys -- (basic2)
 
 
 ========== Standard Registry (SafeList) ==========
 
 
 ========== Internet Explorer ==========
 
 IE - HKLM\SOFTWARE\Microsoft\Intern​et Explorer\Main,Local Page = %SystemRoot%\system32\blank.ht​m
 
 
 IE - HKU\.DEFAULT\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-18\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-19\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-20\Software\Microsof​t\Windows\CurrentVersion\Inter​net Settings: "ProxyEnable" = 0
 
 IE - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\SOFTWARE\M​icrosoft\Internet Explorer\Main,Local Page = C:\C\System32\blank.htm
 IE - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\Software\M​icrosoft\Windows\CurrentVersio​n\Internet Settings: "ProxyEnable" = 0
 
 ========== FireFox ==========
 
 
 
 
 [2011/11/25 19:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Update.´´\Application Data\Mozilla\Extensions
 [2011/11/19 16:22:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 [2011/11/05 08:18:04 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomp​s.dll
 [2011/11/05 05:13:41 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-f​rance.xml
 [2011/11/05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
 [2011/11/05 05:13:41 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tl​fi-fr.xml
 [2011/11/05 05:13:41 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-fra​nce.xml
 [2011/11/05 05:13:41 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedi​a-fr.xml
 [2011/11/05 05:13:41 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-fr​ance.xml
 
 O1 HOSTS File: ([2011/11/25 19:04:19 | 000,000,027 | ---- | M]) - C:\C\system32\drivers\etc\host​s
 O1 - Hosts: 127.0.0.1       localhost
 O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C​9082467} - C:\C\system32\msdxm.ocx (Microsoft Corporation)
 O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
 O6 - HKLM\Software\Policies\Microso​ft\Internet Explorer\Restrictions present
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveAutoRun = 67108863
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDriveTypeAutoRun = 323
 O6 - HKLM\SOFTWARE\Microsoft\Window​s\CurrentVersion\policies\Expl​orer: NoDrives = 0
 O7 - HKU\.DEFAULT\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\.DEFAULT\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 323
 O7 - HKU\.DEFAULT\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveAutoRun = 67108863
 O7 - HKU\S-1-5-18\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-18\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 323
 O7 - HKU\S-1-5-18\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveAutoRun = 67108863
 O7 - HKU\S-1-5-19\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-19\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-20\Software\Policies​\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-20\SOFTWARE\Microsof​t\Windows\CurrentVersion\polic​ies\Explorer: NoDriveTypeAutoRun = 145
 O7 - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\Software\P​olicies\Microsoft\Internet Explorer\Control Panel present
 O7 - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\policies\Explorer: NoDriveTypeAutoRun = 323
 O7 - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\policies\Explorer: NoDriveAutoRun = 67108863
 O7 - HKU\S-1-5-21-1935655697-136458​9140-839522115-1004\SOFTWARE\M​icrosoft\Windows\CurrentVersio​n\policies\Explorer: NoDrives = 0
 O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa0​03c157a} - C:\C\Web\related.htm ()
 O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa0​03c157a} - C:\C\Web\related.htm ()
 O16 - DPF: DirectAnimation Java Classes file://C:\C\Java\classes\dajav​a.cab (Reg Error: Key error.)
 O16 - DPF: Microsoft XML Parser for Java file://C:\C\Java\classes\xmlds​o.cab (Reg Error: Key error.)
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{367287​DC-EFAF-4FE0-B351-B99464F9E755​}: NameServer = 192.168.1.1,0.0.0.0
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{66FE64​CA-7DBC-4689-A4FA-6E583A7BA182​}: DhcpNameServer = 192.168.1.1
 O17 - HKLM\System\CCS\Services\Tcpip​\Parameters\Interfaces\{6D2571​D2-03C6-45FF-BE4C-52A64CD311A3​}: DhcpNameServer = 192.168.1.1
 O18 - Protocol\Handler\ipp\0x0000000​1 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\0x000​00001 {E1D2BF42-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F​875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
 O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4​F4F5020} - C:\C\system32\msdxm.ocx (Microsoft Corporation)
 O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\C\explorer.exe (Microsoft Corporation)
 O20 - HKLM Winlogon: UserInit - (C:\C\system32\userinit.exe) -C:\C\system32\userinit.exe (Microsoft Corporation)
 O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
 O24 - Desktop WallPaper: C:\C\Web\Wallpaper\Colline verdoyante.bmp
 O24 - Desktop BackupWallPaper: C:\C\Web\Wallpaper\Colline verdoyante.bmp
 O32 - HKLM CDRom: AutoRun - 1
 O32 - AutoRun File - [2011/11/19 10:09:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
 O34 - HKLM BootExecute: (autocheck autochk *)
 O35 - HKLM\..comfile [open] -- "%1" %*
 O35 - HKLM\..exefile [open] -- "%1" %*
 O37 - HKLM\...com [@ = ComFile] -- "%1" %*
 O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 NetSvcs: 6to4 -  File not found
 NetSvcs: AppMgmt -  File not found
 NetSvcs: HidServ -  File not found
 NetSvcs: Ias -  File not found
 NetSvcs: Iprip -  File not found
 NetSvcs: Irmon -  File not found
 NetSvcs: LanmanWorkstation -  File not found
 NetSvcs: NWCWorkstation -  File not found
 NetSvcs: Nwsapagent -  File not found
 NetSvcs: WmdmPmSp - C:\C\system32\mspmspsv.dll (Microsoft Corporation)
 NetSvcs: wuauserv - C:\WINDOWS\system32\wuauserv.d​ll (Microsoft Corporation)
 
 
 SafeBootMin: AppMgmt -  File not found
 SafeBootMin: Base - Driver Group
 SafeBootMin: Boot Bus Extender - Driver Group
 SafeBootMin: Boot file system - Driver Group
 SafeBootMin: File system - Driver Group
 SafeBootMin: Filter - Driver Group
 SafeBootMin: PCI Configuration - Driver Group
 SafeBootMin: PNP Filter - Driver Group
 SafeBootMin: Primary disk - Driver Group
 SafeBootMin: SCSI Class - Driver Group
 SafeBootMin: sermouse.sys - Driver
 SafeBootMin: System Bus Extender - Driver Group
 SafeBootMin: vga.sys - Driver
 SafeBootMin: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootMin: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootMin: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootMin: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootMin: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootMin: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 
 SafeBootNet: AppMgmt -  File not found
 SafeBootNet: Base - Driver Group
 SafeBootNet: Boot Bus Extender - Driver Group
 SafeBootNet: Boot file system - Driver Group
 SafeBootNet: File system - Driver Group
 SafeBootNet: Filter - Driver Group
 SafeBootNet: LanmanWorkstation - Service
 SafeBootNet: NDIS Wrapper - Driver Group
 SafeBootNet: NetBIOS - Service
 SafeBootNet: NetBIOSGroup - Driver Group
 SafeBootNet: NetDDEGroup - Driver Group
 SafeBootNet: Network - Driver Group
 SafeBootNet: NetworkProvider - Driver Group
 SafeBootNet: NtLmSsp - Service
 SafeBootNet: PCI Configuration - Driver Group
 SafeBootNet: PNP Filter - Driver Group
 SafeBootNet: PNP_TDI - Driver Group
 SafeBootNet: Primary disk - Driver Group
 SafeBootNet: SCSI Class - Driver Group
 SafeBootNet: sermouse.sys - Driver
 SafeBootNet: Streams Drivers - Driver Group
 SafeBootNet: System Bus Extender - Driver Group
 SafeBootNet: TDI - Driver Group
 SafeBootNet: vga.sys - Driver
 SafeBootNet: {36FC9E60-C465-11CF-8056-44455​3540000} - Universal Serial Bus controllers
 SafeBootNet: {4D36E965-E325-11CE-BFC1-08002​BE10318} - CD-ROM Drive
 SafeBootNet: {4D36E967-E325-11CE-BFC1-08002​BE10318} - DiskDrive
 SafeBootNet: {4D36E969-E325-11CE-BFC1-08002​BE10318} - Standard floppy disk controller
 SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002​BE10318} - Hdc
 SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002​BE10318} - Keyboard
 SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002​BE10318} - Mouse
 SafeBootNet: {4D36E972-E325-11CE-BFC1-08002​BE10318} - Net
 SafeBootNet: {4D36E973-E325-11CE-BFC1-08002​BE10318} - NetClient
 SafeBootNet: {4D36E974-E325-11CE-BFC1-08002​BE10318} - NetService
 SafeBootNet: {4D36E975-E325-11CE-BFC1-08002​BE10318} - NetTrans
 SafeBootNet: {4D36E977-E325-11CE-BFC1-08002​BE10318} - PCMCIA Adapters
 SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002​BE10318} - SCSIAdapter
 SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002​BE10318} - System
 SafeBootNet: {4D36E980-E325-11CE-BFC1-08002​BE10318} - Floppy disk drive
 SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002​BE2092F} - Volume
 SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C​90F57DA} - Human Interface Devices
 
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608500} - Microsoft VM
 ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401​C608555} - Internet Explorer Classes for Java
 ActiveX: {10072CEC-8CC1-11D1-986E-00A0C​955B42F} - Rendu VML (Vector Graphics Rendering)
 ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA0​0B4E220} - NetShow
 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c​74c7e95} - Lecteur Windows Media Microsoft 6.4
 ActiveX: {283807B5-2C60-11D0-A31D-00AA0​0B92C03} - DirectAnimation
 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508​C9228ED} - %SystemRoot%\system32\regsvr32​.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.​dll
 ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f​8051515} - Liaison de données Dynamic HTML pour Java
 ActiveX: {3af36230-a269-11d1-b5bf-0000f​8051515} - Logiciel de navigation hors connexion
 ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f​8051515} - Uniscribe
 ActiveX: {4278c270-a269-11d1-b5bf-0000f​8051515} - Création avancée
 ActiveX: {44BBA840-CC51-11CF-AAFA-00AA0​0B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
 ActiveX: {44BBA842-CC51-11CF-AAFA-00AA0​0B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\C\INF\msnetmtg.inf,NetMtg.I​nstall.PerUser.NT
 ActiveX: {44BBA848-CC51-11CF-AAFA-00AA0​0B6015C} - DirectShow
 ActiveX: {44BBA855-CC51-11CF-AAFA-00AA0​0B6015F} - DirectDrawEx
 ActiveX: {45ea75a0-a269-11d1-b5bf-0000f​8051515} - Aide sur Internet Explorer
 ActiveX: {4f216970-c90c-11d1-b5c7-0000f​8051515} - Classes Java DirectAnimation
 ActiveX: {4f645220-306d-11d2-995d-00c04​f98bbc9} - Microsoft Windows Script 5.6
 ActiveX: {5A8D6EE0-3E18-11D0-821E-44455​3540000} - ICW
 ActiveX: {5fd399c0-a70a-11d1-9948-00c04​f98bbc9} - Outils d'installation Internet Explorer
 ActiveX: {630b1da0-b465-11d1-9948-00c04​f98bbc9} - Améliorations pour la navigation
 ActiveX: {6BF52A52-394A-11d3-B153-00C04​F79FAA6} - Microsoft Windows Media Player 8
 ActiveX: {6fab99d0-bab8-11d1-994a-00c04​f98bbc9} - Accès au site MSN
 ActiveX: {7790769C-0471-11d2-AF11-00C04​FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4340} - regsvr32.exe /s /n /i:U shell32.dll
 ActiveX: {89820200-ECBD-11cf-8B85-00AA0​05B4383} - %SystemRoot%\system32\ie4uinit​.exe
 ActiveX: {9381D8F2-0288-11D0-9501-00AA0​0B911A5} - Liaison de données Dynamic HTML
 ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C​4202C7E} -
 ActiveX: {C9E9A340-D1F1-11D0-821E-44455​3540600} - Polices de base Internet Explorer
 ActiveX: {CC2A9BA0-3BDD-11D0-821E-44455​3540000} - Planificateur de tâches
 ActiveX: {D27CDB6E-AE6D-11cf-96B8-44455​3540000} - Macromedia Shockwave Flash
 ActiveX: {de5aed00-a4bf-11d1-9948-00c04​f98bbc9} - Aide HTML
 ActiveX: {E92B03AB-B707-11d2-9CBD-0000F​87A369E} - Active Directory Service Interface
 ActiveX: >{22d6f312-b0f6-11d0-94ab-0080​c74c7e95} - C:\C\inf\unregmp2.exe /ShowWMP
 ActiveX: >{26923b43-4d38-484f-9b9e-de46​0746276c} - %systemroot%\system32\shmgrate​.exe OCInstallUserConfigIE
 ActiveX: >{60B49E34-C7CC-11D0-8953-00A0​C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 ActiveX: >{881dd1c5-3dcf-431b-b061-f3f8​8e8be88a} - %systemroot%\system32\shmgrate​.exe OCInstallUserConfigOE
 
 Drivers32: msacm.l3acm - C:\C\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
 Drivers32: msacm.sl_anet - C:\C\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
 Drivers32: msacm.trspch - C:\C\System32\tssoft32.acm (DSP GROUP, INC.)
 Drivers32: vidc.cvid - C:\C\System32\iccvid.dll (Radius Inc.)
 Drivers32: vidc.iv31 - C:\C\System32\ir32_32.dll ()
 Drivers32: vidc.iv32 - C:\C\System32\ir32_32.dll ()
 
 ========== Files/Folders - Created Within 30 Days ==========
 
 [2011/11/25 20:03:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Update.´´\Bureau\OTL.​exe
 [2011/11/25 19:40:24 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\C\System32\drivers\mbamswis​sarmy.sys
 [2011/11/25 19:40:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Application Data\Malwarebytes
 [2011/11/25 19:40:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.C\Menu Démarrer\Programmes\Malwarebyt​es' Anti-Malware
 [2011/11/25 19:40:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.C\Application Data\Malwarebytes
 [2011/11/25 19:39:59 | 000,020,552 | ---- | C] (Malwarebytes Corporation) -- C:\C\System32\drivers\mbam.sys
 [2011/11/25 19:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 [2011/11/25 19:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Bureau\tdss​killer
 [2011/11/25 19:14:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Mes documents\Téléchargements
 [2011/11/25 19:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Local Settings\Application Data\Mozilla
 [2011/11/25 19:08:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Application Data\Mozilla
 [2011/11/25 19:06:32 | 000,000,000 | ---D | C] -- C:\C\temp
 [2011/11/25 18:53:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
 [2011/11/25 18:53:13 | 000,000,000 | ---D | C] -- C:\C\setup.pss
 [2011/11/25 18:53:04 | 000,000,000 | ---D | C] -- C:\C\setupupd
 [2011/11/25 18:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Local Settings\Application Data\Help
 [2011/11/25 18:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Application Data\Help
 [2011/11/25 18:30:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\C\SWREG.exe
 [2011/11/25 18:30:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\C\SWSC.exe
 [2011/11/25 18:30:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\C\SWXCACLS.exe
 [2011/11/25 18:30:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\C\NIRCMD.exe
 [2011/11/25 18:30:03 | 000,000,000 | ---D | C] -- C:\C\ERDNT
 [2011/11/25 18:30:01 | 000,000,000 | ---D | C] -- C:\Qoobox
 [2011/11/25 18:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Mes documents\Mes vidéos
 [2011/11/25 18:29:57 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users.C\Documents\Mes vidéos
 [2011/11/25 18:29:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Menu Démarrer\Programmes\Outils d'administration
 [2011/11/25 18:26:55 | 004,307,453 | R--- | C] (Swearware) -- C:\Documents and Settings\Update.´´\Bureau\Comb​oFix.exe
 [2011/11/25 18:26:54 | 000,000,000 | R-SD | C] -- C:\C\Fonts
 [2011/11/25 18:26:54 | 000,000,000 | RHSD | C] -- C:\C\System32\dllcache
 [2011/11/25 18:26:54 | 000,000,000 | R--D | C] -- C:\C\Web
 [2011/11/25 18:26:54 | 000,000,000 | -H-D | C] -- C:\C\inf
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\WinSxS
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\wins
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\wbem
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\usmt
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\twain_32
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\system32
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\system
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\spool
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\ShellExt
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\Setup
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\security
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Resources
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\repair
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\ras
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\oobe
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\npp
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\mui
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\mui
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\msapps
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\msagent
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Media
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\java
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\inetsrv
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\IME
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\ime
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\icsxml
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\ias
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Help
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\export
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\drivers\etc
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\drivers
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Driver Cache
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\drivers\disdn
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\dhcp
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Debug
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Cursors
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Connection Wizard
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\config
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\Config
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\AppPatch
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\addins
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\3com_dmi
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\3076
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\2052
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1054
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1042
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1041
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1037
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1036
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1033
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1031
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1028
 [2011/11/25 18:26:54 | 000,000,000 | ---D | C] -- C:\C\System32\1025
 [2011/11/25 18:22:57 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Update.´´\UserData
 [2011/11/25 18:14:00 | 000,459,520 | R--- | C] (Ralink Technology, Corp.) -- C:\C\System32\drivers\rt73.sys
 [2011/11/25 18:08:40 | 000,000,000 | --SD | C] -- C:\C\System32\Microsoft
 [2011/11/25 17:53:49 | 000,000,000 | -HSD | C] -- C:\C\Installer
 [2011/11/25 17:53:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Application Data\Identities
 [2011/11/25 17:53:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Mes documents\Ma musique
 [2011/11/25 17:53:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Mes documents\Mes images
 [2011/11/25 17:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Local Settings\Application Data\Microsoft
 [2011/11/25 17:53:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Update.´´\Application Data\Microsoft
 [2011/11/25 17:53:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Update.´´\Cookies
 [2011/11/25 17:53:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Update.´´\SendTo
 [2011/11/25 17:53:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Update.´´\Recent
 [2011/11/25 17:53:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Update.´´\Application Data
 [2011/11/25 17:53:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Mes documents
 [2011/11/25 17:53:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Menu Démarrer
 [2011/11/25 17:53:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Favoris
 [2011/11/25 17:53:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Menu Démarrer\Programmes\Démarrage
 [2011/11/25 17:53:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Update.´´\Menu Démarrer\Programmes\Accessoire​s
 [2011/11/25 17:53:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Update.´´\Voisinage réseau
 [2011/11/25 17:53:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Update.´´\Voisinage d'impression
 [2011/11/25 17:53:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Update.´´\Modèles
 [2011/11/25 17:53:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Update.´´\Local Settings
 [2011/11/25 17:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Update.´´\Bureau
 [2011/11/25 17:49:32 | 000,000,000 | ---D | C] -- C:\C\Prefetch
 [2011/11/25 17:47:38 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\winzm.i​me
 [2011/11/25 17:47:38 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\winsp.i​me
 [2011/11/25 17:47:38 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\winpy.i​me
 [2011/11/25 17:47:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\winar30​.ime
 [2011/11/25 17:47:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\wingb.i​me
 [2011/11/25 17:47:37 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\winime.​ime
 [2011/11/25 17:47:35 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\weitekp​9.dll
 [2011/11/25 17:47:35 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\weitekp​9.sys
 [2011/11/25 17:47:33 | 000,086,074 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\voicesu​b.dll
 [2011/11/25 17:47:33 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\w32.dll
 [2011/11/25 17:47:32 | 000,426,042 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\voicepa​d.dll
 [2011/11/25 17:47:30 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\uniime.​dll
 [2011/11/25 17:47:30 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\unicdim​e.ime
 [2011/11/25 17:47:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tsprof.​exe
 [2011/11/25 17:47:28 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tmigrat​e.dll
 [2011/11/25 17:47:27 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tintlgn​t.ime
 [2011/11/25 17:47:27 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tintset​p.exe
 [2011/11/25 17:47:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\thawbrk​r.dll
 [2011/11/25 17:47:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tintlph​r.exe
 [2011/11/25 17:47:26 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tdipx.s​ys
 [2011/11/25 17:47:26 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tdspx.s​ys
 [2011/11/25 17:47:26 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tdasync​.sys
 [2011/11/25 17:47:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\srusbus​d.dll
 [2011/11/25 17:47:21 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\softkey​.dll
 [2011/11/25 17:47:21 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sn​prfdll.dll
 [2011/11/25 17:47:20 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpinc​l.dll
 [2011/11/25 17:47:20 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpcl.​dll
 [2011/11/25 17:47:20 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpsmi​r.dll
 [2011/11/25 17:47:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpthr​d.dll
 [2011/11/25 17:47:20 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmp.ex​e
 [2011/11/25 17:47:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpstu​p.dll
 [2011/11/25 17:47:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmptra​p.exe
 [2011/11/25 17:47:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\snmpmib​.dll
 [2011/11/25 17:47:19 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smtpsvc​.dll
 [2011/11/25 17:47:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sm​tpctrs.dll
 [2011/11/25 17:47:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sm​tpapi.dll
 [2011/11/25 17:47:18 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smi2smi​r.exe
 [2011/11/25 17:47:18 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm9aw.d​ll
 [2011/11/25 17:47:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smb6w.d​ll
 [2011/11/25 17:47:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sma3w.d​ll
 [2011/11/25 17:47:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smierrs​m.dll
 [2011/11/25 17:47:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smimsgi​f.dll
 [2011/11/25 17:47:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\smierrs​y.dll
 [2011/11/25 17:47:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm87w.d​ll
 [2011/11/25 17:47:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm81w.d​ll
 [2011/11/25 17:47:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm8cw.d​ll
 [2011/11/25 17:47:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm93w.d​ll
 [2011/11/25 17:47:17 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm92w.d​ll
 [2011/11/25 17:47:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm90w.d​ll
 [2011/11/25 17:47:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm8dw.d​ll
 [2011/11/25 17:47:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm8aw.d​ll
 [2011/11/25 17:47:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm89w.d​ll
 [2011/11/25 17:47:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\sm59w.d​ll
 [2011/11/25 17:47:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\simptcp​.dll
 [2011/11/25 17:47:12 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_se​o.dll
 [2011/11/25 17:47:12 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sc​ripto.dll
 [2011/11/25 17:47:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_se​os.dll
 [2011/11/25 17:47:10 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\C\System32\dllcache\rwia330​.dll
 [2011/11/25 17:47:10 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\C\System32\dllcache\rwia001​.dll
 [2011/11/25 17:47:10 | 000,026,624 | ---- | C] (RICOH Co., Ltd.) -- C:\C\System32\dllcache\rw330ex​t.dll
 [2011/11/25 17:47:10 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_rw​nh.dll
 [2011/11/25 17:47:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\rw001ex​t.dll
 [2011/11/25 17:47:08 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\romanim​e.ime
 [2011/11/25 17:47:07 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_re​gtrace.exe
 [2011/11/25 17:47:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\registe​r.exe
 [2011/11/25 17:47:05 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\quick.i​me
 [2011/11/25 17:47:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\quser.e​xe
 [2011/11/25 17:47:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\query.e​xe
 [2011/11/25 17:47:02 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pmxvice​o.dll
 [2011/11/25 17:47:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pmxmcro​.dll
 [2011/11/25 17:47:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pmxgl.d​ll
 [2011/11/25 17:47:01 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pintlgn​t.ime
 [2011/11/25 17:47:01 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pintlph​r.exe
 [2011/11/25 17:47:01 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pmigrat​e.dll
 [2011/11/25 17:47:01 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\pintlcs​d.dll
 [2011/11/25 17:47:00 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\phon.im​e
 [2011/11/25 17:47:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\padrs80​4.dll
 [2011/11/25 17:46:59 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\padrs41​1.dll
 [2011/11/25 17:46:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\padrs40​4.dll
 [2011/11/25 17:46:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\padrs41​2.dll
 [2011/11/25 17:46:57 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_nt​fsdrv.dll
 [2011/11/25 17:46:52 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\multibo​x.dll
 [2011/11/25 17:46:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\mtstoco​m.exe
 [2011/11/25 17:46:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msiregm​v.exe
 [2011/11/25 17:46:46 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msir3jp​.lex
 [2011/11/25 17:46:46 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msir3jp​.dll
 [2011/11/25 17:46:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\mga.sys
 [2011/11/25 17:46:39 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\mga.dll
 [2011/11/25 17:46:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\migregd​b.exe
 [2011/11/25 17:46:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_ma​ilmsg.dll
 [2011/11/25 17:46:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\lpdsvc.​dll
 [2011/11/25 17:46:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\lprmon.​dll
 [2011/11/25 17:46:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\lmmib2.​dll
 [2011/11/25 17:46:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\korwbrk​r.dll
 [2011/11/25 17:46:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdth3.​dll
 [2011/11/25 17:46:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdth2.​dll
 [2011/11/25 17:46:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdvntc​.dll
 [2011/11/25 17:46:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdusa.​dll
 [2011/11/25 17:46:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdurdu​.dll
 [2011/11/25 17:46:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdth1.​dll
 [2011/11/25 17:46:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdth0.​dll
 [2011/11/25 17:46:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdsyr2​.dll
 [2011/11/25 17:46:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdsyr1​.dll
 [2011/11/25 17:46:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdneca​t.dll
 [2011/11/25 17:46:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdnecn​t.dll
 [2011/11/25 17:46:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdnec9​5.dll
 [2011/11/25 17:46:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdlk41​a.dll
 [2011/11/25 17:46:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdlk41​j.dll
 [2011/11/25 17:46:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinte​l.dll
 [2011/11/25 17:46:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinpu​n.dll
 [2011/11/25 17:46:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinta​m.dll
 [2011/11/25 17:46:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinma​r.dll
 [2011/11/25 17:46:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinka​n.dll
 [2011/11/25 17:46:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinhi​n.dll
 [2011/11/25 17:46:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdibm0​2.dll
 [2011/11/25 17:46:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdingu​j.dll
 [2011/11/25 17:46:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdinde​v.dll
 [2011/11/25 17:46:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdheb.​dll
 [2011/11/25 17:46:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdfa.d​ll
 [2011/11/25 17:46:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbddiv2​.dll
 [2011/11/25 17:46:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbddiv1​.dll
 [2011/11/25 17:46:29 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdgeo.​dll
 [2011/11/25 17:46:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdax2.​dll
 [2011/11/25 17:46:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbda3.d​ll
 [2011/11/25 17:46:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbda2.d​ll
 [2011/11/25 17:46:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbda1.d​ll
 [2011/11/25 17:46:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdarmw​.dll
 [2011/11/25 17:46:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbdarme​.dll
 [2011/11/25 17:46:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\jupiw.d​ll
 [2011/11/25 17:46:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbd106n​.dll
 [2011/11/25 17:46:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbd101a​.dll
 [2011/11/25 17:46:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\kbd101.​dll
 [2011/11/25 17:46:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\iprip.d​ll
 [2011/11/25 17:46:24 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imskf.d​ll
 [2011/11/25 17:46:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imskdic​.dll
 [2011/11/25 17:46:23 | 000,274,490 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjputy​c.dll
 [2011/11/25 17:46:23 | 000,262,201 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjputy​.exe
 [2011/11/25 17:46:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imlang.​dll
 [2011/11/25 17:46:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imkrins​t.exe
 [2011/11/25 17:46:22 | 000,307,258 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpdct​.exe
 [2011/11/25 17:46:22 | 000,233,528 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjprw.​exe
 [2011/11/25 17:46:22 | 000,208,953 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpmig​.exe
 [2011/11/25 17:46:22 | 000,155,706 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpdsv​r.exe
 [2011/11/25 17:46:22 | 000,081,977 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpdct​.dll
 [2011/11/25 17:46:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpuex​.exe
 [2011/11/25 17:46:21 | 000,827,438 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjp81k​.dll
 [2011/11/25 17:46:21 | 000,716,857 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpcus​.dll
 [2011/11/25 17:46:21 | 000,360,494 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpcic​.dll
 [2011/11/25 17:46:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjpdad​m.exe
 [2011/11/25 17:46:20 | 000,340,013 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imjp81.​ime
 [2011/11/25 17:46:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imepads​v.exe
 [2011/11/25 17:46:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imepads​m.dll
 [2011/11/25 17:46:20 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imekrci​c.dll
 [2011/11/25 17:46:20 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imekr61​.ime
 [2011/11/25 17:46:20 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imekrmb​x.dll
 [2011/11/25 17:46:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\imekrmi​g.exe
 [2011/11/25 17:46:15 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\hwxkor.​dll
 [2011/11/25 17:46:08 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\hwxcht.​dll
 [2011/11/25 17:46:07 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\hostmib​.dll
 [2011/11/25 17:46:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\hanjadi​c.dll
 [2011/11/25 17:46:04 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsxp32​.dll
 [2011/11/25 17:46:04 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxstiff​.dll
 [2011/11/25 17:46:04 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxssvc.​exe
 [2011/11/25 17:46:04 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxst30.​dll
 [2011/11/25 17:46:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxswzrd​.dll
 [2011/11/25 17:46:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsui.d​ll
 [2011/11/25 17:46:03 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsst.d​ll
 [2011/11/25 17:46:03 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxseven​t.dll
 [2011/11/25 17:46:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsrout​e.dll
 [2011/11/25 17:46:03 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsdrv.​dll
 [2011/11/25 17:46:03 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsmon.​dll
 [2011/11/25 17:46:03 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsext3​2.dll
 [2011/11/25 17:46:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxssend​.exe
 [2011/11/25 17:46:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsres.​dll
 [2011/11/25 17:46:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsperf​.dll
 [2011/11/25 17:46:02 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsapi.​dll
 [2011/11/25 17:46:02 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxscome​x.dll
 [2011/11/25 17:46:02 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxscove​r.exe
 [2011/11/25 17:46:02 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsclnt​r.dll
 [2011/11/25 17:46:02 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxsclnt​.exe
 [2011/11/25 17:46:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxscfgw​z.dll
 [2011/11/25 17:46:02 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fxscom.​dll
 [2011/11/25 17:46:01 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpadmcg​i.exe
 [2011/11/25 17:46:01 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpadmdl​l.dll
 [2011/11/25 17:46:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\ftlx041​e.dll
 [2011/11/25 17:46:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_fc​achdll.dll
 [2011/11/25 17:46:00 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\flattem​p.exe
 [2011/11/25 17:45:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\evntagn​t.dll
 [2011/11/25 17:45:59 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\evntwin​.exe
 [2011/11/25 17:45:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\evntcmd​.exe
 [2011/11/25 17:45:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\f3ahvoa​s.dll
 [2011/11/25 17:45:58 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\C\System32\dllcache\esuimgd​.dll
 [2011/11/25 17:45:58 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\C\System32\dllcache\esunid.​dll
 [2011/11/25 17:45:58 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\C\System32\dllcache\esucmd.​dll
 [2011/11/25 17:45:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\et4000.​sys
 [2011/11/25 17:45:57 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\edb500.​dll
 [2011/11/25 17:45:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\dayi.im​e
 [2011/11/25 17:45:50 | 000,057,400 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cplexe.​exe
 [2011/11/25 17:45:50 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cprofil​e.exe
 [2011/11/25 17:45:47 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cintset​p.exe
 [2011/11/25 17:45:46 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cintime​.dll
 [2011/11/25 17:45:46 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chtskdi​c.dll
 [2011/11/25 17:45:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cintlgn​t.ime
 [2011/11/25 17:45:45 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chsbrkr​.dll
 [2011/11/25 17:45:45 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chtbrkr​.dll
 [2011/11/25 17:45:45 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chtmbx.​dll
 [2011/11/25 17:45:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chajei.​ime
 [2011/11/25 17:45:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chgport​.exe
 [2011/11/25 17:45:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chgusr.​exe
 [2011/11/25 17:45:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\chglogo​n.exe
 [2011/11/25 17:45:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\change.​exe
 [2011/11/25 17:45:42 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\c_g1803​0.dll
 [2011/11/25 17:45:42 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\C\System32\dllcache\cap7146​.sys
 [2011/11/25 17:45:42 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\c_iscii​.dll
 [2011/11/25 17:45:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\c_is202​2.dll
 [2011/11/25 17:45:39 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_aq​ueue.dll
 [2011/11/25 17:45:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_aq​admin.dll
 [2011/11/25 17:45:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt0804​.dll
 [2011/11/25 17:45:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt0412​.dll
 [2011/11/25 17:45:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt0411​.dll
 [2011/11/25 17:45:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt040d​.dll
 [2011/11/25 17:45:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt0404​.dll
 [2011/11/25 17:45:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\agt0401​.dll
 [2011/11/25 17:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_ad​siisex.dll
 [2011/11/25 17:45:33 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tcptest​.exe
 [2011/11/25 17:45:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\tcptsat​.dll
 [2011/11/25 17:45:32 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sm​tpsnap.dll
 [2011/11/25 17:45:32 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\EXCH_sm​tpadm.dll
 [2011/11/25 17:45:31 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\shtml.d​ll
 [2011/11/25 17:45:31 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\shtml.e​xe
 [2011/11/25 17:45:25 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpmmc.d​ll
 [2011/11/25 17:45:25 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpmmcsa​t.dll
 [2011/11/25 17:45:25 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpexedl​l.dll
 [2011/11/25 17:45:25 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpremad​m.exe
 [2011/11/25 17:45:24 | 000,872,557 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4awel​.dll
 [2011/11/25 17:45:24 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fpcount​.exe
 [2011/11/25 17:45:24 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp98swi​n.exe
 [2011/11/25 17:45:24 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4aweb​s.dll
 [2011/11/25 17:45:24 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4avss​.dll
 [2011/11/25 17:45:24 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp98sad​m.exe
 [2011/11/25 17:45:23 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4amsf​t.dll
 [2011/11/25 17:45:23 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4apws​.dll
 [2011/11/25 17:45:23 | 000,127,034 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4areg​.dll
 [2011/11/25 17:45:23 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4atxt​.dll
 [2011/11/25 17:45:23 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4ansc​p.dll
 [2011/11/25 17:45:23 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\fp4avnb​.dll
 [2011/11/25 17:45:22 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\cfgwiz.​exe
 [2011/11/25 17:45:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\author.​dll
 [2011/11/25 17:45:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\author.​exe
 [2011/11/25 17:45:21 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\admin.e​xe
 [2011/11/25 17:45:20 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\admin.d​ll
 [2011/11/25 17:45:18 | 000,000,000 | ---D | C] -- C:\C\System32\xircom
 [2011/11/25 17:45:01 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\C\System32\mapi32.dll
 [2011/11/25 17:44:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users.C\DRM
 [2011/11/25 17:44:09 | 000,000,000 | --SD | C] -- C:\C\Downloaded Program Files
 [2011/11/25 17:44:09 | 000,000,000 | R--D | C] -- C:\C\Offline Web Pages
 [2011/11/25 17:43:48 | 000,106,562 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\srchctl​s.dll
 [2011/11/25 17:43:47 | 003,346,432 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msgr3en​.dll
 [2011/11/25 17:43:39 | 000,000,000 | ---D | C] -- C:\C\System32\DirectX
 [2011/11/25 17:43:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msoobe.​exe
 [2011/11/25 17:43:20 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msobshe​l.dll
 [2011/11/25 17:43:20 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msobweb​.dll
 [2011/11/25 17:43:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msobdl.​dll
 [2011/11/25 17:43:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\uploadm​.exe
 [2011/11/25 17:43:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\C\System32\safrslv.dll
 [2011/11/25 17:43:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\safrslv​.dll
 [2011/11/25 17:43:18 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\C\System32\safrcdlg.dll
 [2011/11/25 17:43:18 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\safrcdl​g.dll
 [2011/11/25 17:43:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\C\System32\racpldlg.dll
 [2011/11/25 17:43:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\racpldl​g.dll
 [2011/11/25 17:43:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\C\System32\safrdm.dll
 [2011/11/25 17:43:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\safrdm.​dll
 [2011/11/25 17:43:17 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\helphos​t.exe
 [2011/11/25 17:43:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\notifla​g.exe
 [2011/11/25 17:43:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\brpinfo​.dll
 [2011/11/25 17:43:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\atrace.​dll
 [2011/11/25 17:43:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\C\System32\atrace.dll
 [2011/11/25 17:43:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\hcappre​s.dll
 [2011/11/25 17:43:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\srdiag.​exe
 [2011/11/25 17:43:08 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\confmrs​l.dll
 [2011/11/25 17:43:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\mnmsrvc​.exe
 [2011/11/25 17:43:08 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\C\System32\isrdbg32.dll
 [2011/11/25 17:43:08 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\C\System32\dllcache\isrdbg3​2.dll
 [2011/11/25 17:43:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\C\System32\nmevtmsg.dll
 [2011/11/25 17:43:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\nmevtms​g.dll
 [2011/11/25 17:43:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\wabimp.​dll
 [2011/11/25 17:43:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\acctres​.dll
 [2011/11/25 17:43:07 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\acctres.dll
 [2011/11/25 17:43:07 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\wab.exe
 [2011/11/25 17:43:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\wabfind​.dll
 [2011/11/25 17:43:07 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\wabmig.​exe
 [2011/11/25 17:43:06 | 002,533,888 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msoeres​.dll
 [2011/11/25 17:43:06 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\oeimpor​t.dll
 [2011/11/25 17:43:06 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\directd​b.dll
 [2011/11/25 17:43:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\C\System32\inetres.dll
 [2011/11/25 17:43:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\inetres​.dll
 [2011/11/25 17:43:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\C\System32\icwphbk.dll
 [2011/11/25 17:43:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwphbk​.dll
 [2011/11/25 17:43:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\oemig50​.exe
 [2011/11/25 17:43:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\oemigli​b.dll
 [2011/11/25 17:43:05 | 000,000,000 | --SD | C] -- C:\C\Tasks
 [2011/11/25 17:43:04 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\C\System32\inetcfg.dll
 [2011/11/25 17:43:04 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\inetcfg​.dll
 [2011/11/25 17:43:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\C\System32\isign32.dll
 [2011/11/25 17:43:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\isign32​.dll
 [2011/11/25 17:43:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\icwdial.dll
 [2011/11/25 17:43:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwdial​.dll
 [2011/11/25 17:43:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\icfgnt5.dll
 [2011/11/25 17:43:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icfgnt5​.dll
 [2011/11/25 17:43:03 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwhelp​.dll
 [2011/11/25 17:43:03 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwtuto​r.exe
 [2011/11/25 17:43:03 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwres.​dll
 [2011/11/25 17:43:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwconn​.dll
 [2011/11/25 17:43:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwutil​.dll
 [2011/11/25 17:43:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\trialoc​.dll
 [2011/11/25 17:43:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwrmin​d.exe
 [2011/11/25 17:43:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwdl.d​ll
 [2011/11/25 17:43:02 | 000,557,128 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\dao360.​dll
 [2011/11/25 17:43:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\oledb32​r.dll
 [2011/11/25 17:43:02 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\icwconn​2.exe
 [2011/11/25 17:43:02 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\inetwiz​.exe
 [2011/11/25 17:43:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msdasql​r.dll
 [2011/11/25 17:43:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msdaora​r.dll
 [2011/11/25 17:43:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\isignup​.exe
 [2011/11/25 17:43:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msader1​5.dll
 [2011/11/25 17:43:01 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msaddsr​.dll
 [2011/11/25 17:43:01 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msadcer​.dll
 [2011/11/25 17:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msdarem​r.dll
 [2011/11/25 17:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msdaprs​r.dll
 [2011/11/25 17:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msadcor​.dll
 [2011/11/25 17:43:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\msadcfr​.dll
 [2011/11/25 17:42:58 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\vgx.dll
 [2011/11/25 17:42:58 | 000,798,782 | ---- | C] (Microsoft Corporation) -- C:\C\System32\dllcache\srchui.​dll
 [2011/11/25 17:42:58 | 000,000,000 | ---D | C] -- C:\C\srchasst
 [2011/11/25 17:42:57 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\C\System32\d

(Publicité)
pierre9052
  1. Posté le 25/11/2011 à 21:05:41  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
pierre9052
  1. Posté le 26/11/2011 à 02:16:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
pierre9052
  1. Posté le 26/11/2011 à 11:52:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bon y a quelqu'un ou pas?

 sinon je vais poster sur un autre forum?

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 26/11/2011 à 19:45:46  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Pierre9052, bienvenu sur 01net


 Comment as-tu procédé pour le formatage et la réinstallation?

 As-tu le CD ou une partition de récupération?


 @++    :)

pierre9052
  1. Posté le 27/11/2011 à 12:27:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 

 

dédétraqué a écrit :

Salut Pierre9052, bienvenu sur 01net


 Comment as-tu procédé pour le formatage et la réinstallation?

 As-tu le CD ou une partition de récupération?


 @++    :)
 




 Salut dedetraqué,


 avec le cd recu avec le pc, en générale formatage complets ntfs.

 j'ai j'ai juste recréer une partition sans reformater complets pour voir si combofix pouvait me trouvé le problème en ayant 2 partitions

 pour le CD à la base le pc devait etre un XP home

 seulement il ne reconnait plus son cd (peut-être trop griffé je sais pas)

 donc je dois chaque fois réinstaller avec un edition familiale, je sais pas si ca peut jouer

pierre9052
  1. Posté le 27/11/2011 à 16:00:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Après quelque fixe avec rootrepeal

 Cureit m'a supprimé otl considéré comme trojans; et 2 autres fichiers je sais pas c'était quoi Dropper.Gen;

 Nouveau rapport combofix

 ComboFix 11-11-25.02 - Update 27/11/2011  14:52:14.4.1 - x86
 Microsoft Windows XP Édition familiale  5.1.2600.1.1252.32.1036.18.512​.278 [GMT 1:00]
 Lancé depuis: c:\documents and settings\Update.´´\Bureau\Comb​oFix.exe
 .
 .
 ((((((((((((((((((((((((((((((​((((((   Autres suppressions   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 Une copie infectée de c:\c\system32\qmgr.dll a été trouvée et désinfectée
 Copie restaurée à partir de - c:\c\ERDNT\cache\qmgr.dll
 .
 .
 (((((((((((((((((((((((((((((   Fichiers créés du 2011-10-27 au 2011-11-27  ))))))))))))))))))))))))))))))​))))))
 .
 .
 2011-11-26 01:23 . 2011-11-26 01:22 302592 ----a-w- C:\3qmrmmtb.exe
 .
 .
 .
 ((((((((((((((((((((((((((((((​((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 2011-11-05 07:18 . 2011-11-19 15:22 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomp​s.dll
 .
 .
 (((((((((((((((((((((((((((((   SnapShot@2011-11-25_17.37.50   ))))))))))))))))))))))))))))))​)))))))))))
 .
 + 2011-11-26 02:06 . 2011-11-26 02:09 53248              c:\c\system32\drivers\rk_remov​er.sys
 + 2011-11-25 18:39 . 2011-08-31 16:00 20552              c:\c\system32\drivers\mbam.sys
 + 2011-11-25 16:47 . 2011-11-26 02:08 32768              c:\c\system32\config\systempro​file\Local Settings\Historique\History.IE​5\index.dat
 - 2011-11-25 16:47 . 2011-11-25 17:09 32768              c:\c\system32\config\systempro​file\Local Settings\Historique\History.IE​5\index.dat
 + 2011-11-26 17:08 . 2011-11-26 02:08 16384              c:\c\system32\config\systempro​file\Cookies\index.dat
 - 2011-11-25 16:47 . 2011-11-25 17:09 16384              c:\c\system32\config\systempro​file\Cookies\index.dat
 + 2011-11-25 16:44 . 2011-11-26 17:08 2298              c:\c\PCHealth\HelpCtr\PackageS​tore\SkuStore.bin
 .
 ((((((((((((((((((((((((((((((​(((   Points de chargement Reg   ))))))))))))))))))))))))))))))​))))))))))))))))))
 .
 .
 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
 REGEDIT4
 .
 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
 .
 R2 MBAMService;MBAMService;c:\pro​gram files\Malwarebytes' Anti-Malware\mbamservice.exe [25/11/2011 19:40 366152]
 R3 MBAMProtector;MBAMProtector;c:​\c\system32\drivers\mbam.sys [25/11/2011 19:39 20552]
 S3 rk_remover-boot;rk_remover-boo​t;c:\c\system32\drivers\rk_rem​over.sys [26/11/2011 3:06 53248]
 .
 .
 ------- Examen supplémentaire -------
 .
 IE: {{c95fe080-8f5d-11d2-a20b-00aa​003c157a} - %SystemRoot%\web\related.htm
 TCP: DhcpNameServer = 192.168.1.1
 TCP: Interfaces\{367287DC-EFAF-4FE0​-B351-B99464F9E755}: NameServer = 192.168.1.1,0.0.0.0
 DPF: DirectAnimation Java Classes - file://c:\c\Java\classes\dajav​a.cab
 DPF: Microsoft XML Parser for Java - file://c:\c\Java\classes\xmlds​o.cab
 .
 .
 ******************************​******************************​**************
 .
 catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2011-11-27 15:00
 Windows 5.1.2600 Service Pack 1 NTFS
 .
 Recherche de processus cachés ...
 .
 Recherche d'éléments en démarrage automatique cachés ...
 .
 Recherche de fichiers cachés ...
 .
 Scan terminé avec succès
 Fichiers cachés: 0
 .
 ******************************​******************************​**************
 .
 --------------------- DLLs chargées dans les processus actifs ---------------------
 .
 - - - - - - - > 'winlogon.exe'(520)
 c:\c\System32\ODBC32.dll
 .
 - - - - - - - > 'lsass.exe'(576)
 c:\c\system32\MSVCRT40.dll
 c:\c\system32\MSVCIRT.dll
 c:\c\System32\dssenh.dll
 .
 Heure de fin: 2011-11-27  15:02:41 - La machine a redémarré
 ComboFix-quarantined-files.txt  2011-11-27 14:02
 ComboFix2.txt  2011-11-26 00:35
 ComboFix3.txt  2011-11-25 18:06
 ComboFix4.txt  2011-11-25 17:40
 .
 Avant-CF: 147.679.035.392 octets libres
 Après-CF: 147.773.759.488 octets libres
 .
 - - End Of File - - B4EFA510402999D84215332FA45D4B​65

(Publicité)
pierre9052
  1. Posté le 27/11/2011 à 16:14:33  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
salut dede,

 si tu pouvais m'expliquer un truc aussi,

 à quoi correspond BootCfg /DisableRedirect // Monitoring Disabled

 Merci bien

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 28/11/2011 à 03:20:08  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Pierre9052


 La commande bootcfg donne de l'information sur le système :
 http://http://support.microsoft.com/kb/291980/fr

 Faire un scan de ce fichier qmgr.dll ici :

 http://www.virustotal.com/fr/


 
  • Dans l'onglet Upload a file, clique sur Parcourir
  • Une nouvelle fenêtre va s'ouvrir, dans cette fenêtre dans le bas ou c'est marqué Nom de fichier tu copie/colle ceci :
c:\c\system32\qmgr.dll

 
  • Après tu clique sur Ouvrir et sur Envoyer le fichier et attendre le résultat de l’analyse.
  • Si il te dit que le fichier a déjà été analysé, sélectionne le bouton Reanalyse.

 Attendre le résultat de l'analyse, poste le lien de la page quand le scan du fichier sera terminer.


 @++   :)

 Page :
1

Aller à :
 

Sujets relatifs
Rapport HijackThis analyse rapport combofix
Rapport Avira Inquiétant Rapport de Norton étrange...
Infecté par Adware Gibmedia et Ecobar [résolu] problèmes de trojans et reformatage...
Plus de sujets relatifs à : Rapport ComboFix infecté apres reformatage:

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
[Résolu] Droits administrateurs perdus 39
plantage pc 3
GROS PROBLEMES POP UP 12
Cheval de Troie : Agent_r.ARN 1
Problème de PC (tourne au ralenti), Virus? 13