Aller au contenu

Drog-

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    47

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Drog-

  1. Drog-
    voici le rapport adwcleaner : # AdwCleaner v1.402 - Rapport créé le 18/12/2011 à 13:09:56 # Mis à jour le 11/12/11 à 19h par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Benoit - BEN-PC (Administrateur) # Exécuté depuis : C:\Users\Benoit\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Users\Benoit\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} Dossier Supprimé : C:\Users\Benoit\AppData\Local\freetvradio Air Dossier Supprimé : C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\ma4ceinq.default\extensions\ffxtlbr@Facemoods.com ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0} Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4 Clé Supprimée : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212 Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{416ae1cb-7257-484a-b912-aebc7fdad4ce} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} ***** [Registre (x64)] ***** Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD} ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.7601.17514 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v [impossible d'obtenir la version] Profil : ma4ceinq.default Fichier : C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\ma4ceinq.default\prefs.js C:\Users\Benoit\AppData\Roaming\Mozilla\Firefox\Profiles\ma4ceinq.default\user.js ... Supprimé ! [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v0.0.0.0 Fichier : C:\Users\Benoit\AppData\Local\Google\Chrome\User Data\Default\Preferences Supprimée : "icon_url": "hxxp://facemoods.com/favicon.ico", Supprimée : "keyword": "facemoods.com", Supprimée : "name": "facemoods", Supprimée : "search_url": "hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4", ************************* AdwCleaner[s1].txt - [3613 octets] - [18/12/2011 13:09:56] ************************* Dossier Temporaire : 8 dossier(s)et 5 fichier(s) supprimés ########## EOF - C:\AdwCleaner[s1].txt - [3832 octets] ##########
  2. Drog-
    voici mon rapport ZHPDiag : Lien CJoint.com ALsiXkYB0Ji
  3. Drog-
    bonjour je vous poste mon rapport hijackthis pour une verification car dans mon rapport je trouve qu'il y a beaucoup tropd e O23 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:23:17, on 17/12/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Users\Benoit\AppData\Local\Akamai\netsession_win.exe C:\Users\Benoit\AppData\Local\Akamai\netsession_win.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe C:\Users\Benoit\Documents\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Users\Benoit\AppData\Local\Akamai\netsession_win.exe O4 - HKCU\..\Run: [speedUpMyPC] "C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000 O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Akamai NetSession Interface (Akamai) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Assistance NetBIOS sur TCP/IP (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Client de suivi de lien distribué (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de découverte automatique de Proxy Web pour les services HTTP Windows (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: WireHelpSvc - Unknown owner - C:\Program Files\Common Files\WireHelpSvc.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Windows Search (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 24402 bytes
  4. Drog-
    je poste mon rapport hijackthis car il me parait assez lourd. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:12:05, on 02/05/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\EslWire\inGame32.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\mIRC32\mirc.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Users\Benoit\Documents\HijackThis.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "c:\program files (x86)\steam\steam.exe" -silent O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - FIFA Online | The FIFA Online beta has now ended O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Akamai NetSession Interface (Akamai) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 26913 bytes
  5. Drog-
    j avais oublié de poster le rapport du malwarebytes alwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5655 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 01/02/2011 23:13:45 mbam-log-2011-02-01 (23-13-45).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 505073 Temps écoulé: 1 heure(s), 26 minute(s), 53 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 9 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (PUP.Dealio) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Backdoor.SpyNet) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\Fast Browser Search\IE\SearchGuardPlus.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\Fast Browser Search\IE\update.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully. C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\Search Guard Plus\SearchGuardPlus.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully. C:\Users\Benoit\AppData\Local\Temp\ptu1C59_tmp.exe (PUP.Casino) -> Quarantined and deleted successfully. C:\Users\Benoit\Documents\u98.exe (Adware.UltraReach) -> Quarantined and deleted successfully. C:\Users\Benoit\Documents\photoshop\Adobe Photoshop CS4 Extended\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. C:\Users\Benoit\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Program Files (x86)\IntelLaptopGamingVista.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Program Files (x86)\IntelLaptopGamingXP.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
  6. Drog-
    OTL Extras logfile created on: 01/02/2011 20:54:38 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Benoit\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 582,19 Gb Total Space | 357,31 Gb Free Space | 61,37% Space Free | Partition Type: NTFS Drive D: | 13,88 Gb Total Space | 2,45 Gb Free Space | 17,64% Space Free | Partition Type: NTFS Drive E: | 5,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: BEN-PC | User Name: Benoit | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1092BBE3-5CA2-4978-AEB2-323BD2045264}" = Windows Live Remote Client Resources "{20916CCF-47DA-4078-A39F-A4D6B2BF925D}" = Windows Live Remote Service Resources "{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pilote vidéo Pinnacle "{709BE6E5-DE39-4E2F-9B9B-8DE299519495}" = Windows Live MIME IFilter "{739955BF-A241-4843-B90A-754B9023CB6C}" = Windows Live Family Safety "{76C32FF0-2957-4F56-8B5D-F62E3FB6B609}" = Windows Live ID Sign-in Assistant "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8AA463DE-2446-40A9-9C8F-E9C225E072D5}" = Windows Live Remote Client "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E4E1C2C2-37A1-4409-B26D-BFA3A52CDE6A}" = Windows Live Remote Service "{ECDF0939-A653-44D0-8B8E-597B890F45EC}" = Logitech Gaming Software 5.02 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall "ESL Wire_is1" = ESL Wire 1.9.4 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{015F3557-B651-41EF-8413-1DAFC594A63F}" = Recettes, Cuisine & Objets Cachés "{035C76D2-7D8E-484D-8CA3-686C0B474A2B}" = MSVCRT "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War 1.6 Patch "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011 "{11EFF057-8ED2-4321-A19D-D673DECB36CC}" = Junk Mail filter update "{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{14E3D14B-7852-477D-ACE2-895AF4322804}" = Ma-Config.com "{15643FB9-1509-44B2-A8CD-9868CB804A5B}" = Windows Live Photo Common Beta "{15AFFFD3-0E7E-4F56-B393-F22A2FE1A63D}" = Windows Live Sync Beta "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "{224935E4-2014-4B22-95DC-2CCF5428B4BF}" = Windows Live Writer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{231E4621-2428-405D-A7A4-8EB93486BAC7}" = Windows Live Bêta "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{2578D94A-A88A-4643-9DAA-F0A5E981EB04}" = Windows Live Messenger "{2607FE6B-1D61-46E5-A544-54666B0EF908}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 17 "{293493A8-6EF6-4335-8C96-08D2A8E87C73}" = Windows Live Family Safety "{29397E8C-6C98-4C84-83D8-FF987219EC01}_is1" = Rappelz "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch "{2C4F4D53-78D6-41FB-A4D7-105C537464EB}" = Mesh Runtime "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{314E3413-E1B7-4148-BE2E-F68FE449F033}" = Messenger Companion "{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook "{34785AD0-6276-11DF-A08A-0800200C9A66}" = Full Tilt Poker.Fr "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor "{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{44B660BB-EAC5-4D4F-9890-C607DD5F7630}" = Thrustmaster Calibration Tool "{46BAF2A0-3789-4E49-B000-4BB64426D1BF}" = Windows Live Installer "{46C106C9-3856-4A6A-AAC8-7070FBA02D2F}" = Windows Live Movie Maker "{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10 "{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{59AFDB2C-9A14-404E-8574-B4BDAEFD13CF}" = Windows Live UX Platform Language Pack "{61172A5D-60AA-43BE-958F-90451024E768}_is1" = Adobe Photoshop CS5 Portable "{61E7F654-7D99-4C69-94D8-DF53E297AF9B}" = Windows Live Photo Common "{62D14F31-92AF-4854-B9C9-C08F7F557F84}" = Windows Live Writer Resources "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{6592C2B8-949A-4C88-BCB9-0990A218B215}" = Windows Live UX Platform "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{66AF75C3-39FC-4B6F-A05D-C02E9088194C}" = Windows Live Writer "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6917F87D-921D-4EFA-9AA5-8CDEA9E28520}" = MSVCRT_amd64 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{74B0BEB0-2EB3-448F-B8E9-40983BC902E1}" = Windows Live SOXE Definitions "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{795851D4-BA00-4965-B2A8-94AA9C7C2789}" = Windows Live Mail "{7A8E7F22-3628-4846-A578-516BDCB2CEAA}" = Windows Live Sync Beta "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D73EFE7-ED6F-49C6-9685-C712A00F8DDD}" = Windows Live Messenger "{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster FFB Driver "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{91803386-4FBD-4C38-9644-26B0F9464031}" = Windows Live Photo Gallery "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D0467C4-F69C-4E9D-8765-7774D8971F5C}" = Windows Live Messenger Companion Core "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14 "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B5BD2B33-FDB8-4DE5-87B3-2810CAF4A6E4}" = Windows Live PIMT Platform "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6E6635A-4147-4101-BDF7-FDD7F38281FB}" = Windows Live Movie Maker "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War 1.5 Patch "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX "{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D65F8E34-C050-4E6C-86DB-D2B9075749A0}" = Windows Live Sync ActiveX Control for Remote Connections "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E672FA05-696F-4B98-ABC3-7A26B024496E}" = Galerie de photos Windows Live (bêta) "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EE338AB8-4E85-4C04-AC07-1357A266DD35}" = Windows Live Writer "{EFBE9DAB-9C80-4911-847B-2A2C25E8F9CB}" = Windows Live SOXE "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FA5D1C9E-154D-49B1-8CF0-DF5FAB6171EA}" = Windows Live Communications Platform "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "Ad-Aware" = Ad-Aware "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "Ad-Remover" = Ad-Remover By C_XX "AIDA32_is1" = AIDA32 v3.93 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BFGC" = Big Fish Games: Game Manager "CCleaner" = CCleaner (remove only) "Coccimail Capture_is1" = Coccimail Capture "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Counter-Strike Source MomoLAN Edition_is1" = Beta 2 "EADM" = EA Download Manager "EasyBits Magic Desktop" = Magic Desktop "EPSON Scanner" = EPSON Scan "EPSON Stylus SX200_SX400_TX200_TX400 Guide d'utilisation" = EPSON Stylus SX200_SX400_TX200_TX400 Manuel "facemoods" = facemoods "FileZilla Client" = FileZilla Client 3.3.5.1 "Fraps" = Fraps "Free Video Converter_is1" = Free Video Converter V 2.9 "GameCenter" = GameCenter "GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "HLSW_is1" = HLSW v1.3.3.7b "HP Remote Solution" = HP Remote Solution "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty® - World at War 1.6 Patch "InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty® - World at War 1.3 Patch "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War 1.2 Patch "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty® - World at War 1.4 Patch "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty® - World at War 1.5 Patch "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Les Experts - Complot à Las Vegas" = Les Experts - Complot à Las Vegas "MassMail_is1" = MassMail 1.07 "mIRC" = mIRC "Mumble" = Mumble and Murmur "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "OpenAL" = OpenAL "PokerStars.fr" = PokerStars.fr "PokerTH 0.8.1" = PokerTH "Pro Cycling Manager 2009_is1" = Pro Cycling Manager - Season 2009 1.0.0.0 "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11 "PunkBusterSvc" = PunkBuster Services "SCDNAS" = SHOUTcast DNAS (remove only) "Spyware Terminator_is1" = Spyware Terminator "Steam App 10" = Counter-Strike "Steam App 80" = Counter-Strike: Condition Zero "TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Tattoons) "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "VLC media player" = VLC media player 1.1.5 "vmndtxtb" = VMN Toolbar "WildTangent hp Master Uninstall" = HP Games "Winamp" = Winamp "WinLiveSuite" = Windows Live Bêta "WinRAR archiver" = Logiciel d'archivage WinRAR "Zylom Games Player Plugin" = Zylom Games Player Plugin ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "Google Chrome" = Google Chrome "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >
  7. Drog-
    OTL logfile created on: 01/02/2011 20:54:38 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Benoit\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 582,19 Gb Total Space | 357,31 Gb Free Space | 61,37% Space Free | Partition Type: NTFS Drive D: | 13,88 Gb Total Space | 2,45 Gb Free Space | 17,64% Space Free | Partition Type: NTFS Drive E: | 5,96 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: BEN-PC | User Name: Benoit | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/02/01 20:54:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Benoit\Desktop\OTL.exe PRC - [2011/01/13 19:27:29 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe PRC - [2011/01/12 10:18:25 | 000,407,336 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2010/12/19 12:31:18 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010/12/08 11:53:40 | 000,024,480 | ---- | M] () -- C:\Program Files\EslWire\inGame32.exe PRC - [2010/11/17 10:05:18 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010/10/25 22:30:02 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/07/30 15:37:50 | 003,184,800 | ---- | M] (mIRC Co. Ltd.) -- C:\Program Files (x86)\mIRC32\mirc.exe PRC - [2010/06/30 09:33:17 | 001,352,832 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010/06/26 16:47:51 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/06/16 11:30:43 | 000,864,112 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010/04/19 21:15:28 | 000,414,168 | ---- | M] (Visicom Media Inc.) -- C:\Users\Benoit\AppData\Roaming\vmndtxtb\vmn3_2dn.exe PRC - [2010/04/14 13:04:10 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe PRC - [2010/04/14 13:04:10 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009/11/23 17:54:39 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009/11/23 17:54:37 | 000,122,880 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe PRC - [2009/10/30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe PRC - [2008/06/13 15:23:00 | 002,105,344 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe ========== Modules (SafeList) ========== MOD - [2011/02/01 20:54:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Benoit\Desktop\OTL.exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010/07/11 17:39:29 | 000,551,824 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\Windows\SysNative\appdrvrem01.exe -- (appdrvrem01) SRV:64bit: - [2010/06/04 17:23:38 | 000,055,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009/12/13 18:29:09 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2011/01/12 10:18:25 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/12/19 12:31:18 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/06/30 09:33:17 | 001,352,832 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010/06/26 16:47:51 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/05/11 11:34:36 | 000,271,728 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/04/14 13:04:10 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/16 18:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2009/12/12 17:35:30 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/11/13 21:13:04 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService) SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/02/22 11:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2007/12/17 05:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) SRV - [2007/01/11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) ========== Driver Services (SafeList) ========== DRV:64bit: - [2010/12/19 12:31:20 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010/12/08 11:53:38 | 000,169,656 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC) DRV:64bit: - [2010/08/17 13:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2010/07/11 17:39:30 | 002,770,544 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\appdrv01.sys -- (appdrv01) Application Driver (01) DRV:64bit: - [2010/06/07 16:17:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010/06/06 09:33:22 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd) DRV:64bit: - [2010/05/13 15:17:56 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009/12/03 22:39:05 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009/12/03 11:18:24 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ESLvnic.sys -- (ESLvnic1) DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/19 17:19:38 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET) DRV:64bit: - [2008/01/24 23:08:34 | 000,057,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2008/01/24 23:08:24 | 000,015,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2008/01/24 23:08:04 | 000,032,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2008/01/24 23:07:54 | 000,022,024 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2007/12/28 14:59:30 | 000,342,528 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wg111v3.sys -- (RTL8187B) DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus) DRV - [2010/05/01 14:05:04 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2005/01/01 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Desktop | MSN.fr IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Desktop | MSN.fr IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034" [2010/05/09 08:51:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benoit\AppData\Roaming\mozilla\Extensions [2009/11/27 17:09:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benoit\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011/01/30 17:06:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benoit\AppData\Roaming\mozilla\Firefox\Profiles\ma4ceinq.default\extensions [2011/01/30 17:06:40 | 000,000,000 | ---D | M] (Fissa) -- C:\Users\Benoit\AppData\Roaming\mozilla\Firefox\Profiles\ma4ceinq.default\extensions\@FissaPlugin [2011/01/29 12:44:46 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Benoit\AppData\Roaming\mozilla\Firefox\Profiles\ma4ceinq.default\extensions\ffxtlbr@Facemoods.com [2010/12/13 13:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (no name) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - No CLSID value found. O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O2 - BHO: (no name) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {f379a94e-3c5d-4bad-b32c-0e3af1cc3617} - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKLM..\Run: [Network Error Advisor] C:\Program Files (x86)\vmndtxtb\ExeRunner.exe (Visicom Media Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [DLD.EXE] File not found O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH) O4 - HKCU..\Run: [spywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com) O4 - HKCU..\Run: [steam] c:\program files (x86)\steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.) O9 - Extra Button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found O9 - Extra 'Tools' menuitem : PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - File not found O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (PokerStars) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab ("Ma-Config.com control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/08/17 05:32:29 | 000,335,752 | R--- | M] (Konami Digital Entertainment Co., Ltd.) - E:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2010/08/17 05:32:29 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{6b60b49d-e054-11de-abba-00261898eb9e}\Shell - "" = AutoRun O33 - MountPoints2\{6b60b49d-e054-11de-abba-00261898eb9e}\Shell\AutoRun\command - "" = J:\Welcome\Welcome.exe O33 - MountPoints2\{e31117ce-c092-11de-9e39-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e31117ce-c092-11de-9e39-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2010/08/17 05:32:29 | 000,335,752 | R--- | M] (Konami Digital Entertainment Co., Ltd.) O33 - MountPoints2\{fd9c2e85-e0a8-11de-9dfb-00261898eb9e}\Shell - "" = AutoRun O33 - MountPoints2\{fd9c2e85-e0a8-11de-9dfb-00261898eb9e}\Shell\AutoRun\command - "" = L:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) ========== Files/Folders - Created Within 30 Days ========== [2011/02/01 20:53:52 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Benoit\Desktop\OTL.exe [2011/02/01 20:39:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover [2011/02/01 14:03:44 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Benoit\Documents\HijackThis.exe [2011/01/31 17:40:54 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\Dynamique [2011/01/31 17:40:53 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\Sites [2011/01/31 17:40:53 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\Classes de site [2011/01/31 17:39:10 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\vmndtxtb [2011/01/31 17:39:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vmndtxtb [2011/01/31 17:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTP Expert 3 [2011/01/31 17:27:30 | 000,000,000 | ---D | C] -- C:\Users\Benoit\Desktop\video vero [2011/01/30 18:37:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/01/30 17:14:51 | 000,000,000 | ---D | C] -- C:\VLC [2011/01/30 17:06:46 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\freetvradio Air [2011/01/29 15:36:06 | 000,000,000 | ---D | C] -- C:\Users\Benoit\Documents\Pinnacle Studio [2011/01/29 15:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle [2011/01/29 15:33:51 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\Downloaded Installations [2011/01/29 15:33:34 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\Pinnacle [2011/01/29 15:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Ultimate Collection [2011/01/29 15:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14 [2011/01/29 15:31:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects [2011/01/29 15:28:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging [2011/01/29 15:28:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo! [2011/01/29 15:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14 [2011/01/29 15:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus [2011/01/29 15:28:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle [2011/01/29 15:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle [2011/01/29 15:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle [2011/01/29 12:50:03 | 000,000,000 | ---D | C] -- C:\Users\Benoit\Documents\logi video [2011/01/29 12:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011/01/29 12:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\facemoods.com [2011/01/28 11:27:54 | 000,000,000 | ---D | C] -- C:\Users\Benoit\Desktop\ts mumble [2011/01/27 20:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter [2011/01/27 20:57:49 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\FreeVideoConverter [2011/01/27 20:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Video Converter [2011/01/27 20:52:16 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\AVS4YOU [2011/01/27 20:51:40 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll [2011/01/27 20:51:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll [2011/01/27 20:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia [2011/01/27 20:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2011/01/27 20:51:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU [2011/01/27 20:46:35 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\Uniblue [2011/01/27 20:46:24 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\PackageAware [2011/01/27 20:38:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FrostWire [2011/01/24 19:55:45 | 000,000,000 | ---D | C] -- C:\vanBasco's Karaoke Player [2011/01/24 19:55:45 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player [2011/01/17 12:07:29 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\cache [2011/01/17 12:05:34 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\FullTiltPoker.fr [2011/01/17 12:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Tilt Poker.Fr [2011/01/17 12:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Full Tilt Poker.Fr [2011/01/17 11:44:23 | 000,000,000 | ---D | C] -- C:\Users\Benoit\AppData\Local\PokerStars.FR [2011/01/17 11:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.FR [2011/01/17 11:43:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.FR [2011/01/14 17:24:38 | 000,000,000 | ---D | C] -- C:\Users\Benoit\Desktop\mirc7.1 [2011/01/12 10:24:10 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011/01/12 10:24:10 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011/01/12 10:24:10 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011/01/12 10:24:10 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011/01/12 10:24:09 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011/01/12 10:24:09 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011/01/12 10:24:09 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011/01/12 10:24:09 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011/01/12 10:24:09 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011/01/12 10:24:09 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011/01/12 10:24:08 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011/01/12 10:24:08 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011/01/12 10:24:08 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011/01/12 10:24:08 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011/01/12 10:24:08 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011/01/12 10:24:07 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011/01/12 10:24:07 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011/01/12 10:24:07 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011/01/12 10:24:07 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011/01/12 10:24:07 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011/01/12 10:24:07 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011/01/12 10:24:07 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011/01/12 10:24:06 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011/01/12 10:24:06 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011/01/12 10:24:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011/01/12 10:24:06 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011/01/12 10:24:06 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011/01/12 10:24:03 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011/01/12 10:24:03 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2010/11/20 21:52:16 | 001,061,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll [2010/11/20 21:52:16 | 000,544,768 | ---- | C] (Uniloc USA Inc.) -- C:\Program Files (x86)\saAudit2005MT.dll [2010/11/20 21:52:16 | 000,124,712 | ---- | C] (Valve Corporation) -- C:\Program Files (x86)\steam_api.dll [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/02/01 20:54:01 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Benoit\Desktop\OTL.exe [2011/02/01 20:50:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/02/01 20:50:01 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/02/01 20:45:31 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/02/01 20:42:24 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/02/01 20:42:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/01 20:42:14 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys [2011/02/01 20:40:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2265206799-1703818510-1393674886-1001UA.job [2011/02/01 20:39:10 | 000,001,857 | ---- | M] () -- C:\Users\Benoit\Desktop\AD-R.lnk [2011/02/01 20:29:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/02/01 19:40:00 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2265206799-1703818510-1393674886-1001Core.job [2011/02/01 14:03:51 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Benoit\Documents\HijackThis.exe [2011/02/01 13:49:38 | 000,000,781 | ---- | M] () -- C:\Users\Public\Desktop\ESL Wire.lnk [2011/01/31 17:45:03 | 000,012,288 | ---- | M] () -- C:\Users\Benoit\AppData\Roaming\Settings.cfg [2011/01/31 17:33:28 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2011/01/31 11:39:52 | 001,562,454 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/31 11:39:52 | 000,708,614 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/01/31 11:39:52 | 000,619,952 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/31 11:39:52 | 000,132,628 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/01/31 11:39:52 | 000,108,134 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/30 17:16:43 | 020,268,251 | ---- | M] () -- C:\Users\Benoit\Documents\vlc-1.1.6-win32.exe [2011/01/30 11:29:44 | 003,127,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/29 16:47:22 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2011/01/29 16:35:03 | 000,010,240 | ---- | M] () -- C:\Users\Benoit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/29 15:31:29 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2011/01/27 20:57:51 | 000,001,107 | ---- | M] () -- C:\Users\Benoit\Desktop\Free Video Converter.lnk [2011/01/26 14:14:13 | 000,001,396 | ---- | M] () -- C:\Users\Benoit\Desktop\tableau.html [2011/01/24 19:55:45 | 000,000,702 | ---- | M] () -- C:\Users\Benoit\Desktop\vanBasco's Karaoke Player.lnk [2011/01/17 12:05:21 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Full Tilt Poker.Fr.lnk [2011/01/17 11:44:01 | 000,001,074 | ---- | M] () -- C:\Users\Benoit\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk [2011/01/17 11:44:01 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.fr.lnk [2011/01/08 14:02:46 | 000,057,344 | ---- | M] () -- C:\Users\Benoit\Documents\Document sans titre.wps [2011/01/08 14:02:46 | 000,000,328 | ---- | M] () -- C:\Users\Benoit\AppData\Roaming\wklnhst.dat [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/02/01 20:45:31 | 000,000,396 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2011/02/01 20:39:10 | 000,001,857 | ---- | C] () -- C:\Users\Benoit\Desktop\AD-R.lnk [2011/01/31 17:40:53 | 000,012,288 | ---- | C] () -- C:\Users\Benoit\AppData\Roaming\Settings.cfg [2011/01/31 17:33:28 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk [2011/01/30 17:16:30 | 020,268,251 | ---- | C] () -- C:\Users\Benoit\Documents\vlc-1.1.6-win32.exe [2011/01/29 15:31:29 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle Studio 14.lnk [2011/01/29 15:26:40 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI [2011/01/27 20:57:51 | 000,001,107 | ---- | C] () -- C:\Users\Benoit\Desktop\Free Video Converter.lnk [2011/01/26 14:14:13 | 000,001,396 | ---- | C] () -- C:\Users\Benoit\Desktop\tableau.html [2011/01/24 19:55:45 | 000,000,702 | ---- | C] () -- C:\Users\Benoit\Desktop\vanBasco's Karaoke Player.lnk [2011/01/17 12:05:21 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Full Tilt Poker.Fr.lnk [2011/01/17 11:44:01 | 000,001,074 | ---- | C] () -- C:\Users\Benoit\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk [2011/01/17 11:44:01 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.fr.lnk [2011/01/11 15:41:51 | 000,000,000 | ---- | C] () -- C:\Users\Benoit\Sti_Trace.log [2011/01/08 14:02:46 | 000,057,344 | ---- | C] () -- C:\Users\Benoit\Documents\Document sans titre.wps [2010/11/20 21:52:16 | 000,151,552 | ---- | C] () -- C:\Program Files (x86)\IntelLaptopGamingXP.dll [2010/11/20 21:52:16 | 000,151,552 | ---- | C] () -- C:\Program Files (x86)\IntelLaptopGamingVista.dll [2010/11/20 21:50:53 | 000,007,876 | ---- | C] () -- C:\Program Files (x86)\FM_readme_English.txt [2010/11/20 21:50:53 | 000,001,742 | ---- | C] () -- C:\Program Files (x86)\special folders.xml [2010/10/29 19:50:59 | 000,087,436 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpCOUNTER-STRIKE_20100822_123036.3 [2010/10/29 19:50:58 | 000,087,602 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpCOUNTER-STRIKE_20100822_123036.1 [2010/10/29 19:50:58 | 000,087,220 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpCOUNTER-STRIKE_20100822_123036.2 [2010/10/29 19:50:57 | 000,108,817 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpCOUNTER-STRIKE_20100822_123036.JPG [2010/10/29 19:50:57 | 000,108,817 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpCOUNTER-STRIKE_20100822_123036.0 [2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/08/01 16:28:17 | 000,085,459 | ---- | C] () -- C:\Program Files (x86)\Uninstal.exe [2010/06/29 23:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL [2010/05/31 17:25:51 | 000,010,240 | ---- | C] () -- C:\Users\Benoit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/01/26 17:37:21 | 000,000,328 | ---- | C] () -- C:\Users\Benoit\AppData\Roaming\wklnhst.dat [2009/12/14 12:44:14 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini [2009/12/14 12:36:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX200DEFGIPS.ini [2009/12/01 14:15:56 | 000,328,275 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpTRYO_STUDIO_01[1].2 [2009/12/01 14:15:56 | 000,327,712 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpTRYO_STUDIO_01[1].3 [2009/12/01 14:15:54 | 000,327,884 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpTRYO_STUDIO_01[1].1 [2009/12/01 14:15:53 | 000,338,725 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpTRYO_STUDIO_01[1].JPG [2009/12/01 14:15:52 | 000,767,256 | ---- | C] () -- C:\Users\Benoit\AppData\Local\tmpTRYO_STUDIO_01[1].0 [2009/11/27 17:24:08 | 000,142,592 | ---- | C] () -- C:\Windows\SysWow64\drivers\sp_rsdrv2.sys [2009/08/03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009/08/03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009/08/03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006/11/01 20:04:29 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll [2006/02/27 01:16:08 | 000,002,941 | -H-- | C] () -- C:\Users\Benoit\AppData\Roaming\logs.dat ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > [2000/08/06 23:11:04 | 000,020,992 | ---- | M] () -- C:\mythxpak.exe [2001/05/11 21:45:20 | 000,075,431 | ---- | M] () -- C:\mythxuha.exe [2001/10/23 12:59:08 | 000,008,583 | ---- | M] (MYTH/DYNASTY) -- C:\SetupReg.exe < MD5 for: AGP440.SYS > [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: EVENTLOG.DLL > [2007/05/17 20:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll < MD5 for: IASTORV.SYS > [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll [2010/11/04 06:48:18 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll [2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:C0A9D0E7 @Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:E411AA0D @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:E8CB831A @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:E895790F @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:E7B4296D @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:6710EF08 @Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:5FA4CB99 @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5080697C @Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:054F0F17 @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:6425A235 @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:DC21D414 @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:5025C6E4 @Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:61B54B15 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:A6D6E537 @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:405D842B @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:F8F070C2 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:CA8D6B60 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:C10635F6 @Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:32A82570 @Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:FD000392 @Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4B1195DD @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:DE9AC04F @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:370E4EFB @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:CF61CE5A @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4A448DB2 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:943E8182 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:69AF9D20 @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:4C528C86 @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:EF5B3572 @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:C928F3BE @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:C5E2BAEE @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:7CEDF9F3 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:88A44CC1 @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:6017A808 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:E945C214 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:48FEA089 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:0E22C5DB @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:F45F3031 @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:896E1EFF @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5FFC2819 @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:6AF67671 @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:B8384DB6 @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:6444B424 @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:D46ECFD5 @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:89CF6F9C @Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:88698068 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:7FCB9D0D @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:55F44B88 @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:26FBC1F9 @Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:08D8BB20 @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:E51234A9 @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:E32966C0 < End of report >
  8. Drog-
    ossier supprimé: C:\Poker\Titan Poker Fichier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk Fichier supprimé: C:\Users\Public\MyWebTattoo.exe Dossier supprimé: C:\Program Files (x86)\Fast Browser Search Dossier supprimé: C:\Users\Benoit\AppData\Roaming\FissaSearch Dossier supprimé: C:\Users\Benoit\AppData\Roaming\freeTVRadio Dossier supprimé: C:\Program Files (x86)\freeTVRadio Dossier supprimé: C:\Program Files (x86)\Search Guard Plus Dossier supprimé: C:\Program Files (x86)\Search Guard PlusU Dossier supprimé: C:\Program Files (x86)\vShare Dossier supprimé: C:\Users\Benoit\AppData\Roaming\OfferBox Dossier supprimé: C:\Program Files (x86)\OfferBox (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKLM\Software\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Clé supprimée: HKLM\Software\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83} Clé supprimée: HKLM\Software\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} Clé supprimée: HKLM\Software\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C} Clé supprimée: HKLM\Software\Classes\CLSID\{A7E8C343-7860-4A95-9AA8-AAF30D0F6D1E} Clé supprimée: HKLM\Software\Classes\CLSID\{d5b8015d-68af-4b2c-9412-e349d82ab4a2} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5b8015d-68af-4b2c-9412-e349d82ab4a2} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d5b8015d-68af-4b2c-9412-e349d82ab4a2} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5b8015d-68af-4b2c-9412-e349d82ab4a2} Clé supprimée: HKLM\Software\Classes\CLSID\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f379a94e-3c5d-4bad-b32c-0e3af1cc3617} Clé supprimée: HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} Clé supprimée: HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Clé supprimée: HKLM\Software\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D} Clé supprimée: HKLM\Software\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD} Clé supprimée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Clé supprimée: HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B} Clé supprimée: HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} Clé supprimée: HKLM\Software\Classes\TypeLib\{3088C799-9630-4719-A471-4544D7CABC2D} Clé supprimée: HKLM\Software\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24} Clé supprimée: HKLM\Software\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10} Clé supprimée: HKLM\Software\Classes\TypeLib\{ED85AEBE-F834-4088-B5D3-97EB2478A6CD} Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer Clé supprimée: HKLM\Software\Classes\OfferBox.OfferBoxServer.1 Clé supprimée: HKLM\Software\Classes\vShare.IMedixProtocol Clé supprimée: HKLM\Software\Classes\vShare.IMedixProtocol.1 Clé supprimée: HKLM\Software\Classes\vShare.PugiObj Clé supprimée: HKLM\Software\Classes\vShare.PugiObj.1 Clé supprimée: HKLM\Software\Classes\vShare.ScriptHelpers Clé supprimée: HKLM\Software\Classes\vShare.ScriptHelpers.1 Clé supprimée: HKLM\Software\Classes\AppID\BHO.dll Clé supprimée: HKLM\Software\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300} Clé supprimée: HKLM\Software\OfferBox Clé supprimée: HKLM\Software\FissaSearch Clé supprimée: HKCU\Software\OfferBox Clé supprimée: HKCU\Software\FissaSearch Clé supprimée: HKCU\Software\freeTVRadio Clé supprimée: HKCU\Software\vShare Clé supprimée: HKCU\Software\FBSearch Clé supprimée: HKCU\Software\Grand Virtual Clé supprimée: HKCU\Software\SGPUpdater Clé supprimée: HKCU\Software\Titan Poker Clé supprimée: HKU\.DEFAULT\Software\CToolbar Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91FED8A7-55B3-490c-8210-2E5BA27EE213} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox Browser Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vShare Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Guard Plus Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Guard Plus Updater Clé supprimée: HKLM\Software\Classes\PROTOCOLS\Handler\vsharechrome Clé supprimée: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{043C5167-00BB-4324-AF7E-62013FAEDACF} Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{043C5167-00BB-4324-AF7E-62013FAEDACF} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{1BB22D38-A411-4B13-A746-C2A4F4EC7344} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B3803EA-5230-4DC3-A7FC-33638F3D3542} ============== SCAN ADDITIONNEL ============== ** Mozilla Firefox Version [impossible d'obtenir la version] ** -- C:\Users\Benoit\AppData\Roaming\Mozilla\FireFox\Profiles\ma4ceinq.default\Prefs.js -- browser.startup.homepage_override.mstone, rv:1.9.3a4 browser.search.defaultenginename, Yahoo browser.search.selectedEngine, Yahoo keyword.URL, hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&p= ======================================== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Search Asst: on [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\SysWOW64\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 98 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 01/02/2011 (10099 Octet(s)) Fin à: 20:41:26, 01/02/2011 ============== E.O.F ==============
  9. Drog-
    je post mon rapport hijackthis ici pour savoir si quelque chose ne va pas merci d'avance. Running processes: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe C:\Users\Benoit\AppData\Roaming\vmndtxtb\vmn3_2dn.exe c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\EslWire\inGame32.exe C:\Program Files (x86)\mIRC32\mirc.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Program Files (x86)\OfferBox\OfferBox.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Benoit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTKYTXG5\HiJackThis[1].exe C:\Users\Benoit\Documents\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL: Internet, Téléphone, Télévision R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Desktop | MSN.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - (no file) O2 - BHO: (no name) - {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Updater For VMN Toolbar - {d5b8015d-68af-4b2c-9412-e349d82ab4a2} - C:\Program Files (x86)\vmndtxtb\auxi\vmndtxAu.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: (no name) - {F0626A63-410B-45E2-99A1-3F2475B2D695} - (no file) O2 - BHO: VMN Toolbar - {f379a94e-3c5d-4bad-b32c-0e3af1cc3617} - C:\Program Files (x86)\vmndtxtb\vmndtxDx.dll O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files (x86)\OfferBox\OfferBoxBHO.dll O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file) O3 - Toolbar: Fast Browser Search - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Fast Browser Search\IE\FBStoolbar.dll (file missing) O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll O3 - Toolbar: VMN Toolbar - {f379a94e-3c5d-4bad-b32c-0e3af1cc3617} - C:\Program Files (x86)\vmndtxtb\vmndtxDx.dll O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe" /md I O4 - HKLM\..\Run: [Network Error Advisor] "C:\Program Files (x86)\vmndtxtb\ExeRunner.exe" vmndtxtb vmn3_2dn O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [steam] "c:\program files (x86)\steam\steam.exe" -silent O4 - HKCU\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Users\Benoit\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [ESL Wire] "C:\Program Files\EslWire\wire.exe" --tray O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user') O4 - Global Startup: Assistant Smart Wizard NETGEAR pour WG311v3.lnk = C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.fr - {725EC34E-943C-4df6-B0B2-FBDE7F242276} - C:\Programs\PartyFrance\PartyPokerFr\RunApp.exe (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} (EAFO3AXLauncher Control) - http://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://config.zebulon.fr/plugins/MaConfig_4_1_0_2.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 29847 bytes
  10. Drog-
    Bonjour , mes pages internet se bloquent régulièrement pendant plusiseurs seconde avant de revenir a la normale, donc je vous post mon rapport hijackthis pour savoir s'il y a un probleme a ce niveau. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:55:26, on 06/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\AntiVir PersonalEdition Classic\sched.exe I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe I:\WINDOWS\System32\FTRTSVC.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\WINDOWS\system32\nvsvc32.exe I:\Program Files\Spyware Terminator\sp_rsser.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\wscntfy.exe I:\WINDOWS\Explorer.EXE I:\WINDOWS\system32\RunDll32.exe I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe I:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe I:\program files\valve\steam\steam.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe I:\Program Files\DAEMON Tools Lite\daemon.exe I:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\Logitech\SetPoint\SetPoint.exe I:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\WinRAR\WinRAR.exe I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\Rar$EX00.203\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Google Quick Search Box] "I:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [spywareTerminator] "I:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [steam] "i:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [spywareTerminatorUpdate] "I:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech SetPoint.lnk = I:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Google Sidewiki... - res://I:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_803138DCE93649E4.dll/cmsidewiki.html O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_C5284CC30AB3000E.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Remote Connections Service (FlexService) - Unknown owner - I:\Program Files\RapidBIT\cisvc.exe (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - I:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - I:\Program Files\Spyware Terminator\sp_rsser.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 5546 bytes
  11. Drog-
    merci pour ta réponse
  12. Drog-
    mon interner explorer se bloque régulièrement c'est pour ce la que je vous poste mon rapport hijackthis pour savoir si il y a un soucis . Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:13:04, on 17/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\AntiVir PersonalEdition Classic\sched.exe I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe I:\WINDOWS\System32\FTRTSVC.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\Program Files\CDBurnerXP\NMSAccessU.exe I:\WINDOWS\system32\nvsvc32.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\Explorer.EXE I:\WINDOWS\system32\wscntfy.exe I:\WINDOWS\system32\RunDll32.exe I:\program files\valve\steam\steam.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\DAEMON Tools Lite\daemon.exe I:\Program Files\Logitech\SetPoint\SetPoint.exe I:\Program Files\SpywareGuard\sgmain.exe I:\Program Files\SpywareGuard\sgbhp.exe I:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\WinRAR\WinRAR.exe I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\Rar$EX01.593\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - I:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKCU\..\Run: [steam] "i:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] "I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "I:\WINDOWS\TEMP\E_S6.tmp" /EF "HKCU" O4 - HKCU\..\Run: [DAEMON Tools Lite] "I:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - Startup: SpywareGuard.lnk = I:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Logitech SetPoint.lnk = I:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Remote Connections Service (FlexService) - Unknown owner - I:\Program Files\RapidBIT\cisvc.exe (file missing) O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Imapi Helper - Alex Feinman - I:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - I:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NMSAccessU - Unknown owner - I:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 5720 bytes
  13. Drog-
    voici le rapport Clean Navipromo version 3.7.7 commencé le 16/05/2009 à 14:30:36,87 Outil exécuté depuis I:\Program Files\navilog1 Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : benoit pellissier ( Administrator ) BOOT : Normal boot Antivirus : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 (Activated) A:\ (USB) D:\ (USB) E:\ (USB) F:\ (USB) G:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go) H:\ (CD or DVD) - UDF - Total:3 Go (Free:0 Go) I:\ (Local Disk) - NTFS - Total:298 Go (Free:95 Go) J:\ (CD or DVD) K:\ (CD or DVD) L:\ (CD or DVD) M:\ (CD or DVD) T:\ (USB) Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage exécuté au redémarrage de l'ordinateur *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "I:\WINDOWS\System32" * apsagrhdvq.exe trouvé ! Copie apsagrhdvq.exe réalisée avec succès ! apsagrhdvq.exe supprimé ! ciozxk.exe trouvé ! Copie ciozxk.exe réalisée avec succès ! ciozxk.exe supprimé ! cpiuczkp.exe trouvé ! Copie cpiuczkp.exe réalisée avec succès ! cpiuczkp.exe supprimé ! hgzjzw.exe trouvé ! Copie hgzjzw.exe réalisée avec succès ! hgzjzw.exe supprimé ! htgkzmjpb.exe trouvé ! Copie htgkzmjpb.exe réalisée avec succès ! htgkzmjpb.exe supprimé ! ibishslhpj.exe trouvé ! Copie ibishslhpj.exe réalisée avec succès ! ibishslhpj.exe supprimé ! kejxxwpne.exe trouvé ! Copie kejxxwpne.exe réalisée avec succès ! kejxxwpne.exe supprimé ! knrrowkwa.exe trouvé ! Copie knrrowkwa.exe réalisée avec succès ! knrrowkwa.exe supprimé ! mtnvkjn.exe trouvé ! Copie mtnvkjn.exe réalisée avec succès ! mtnvkjn.exe supprimé ! muhwiva.exe trouvé ! Copie muhwiva.exe réalisée avec succès ! muhwiva.exe supprimé ! ojcaawk.exe trouvé ! Copie ojcaawk.exe réalisée avec succès ! ojcaawk.exe supprimé ! qmejsxtqlm.exe trouvé ! Copie qmejsxtqlm.exe réalisée avec succès ! qmejsxtqlm.exe supprimé ! qnzhtvbhp.exe trouvé ! Copie qnzhtvbhp.exe réalisée avec succès ! qnzhtvbhp.exe supprimé ! thsgdqvj.exe trouvé ! Copie thsgdqvj.exe réalisée avec succès ! thsgdqvj.exe supprimé ! tiuajpu.exe trouvé ! Copie tiuajpu.exe réalisée avec succès ! tiuajpu.exe supprimé ! tsrtize.exe trouvé ! Copie tsrtize.exe réalisée avec succès ! tsrtize.exe supprimé ! tuqvthi.exe trouvé ! Copie tuqvthi.exe réalisée avec succès ! tuqvthi.exe supprimé ! ugoesphlu.exe trouvé ! Copie ugoesphlu.exe réalisée avec succès ! ugoesphlu.exe supprimé ! wobttsiol.exe trouvé ! Copie wobttsiol.exe réalisée avec succès ! wobttsiol.exe supprimé ! * Suppression dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" * * Suppression dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Suppression dossiers dans "I:\WINDOWS" *** *** Suppression dossiers dans "I:\Program Files" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "I:\Documents and Settings\All Users\menudm~1\progra~1" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "I:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "i:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "I:\Documents and Settings\benoit pellissier\applic~1" *** ...\Live-Player ...suppression... ...\Live-Player supprimé ! *** Suppression dossiers dans "I:\DOCUME~1\ADMINI~1\applic~1" *** *** Suppression dossiers dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" *** *** Suppression dossiers dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Suppression dossiers dans "I:\Documents and Settings\benoit pellissier\menudm~1\progra~1" *** *** Suppression dossiers dans "I:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Suppression fichiers *** i:\docume~1\alluse~1\bureau\Live-Player.lnk supprimé ! I:\WINDOWS\prefetch\LIVE-PLAYER.EXE-21A6817A.pf supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu I:\WINDOWS\Temp effectué ! Nettoyage contenu I:\Documents and Settings\benoit pellissier\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "I:\WINDOWS\system32" * I:\WINDOWS\prefetch\mywus*.pf trouvé ! Copie I:\WINDOWS\prefetch\mywus*.pf réalisée avec succès ! I:\WINDOWS\prefetch\mywus*.pf supprimé ! * Dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" * mywus.exe trouvé ! Copie mywus.exe réalisée avec succès ! mywus.exe supprimé ! mywus.dat trouvé ! Copie mywus.dat réalisée avec succès ! mywus.dat supprimé ! mywus_nav.dat trouvé ! Copie mywus_nav.dat réalisée avec succès ! mywus_nav.dat supprimé ! mywus_navps.dat trouvé ! Copie mywus_navps.dat réalisée avec succès ! mywus_navps.dat supprimé ! * Dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group supprimé ! Certificat Montorgueil absent ! Certificat OOO-Favorit supprimé ! Certificat Sunny-Day-Design-Ltdt absent ! *** Fichiers suspects non supprimés par Navilog1 *** !! Fichiers légitimes possibles, à contrôler avant suppression !! Fichiers suspects dans "I:\WINDOWS\system32" : yibqqmxer.exe trouvé ! *** Recherche autres dossiers et fichiers connus *** *** Nettoyage terminé le 16/05/2009 à 14:36:48,28 ***
  14. Drog-
    merci pour ta reponse je te poste le resultat. Search Navipromo version 3.7.7 commencé le 16/05/2009 à 12:49:46,12 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis I:\Program Files\navilog1 Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Uniprocessor Free : AMD Athlon 64 Processor 3200+ ) BIOS : Phoenix - AwardBIOS v6.00PG USER : benoit pellissier ( Administrator ) BOOT : Normal boot Antivirus : AntiVir PersonalEdition Classic Virus Protection 0.0.0.0 (Activated) A:\ (USB) D:\ (USB) E:\ (USB) F:\ (USB) G:\ (CD or DVD) - UDF - Total:7 Go (Free:0 Go) H:\ (CD or DVD) I:\ (Local Disk) - NTFS - Total:298 Go (Free:97 Go) J:\ (CD or DVD) K:\ (CD or DVD) L:\ (CD or DVD) M:\ (CD or DVD) T:\ (USB) Recherche executé en mode normal *** Recherche dossiers dans "I:\WINDOWS" *** *** Recherche dossiers dans "I:\Program Files" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "I:\Documents and Settings\All Users\menudm~1\progra~1" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "I:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "i:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "I:\Documents and Settings\benoit pellissier\applic~1" *** ...\Live-Player trouvé ! *** Recherche dossiers dans "I:\DOCUME~1\ADMINI~1\applic~1" *** *** Recherche dossiers dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" *** *** Recherche dossiers dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" *** *** Recherche dossiers dans "I:\Documents and Settings\benoit pellissier\menudm~1\progra~1" *** *** Recherche dossiers dans "I:\DOCUME~1\ADMINI~1\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "I:\WINDOWS\system32" * Fichiers trouvés : apsagrhdvq.exe trouvé ! ciozxk.exe trouvé ! cpiuczkp.exe trouvé ! hgzjzw.exe trouvé ! htgkzmjpb.exe trouvé ! ibishslhpj.exe trouvé ! kejxxwpne.exe trouvé ! knrrowkwa.exe trouvé ! mtnvkjn.exe trouvé ! muhwiva.exe trouvé ! ojcaawk.exe trouvé ! qmejsxtqlm.exe trouvé ! qnzhtvbhp.exe trouvé ! thsgdqvj.exe trouvé ! tiuajpu.exe trouvé ! tsrtize.exe trouvé ! tuqvthi.exe trouvé ! ugoesphlu.exe trouvé ! wobttsiol.exe trouvé ! Fichiers suspects : yibqqmxer.exe trouvé ! * Recherche dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" * * Recherche dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" * *** Recherche fichiers *** i:\docume~1\alluse~1\bureau\Live-Player.lnk trouvé ! I:\WINDOWS\prefetch\LIVE-PLAYER.EXE-21A6817A.pf trouvé ! *** Recherche clés spécifiques dans le Registre *** !! Les clés trouvées ne sont pas forcément infectées !! [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mywus"="\"i:\\documents and settings\\benoit pellissier\\local settings\\application data\\mywus.exe\" mywus" *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "I:\WINDOWS\system32" : * Dans "I:\Documents and Settings\benoit pellissier\locals~1\applic~1" : mywus.exe trouvé ! mywus.dat trouvé ! mywus_nav.dat trouvé ! mywus_navps.dat trouvé ! * Dans "I:\DOCUME~1\ADMINI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group trouvé ! Certificat Montorgueil absent ! Certificat OOO-Favorit trouvé ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche autres dossiers et fichiers connus : *** Analyse terminée le 16/05/2009 à 13:02:24,92 ***
  15. Drog-
    bonjour je vous met mon rapport pour savoir s'il y a quelques chose qui va pas car j'ai des pub qui apparaissent souvent. merci d'avance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:40:50, on 16/05/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\svchost.exe I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\a-squared Anti-Malware\a2service.exe I:\Program Files\AntiVir PersonalEdition Classic\sched.exe I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe I:\WINDOWS\System32\FTRTSVC.exe I:\Program Files\Java\jre6\bin\jqs.exe I:\WINDOWS\system32\nvsvc32.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\wscntfy.exe I:\WINDOWS\Explorer.EXE I:\WINDOWS\system32\RunDll32.exe I:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe I:\Program Files\Iminent\IMBooster\IMBooster.exe I:\Program Files\Java\jre6\bin\jusched.exe I:\program files\valve\steam\steam.exe I:\Program Files\Windows Live\Messenger\msnmsgr.exe I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe I:\WINDOWS\system32\ctfmon.exe I:\Program Files\MP4 Player\mp4Player.exe I:\documents and settings\benoit pellissier\local settings\application data\mywus.exe I:\Program Files\Logitech\SetPoint\SetPoint.exe I:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE H:\EPSETUP.EXE I:\Program Files\mIRC\mirc.exe I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Malwarebytes' Anti-Malware\mbam.exe I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\Rar$EX00.094\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - I:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iminent.Notifier] I:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe O4 - HKLM\..\Run: [iMBooster] I:\Program Files\Iminent\IMBooster\IMBooster.exe /warmup O4 - HKLM\..\Run: [sunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [steam] "i:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MP4 Player] "I:\Program Files\MP4 Player\mp4Player.exe" hmw O4 - HKCU\..\Run: [mywus] "i:\documents and settings\benoit pellissier\local settings\application data\mywus.exe" mywus O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "I:\WINDOWS\TEMP\E_S6.tmp" /EF "HKCU" O4 - Global Startup: Logitech SetPoint.lnk = I:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - I:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - I:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - I:\WINDOWS\System32\appdrvrem01.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - I:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Software Updater (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - I:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 7881 bytes
  16. Drog-

    erreur run time

    Drog- a répondu à un(e) sujet de Drog- dans Hardware

    Je viens d installer ce que tu ma dit via ton liens mais j'ai toujours le meme probleme
  17. Drog-

    erreur run time

    Drog- a posté un sujet dans Hardware

    Bonjour, Quand je lance pcm2008 un message d erreur runtime s affiche. Titre : Microsoft Visual C++ Runtime Library RunTime error! Program:Program Files\Cyanide\Pro Cycling Manager - Season 2008\PCM.exe This application has requested the RunTime to terminate it in an usual way. Please contact the application's support team for more information. voila je voulais savoir si vous auriez une idée sur qui y aurais à faire pour résoudre ce probleme merci.
  18. Drog-
    voici le resultat cfscript combix : ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 17:07:47.3 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.449 [GMT 2:00] Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe Command switches used :: I:\Documents and Settings\benoit pellissier\Bureau\CFScript.txt * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: I:\SDFix.exe I:\WINDOWS\NV35763580.TMP I:\WINDOWS\system32\C3DL15v4.exe I:\WINDOWS\system32\C3DL15v4.exe.a_a I:\WINDOWS\system32\HJO0GNU5.exe I:\WINDOWS\system32\HJO0GNU5.exe.a_a I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll I:\WINDOWS\system32\kkkcccypnwb.exe I:\WINDOWS\system32\NW1iG6cU.exe I:\WINDOWS\system32\NW1iG6cU.exe.a_a I:\WINDOWS\system32\tOgc374C.exe I:\WINDOWS\system32\tOgc374C.exe.a_a . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . I:\WINDOWS\system32\C3DL15v4.exe I:\WINDOWS\system32\C3DL15v4.exe.a_a I:\WINDOWS\system32\HJO0GNU5.exe.a_a I:\WINDOWS\system32\kkkcccypnwb.exe I:\WINDOWS\system32\NW1iG6cU.exe.a_a I:\WINDOWS\system32\tOgc374C.exe.a_a . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_EWDMAUDN -------\Service_ewdmaudn ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))))))) . 2008-07-18 16:44 . 2008-07-18 16:44 <REP> d-------- I:\_OTMoveIt 2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys 2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll 2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll 2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui 2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457 2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58 2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll 2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite 2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware 2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo 2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix 2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97 2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav 2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer 2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild 2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies 2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0 2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK 2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys 2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe 2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2 2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat 2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules 2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard 2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games 2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade 2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania 2008-07-06 12:20 . 2008-07-18 16:50 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008 2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader 2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris 2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb 2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb 2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2 2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF 2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo! 2008-06-28 07:37 . 2008-07-18 17:12 109,927 --a------ I:\WINDOWS\system32\oodbs.lor 2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI 2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag 2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software 2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP 2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner 2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat 2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-18 15:07 --------- d-----w I:\Program Files\XARA 2008-07-18 12:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater 2008-07-18 12:36 --------- d-----w I:\Program Files\Google 2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo 2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger 2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live 2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC 2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME 2008-07-14 18:27 --------- d-----w I:\Program Files\PKR 2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script 2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information 2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide 2008-07-11 15:07 --------- d-----w I:\Program Files\Java 2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire 2008-07-09 13:54 --------- d-----w I:\Program Files\eMule 2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2 2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla 2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub 2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress 2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire 2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys 2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom 2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield 2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live 2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio 2008-06-07 14:56 --------- d-----w I:\Program Files\Valve 2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll 2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll 2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports 1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032] "msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360] "NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024] "BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "SENTINEL"= snti386.dll [HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] --a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared] --a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] --a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray] --a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] --a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "I:\\Program Files\\MSN Messenger\\livecall.exe"= "I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"= "I:\\Program Files\\ICQ6\\ICQ.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"= "I:\\Program Files\\LimeWire\\LimeWire.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3478:UDP"= 3478:UDP:stun "3479:UDP"= 3479:UDP:stun 2 "6112:UDP"= 6112:UDP:stun 3 "5730:UDP"= 5730:UDP:game "5739:UDP"= 5739:UDP:game 1 "9001:TCP"= 9001:TCP:game 2 "11881:TCP"= 11881:TCP:game 3 "11881:UDP"= 11881:UDP:game4 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58] R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33] R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32] R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37] R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32] S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20] S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}] \Shell\AutoRun\command - K:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}] \Shell\AutoRun\command - G:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}] \Shell\AutoRun\command - L:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-07-18 13:21:10 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job" - I:\WINDOWS\system32\msfeedssync.exe . - - - - ORPHANS REMOVED - - - - HKLM-Run-Cmaudio - cmicnfg.cpl MSConfigStartUp-HiYo - I:\Program Files\HiYo\bin\HiYo.exe MSConfigStartUp-UnlockerAssistant - I:\Program Files\Unlocker\UnlockerAssistant.exe MSConfigStartUp-Microsoft Corporation Svchost Service - mssvc.exe ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-18 17:13:05 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... I:\Documents and Settings\benoit pellissier\Application Data\Microsoft\Windows Live Call\Logs\msncalllog5.txt 690 bytes Scan termin‚ avec succŠs Les fichiers cach‚s: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe I:\Program Files\a-squared Anti-Malware\a2service.exe I:\Program Files\AntiVir PersonalEdition Classic\sched.exe I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe I:\WINDOWS\system32\FTRTSVC.exe I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe I:\WINDOWS\system32\nvsvc32.exe I:\PROGRA~1\MSNMES~1\msnmsgr.exe I:\Program Files\Google\Google Updater\GoogleUpdater.exe I:\WINDOWS\system32\oodag.exe I:\WINDOWS\system32\PnkBstrA.exe I:\WINDOWS\system32\wscntfy.exe I:\Program Files\MSN Messenger\usnsvc.exe . ************************************************************************** . Temps d'accomplissement: 2008-07-18 17:17:36 - machine was rebooted [benoit pellissier] ComboFix-quarantined-files.txt 2008-07-18 15:17:33 Pre-Run: 177,190,830,080 octets libres Post-Run: 177,136,607,232 octets libres 258 --- E O F --- 2008-01-10 00:54:35
  19. Drog-
    resultat pour le 1er code : < I:\WINDOWS\Tasks\At*.job > I:\WINDOWS\Tasks\At1.job moved successfully. I:\WINDOWS\Tasks\At10.job moved successfully. I:\WINDOWS\Tasks\At11.job moved successfully. I:\WINDOWS\Tasks\At12.job moved successfully. I:\WINDOWS\Tasks\At13.job moved successfully. I:\WINDOWS\Tasks\At14.job moved successfully. I:\WINDOWS\Tasks\At15.job moved successfully. I:\WINDOWS\Tasks\At16.job moved successfully. I:\WINDOWS\Tasks\At17.job moved successfully. I:\WINDOWS\Tasks\At18.job moved successfully. I:\WINDOWS\Tasks\At19.job moved successfully. I:\WINDOWS\Tasks\At2.job moved successfully. I:\WINDOWS\Tasks\At20.job moved successfully. I:\WINDOWS\Tasks\At21.job moved successfully. I:\WINDOWS\Tasks\At22.job moved successfully. I:\WINDOWS\Tasks\At23.job moved successfully. I:\WINDOWS\Tasks\At24.job moved successfully. I:\WINDOWS\Tasks\At25.job moved successfully. I:\WINDOWS\Tasks\At26.job moved successfully. I:\WINDOWS\Tasks\At27.job moved successfully. I:\WINDOWS\Tasks\At28.job moved successfully. I:\WINDOWS\Tasks\At29.job moved successfully. I:\WINDOWS\Tasks\At3.job moved successfully. I:\WINDOWS\Tasks\At30.job moved successfully. I:\WINDOWS\Tasks\At31.job moved successfully. I:\WINDOWS\Tasks\At32.job moved successfully. I:\WINDOWS\Tasks\At33.job moved successfully. I:\WINDOWS\Tasks\At34.job moved successfully. I:\WINDOWS\Tasks\At35.job moved successfully. I:\WINDOWS\Tasks\At36.job moved successfully. I:\WINDOWS\Tasks\At37.job moved successfully. I:\WINDOWS\Tasks\At38.job moved successfully. I:\WINDOWS\Tasks\At39.job moved successfully. I:\WINDOWS\Tasks\At4.job moved successfully. I:\WINDOWS\Tasks\At40.job moved successfully. I:\WINDOWS\Tasks\At41.job moved successfully. I:\WINDOWS\Tasks\At42.job moved successfully. I:\WINDOWS\Tasks\At43.job moved successfully. I:\WINDOWS\Tasks\At44.job moved successfully. I:\WINDOWS\Tasks\At45.job moved successfully. I:\WINDOWS\Tasks\At46.job moved successfully. I:\WINDOWS\Tasks\At47.job moved successfully. I:\WINDOWS\Tasks\At48.job moved successfully. I:\WINDOWS\Tasks\At49.job moved successfully. I:\WINDOWS\Tasks\At5.job moved successfully. I:\WINDOWS\Tasks\At50.job moved successfully. I:\WINDOWS\Tasks\At51.job moved successfully. I:\WINDOWS\Tasks\At52.job moved successfully. I:\WINDOWS\Tasks\At53.job moved successfully. I:\WINDOWS\Tasks\At54.job moved successfully. I:\WINDOWS\Tasks\At55.job moved successfully. I:\WINDOWS\Tasks\At56.job moved successfully. I:\WINDOWS\Tasks\At57.job moved successfully. I:\WINDOWS\Tasks\At58.job moved successfully. I:\WINDOWS\Tasks\At59.job moved successfully. I:\WINDOWS\Tasks\At6.job moved successfully. I:\WINDOWS\Tasks\At60.job moved successfully. I:\WINDOWS\Tasks\At61.job moved successfully. I:\WINDOWS\Tasks\At62.job moved successfully. I:\WINDOWS\Tasks\At63.job moved successfully. I:\WINDOWS\Tasks\At64.job moved successfully. I:\WINDOWS\Tasks\At65.job moved successfully. I:\WINDOWS\Tasks\At66.job moved successfully. I:\WINDOWS\Tasks\At67.job moved successfully. I:\WINDOWS\Tasks\At68.job moved successfully. I:\WINDOWS\Tasks\At69.job moved successfully. I:\WINDOWS\Tasks\At7.job moved successfully. I:\WINDOWS\Tasks\At70.job moved successfully. I:\WINDOWS\Tasks\At71.job moved successfully. I:\WINDOWS\Tasks\At72.job moved successfully. I:\WINDOWS\Tasks\At73.job moved successfully. I:\WINDOWS\Tasks\At74.job moved successfully. I:\WINDOWS\Tasks\At75.job moved successfully. I:\WINDOWS\Tasks\At76.job moved successfully. I:\WINDOWS\Tasks\At77.job moved successfully. I:\WINDOWS\Tasks\At78.job moved successfully. I:\WINDOWS\Tasks\At79.job moved successfully. I:\WINDOWS\Tasks\At8.job moved successfully. I:\WINDOWS\Tasks\At80.job moved successfully. I:\WINDOWS\Tasks\At81.job moved successfully. I:\WINDOWS\Tasks\At82.job moved successfully. I:\WINDOWS\Tasks\At83.job moved successfully. I:\WINDOWS\Tasks\At84.job moved successfully. I:\WINDOWS\Tasks\At85.job moved successfully. I:\WINDOWS\Tasks\At86.job moved successfully. I:\WINDOWS\Tasks\At87.job moved successfully. I:\WINDOWS\Tasks\At88.job moved successfully. I:\WINDOWS\Tasks\At89.job moved successfully. I:\WINDOWS\Tasks\At9.job moved successfully. I:\WINDOWS\Tasks\At90.job moved successfully. I:\WINDOWS\Tasks\At91.job moved successfully. I:\WINDOWS\Tasks\At92.job moved successfully. I:\WINDOWS\Tasks\At93.job moved successfully. I:\WINDOWS\Tasks\At94.job moved successfully. I:\WINDOWS\Tasks\At95.job moved successfully. I:\WINDOWS\Tasks\At96.job moved successfully. OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07182008_165149
  20. Drog-
    merci vais test
  21. Drog-
    voici mon nouveau rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:42:37, on 18/07/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: I:\WINDOWS\System32\smss.exe I:\WINDOWS\system32\winlogon.exe I:\WINDOWS\system32\services.exe I:\WINDOWS\system32\lsass.exe I:\WINDOWS\system32\svchost.exe I:\WINDOWS\System32\svchost.exe I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe I:\WINDOWS\system32\spoolsv.exe I:\Program Files\a-squared Anti-Malware\a2service.exe I:\Program Files\AntiVir PersonalEdition Classic\sched.exe I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe I:\WINDOWS\System32\FTRTSVC.exe I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe I:\WINDOWS\system32\nvsvc32.exe I:\WINDOWS\system32\oodag.exe I:\WINDOWS\system32\PnkBstrA.exe I:\WINDOWS\System32\svchost.exe I:\WINDOWS\system32\wscntfy.exe I:\program files\powerstrip\pstrip.exe I:\Program Files\MessengerPlus! 3\MsgPlus.exe I:\WINDOWS\VM_STI.EXE I:\WINDOWS\system32\ctfmon.exe I:\program files\valve\steam\steam.exe I:\Program Files\MSN Messenger\MsnMsgr.Exe I:\Program Files\Google\Google Updater\GoogleUpdater.exe I:\Program Files\MSN Messenger\usnsvc.exe I:\WINDOWS\explorer.exe I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\WINDOWS\system32\msiexec.exe I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\Internet Explorer\IEXPLORE.EXE I:\Program Files\WinRAR\WinRAR.exe I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\Rar$EX00.031\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - I:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [PowerStrip] i:\program files\powerstrip\pstrip.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [MessengerPlus3] "I:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [bigDogPath] I:\WINDOWS\VM_STI.EXE ZSMC USB PC Camera O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [steam] "i:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [msnmsgr] "I:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Outil de mise à jour Google.lnk = I:\Program Files\Google\Google Updater\GoogleUpdater.exe O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - I:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - I:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - I:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - I:\WINDOWS\System32\appdrvrem01.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - I:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - I:\WINDOWS\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - I:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - I:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - I:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 5104 bytes
  22. Drog-
    voila mon rapport combifix : ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00] Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML I:\install.exe I:\WINDOWS\Downloaded Program Files\setup.inf I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))))))) . 2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe 2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe 2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups 2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys 2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll 2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll 2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui 2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457 2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58 2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll 2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite 2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware 2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo 2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix 2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97 2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav 2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer 2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild 2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies 2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0 2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK 2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a 2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys 2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe 2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2 2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat 2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules 2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard 2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a 2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games 2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade 2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania 2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe 2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008 2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader 2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a 2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris 2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a 2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb 2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb 2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2 2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF 2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo! 2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor 2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI 2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag 2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software 2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP 2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner 2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat 2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater 2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo 2008-07-17 17:03 --------- d-----w I:\Program Files\Google 2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger 2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live 2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC 2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME 2008-07-14 18:27 --------- d-----w I:\Program Files\PKR 2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script 2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information 2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide 2008-07-11 15:07 --------- d-----w I:\Program Files\Java 2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire 2008-07-09 13:54 --------- d-----w I:\Program Files\eMule 2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2 2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla 2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub 2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress 2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire 2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys 2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom 2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield 2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live 2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio 2008-06-07 14:56 --------- d-----w I:\Program Files\Valve 2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll 2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll 2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports 1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe . <pre> ----a-w 5,109,800 2002-12-07 06:27:30 I:\Program Files\XARA\Xara Menu Maker 1.0 .exe </pre> ((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 ))))))))))))))))))))))))))))))))))))))))) . + 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin + 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys + 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv + 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv + 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv + 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv + 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll + 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll + 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll + 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll + 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe + 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll + 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll + 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll + 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll + 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll + 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll + 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll + 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll + 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll + 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll + 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll + 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll + 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll + 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll + 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll + 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll + 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll + 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll + 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll + 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll + 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll + 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll + 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll + 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll + 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll + 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll - 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll + 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll - 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll - 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll - 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll + 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe + 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll + 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe + 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV + 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV + 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE - 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE - 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat - 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe - 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe + 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe + 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe + 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe + 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll + 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll + 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll + 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll + 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll + 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll + 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll + 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll + 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll + 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll + 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll + 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll + 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll + 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll + 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll + 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll + 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll + 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat + 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat - 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe + 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin + 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys + 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv + 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv + 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv + 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys + 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin + 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin + 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin + 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin + 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin + 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe + 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe + 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv - 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll - 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll + 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll + 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll - 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll + 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll - 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv + 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat + 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin + 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll + 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll - 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll + 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll - 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys - 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll + 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll + 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys + 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv - 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys + 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys - 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll + 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll - 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll + 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv + 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv + 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv + 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv - 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll + 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll - 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll + 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll + 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll - 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll + 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll - 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys + 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys + 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe - 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv + 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys + 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv + 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv + 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv + 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv + 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll + 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe - 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll + 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll - 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll - 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll + 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll - 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll + 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll - 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll + 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll - 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll + 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll - 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe + 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe - 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll + 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll - 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll + 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll - 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll - 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe - 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll - 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys + 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys - 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys + 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys + 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys + 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys + 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys - 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS - 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys + 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll - 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys + 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys + 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe - 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll + 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll - 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll - 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe + 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe - 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe + 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe - 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv + 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll + 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv - 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll + 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll - 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe + 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe + 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll + 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe - 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv + 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe + 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll - 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll + 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll - 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll - 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll + 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll + 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv + 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll + 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll + 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll + 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll + 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll + 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll + 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv + 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv - 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll + 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll - 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll + 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll + 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll - 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll + 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll - 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll + 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll + 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll + 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll + 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll + 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll + 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll + 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll + 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe + 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll + 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll + 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe + 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll + 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe + 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll + 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll - 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat + 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat - 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat + 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat - 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat + 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat - 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll + 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe + 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe + 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll + 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll + 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll + 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll + 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll + 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll - 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll + 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll - 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll + 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE + 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL + 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv - 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe - 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv - 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv - 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll + 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv + 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll + 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll + 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv + 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe - 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll + 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll - 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll - 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll + 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll - 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll + 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll - 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll + 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll - 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll + 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll - 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll + 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll + 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll - 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll + 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll - 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll + 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll - 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll - 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll + 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll - 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll + 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll - 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll + 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll + 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll - 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll + 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll - 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll - 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll + 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll - 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll - 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL - 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll - 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll + 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll + 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll + 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll + 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll + 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll - 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll + 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll - 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll + 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll - 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll + 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe + 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll + 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll - 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll + 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe + 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll + 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll + 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll - 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll + 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll + 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll + 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll - 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll - 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll - 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll + 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll + 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll + 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll + 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll + 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll + 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll + 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll + 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032] "msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360] "NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024] "BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll] "Cmaudio"="cmicnfg.cpl" [N/A] I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "SENTINEL"= snti386.dll [HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] --a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared] --a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] --a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo] I:\Program Files\HiYo\bin\HiYo.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray] --a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] --a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}] I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service] mssvc.exe [N/A] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "I:\\Program Files\\MSN Messenger\\livecall.exe"= "I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"= "I:\\Program Files\\ICQ6\\ICQ.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"= "I:\\Program Files\\LimeWire\\LimeWire.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3478:UDP"= 3478:UDP:stun "3479:UDP"= 3479:UDP:stun 2 "6112:UDP"= 6112:UDP:stun 3 "5730:UDP"= 5730:UDP:game "5739:UDP"= 5739:UDP:game 1 "9001:TCP"= 9001:TCP:game 2 "11881:TCP"= 11881:TCP:game 3 "11881:UDP"= 11881:UDP:game4 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58] R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33] R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32] R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37] R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32] S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20] S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc [] S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}] \Shell\AutoRun\command - K:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}] \Shell\AutoRun\command - G:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}] \Shell\AutoRun\command - L:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job" - I:\WINDOWS\system32\HJO0GNU5.exe - È:\îP˜ "2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job" - I:\WINDOWS\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-18 14:31:26 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-18 14:32:53 ComboFix-quarantined-files.txt 2008-07-18 12:32:35 ComboFix2.txt 2008-01-20 20:43:00 Pre-Run: 177,256,910,848 octets libres Post-Run: 177,319,284,736 octets libres 1140 --- E O F --- 2008-01-10 00:54:35 ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00] Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML I:\install.exe I:\WINDOWS\Downloaded Program Files\setup.inf I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))))))) . 2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe 2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe 2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups 2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys 2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll 2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll 2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui 2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457 2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58 2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll 2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite 2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware 2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo 2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix 2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97 2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav 2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer 2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild 2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies 2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0 2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK 2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a 2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys 2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe 2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2 2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat 2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules 2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard 2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a 2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games 2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade 2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania 2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe 2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008 2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader 2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a 2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris 2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a 2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb 2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb 2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2 2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF 2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo! 2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor 2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI 2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag 2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software 2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP 2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner 2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat 2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater 2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo 2008-07-17 17:03 --------- d-----w I:\Program Files\Google 2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger 2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live 2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC 2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME 2008-07-14 18:27 --------- d-----w I:\Program Files\PKR 2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script 2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information 2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide 2008-07-11 15:07 --------- d-----w I:\Program Files\Java 2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire 2008-07-09 13:54 --------- d-----w I:\Program Files\eMule 2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2 2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla 2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub 2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress 2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire 2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys 2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom 2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield 2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live 2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio 2008-06-07 14:56 --------- d-----w I:\Program Files\Valve 2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll 2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll 2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports 1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe . <pre> ----a-w 5,109,800 2002-12-07 06:27:30 I:\Program Files\XARA\Xara Menu Maker 1.0 .exe </pre> ((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 ))))))))))))))))))))))))))))))))))))))))) . + 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin + 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys + 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv + 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv + 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv + 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv + 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll + 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll + 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll + 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll + 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe + 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll + 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll + 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll + 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll + 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll + 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll + 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll + 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll + 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll + 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll + 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll + 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll + 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll + 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll + 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll + 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll + 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll + 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll + 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll + 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll + 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll + 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll + 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll + 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll + 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll + 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll - 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll + 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll - 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll - 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll - 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll + 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe + 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll + 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe + 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV + 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV + 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE - 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE - 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat - 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe - 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe + 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe + 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe + 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe + 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll + 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll + 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll + 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll + 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll + 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll + 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll + 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll + 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll + 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll + 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll + 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll + 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll + 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll + 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll + 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll + 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll + 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat + 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat - 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe + 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin + 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys + 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv + 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv + 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv + 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys + 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin + 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin + 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin + 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin + 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin + 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe + 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe + 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv - 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll - 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll + 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll + 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll - 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll + 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll - 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv + 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat + 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin + 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll + 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll - 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll + 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll - 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys - 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll + 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll + 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys + 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv - 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys + 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys - 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll + 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll - 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll + 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv + 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv + 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv + 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv - 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll + 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll - 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll + 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll + 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll - 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll + 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll - 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys + 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys + 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe - 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv + 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys + 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv + 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv + 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv + 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv + 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll + 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe - 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll + 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll - 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll - 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll + 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll - 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll + 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll - 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll + 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll - 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll + 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll - 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe + 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe - 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll + 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll - 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll + 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll - 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll - 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe - 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll - 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys + 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys - 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys + 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys + 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys + 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys + 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys - 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS - 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys + 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll - 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys + 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys + 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe - 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll + 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll - 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll - 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe + 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe - 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe + 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe - 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv + 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll + 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv - 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll + 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll - 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe + 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe + 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll + 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe - 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv + 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe + 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll - 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll + 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll - 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll - 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll + 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll + 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv + 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll + 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll + 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll + 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll + 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll + 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll + 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv + 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv - 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll + 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll - 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll + 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll + 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll - 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll + 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll - 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll + 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll + 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll + 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll + 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll + 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll + 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll + 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll + 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe + 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll + 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll + 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe + 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll + 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe + 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll + 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll - 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat + 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat - 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat + 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat - 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat + 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat - 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll + 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe + 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe + 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll + 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll + 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll + 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll + 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll + 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll - 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll + 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll - 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll + 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE + 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL + 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv - 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe - 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv - 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv - 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll + 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv + 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll + 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll + 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv + 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe - 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll + 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll - 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll - 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll + 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll - 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll + 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll - 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll + 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll - 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll + 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll - 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll + 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll + 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll - 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll + 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll - 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll + 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll - 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll - 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll + 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll - 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll + 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll - 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll + 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll + 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll - 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll + 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll - 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll - 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll + 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll - 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll - 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL - 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll - 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll + 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll + 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll + 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll + 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll + 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll - 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll + 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll - 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll + 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll - 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll + 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe + 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll + 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll - 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll + 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe + 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll + 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll + 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll - 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll + 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll + 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll + 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll - 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll - 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll - 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll + 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll + 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll + 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll + 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll + 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll + 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll + 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll + 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032] "msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360] "NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024] "BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll] "Cmaudio"="cmicnfg.cpl" [N/A] I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "SENTINEL"= snti386.dll [HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] --a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared] --a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] --a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo] I:\Program Files\HiYo\bin\HiYo.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray] --a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] --a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}] I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service] mssvc.exe [N/A] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "I:\\Program Files\\MSN Messenger\\livecall.exe"= "I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"= "I:\\Program Files\\ICQ6\\ICQ.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"= "I:\\Program Files\\LimeWire\\LimeWire.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3478:UDP"= 3478:UDP:stun "3479:UDP"= 3479:UDP:stun 2 "6112:UDP"= 6112:UDP:stun 3 "5730:UDP"= 5730:UDP:game "5739:UDP"= 5739:UDP:game 1 "9001:TCP"= 9001:TCP:game 2 "11881:TCP"= 11881:TCP:game 3 "11881:UDP"= 11881:UDP:game4 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58] R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33] R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32] R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37] R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32] S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20] S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc [] S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}] \Shell\AutoRun\command - K:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}] \Shell\AutoRun\command - G:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}] \Shell\AutoRun\command - L:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job" - I:\WINDOWS\system32\HJO0GNU5.exe - È:\îP˜ "2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job" - I:\WINDOWS\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-18 14:31:26 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-18 14:32:53 ComboFix-quarantined-files.txt 2008-07-18 12:32:35 ComboFix2.txt 2008-01-20 20:43:00 Pre-Run: 177,256,910,848 octets libres Post-Run: 177,319,284,736 octets libres 1140 --- E O F --- 2008-01-10 00:54:35 ComboFix 08-07-17.4 - benoit pellissier 2008-07-18 14:28:52.2 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.399 [GMT 2:00] Endroit: I:\Documents and Settings\benoit pellissier\Bureau\Combo-Fix.exe * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . I:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML I:\install.exe I:\WINDOWS\Downloaded Program Files\setup.inf I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll . ((((((((((((((((((((((((((((( Fichiers créés 2008-06-18 to 2008-07-18 )))))))))))))))))))))))))))))))))))) . 2008-07-17 23:13 . 2008-07-17 23:13 35,842 --a------ I:\WINDOWS\system32\C3DL15v4.exe 2008-07-17 20:50 . 2008-07-17 20:51 1,442,142 --a------ I:\SDFix.exe 2008-07-17 18:36 . 2008-07-17 18:36 <REP> d-------- I:\VundoFix Backups 2008-07-17 18:30 . 2008-07-17 20:25 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-17 18:30 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-17 18:30 . 2008-07-07 17:35 34,296 --a------ I:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-07-17 18:30 . 2008-07-07 17:35 17,144 --a------ I:\WINDOWS\system32\drivers\mbam.sys 2008-07-17 12:46 . 2007-07-30 19:19 271,224 --a------ I:\WINDOWS\system32\mucltui.dll 2008-07-17 12:46 . 2007-07-30 19:19 207,736 --a------ I:\WINDOWS\system32\muweb.dll 2008-07-17 12:46 . 2007-07-30 19:18 30,072 --a------ I:\WINDOWS\system32\mucltui.dll.mui 2008-07-17 12:42 . 2008-07-17 12:42 <REP> d-------- I:\37697b738c9b3c8639754acaec909457 2008-07-17 12:41 . 2008-07-17 12:41 <REP> d-------- I:\3226aa2ad68ffcc930ef58 2008-07-17 10:35 . 2008-07-17 12:41 <REP> d----c--- I:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-07-17 10:35 . 2008-07-17 10:54 <REP> d-------- I:\Documents and Settings\All Users\Application Data\WLInstaller 2008-07-15 17:05 . 2006-06-29 13:07 14,048 --------- I:\WINDOWS\system32\spmsg2.dll 2008-07-15 08:08 . 2008-07-15 08:08 <REP> d-------- I:\Program Files\TomTom DesktopSuite 2008-07-14 18:47 . 2008-07-17 13:07 <REP> d-------- I:\Program Files\a-squared Anti-Malware 2008-07-14 18:37 . 2008-07-14 18:37 <REP> d-------- I:\WINDOWS\type 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\InstantTimeZone 2008-07-13 12:49 . 2008-07-13 12:49 <REP> d-------- I:\Documents and Settings\All Users\Application Data\HiYo 2008-07-13 12:26 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\BigFix 2008-07-13 12:10 . 2008-07-13 12:49 <REP> d-------- I:\Program Files\Realtek AC97 2008-07-13 12:10 . 2002-02-05 13:54 141,016 --a------ I:\WINDOWS\system32\alsndmgr.wav 2008-07-13 12:08 . 2008-07-13 12:49 <REP> d-------- I:\WINDOWS\NV35763580.TMP 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Program Files\ma-config.com 2008-07-13 11:59 . 2008-07-13 12:50 <REP> d-------- I:\Documents and Settings\All Users\Application Data\ma-config.com 2008-07-12 19:17 . 2008-07-15 17:17 <REP> d-------- I:\WINDOWS\system32\XPSViewer 2008-07-12 19:17 . 2008-07-12 19:17 <REP> d-------- I:\Program Files\MSBuild 2008-07-12 19:16 . 2008-07-12 19:16 <REP> d-------- I:\Program Files\Reference Assemblies 2008-07-12 18:02 . 2008-07-12 18:02 <REP> d-------- I:\Program Files\MSXML 6.0 2008-07-12 15:20 . 2008-07-12 19:31 1,374 --a------ I:\WINDOWS\imsins.BAK 2008-07-12 15:04 . 2008-07-12 15:04 0 --a------ I:\WINDOWS\system32\tOgc374C.exe.a_a 2008-07-11 20:33 . 2008-07-11 20:33 3,468,904 --a------ I:\WINDOWS\system32\drivers\appdrv01.sys 2008-07-11 20:33 . 2008-07-11 20:33 304,528 --a------ I:\WINDOWS\system32\appdrvrem01.exe 2008-07-11 18:50 . 2008-07-11 18:55 <REP> d-------- I:\Program Files\BHODemon 2 2008-07-11 17:48 . 2008-07-11 17:48 999 --a------ I:\WINDOWS\unins000.dat 2008-07-11 17:23 . 2008-07-11 18:03 <REP> d-------- I:\54f2d04aeca8b46f3adb319aae 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Microsoft Visual Studio 8 2008-07-11 17:16 . 2008-07-11 17:18 <REP> d-------- I:\Program Files\Fichiers communs\Merge Modules 2008-07-11 17:16 . 2008-07-11 18:03 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-07-11 12:31 . 2008-07-11 18:05 <REP> d-------- I:\Program Files\SpywareGuard 2008-07-11 10:56 . 2008-07-11 10:56 0 --a------ I:\WINDOWS\system32\NW1iG6cU.exe.a_a 2008-07-10 19:32 . 2008-07-10 19:32 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Sandlot Games 2008-07-10 19:31 . 2008-07-10 19:31 <REP> d-------- I:\Program Files\ReflexiveArcade 2008-07-10 19:31 . 2008-07-11 18:04 <REP> d-------- I:\Program Files\Cake Mania 2008-07-07 16:10 . 2008-07-07 16:10 64,846 --a------ I:\WINDOWS\system32\kkkcccypnwb.exe 2008-07-06 12:20 . 2008-07-15 18:06 <REP> d-------- I:\Documents and Settings\benoit pellissier\Application Data\Pro Cycling Manager 2008 2008-07-06 07:05 . 2008-07-06 07:25 <REP> d-------- I:\Program Files\Star Downloader 2008-07-03 23:11 . 2008-07-03 23:11 0 --a------ I:\WINDOWS\system32\HJO0GNU5.exe.a_a 2008-07-03 22:03 . 2008-07-03 22:03 <REP> dr------- I:\Documents and Settings\NetworkService\Favoris 2008-07-02 17:10 . 2008-07-02 17:10 0 --a------ I:\WINDOWS\system32\C3DL15v4.exe.a_a 2008-06-30 20:29 . 2006-10-04 16:06 1,197,294 -----c--- I:\WINDOWS\system32\dllcache\sysmain.sdb 2008-06-30 20:29 . 2006-10-04 16:06 764,868 -----c--- I:\WINDOWS\system32\dllcache\apph_sp.sdb 2008-06-30 20:29 . 2006-10-04 16:06 217,118 -----c--- I:\WINDOWS\system32\dllcache\apphelp.sdb 2008-06-30 20:27 . 2008-06-30 20:27 <REP> d-------- I:\Program Files\Windows Media Connect 2 2008-06-30 20:25 . 2008-06-30 20:26 <REP> d-------- I:\WINDOWS\system32\drivers\UMDF 2008-06-28 18:12 . 2008-06-28 18:23 <REP> d-------- I:\Program Files\Yahoo! 2008-06-28 07:37 . 2008-07-18 14:17 107,373 --a------ I:\WINDOWS\system32\oodbs.lor 2008-06-27 20:35 . 2008-06-27 20:35 0 --a------ I:\WINDOWS\oodcnt.INI 2008-06-27 16:04 . 2008-07-16 19:21 <REP> d-------- I:\WINDOWS\system32\oodag 2008-06-27 15:52 . 2008-06-27 15:52 <REP> d-------- I:\Program Files\OO Software 2008-06-27 15:45 . 2008-07-16 20:10 <REP> d-------- I:\Program Files\RamBoost XP 2008-06-27 15:32 . 2008-06-27 15:36 <REP> d-------- I:\Program Files\RegCleaner 2008-06-23 15:21 . 2008-06-23 15:21 0 --a------ I:\WINDOWS\nsreg.dat 2008-06-18 15:44 . 2008-06-18 15:44 <REP> d-------- I:\UDA051_build01(Logo51.3_Standard) . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-18 11:58 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater 2008-07-18 11:49 --------- d-----w I:\Program Files\Wanadoo 2008-07-17 17:03 --------- d-----w I:\Program Files\Google 2008-07-17 14:37 --------- d-----w I:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic 2008-07-17 11:04 --------- d-----w I:\Program Files\MSN Messenger 2008-07-17 08:35 --------- d-----w I:\Program Files\Windows Live 2008-07-16 15:53 --------- d-----w I:\Program Files\mIRC 2008-07-15 14:10 --------- d-----w I:\Program Files\TomTom HOME 2008-07-14 18:27 --------- d-----w I:\Program Files\PKR 2008-07-14 18:27 --------- d-----w I:\Program Files\GaNja`Script 2008-07-13 10:10 --------- d--h--w I:\Program Files\InstallShield Installation Information 2008-07-11 17:19 --------- d-----w I:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-11 16:16 --------- d-----w I:\Program Files\Cyanide 2008-07-11 15:07 --------- d-----w I:\Program Files\Java 2008-07-09 14:02 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\LimeWire 2008-07-09 13:54 --------- d-----w I:\Program Files\eMule 2008-07-07 19:12 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\teamspeak2 2008-06-29 15:14 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\FileZilla 2008-06-28 16:23 --------- d-----w I:\Program Files\Ludiclub 2008-06-27 13:15 --------- d-----w I:\Program Files\RSS Xpress 2008-06-18 16:24 --------- d-----w I:\Program Files\LimeWire 2008-06-18 13:33 --------- d-----w I:\Program Files\Lavalys 2008-06-14 18:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\TomTom 2008-06-14 18:31 --------- d-----w I:\Documents and Settings\benoit pellissier\Application Data\InstallShield 2008-06-11 18:01 --------- d-----w I:\Program Files\Messenger Plus! Live 2008-06-07 17:45 --------- d-----w I:\Program Files\C-Media 3D Audio 2008-06-07 14:56 --------- d-----w I:\Program Files\Valve 2008-06-07 13:34 43,520 ----a-w I:\WINDOWS\system32\CmdLineExt03.dll 2008-05-22 13:42 107,888 ----a-w I:\WINDOWS\system32\CmdLineExt.dll 2008-05-19 17:04 --------- d-----w I:\Program Files\EA Sports 1999-06-30 13:06 151,552 ----a-r I:\WINDOWS\inf\AGFA\Message.exe . <pre> ----a-w 5,109,800 2002-12-07 06:27:30 I:\Program Files\XARA\Xara Menu Maker 1.0 .exe </pre> ((((((((((((((((((((((((((((( snapshot@2008-01-20_21.42.48.18 ))))))))))))))))))))))))))))))))))))))))) . + 2003-04-24 12:00:00 1,740 -c----w I:\WINDOWS\$NtServicePackUninstall$\dcache.bin + 2002-08-29 00:32:34 2,816 -c----w I:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys + 2003-04-24 12:00:00 184,320 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh261.drv + 2002-08-29 09:45:20 286,720 -c----w I:\WINDOWS\$NtServicePackUninstall$\msh263.drv + 2003-04-24 12:00:00 22,016 -c----w I:\WINDOWS\$NtServicePackUninstall$\wdmaud.drv + 2003-04-24 12:00:00 132,608 -c----w I:\WINDOWS\$NtServicePackUninstall$\winspool.drv + 2006-10-04 14:05:26 39,424 ------w I:\WINDOWS\AppPatch\acadproc.dll + 2008-04-14 15:08:31 53,248 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll + 2008-04-14 15:08:32 12,800 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll + 2008-04-14 15:08:32 473,600 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll + 2008-04-14 15:08:24 2,676,224 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:26 2,846,720 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 563,712 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:27 567,296 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 576,000 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:28 577,024 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:29 577,536 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:30 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:32 578,560 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll + 2008-04-14 15:08:33 145,920 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll + 2008-04-14 15:08:33 159,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll + 2008-04-14 15:08:34 364,544 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll + 2008-04-14 15:08:34 178,176 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll + 2008-04-14 15:08:31 223,232 ----a-w I:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll + 2008-07-15 15:02:47 69,120 ----a-w I:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2008-07-15 15:02:53 72,192 ----a-w I:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2008-07-15 15:02:34 4,444,160 ----a-w I:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2008-07-15 15:02:55 483,840 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2008-07-15 15:02:41 3,036,160 ----a-w I:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2008-07-15 15:02:53 261,120 ----a-w I:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2008-07-15 15:02:39 5,431,296 ----a-w I:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2008-07-15 15:02:45 10,752 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2008-07-15 15:02:40 507,904 ----a-w I:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2008-07-15 15:02:47 13,312 ----a-w I:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2008-07-15 15:02:51 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2008-07-15 15:02:51 6,656 ----a-w I:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2008-07-15 15:02:58 348,160 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2008-07-15 15:02:58 36,864 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2008-07-15 15:02:59 655,360 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2008-07-15 15:03:00 77,824 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2008-07-15 15:02:52 749,568 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2008-07-15 15:02:50 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-15 15:02:49 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll + 2008-07-15 15:02:55 28,672 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2008-07-15 15:02:48 671,744 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2008-07-15 15:02:37 5,632 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2008-07-15 15:02:56 12,800 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-15 15:02:48 32,768 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2008-07-15 15:02:47 7,168 ----a-w I:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2008-07-15 15:02:52 110,592 ----a-w I:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2008-07-15 15:02:53 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2008-07-15 15:02:40 425,984 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2008-07-15 15:02:42 741,376 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2008-07-15 15:02:42 933,888 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2008-07-15 15:03:01 5,070,848 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2008-07-15 15:02:59 188,416 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2008-07-15 15:02:45 401,408 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2008-07-15 15:02:56 81,920 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2008-07-15 15:02:37 630,784 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2008-07-15 15:02:57 372,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2008-07-15 15:02:56 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2008-07-15 15:02:54 299,008 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2008-07-15 15:02:54 131,072 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-15 15:02:38 258,048 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2008-07-15 15:02:38 114,688 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2008-07-15 15:02:44 884,736 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2008-07-15 15:02:44 90,112 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2008-07-15 15:02:44 839,680 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2008-07-15 15:02:46 5,013,504 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2008-07-15 15:02:39 2,068,480 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2008-07-15 15:02:43 3,076,096 ----a-w I:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2008-07-17 11:24:49 27,136 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\c6772fd12a581ad3be49e3f2a80b5622\Accessibility.ni.dll + 2008-07-17 11:24:53 884,736 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\a1d353edc300e3aff0784202f68a657b\AspNetMMCExt.ni.dll + 2008-07-17 11:24:53 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\c10ec9b4de2b366236ec83237dc31281\CustomMarshalers.ni.dll + 2008-07-17 11:24:54 15,360 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\837fe02bdcf637d5bf1e5ffb935ebb80\dfsvc.ni.exe + 2008-07-17 11:24:56 876,544 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\9710a3c0d11dd264c3a6b88977699e9b\Microsoft.Build.Engine.ni.dll + 2008-07-17 11:24:56 81,920 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e2858a45971fb30b0c0523dbb52c1d4e\Microsoft.Build.Framework.ni.dll + 2008-07-17 11:25:00 1,695,744 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\63d69ffdf3c640d2d104a4b74e8115f8\Microsoft.Build.Tasks.ni.dll + 2008-07-17 11:25:00 167,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\11cb5418c06e30100616fbf205588489\Microsoft.Build.Utilities.ni.dll + 2008-07-17 11:25:03 1,740,800 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\923bd55258380eae77353d36a5a1b08f\Microsoft.VisualBasic.ni.dll + 2008-07-17 10:43:45 11,722,752 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll + 2008-07-17 11:25:05 1,011,712 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\eee9b48577689e92db5a7b5c5de98d9b\System.Configuration.ni.dll + 2008-07-17 10:44:26 7,049,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\5f669e819da7010c1dca347a25597c42\System.Data.ni.dll + 2008-07-17 11:25:06 1,798,144 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\c7dea4895e1fa33d65e448c03de48d26\System.Deployment.ni.dll + 2008-07-17 10:45:04 10,969,088 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Design\c1e16b40e30a05c39be8aee46311841c\System.Design.ni.dll + 2008-07-17 11:25:08 1,224,704 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\914668b240550f529e54bb772c6fc881\System.DirectoryServices.ni.dll + 2008-07-17 11:25:09 512,000 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f11bc82c09955cb8438d3885a99c297d\System.DirectoryServices.Protocols.ni.dll + 2008-07-17 10:45:23 229,376 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\b974f6c17d17a533adf6e7710c5a62fa\System.Drawing.Design.ni.dll + 2008-07-17 10:45:22 1,667,072 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e83aac37b2623f1a24c70979f31dd56\System.Drawing.ni.dll + 2008-07-17 11:25:10 659,456 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.ni.dll + 2008-07-17 11:25:10 294,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\646131eda5f21f4e6216733d49c22c56\System.EnterpriseServices.Wrapper.dll + 2008-07-17 11:25:11 733,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\2b5994269cc5b996231c9b21afea9a91\System.Security.ni.dll + 2008-07-17 11:25:12 233,472 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll + 2008-07-17 11:25:12 679,936 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12e0aa1030badf4524f897e3f57b037a\System.Transactions.ni.dll + 2008-07-17 11:25:29 2,342,912 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\37d87b3cab1c66ec4430ebb2abeaa570\System.Web.Mobile.ni.dll + 2008-07-17 11:25:29 237,568 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5b81faf46fc63c20d5339b36edd02fa\System.Web.RegularExpressions.ni.dll + 2008-07-17 11:25:31 1,986,560 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\38991368499e2109ea4099a0fe29c5a3\System.Web.Services.ni.dll + 2008-07-17 11:25:26 12,509,184 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\67cfb70213562afe2ca9b9066764af3a\System.Web.ni.dll + 2008-07-17 10:46:11 13,193,216 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3d8c79c45aa674e43f075e2e66b8caf5\System.Windows.Forms.ni.dll + 2008-07-17 10:46:29 5,771,264 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\c98cb65a79cfccb44ea727ebe4593ede\System.Xml.ni.dll + 2008-07-17 10:44:07 8,265,728 ----a-w I:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll - 2007-10-05 13:20:36 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll + 2008-02-25 20:52:07 181,760 ----a-w I:\WINDOWS\BDOSCAN8\bdcore.dll - 2006-05-24 23:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\BDOSCAN8\bdupd.dll - 2006-05-24 23:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\BDOSCAN8\ipsupd.dll - 2007-10-05 13:20:39 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2008-02-25 20:52:08 142,848 ----a-w I:\WINDOWS\BDOSCAN8\libfn.dll + 2002-10-18 13:56:06 28,672 ----a-w I:\WINDOWS\CMIRmDriver.dll + 2003-07-22 09:15:24 225,280 ----a-w I:\WINDOWS\CmiRmRedundDir.exe + 2003-08-05 12:23:24 266,240 ----a-w I:\WINDOWS\CMIUninstall.exe + 2006-05-25 00:21:00 118,784 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\bdupd.dll + 2006-05-25 00:21:14 53,248 ----a-w I:\WINDOWS\Downloaded Program Files\CONFLICT.1\ipsupd.dll + 2008-03-24 17:33:02 1,527,056 ----a-w I:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe + 2002-01-03 13:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0036\C-Media 5.12.01.0036\Driver\Win_95\CM9738.DRV + 2002-01-03 14:54:36 96,768 ----a-w I:\WINDOWS\DRIVER\Sound\C-Media 5.12.01.0040\C-Media 5.12.01.0040\Driver\Win_95\CM9738.DRV + 2005-10-20 18:02:28 163,328 ----a-w I:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE - 2007-08-23 00:15:50 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE - 2007-08-23 21:20:07 2,334,720 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-07-18 12:11:15 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000001\ntuser.dat - 2007-08-23 21:20:07 8,192 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-18 12:11:15 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-07-17 10:57:06 163,328 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-07-18 12:11:12 16,211,968 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\ntuser.dat + 2008-07-18 12:11:13 548,864 ----a-w I:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat + 2000-08-31 06:00:00 89,504 ----a-w I:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 80,412 ----a-w I:\WINDOWS\grep.exe - 2004-08-19 23:10:03 208,896 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2006-11-03 07:58:34 317,440 ----a-w I:\WINDOWS\inf\unregmp2.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\ARPPRODUCTICON.exe + 2008-04-18 18:00:41 98,304 ----a-r I:\WINDOWS\Installer\{1EC73FB6-97FD-48EE-8100-CA969A56E727}\NewShortcut1_1EC73FB697FD48EE8100CA969A56E727.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-27 13:53:01 292,878 ----a-r I:\WINDOWS\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\ARPPRODUCTICON.exe + 2008-06-04 12:31:43 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut1_644D622AEF3D40E290EE92523E2DA87A.exe + 2008-06-04 12:31:44 15,086 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut2_569C74F853D147C0802E971DD74EC31B.exe + 2008-06-04 12:31:44 8,854 ----a-r I:\WINDOWS\Installer\{8F3A13FC-DFDA-4001-A6C3-030495A1E66E}\NewShortcut3_661346DFE29D45B2AB0F791526D873EC.exe + 2008-05-19 16:59:17 32,038 ----a-r I:\WINDOWS\Installer\{A7AA93B6-6909-4073-B4EC-45CCDEFD4665}\nhl08.exe + 2005-03-18 14:23:10 53,248 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll + 2005-03-18 14:23:10 12,800 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll + 2005-03-18 14:23:14 473,600 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll + 2004-09-29 10:38:58 2,676,224 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 14:23:10 145,920 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll + 2005-03-18 14:23:10 159,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll + 2005-03-18 14:23:14 364,544 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll + 2005-03-18 14:23:12 178,176 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll + 2005-03-18 14:23:14 223,232 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll + 2004-12-01 13:53:06 2,846,720 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll + 2005-02-05 17:32:54 563,712 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll + 2005-03-18 15:23:14 567,296 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll + 2005-05-26 13:15:56 576,000 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll + 2005-07-22 15:21:34 577,024 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll + 2005-09-28 12:11:52 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll + 2005-12-05 15:20:50 577,536 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll + 2006-02-03 05:40:48 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll + 2006-03-31 09:27:50 578,560 ----a-w I:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll + 2007-10-23 23:47:38 82,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_diasymreader.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_iehost.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2005-09-23 05:29:04 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_microsoft.vsa.vb.codedomprocessor.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscordbi.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorrc.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_mscorsec.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.data.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_VsaVb7rt.dll + 2005-09-23 05:29:04 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2007-10-23 23:47:38 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp10.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2007-10-23 23:47:40 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\SharedReg12.dll + 2007-10-23 23:47:38 97,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2007-10-23 23:47:26 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2007-10-23 23:47:30 145,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2007-10-23 23:47:32 13,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2007-10-23 23:47:48 193,016 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2007-10-23 23:47:20 218,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2007-10-23 23:47:40 10,752 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2007-10-23 23:47:42 147,968 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2007-10-23 23:47:26 99,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll + 2007-10-23 23:47:42 59,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2007-10-23 23:47:22 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2007-10-23 23:47:22 22,024 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2007-10-23 23:47:22 17,928 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2007-10-23 23:47:22 33,288 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2007-10-23 23:47:22 84,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2007-10-23 23:47:22 24,576 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2007-10-23 23:47:22 32,776 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2007-10-23 23:47:22 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2007-10-23 23:47:22 33,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2007-10-23 23:47:22 33,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2007-10-23 23:47:22 507,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2007-10-23 23:47:40 106,496 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2007-10-23 23:47:40 101,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2007-10-23 23:47:30 80,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2007-10-23 23:47:30 1,162,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2007-10-23 23:47:30 13,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2007-10-23 23:47:42 27,136 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2007-10-23 23:47:40 69,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2007-10-23 23:47:30 35,320 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2007-10-23 23:47:28 66,552 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2007-10-23 23:47:28 5,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2007-10-23 23:47:54 572,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll + 2007-10-23 23:47:40 798,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2007-10-23 23:47:36 18,936 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2007-10-23 23:47:40 9,728 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2007-10-23 23:47:40 8,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2007-10-23 23:47:40 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2007-10-23 23:47:40 6,656 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll + 2007-10-23 23:47:40 230,904 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2007-10-23 23:47:40 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2007-10-23 23:47:40 65,032 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2007-10-23 23:47:40 72,192 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2007-10-23 23:47:34 40,960 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2007-10-23 23:47:36 348,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2007-10-23 23:47:36 36,864 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2007-10-23 23:47:36 655,360 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2007-10-23 23:47:36 77,824 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2007-10-23 23:47:34 749,568 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2007-10-23 23:47:52 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2007-10-23 23:47:52 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2007-10-23 23:47:50 671,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll + 2007-10-23 23:47:20 28,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2007-10-23 23:47:52 5,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2007-10-23 23:47:20 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll + 2007-10-23 23:47:20 12,800 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2007-10-23 23:47:20 7,168 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2007-10-23 23:47:22 97,792 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll + 2007-10-23 23:47:36 69,632 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2007-10-23 23:47:40 822,280 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2007-10-23 23:47:40 83,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll + 2007-10-23 23:47:40 308,224 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2007-10-23 23:47:40 47,104 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2007-10-23 23:47:40 348,672 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2007-10-23 23:47:40 94,208 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2007-10-23 23:47:40 4,444,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2007-10-23 23:47:44 340,992 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2007-10-23 23:47:40 77,312 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2007-10-23 23:47:36 18,944 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2007-10-23 23:47:40 242,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2007-10-23 23:47:40 70,144 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2007-10-23 23:47:40 19,456 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2007-10-23 23:47:36 5,814,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2007-10-23 23:47:44 31,744 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2007-10-23 23:47:40 101,880 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2007-10-23 23:47:40 24,584 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2007-10-23 23:47:40 89,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2007-10-23 23:47:36 144,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2007-10-23 23:47:40 53,248 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2007-10-23 23:47:40 32,768 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2007-10-23 23:47:46 61,952 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe + 2007-10-23 23:47:42 16,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2007-10-23 23:47:40 119,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2007-10-23 23:47:44 95,232 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2007-10-23 23:47:40 392,696 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2007-10-23 23:47:40 110,592 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2007-10-23 23:47:42 425,984 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2007-10-23 23:47:40 3,036,160 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2007-10-23 23:47:40 483,840 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2007-10-23 23:47:40 741,376 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2007-10-23 23:47:28 933,888 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2007-10-23 23:47:40 5,070,848 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2007-10-23 23:47:40 401,408 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2007-10-23 23:47:40 188,416 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2007-10-23 23:47:40 3,076,096 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.dll + 2007-10-23 23:47:40 81,920 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2007-10-23 23:47:40 630,784 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2007-10-23 23:47:40 57,392 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2007-10-23 23:47:40 113,664 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll + 2007-10-23 23:47:40 372,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2007-10-23 23:47:40 299,008 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll + 2007-10-23 23:47:40 131,072 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2007-10-23 23:47:40 258,048 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2007-10-23 23:47:40 114,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2007-10-23 23:47:40 261,120 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2007-10-23 23:47:40 5,431,296 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2007-10-23 23:47:40 884,736 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2007-10-23 23:47:40 90,112 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2007-10-23 23:47:40 839,680 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2007-10-23 23:47:40 5,013,504 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2007-10-23 23:47:40 2,068,480 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2007-10-23 23:47:40 81,400 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2007-10-23 23:47:48 1,172,472 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2007-10-23 23:47:20 1,344,000 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2007-10-23 23:47:22 434,688 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2007-10-23 23:47:40 37,896 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-01-16 23:28:20 28,306 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\baseline.dat + 2007-11-07 17:00:02 210,834 ----a-w I:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\baseline.dat - 2000-08-31 07:00:00 51,200 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 28,672 ----a-w I:\WINDOWS\NirCmd.exe + 2000-08-31 06:00:00 98,816 ----a-w I:\WINDOWS\sed.exe + 2004-08-19 23:23:25 1,788 ------w I:\WINDOWS\ServicePackFiles\i386\dcache.bin + 2004-08-04 06:07:57 2,944 ------w I:\WINDOWS\ServicePackFiles\i386\drmkaud.sys + 2004-08-19 23:10:08 188,416 ------w I:\WINDOWS\ServicePackFiles\i386\msh261.drv + 2004-08-19 23:10:08 294,912 ------w I:\WINDOWS\ServicePackFiles\i386\msh263.drv + 2004-08-19 23:10:08 23,552 ------w I:\WINDOWS\ServicePackFiles\i386\wdmaud.drv + 2004-08-19 23:10:08 146,944 ------w I:\WINDOWS\ServicePackFiles\i386\winspool.drv + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\sntusb95.sys + 2008-07-18 05:52:59 7,264 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{5AA70BE6-651E-439A-A4AF-17131AE5A542}.bin + 2008-07-17 05:27:06 10,308 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{6F89D190-5113-43C0-A793-8615836436EC}.bin + 2008-07-11 16:03:14 15,456 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{927826F8-F827-4CDC-8FB5-BBCF8C530A8F}.bin + 2008-07-13 10:41:59 5,892 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{A9BCB0E8-93DC-466D-85B5-6C6FED16BB40}.bin + 2008-07-17 09:01:17 4,196 ----a-w I:\WINDOWS\SoftwareDistribution\EventCache\{DE3AC4AD-8570-4D00-8FBE-DC6CC0A5DC09}.bin + 2000-08-31 06:00:00 161,792 ----a-w I:\WINDOWS\swreg.exe + 2000-08-31 06:00:00 136,704 ----a-w I:\WINDOWS\swsc.exe + 2000-08-31 06:00:00 212,480 ----a-w I:\WINDOWS\swxcacls.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system\KEYBOARD.DRV + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system\MCIAVI.DRV + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system\MCISEQ.DRV + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system\MCIWAVE.DRV + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system\MOUSE.DRV + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system\sntnlusb.sys + 1999-07-20 03:38:00 6,944 ----a-r I:\WINDOWS\system\sntusb95.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system\SOUND.DRV + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system\SYSTEM.DRV + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system\TIMER.DRV + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system\VGA.DRV + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system\WFWNET.DRV + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system\winspool.drv - 2004-08-19 23:08:00 8,704 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-11-03 07:56:54 7,680 ----a-w I:\WINDOWS\system32\asferror.dll + 2006-10-18 19:47:08 276,992 ------w I:\WINDOWS\system32\audiodev.dll - 2005-01-28 12:44:28 294,912 ----a-w I:\WINDOWS\system32\blackbox.dll + 2006-10-18 19:47:10 542,720 ----a-w I:\WINDOWS\system32\blackbox.dll + 2004-02-11 10:11:04 32,768 ----a-w I:\WINDOWS\system32\BlackKey.dll - 2005-01-28 12:44:28 164,864 ----a-w I:\WINDOWS\system32\cewmdm.dll + 2006-10-18 19:47:10 229,376 ----a-w I:\WINDOWS\system32\cewmdm.dll - 2005-12-15 16:48:20 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2006-06-15 16:03:48 172,032 ----a-w I:\WINDOWS\system32\cmuda.dll + 2003-04-24 12:00:00 10,544 ----a-w I:\WINDOWS\system32\comm.drv + 2008-07-14 18:36:05 262,144 ---ha-w I:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat + 2004-08-19 23:23:25 1,788 ----a-w I:\WINDOWS\system32\dcache.bin + 2007-10-23 23:47:28 96,760 ----a-w I:\WINDOWS\system32\dfshim.dll + 2001-11-23 10:08:20 712,704 -c--a-w I:\WINDOWS\system32\dllcache\a3d.dll - 2005-01-28 12:44:28 294,912 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll + 2006-10-18 19:47:10 542,720 -c--a-w I:\WINDOWS\system32\dllcache\blackbox.dll - 2005-01-28 12:44:28 164,864 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2006-10-18 19:47:10 229,376 -c--a-w I:\WINDOWS\system32\dllcache\cewmdm.dll + 2004-08-04 06:07:58 60,288 -c--a-w I:\WINDOWS\system32\dllcache\drmk.sys - 2005-01-28 12:44:28 502,272 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2006-10-18 19:47:10 991,744 -c--a-w I:\WINDOWS\system32\dllcache\drmv2clt.dll + 2007-03-22 18:24:58 28,160 -c----w I:\WINDOWS\system32\dllcache\FilterPipelinePrintProc.dll + 2004-08-19 23:09:28 21,504 -c--a-w I:\WINDOWS\system32\dllcache\hidserv.dll + 2004-08-19 23:00:36 14,848 -c--a-w I:\WINDOWS\system32\dllcache\kbdhid.sys + 2003-04-24 12:00:00 2,000 -c--a-w I:\WINDOWS\system32\dllcache\keyboard.drv - 2004-08-04 07:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys + 2004-08-04 06:15:22 140,928 -c--a-w I:\WINDOWS\system32\dllcache\ks.sys - 2005-01-28 12:44:28 6,656 -c--a-w I:\WINDOWS\system32\dllcache\laprxy.dll + 2006-10-18 19:47:14 11,264 -c--a-w I:\WINDOWS\system32\dllcache\LAPRXY.dll - 2005-01-28 12:44:28 96,768 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2006-10-18 18:03:58 100,864 -c--a-w I:\WINDOWS\system32\dllcache\logagent.exe + 2003-04-24 12:00:00 2,560 -c--a-w I:\WINDOWS\system32\dllcache\lz32.dll + 2003-04-24 12:00:00 73,680 -c--a-w I:\WINDOWS\system32\dllcache\mciavi.drv + 2003-04-24 12:00:00 25,280 -c--a-w I:\WINDOWS\system32\dllcache\mciseq.drv + 2003-04-24 12:00:00 28,160 -c--a-w I:\WINDOWS\system32\dllcache\mciwave.drv + 2003-04-24 12:00:00 2,032 -c--a-w I:\WINDOWS\system32\dllcache\mouse.drv - 2005-01-28 12:44:28 142,336 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll + 2006-10-18 19:47:16 179,712 -c--a-w I:\WINDOWS\system32\dllcache\msnetobj.dll - 2005-01-28 12:44:28 25,088 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll + 2006-10-18 19:47:16 27,136 -c--a-w I:\WINDOWS\system32\dllcache\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll + 2006-10-18 19:47:16 175,616 -c--a-w I:\WINDOWS\system32\dllcache\mspmsp.dll - 2005-01-28 12:44:28 364,784 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll + 2006-10-18 19:47:16 414,208 -c--a-w I:\WINDOWS\system32\dllcache\msscp.dll - 2005-01-28 12:44:28 315,904 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2006-10-18 19:47:16 321,536 -c--a-w I:\WINDOWS\system32\dllcache\mswmdm.dll + 2003-04-24 12:00:00 2,944 -c--a-w I:\WINDOWS\system32\dllcache\null.sys + 2004-08-04 06:15:50 145,792 -c--a-w I:\WINDOWS\system32\dllcache\portcls.sys + 2007-03-22 18:25:42 677,376 -c----w I:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe - 2005-01-28 12:44:28 221,184 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2006-10-18 19:47:18 211,456 -c--a-w I:\WINDOWS\system32\dllcache\qasf.dll + 2003-04-24 12:00:00 1,744 -c--a-w I:\WINDOWS\system32\dllcache\sound.drv + 2004-08-04 06:08:02 48,640 -c--a-w I:\WINDOWS\system32\dllcache\stream.sys + 2003-04-24 12:00:00 3,360 -c--a-w I:\WINDOWS\system32\dllcache\system.drv + 2003-04-24 12:00:00 4,096 -c--a-w I:\WINDOWS\system32\dllcache\timer.drv + 2003-04-24 12:00:00 2,176 -c--a-w I:\WINDOWS\system32\dllcache\vga.drv + 2003-04-24 12:00:00 13,600 -c--a-w I:\WINDOWS\system32\dllcache\wfwnet.drv + 2003-04-24 12:00:00 2,864 -c--a-w I:\WINDOWS\system32\dllcache\winsock.dll + 2003-04-24 12:00:00 2,112 -c--a-w I:\WINDOWS\system32\dllcache\winspool.exe - 2005-01-28 12:44:28 396,528 -c--a-w I:\WINDOWS\system32\dllcache\wmadmod.dll + 2006-10-18 19:47:18 757,248 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOD.dll - 2005-01-28 12:44:28 716,288 -c--a-w I:\WINDOWS\system32\dllcache\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 -c--a-w I:\WINDOWS\system32\dllcache\WMADMOE.dll - 2007-10-20 05:01:32 227,328 -c--a-w I:\WINDOWS\system32\dllcache\wmasf.dll + 2006-10-18 19:47:18 222,208 -c--a-w I:\WINDOWS\system32\dllcache\WMASF.dll - 2005-01-28 12:44:28 28,160 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll + 2006-10-18 19:47:18 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmlog.dll - 2005-01-28 12:44:28 33,792 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll + 2006-10-18 19:47:18 37,376 -c--a-w I:\WINDOWS\system32\dllcache\wmdmps.dll - 2005-01-28 12:44:28 150,016 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll + 2006-10-18 19:47:20 157,184 -c--a-w I:\WINDOWS\system32\dllcache\wmidx.dll - 2005-01-28 12:44:28 1,027,072 -c--a-w I:\WINDOWS\system32\dllcache\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 -c--a-w I:\WINDOWS\system32\dllcache\WMNetMgr.dll - 2004-08-19 23:10:05 73,728 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe + 2006-11-03 07:59:00 64,000 -c--a-w I:\WINDOWS\system32\dllcache\wmplayer.exe - 2004-08-19 23:09:11 2,985,984 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll + 2006-11-03 08:03:34 8,292,352 -c--a-w I:\WINDOWS\system32\dllcache\wmploc.dll - 2005-01-28 12:44:28 774,904 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmod.dll + 2006-10-18 19:47:22 603,648 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 -c--a-w I:\WINDOWS\system32\dllcache\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 -c--a-w I:\WINDOWS\system32\dllcache\WMSPDMOE.dll - 2006-12-07 05:29:34 2,374,472 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 -c--a-w I:\WINDOWS\system32\dllcache\wmvcore.dll - 2005-01-28 12:44:28 895,736 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 -c--a-w I:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2003-04-24 12:00:00 2,736 -c--a-w I:\WINDOWS\system32\dllcache\wowdeb.exe - 2007-07-30 17:19:28 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-07-30 17:19:46 203,096 -c--a-w I:\WINDOWS\system32\dllcache\wuweb.dll + 2007-03-23 04:07:54 583,504 -c----w I:\WINDOWS\system32\dllcache\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 -c----w I:\WINDOWS\system32\dllcache\XpsSvcs.dll - 2005-12-15 11:57:46 1,368,000 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2006-06-26 10:15:38 1,372,992 ----a-w I:\WINDOWS\system32\drivers\cmuda.sys + 2004-08-04 06:07:57 2,944 ----a-w I:\WINDOWS\system32\drivers\drmkaud.sys + 2004-08-19 23:00:36 14,848 ----a-w I:\WINDOWS\system32\drivers\kbdhid.sys - 2004-08-04 07:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2004-08-04 06:15:22 140,928 ----a-w I:\WINDOWS\system32\drivers\ks.sys + 2001-08-17 21:00:04 2,944 ----a-w I:\WINDOWS\system32\drivers\msmpu401.sys + 2004-11-03 10:20:24 13,332 ----a-w I:\WINDOWS\system32\drivers\MWhid.sys + 2003-04-24 12:00:00 2,944 ----a-w I:\WINDOWS\system32\drivers\null.sys + 2007-06-28 18:20:42 37,896 ----a-w I:\WINDOWS\system32\drivers\oobctm.sys + 2008-03-29 11:46:24 22,328 ----a-w I:\WINDOWS\system32\drivers\PnkBstrK.sys - 2004-08-04 06:15:49 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 2004-08-04 06:15:50 145,792 ----a-w I:\WINDOWS\system32\drivers\portcls.sys + 1999-07-20 03:38:00 73,216 ----a-w I:\WINDOWS\system32\drivers\SENTINEL.SYS - 2007-08-29 19:24:03 685,816 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-04-18 11:28:31 717,296 ----a-w I:\WINDOWS\system32\drivers\sptd.sys + 2008-02-25 18:50:37 102,664 ----a-w I:\WINDOWS\system32\drivers\tmcomm.sys + 2006-10-18 19:47:22 671,232 ------w I:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll - 2005-01-28 12:44:28 18,944 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-10-18 18:00:00 38,528 ----a-w I:\WINDOWS\system32\drivers\wpdusb.sys + 2006-09-28 16:55:50 77,568 ------w I:\WINDOWS\system32\drivers\WudfPf.sys + 2006-09-28 17:00:34 82,944 ------w I:\WINDOWS\system32\drivers\WudfRd.sys + 2006-10-18 18:00:46 249,856 ------w I:\WINDOWS\system32\drmupgds.exe - 2005-01-28 12:44:28 502,272 ----a-w I:\WINDOWS\system32\drmv2clt.dll + 2006-10-18 19:47:10 991,744 ----a-w I:\WINDOWS\system32\drmv2clt.dll - 2007-11-03 10:50:53 1,501,096 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2008-07-17 10:43:16 1,528,256 ----a-w I:\WINDOWS\system32\FNTCACHE.DAT + 2004-08-19 23:09:28 21,504 ----a-w I:\WINDOWS\system32\hidserv.dll - 2007-09-24 20:30:28 135,168 ----a-w I:\WINDOWS\system32\java.exe + 2008-02-22 00:23:35 135,168 ----a-w I:\WINDOWS\system32\java.exe - 2007-09-24 20:30:30 135,168 ----a-w I:\WINDOWS\system32\javaw.exe + 2008-02-22 00:23:39 135,168 ----a-w I:\WINDOWS\system32\javaw.exe - 2007-09-24 21:31:42 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2008-02-22 01:33:32 139,264 ----a-w I:\WINDOWS\system32\javaws.exe + 2003-04-24 12:00:00 2,000 ----a-w I:\WINDOWS\system32\keyboard.drv + 2004-08-19 23:09:30 4,096 ----a-w I:\WINDOWS\system32\ksuser(2).dll + 2003-04-24 12:00:00 224,448 ----a-w I:\WINDOWS\system32\lanman.drv - 2005-01-28 12:44:28 6,656 ----a-w I:\WINDOWS\system32\laprxy.dll + 2006-10-18 19:47:14 11,264 ----a-w I:\WINDOWS\system32\LAPRXY.dll - 2005-01-28 12:44:28 96,768 ----a-w I:\WINDOWS\system32\logagent.exe + 2006-10-18 18:03:58 100,864 ----a-w I:\WINDOWS\system32\logagent.exe + 2003-04-24 12:00:00 2,560 ----a-w I:\WINDOWS\system32\lz32.dll + 2008-03-25 02:32:44 218,496 ----a-r I:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe - 2007-11-25 00:14:48 48,749 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2008-07-17 17:28:03 74,649 ----a-w I:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe + 2003-04-24 12:00:00 73,680 ----a-w I:\WINDOWS\system32\mciavi.drv + 2003-04-24 12:00:00 25,280 ----a-w I:\WINDOWS\system32\mciseq.drv + 2003-04-24 12:00:00 28,160 ----a-w I:\WINDOWS\system32\mciwave.drv + 2004-12-09 15:50:56 2,142,208 ----a-w I:\WINDOWS\system32\MegaStore.exe + 2006-10-18 19:47:14 212,992 ------w I:\WINDOWS\system32\MFPLAT.dll + 2003-04-24 12:00:00 2,032 ----a-w I:\WINDOWS\system32\mouse.drv + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MP43DECD.dll - 2004-08-19 23:09:31 310,272 ------w I:\WINDOWS\system32\mp43dmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP43DMOD.dll + 2006-10-18 19:47:14 317,440 ------w I:\WINDOWS\system32\MP4SDECD.dll - 2004-08-19 23:09:31 384,512 ------w I:\WINDOWS\system32\mp4sdmod.dll + 2006-10-18 19:47:14 4,096 ------w I:\WINDOWS\system32\MP4SDMOD.dll + 2006-10-18 19:47:14 259,072 ------w I:\WINDOWS\system32\MPG4DECD.dll - 2004-08-19 23:09:31 240,640 ----a-w I:\WINDOWS\system32\mpg4dmod.dll + 2006-10-18 19:47:14 4,096 ----a-w I:\WINDOWS\system32\MPG4DMOD.dll + 2003-04-24 12:00:00 20,992 ----a-w I:\WINDOWS\system32\msacm32.drv + 2007-10-23 23:47:38 282,112 ----a-w I:\WINDOWS\system32\mscoree.dll + 2007-10-23 23:47:38 158,720 ----a-w I:\WINDOWS\system32\mscorier.dll + 2007-10-23 23:47:38 84,480 ----a-w I:\WINDOWS\system32\mscories.dll + 2006-10-02 13:28:42 312,128 ------w I:\WINDOWS\system32\msdelta.dll + 2005-07-26 07:59:48 86,016 ----a-w I:\WINDOWS\system32\MSffdrv.dll + 2005-08-23 15:10:02 880,640 ----a-w I:\WINDOWS\system32\MSffpage.dll + 2004-08-19 23:10:08 188,416 ----a-w I:\WINDOWS\system32\msh261.drv + 2004-08-20 00:10:08 294,912 ----a-w I:\WINDOWS\system32\msh263.drv - 2005-01-28 12:44:28 142,336 ----a-w I:\WINDOWS\system32\msnetobj.dll + 2006-10-18 19:47:16 179,712 ----a-w I:\WINDOWS\system32\msnetobj.dll - 2005-01-28 12:44:28 25,088 ----a-w I:\WINDOWS\system32\MsPMSNSv.dll + 2006-10-18 19:47:16 27,136 ----a-w I:\WINDOWS\system32\mspmsnsv.dll - 2005-01-28 12:44:28 173,568 ----a-w I:\WINDOWS\system32\MsPMSP.dll + 2006-10-18 19:47:16 175,616 ----a-w I:\WINDOWS\system32\mspmsp.dll - 2005-01-28 12:44:28 364,784 ----a-w I:\WINDOWS\system32\MSSCP.dll + 2006-10-18 19:47:16 414,208 ----a-w I:\WINDOWS\system32\msscp.dll - 2005-01-28 12:44:28 315,904 ----a-w I:\WINDOWS\system32\MSWMDM.dll + 2006-10-18 19:47:16 321,536 ----a-w I:\WINDOWS\system32\mswmdm.dll + 2007-05-15 13:43:10 1,320,800 ----a-w I:\WINDOWS\system32\msxml6.dll + 2007-05-08 15:08:12 86,728 ----a-w I:\WINDOWS\system32\msxml6r.dll + 2007-10-23 23:47:44 15,360 ----a-w I:\WINDOWS\system32\mui\0409\mscorees.dll + 2005-09-23 05:28:56 32,768 ----a-w I:\WINDOWS\system32\netfxperf.dll + 2006-10-22 10:22:00 4,527,488 ----a-w I:\WINDOWS\system32\nv4_disp(3).dll + 2006-10-22 10:22:00 35,840 ----a-w I:\WINDOWS\system32\nvcod(2).dll + 2007-06-28 21:02:08 1,049,856 ----a-w I:\WINDOWS\system32\oodag.exe + 2007-06-28 20:58:50 17,152 ----a-w I:\WINDOWS\system32\oodagmg.dll + 2007-06-28 20:58:52 15,616 ----a-w I:\WINDOWS\system32\oodagrs.dll + 2007-06-28 21:00:26 193,792 ----a-w I:\WINDOWS\system32\oodbs.exe + 2007-06-28 20:58:52 9,984 ----a-w I:\WINDOWS\system32\oodbsrs.dll + 2007-06-28 21:01:00 2,512,128 ----a-w I:\WINDOWS\system32\oodtray.exe + 2007-06-28 20:59:12 206,080 ----a-w I:\WINDOWS\system32\oodtrrs.dll + 2007-06-28 18:19:48 15,104 ----a-w I:\WINDOWS\system32\ootmapi.dll - 2007-10-28 09:54:07 39,992 ----a-w I:\WINDOWS\system32\perfc009.dat + 2008-07-15 15:03:10 90,608 ----a-w I:\WINDOWS\system32\perfc009.dat - 2007-10-28 09:54:07 48,616 ----a-w I:\WINDOWS\system32\perfc00C.dat + 2008-07-15 15:03:10 109,860 ----a-w I:\WINDOWS\system32\perfc00C.dat - 2007-10-28 09:54:07 311,604 ----a-w I:\WINDOWS\system32\perfh009.dat + 2008-07-15 15:03:10 487,864 ----a-w I:\WINDOWS\system32\perfh009.dat - 2007-10-28 09:54:07 367,658 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2008-07-15 15:03:10 563,722 ----a-w I:\WINDOWS\system32\perfh00C.dat + 2006-10-24 10:30:20 412,160 ------w I:\WINDOWS\system32\photometadatahandler.dll + 2008-03-27 08:49:56 66,872 ----a-w I:\WINDOWS\system32\PnkBstrA.exe + 2008-03-29 11:46:17 107,832 ----a-w I:\WINDOWS\system32\PnkBstrB.exe + 2006-10-18 19:47:18 284,160 ------w I:\WINDOWS\system32\PortableDeviceApi.dll + 2006-10-18 19:47:18 101,888 ------w I:\WINDOWS\system32\PortableDeviceClassExtension.dll + 2006-10-18 19:47:18 166,912 ------w I:\WINDOWS\system32\PortableDeviceTypes.dll + 2006-10-18 19:47:18 132,096 ------w I:\WINDOWS\system32\PortableDeviceWiaCompat.dll + 2006-10-18 19:47:18 199,168 ------w I:\WINDOWS\system32\PortableDeviceWMDRM.dll + 2007-03-22 18:25:02 124,928 ------w I:\WINDOWS\system32\prntvpt.dll - 2005-01-28 12:44:28 221,184 ----a-w I:\WINDOWS\system32\qasf.dll + 2006-10-18 19:47:18 211,456 ----a-w I:\WINDOWS\system32\qasf.dll - 2007-11-03 20:15:29 72,976 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2008-07-17 10:42:19 688,816 ----a-w I:\WINDOWS\system32\Restore\rstrlog.dat + 2006-08-24 14:15:06 150,808 ----a-w I:\WINDOWS\system32\rgb9rast_2.dll + 1999-07-20 03:38:00 32,256 ----a-r I:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE + 1999-07-20 03:38:00 17,920 ----a-w I:\WINDOWS\system32\RNBOVDD.DLL + 1999-07-20 03:38:00 47,616 ----a-w I:\WINDOWS\system32\SNTI386.DLL + 1999-07-20 03:38:00 8,128 ----a-r I:\WINDOWS\system32\sntnlusb.sys + 2003-04-24 12:00:00 1,744 ----a-w I:\WINDOWS\system32\sound.drv - 2006-11-17 14:14:30 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2006-10-16 14:10:58 14,640 ------w I:\WINDOWS\system32\spmsg.dll + 2007-03-22 18:25:42 677,376 ------w I:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe - 2005-06-28 08:21:46 22,752 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2006-10-16 14:10:58 23,856 ----a-w I:\WINDOWS\system32\spupdsvc.exe + 2003-04-24 12:00:00 3,360 ----a-w I:\WINDOWS\system32\system.drv + 2003-04-24 12:00:00 4,096 ----a-w I:\WINDOWS\system32\timer.drv - 2005-01-28 12:44:28 47,104 ----a-w I:\WINDOWS\system32\uwdf.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\uwdf.exe + 2003-04-24 12:00:00 2,176 ----a-w I:\WINDOWS\system32\vga.drv - 2005-01-28 12:44:28 15,872 ----a-w I:\WINDOWS\system32\wdfapi.dll + 2006-10-18 19:47:18 4,096 ----a-w I:\WINDOWS\system32\wdfapi.dll - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2006-10-18 19:58:00 8,704 ----a-w I:\WINDOWS\system32\wdfmgr.exe + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud(2).drv + 2004-08-19 23:10:08 23,552 ----a-w I:\WINDOWS\system32\wdmaud.drv + 2003-04-24 12:00:00 13,600 ----a-w I:\WINDOWS\system32\wfwnet.drv + 2006-10-24 10:30:06 716,288 ------w I:\WINDOWS\system32\WindowsCodecs.dll + 2006-10-24 10:29:50 352,256 ------w I:\WINDOWS\system32\WindowsCodecsExt.dll + 2003-04-24 12:00:00 2,864 ----a-w I:\WINDOWS\system32\winsock.dll + 2004-08-19 23:10:08 146,944 ----a-w I:\WINDOWS\system32\winspool.drv + 2003-04-24 12:00:00 2,112 ----a-w I:\WINDOWS\system32\winspool.exe - 2005-01-28 12:44:28 396,528 ----a-w I:\WINDOWS\system32\wmadmod.dll + 2006-10-18 19:47:18 757,248 ----a-w I:\WINDOWS\system32\wmadmod.dll - 2005-01-28 12:44:28 716,288 ----a-w I:\WINDOWS\system32\wmadmoe.dll + 2006-10-18 19:47:18 1,117,696 ----a-w I:\WINDOWS\system32\WMADMOE.dll - 2007-10-20 05:01:32 227,328 ----a-w I:\WINDOWS\system32\wmasf.dll + 2006-10-18 19:47:18 222,208 ----a-w I:\WINDOWS\system32\wmasf.dll - 2005-01-28 12:44:28 28,160 ----a-w I:\WINDOWS\system32\WMDMLOG.dll + 2006-10-18 19:47:18 33,792 ----a-w I:\WINDOWS\system32\wmdmlog.dll - 2005-01-28 12:44:28 33,792 ----a-w I:\WINDOWS\system32\WMDMPS.dll + 2006-10-18 19:47:18 37,376 ----a-w I:\WINDOWS\system32\wmdmps.dll - 2005-01-28 12:44:28 335,872 ----a-w I:\WINDOWS\system32\WMDRMdev.dll + 2006-10-18 19:47:18 429,056 ----a-w I:\WINDOWS\system32\wmdrmdev.dll - 2005-01-28 12:44:28 290,816 ----a-w I:\WINDOWS\system32\WMDRMNet.dll + 2006-10-18 19:47:20 348,672 ----a-w I:\WINDOWS\system32\wmdrmnet.dll + 2006-10-18 19:47:20 535,040 ------w I:\WINDOWS\system32\wmdrmsdk.dll - 2004-08-19 23:09:07 200,704 ------w I:\WINDOWS\system32\wmerror.dll + 2006-11-03 07:58:42 272,384 ------w I:\WINDOWS\system32\wmerror.dll - 2005-01-28 12:44:28 150,016 ----a-w I:\WINDOWS\system32\wmidx.dll + 2006-10-18 19:47:20 157,184 ----a-w I:\WINDOWS\system32\wmidx.dll - 2005-01-28 12:44:28 1,027,072 ----a-w I:\WINDOWS\system32\wmnetmgr.dll + 2006-10-18 19:47:20 937,984 ----a-w I:\WINDOWS\system32\WMNetMgr.dll - 2007-04-30 00:22:16 4,734,976 ------w I:\WINDOWS\system32\wmp.dll + 2006-10-18 19:47:20 10,834,432 ------w I:\WINDOWS\system32\wmp.dll - 2004-08-19 23:09:49 114,688 ------w I:\WINDOWS\system32\wmpasf.dll + 2006-10-18 19:47:20 242,688 ------w I:\WINDOWS\system32\wmpasf.dll - 2004-08-19 23:09:49 233,472 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 314,880 ------w I:\WINDOWS\system32\wmpdxm.dll + 2006-10-18 19:47:20 295,936 ------w I:\WINDOWS\system32\wmpeffects.dll + 2006-10-18 19:47:20 1,661,440 ------w I:\WINDOWS\system32\wmpencen.dll + 2006-10-24 10:30:00 276,992 ------w I:\WINDOWS\system32\WMPhoto.dll - 2004-08-19 23:09:11 2,985,984 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-11-03 08:03:34 8,292,352 ----a-w I:\WINDOWS\system32\wmploc.dll + 2006-10-18 19:47:20 613,376 ------w I:\WINDOWS\system32\wmpmde.dll + 2006-10-18 19:47:20 130,048 ------w I:\WINDOWS\system32\wmpps.dll - 2004-08-19 23:09:49 102,400 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-11-03 07:59:06 99,840 ----a-w I:\WINDOWS\system32\wmpshell.dll + 2006-10-18 19:47:20 204,288 ------w I:\WINDOWS\system32\wmpsrcwp.dll - 2005-01-28 12:44:28 774,904 ----a-w I:\WINDOWS\system32\wmsdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmod.dll - 2005-01-28 12:44:28 1,119,744 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmsdmoe2.dll - 2005-01-28 12:44:28 413,944 ----a-w I:\WINDOWS\system32\wmspdmod.dll + 2006-10-18 19:47:22 603,648 ----a-w I:\WINDOWS\system32\WMSPDMOD.dll - 2005-01-28 12:44:28 940,544 ----a-w I:\WINDOWS\system32\wmspdmoe.dll + 2006-10-18 19:47:22 1,329,152 ----a-w I:\WINDOWS\system32\WMSPDMOE.dll - 2005-01-28 12:44:28 1,218,808 ----a-w I:\WINDOWS\system32\wmvadvd.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVD.dll - 2005-01-28 12:44:28 1,512,448 ----a-w I:\WINDOWS\system32\WMVADVE.DLL + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\WMVADVE.DLL - 2006-12-07 05:29:34 2,374,472 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 2,450,944 ----a-w I:\WINDOWS\system32\wmvcore.dll + 2006-10-18 19:47:22 1,543,680 ------w I:\WINDOWS\system32\WMVDECOD.dll - 2005-01-28 12:44:28 895,736 ----a-w I:\WINDOWS\system32\wmvdmod.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmod.dll - 2005-01-28 12:44:28 1,003,008 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 4,096 ----a-w I:\WINDOWS\system32\wmvdmoe2.dll + 2006-10-18 19:47:22 1,574,912 ------w I:\WINDOWS\system32\WMVENCOD.dll + 2006-10-18 19:47:22 1,382,912 ------w I:\WINDOWS\system32\WMVSDECD.dll + 2006-10-18 19:47:22 767,488 ------w I:\WINDOWS\system32\WMVSENCD.dll + 2006-10-18 19:47:22 656,896 ------w I:\WINDOWS\system32\WMVXENCD.dll + 2003-04-24 12:00:00 2,736 ----a-w I:\WINDOWS\system32\wowdeb.exe - 2005-01-28 12:44:28 38,912 ----a-w I:\WINDOWS\system32\wpd_ci.dll + 2006-10-18 19:47:22 629,760 ----a-w I:\WINDOWS\system32\wpd_ci.dll - 2005-01-28 12:44:28 61,952 ----a-w I:\WINDOWS\system32\wpdconns.dll + 2006-10-18 19:47:22 35,840 ----a-w I:\WINDOWS\system32\wpdconns.dll - 2005-01-28 12:44:28 114,176 ----a-w I:\WINDOWS\system32\wpdmtp.dll + 2006-10-18 19:47:22 154,624 ----a-w I:\WINDOWS\system32\wpdmtp.dll - 2005-01-28 12:44:28 66,560 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 63,488 ----a-w I:\WINDOWS\system32\wpdmtpus.dll + 2006-10-18 19:47:22 2,603,008 ------w I:\WINDOWS\system32\WpdShext.dll + 2006-10-18 18:00:14 17,408 ------w I:\WINDOWS\system32\wpdshextautoplay.exe + 2006-11-02 09:52:12 44,032 ------w I:\WINDOWS\system32\wpdshextres.dll + 2006-10-18 19:47:22 133,632 ------w I:\WINDOWS\system32\WPDShServiceObj.dll - 2005-01-28 12:44:28 331,264 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-10-18 19:47:22 356,352 ----a-w I:\WINDOWS\system32\wpdsp.dll + 2006-09-28 18:13:26 95,344 ------w I:\WINDOWS\system32\WUDFCoinstaller.dll + 2006-09-28 16:56:38 146,432 ------w I:\WINDOWS\system32\WudfHost.exe + 2006-09-28 16:56:16 165,376 ------w I:\WINDOWS\system32\WudfPlatform.dll + 2006-09-28 16:56:14 55,808 ------w I:\WINDOWS\system32\WudfSvc.dll + 2006-09-28 16:56:38 316,416 ------w I:\WINDOWS\system32\WUDFx.dll - 2007-07-30 17:19:28 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-07-30 17:19:46 203,096 ----a-w I:\WINDOWS\system32\wuweb.dll + 2007-03-23 04:07:54 583,504 ------w I:\WINDOWS\system32\XPSSHHDR.dll + 2007-03-23 04:07:56 1,683,280 ------w I:\WINDOWS\system32\XpsSvcs.dll + 2000-08-31 06:00:00 49,152 ----a-w I:\WINDOWS\VFind.exe + 2008-07-15 15:02:50 8,192 ----a-w I:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2006-12-01 20:56:00 96,256 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll + 2007-10-23 23:47:56 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcm80.dll + 2007-10-23 23:47:56 558,080 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll + 2007-10-23 23:47:56 635,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll - 2005-09-22 21:48:08 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll + 2005-09-23 05:29:16 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll - 2005-09-22 21:48:08 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll + 2005-09-23 05:29:16 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll - 2005-09-22 21:48:06 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2005-09-23 05:29:16 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll + 2006-12-01 21:54:32 479,232 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll + 2006-12-01 21:54:34 548,864 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll + 2006-12-01 21:54:32 626,688 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll + 2006-12-01 23:25:52 1,101,824 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll + 2006-12-01 23:25:56 1,093,120 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll + 2006-12-01 23:25:58 69,632 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll + 2006-12-01 23:26:00 57,856 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll + 2006-12-01 22:08:00 40,960 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll + 2006-12-01 22:08:00 45,056 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll + 2006-12-01 22:08:00 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll + 2006-12-01 22:08:00 57,344 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll + 2006-12-01 22:08:00 61,440 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll + 2006-12-01 22:08:00 49,152 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll + 2006-12-01 22:46:44 65,536 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll + 2007-11-07 15:19:32 161,784 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll + 2007-11-07 10:23:58 224,768 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2007-11-07 15:19:34 568,832 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 15:19:34 655,872 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 15:19:38 1,156,600 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll + 2007-11-07 15:19:38 1,162,744 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll + 2007-11-07 12:51:08 59,904 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll + 2007-11-07 15:19:16 41,472 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll + 2007-11-07 15:19:16 41,984 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll + 2007-11-07 15:19:28 60,928 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll + 2007-11-07 15:19:22 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll + 2007-11-07 15:19:28 60,416 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll + 2007-11-07 15:19:28 59,392 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll + 2007-11-07 15:19:16 47,104 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll + 2007-11-07 15:19:16 46,592 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll + 2007-11-07 15:19:22 54,272 ----a-w I:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll + 2008-07-15 15:02:57 258,048 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2008-07-15 15:02:57 113,664 ----a-w I:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2000-08-31 06:00:00 68,096 ----a-w I:\WINDOWS\zip.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360] "Steam"="i:\program files\valve\steam\steam.exe" [2008-06-07 17:47 1271032] "msnmsgr"="I:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:55 5674352] "swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-15 00:11 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PowerStrip"="i:\program files\powerstrip\pstrip.exe" [2007-07-14 11:35 730360] "NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480] "MessengerPlus3"="I:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-08-14 17:51 190024] "BigDogPath"="I:\WINDOWS\VM_STI.EXE" [2004-11-29 08:28 40960] "nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 I:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2006-10-22 12:22 86016 I:\WINDOWS\system32\nvmctray.dll] "Cmaudio"="cmicnfg.cpl" [N/A] I:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Outil de mise … jour Google.lnk - I:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-15 00:11:11 124912] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "SENTINEL"= snti386.dll [HKLM\~\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] path=I:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk backup=I:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware] --a------ 2007-06-11 11:25 6731312 I:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\a-squared] --a------ 2008-07-14 19:00 2132112 I:\Program Files\a-squared Anti-Malware\a2guard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt] --a------ 2006-01-18 15:52 229416 I:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] --a------ 2008-04-01 11:39 486856 I:\Program Files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HiYo] I:\Program Files\HiYo\bin\HiYo.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] --a------ 2008-04-01 12:40 172280 I:\Program Files\ICQ6\ICQ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] -ra------ 2001-07-09 12:50 155648 I:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray] --a------ 2007-06-28 23:01 2512128 I:\WINDOWS\system32\oodtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb] --a------ 2007-10-23 02:47 360448 I:\Program Files\Winamp Remote\bin\OrbTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2003-06-24 15:23 61440 I:\Program Files\Home Cinema\PowerCinema\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-02-22 05:25 144784 I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] --a------ 2007-05-15 16:34 3975848 I:\Program Files\TomTom HOME\TomTomHOME.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] I:\Program Files\Unlocker\UnlockerAssistant.exe [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-10-10 07:28 36352 I:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}] I:\WINDOWS\system32\kcjzxnuekosgnnaxj.dll [N/A] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Corporation Svchost Service] mssvc.exe [N/A] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "I:\\Program Files\\MSN Messenger\\livecall.exe"= "I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"= "I:\\Program Files\\ICQ6\\ICQ.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"= "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"= "I:\\Program Files\\LimeWire\\LimeWire.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"= "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3478:UDP"= 3478:UDP:stun "3479:UDP"= 3479:UDP:stun 2 "6112:UDP"= 6112:UDP:stun 3 "5730:UDP"= 5730:UDP:game "5739:UDP"= 5739:UDP:game 1 "9001:TCP"= 9001:TCP:game 2 "11881:TCP"= 11881:TCP:game 3 "11881:UDP"= 11881:UDP:game4 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 avgntmgr;avgntmgr;I:\WINDOWS\system32\drivers\avgntmgr.sys [2005-07-04 11:58] R1 appdrv01;Application Driver (01);I:\WINDOWS\system32\Drivers\appdrv01.sys [2008-07-11 20:33] R1 avgntdd;avgntdd;I:\WINDOWS\system32\DRIVERS\avgntdd.sys [2005-08-23 15:32] R2 PStrip;PStrip;I:\WINDOWS\system32\drivers\pstrip.sys [2007-07-15 03:37] R3 Cap7134;MEDION (7134) WDM Video Capture;I:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-11-04 17:29] R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;I:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-11-04 17:32] S1 hidfltr;HID Filter Driver;I:\WINDOWS\system32\drivers\MWhid.sys [2004-11-03 12:20] S2 appdrvrem01;Application Driver Auto Removal Service (01);I:\WINDOWS\System32\appdrvrem01.exe svc [] S3 ewdmaudn;ewdmaudn;I:\DOCUME~1\BENOIT~1\LOCALS~1\Temp\ewdmaudn.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2291a4b8-0870-11dd-b659-000c76febb28}] \Shell\AutoRun\command - K:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{360363b4-0d3b-11dd-b665-000c76febb28}] \Shell\AutoRun\command - G:\Exe\Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0f6098-3a40-11dd-b6c8-000c76febb28}] \Shell\AutoRun\command - L:\InstallTomTomHOME.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-07-12 22:36:01 I:\WINDOWS\Tasks\At1.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At10.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 08:07:03 I:\WINDOWS\Tasks\At11.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:07:14 I:\WINDOWS\Tasks\At12.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 10:07:15 I:\WINDOWS\Tasks\At13.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 11:07:22 I:\WINDOWS\Tasks\At14.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 12:07:21 I:\WINDOWS\Tasks\At15.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:05 I:\WINDOWS\Tasks\At16.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At17.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At18.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 16:00:05 I:\WINDOWS\Tasks\At19.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At2.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 17:00:02 I:\WINDOWS\Tasks\At20.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At21.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At22.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At23.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At24.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 22:56:10 I:\WINDOWS\Tasks\At25.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 23:00:10 I:\WINDOWS\Tasks\At26.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:10 I:\WINDOWS\Tasks\At27.job" - I:\WINDOWS\system32\HJO0GNU5.exe - È:\îP˜ "2008-07-13 01:00:10 I:\WINDOWS\Tasks\At28.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 02:00:10 I:\WINDOWS\Tasks\At29.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At3.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-13 03:00:10 I:\WINDOWS\Tasks\At30.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 04:00:10 I:\WINDOWS\Tasks\At31.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At32.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At33.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At34.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At35.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At36.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At37.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At38.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At39.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At4.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At40.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 14:00:10 I:\WINDOWS\Tasks\At41.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 15:00:10 I:\WINDOWS\Tasks\At42.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 16:00:10 I:\WINDOWS\Tasks\At43.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 17:00:10 I:\WINDOWS\Tasks\At44.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 18:08:50 I:\WINDOWS\Tasks\At45.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 19:07:32 I:\WINDOWS\Tasks\At46.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At47.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At48.job" - I:\WINDOWS\system32\HJO0GNU5.exe "2008-07-12 22:10:00 I:\WINDOWS\Tasks\At49.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At5.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-12 23:00:00 I:\WINDOWS\Tasks\At50.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 00:00:00 I:\WINDOWS\Tasks\At51.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 01:00:00 I:\WINDOWS\Tasks\At52.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 02:00:00 I:\WINDOWS\Tasks\At53.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:00 I:\WINDOWS\Tasks\At54.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:00 I:\WINDOWS\Tasks\At55.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 05:00:00 I:\WINDOWS\Tasks\At56.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 06:00:00 I:\WINDOWS\Tasks\At57.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-15 07:00:00 I:\WINDOWS\Tasks\At58.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At59.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At6.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At60.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At61.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At62.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At63.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 13:00:00 I:\WINDOWS\Tasks\At64.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 14:00:00 I:\WINDOWS\Tasks\At65.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 15:00:00 I:\WINDOWS\Tasks\At66.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 16:00:00 I:\WINDOWS\Tasks\At67.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 17:00:00 I:\WINDOWS\Tasks\At68.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 18:00:25 I:\WINDOWS\Tasks\At69.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At7.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 19:00:00 I:\WINDOWS\Tasks\At70.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At71.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At72.job" - I:\WINDOWS\system32\NW1iG6cU.exe "2008-07-12 22:58:01 I:\WINDOWS\Tasks\At73.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-12 23:00:01 I:\WINDOWS\Tasks\At74.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 00:00:01 I:\WINDOWS\Tasks\At75.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 01:00:01 I:\WINDOWS\Tasks\At76.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 02:00:01 I:\WINDOWS\Tasks\At77.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 03:00:01 I:\WINDOWS\Tasks\At78.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-13 04:00:01 I:\WINDOWS\Tasks\At79.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At8.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 05:00:02 I:\WINDOWS\Tasks\At80.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At81.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-15 07:00:02 I:\WINDOWS\Tasks\At82.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 08:00:00 I:\WINDOWS\Tasks\At83.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 09:00:00 I:\WINDOWS\Tasks\At84.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 10:00:00 I:\WINDOWS\Tasks\At85.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 11:00:00 I:\WINDOWS\Tasks\At86.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-18 12:00:00 I:\WINDOWS\Tasks\At87.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 13:00:10 I:\WINDOWS\Tasks\At88.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 14:00:02 I:\WINDOWS\Tasks\At89.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 06:00:02 I:\WINDOWS\Tasks\At9.job" - I:\WINDOWS\system32\C3DL15v4.exe "2008-07-17 15:00:01 I:\WINDOWS\Tasks\At90.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 16:00:09 I:\WINDOWS\Tasks\At91.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 17:00:03 I:\WINDOWS\Tasks\At92.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 18:00:27 I:\WINDOWS\Tasks\At93.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 19:00:03 I:\WINDOWS\Tasks\At94.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 20:00:00 I:\WINDOWS\Tasks\At95.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 21:00:00 I:\WINDOWS\Tasks\At96.job" - I:\WINDOWS\system32\tOgc374C.exe "2008-07-17 12:40:07 I:\WINDOWS\Tasks\User_Feed_Synchronization-{4274763A-B51A-48F2-A192-02DCE7262C32}.job" - I:\WINDOWS\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-18 14:31:26 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-07-18 14:32:53 ComboFix-quarantined-files.txt 2008-07-18 12:32:35 ComboFix2.txt 2008-01-20 20:43:00 Pre-Run: 177,256,910,848 octets libres Post-Run: 177,319,284,736 octets libres 1140 --- E O F --- 2008-01-10 00:54:35
  23. Drog-
    voici mon rapport sdfix : SDFix: Version 1.206 Run by benoit pellissier on 18/07/2008 at 14:14 Microsoft Windows XP [version 5.1.2600] Running From: I:\DOCUME~1\BENOIT~1\Bureau\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-18 14:20:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:e5,3f,6a,04,77,cd,e0,e1,f1,7a,92,23,b2,1d,4d,61,bf,8c,31,d6,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:62,6c,85,bd,75,53,15,09,dd,71,37,68,49,0b,b4,28,d5,c0,46,4f,04,.. "p0"="I:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "khjeh"=hex:7e,74,aa,9a,1f,f5,c6,02,54,f0,5b,32,02,11,0e,e2,74,e6,32,30,83,.. "a0"=hex:20,01,00,00,5b,6d,ff,d5,d1,ad,99,35,1f,fb,67,73,3d,c9,a1,0a,4d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:c0,11,79,80,e9,99,7a,22,5c,ff,60,24,b2,c4,bc,ee,68,b3,7a,76,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:c0,11,79,80,e9,99,7a,22,5c,ff,60,24,b2,c4,bc,ee,68,b3,7a,76,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] "khjeh"=hex:d7,43,4b,86,f5,04,08,a7,3c,9d,8a,d0,be,24,ab,78,b5,74,d6,da,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43] "khjeh"=hex:d7,43,4b,86,f5,04,08,a7,3c,9d,8a,d0,be,24,ab,78,b5,74,d6,da,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:e5,3f,6a,04,77,cd,e0,e1,f1,7a,92,23,b2,1d,4d,61,bf,8c,31,d6,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:62,6c,85,bd,75,53,15,09,dd,71,37,68,49,0b,b4,28,d5,c0,46,4f,04,.. "p0"="I:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "khjeh"=hex:7e,74,aa,9a,1f,f5,c6,02,54,f0,5b,32,02,11,0e,e2,74,e6,32,30,83,.. "a0"=hex:20,01,00,00,5b,6d,ff,d5,d1,ad,99,35,1f,fb,67,73,3d,c9,a1,0a,4d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:c0,11,79,80,e9,99,7a,22,5c,ff,60,24,b2,c4,bc,ee,68,b3,7a,76,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41] "khjeh"=hex:c0,11,79,80,e9,99,7a,22,5c,ff,60,24,b2,c4,bc,ee,68,b3,7a,76,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42] "khjeh"=hex:d7,43,4b,86,f5,04,08,a7,3c,9d,8a,d0,be,24,ab,78,b5,74,d6,da,25,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43] "khjeh"=hex:d7,43,4b,86,f5,04,08,a7,3c,9d,8a,d0,be,24,ab,78,b5,74,d6,da,25,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="7DDD3B15AB46C087185BF2F41D52BD4927046B6821CCDA04A66FB2339EEC93D7E017499904B 316210B0BF5D27E2B092729BAFAFB8E321E5C49468BA9EA5FF7B18DEB1DFC2CEB5DFB7D7801515032 3D63B7D0D37508BF87E76488B5755E6FC971FE86DA76A01B2B7572BDE42123572FA6F973131DD2C44 5B860913B16936EB4B2881598DFEF33CA523FFBE4161D4DE3FCE9514ADE4857BCC27F431B34387199 F1CCC761383E6D38B80D5238A6F50B17D6581F7D4E554E06DFD48246188F510E9345D43423C1BFA63 5DBEA8CF0784D36886692A51E7AC469CE483623AE6E2C59DB3EF705E6C6EAF936FA6D013386FEBC9E 127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E1 27BECC74CA6A0AC4980AC79339DB7CE019D40AA5CA9C6AECB7A5D1407BA7FD869164D6794B9A6C01C D3B2297768560EDDE1AB67DFDE2D0514CFADB85F28972958D65D1837F0B3B8A957076681B246CC050 E725AECF3008CC75593F3509591F0F003891089300F94A34BE3FB3008239981B4442191831B1BD1A4 C94206BFB1AD7B6ECF438EAD3772CF82F48647BE8BBC9D9BFAD327A3D7411E8F75538DA02ED8AA9B4 21CA76064D4C550D7CB9FEF4FDF7809E12E99B14571706F2D7D0872F2500593E5294B087B22F390A0 B0A27B749382C63910684A2686E09F80382BB61FD46762B61A04241BA4999FD6414F02B54B01A3B57 EA9D1F03BD97EEF22BE32878C8198A0466F79138BCBDFF32BBAEAFEDC10F17E1F04EF4FAF18EFEE79 236BB200D74D87A7401267E8F2B5E7438A5FF2061B09AFC0B40F216A30DC6826462FDB1E4096BF5BB CBB5232CD8C15FEFA4EE6E465C35A500C5EF7D109B038AFAF8DF3B669911425BF06BE42EA51D3795B E9E3FC030001E3EDD11A33DC5AB043F75B9DFE505FC3E8B547CDD830F4EE718EA727B5DF211CB1D11 F82BE39CD95314C2FB092C9247D30A3975416566DA34A8C41235A388C981745C1E088038320EEECE6 376DFD89EB2B9D555A82E936270BDEB67D1A9FAED593E8F995097175FD94B122726FE7BBA4AA4EA01 C084CC91FDD26C78E097974274BEF4AB91D8CA3CEDF81C455E0D8EAB824F45F8BF2B0ACA612957DE5 1E80D1560522F995063414A8B1DA760869724C29B1E3BACB7821E2CD1AF42042B5433D1DAD5D1428E 51DCA168ECD2565162E97EB117F1FB5AD7AF5170E9E3D1B8D23B02ED411E724464B5591A0817E7CD9 570B6BA443BD568D6D7479A802A89AC955AB2BAE4107F0949B440DB2ADF812898D660572BD8D6C757 E70DE4723F79BF2E330AD9286CBA79FBB2A6DB621CB1CDDC3ED8AA391C4EFA806FD286D988432722D 45C07C0ECE971DAE9E0C42BBF148F4436A4386746306CD31B728C38DED231962F4648C1770C3A3CAB C368DF12DF3CF272AE70EB0A80DED" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"="I:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008" "I:\\Nexon\\KartRider\\NMService.exe"="I:\\Nexon\\KartRider\\NMService.exe:*:Enabled:Nexon Messenger Core" "I:\\Program Files\\MSN Messenger\\livecall.exe"="I:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Call" "I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe"="I:\\Program Files\\Cyanide\\GameCenter\\GameCenter.exe:*:Enabled:GameCenter" "I:\\Program Files\\ICQ6\\ICQ.exe"="I:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6" "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe"="I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\Win32\\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service" "I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe"="I:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XIIc\\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "I:\\Program Files\\LimeWire\\LimeWire.exe"="I:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe"="I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\PCM.exe:*:Enabled:Pro Cycling Manager - Season 2008" "I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe"="I:\\Program Files\\Cyanide\\Pro Cycling Manager - Season 2008\\Autorun\\Exe\\Autorun.exe:*:Enabled:Pro Cycling Manager - Season 2008 - AutoRun" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files : Files with Hidden Attributes : Thu 5 Jun 2003 24,576 A..H. --- I:\PROGRA~1\RAMBOO~1\STOPRAM.EXE Wed 29 Aug 2007 4,348 ..SH. --- I:\DOCUME~1\ALLUSE~1\DRM\DRMV1.BAK Mon 30 Jun 2008 0 A.SH. --- I:\DOCUME~1\ALLUSE~1\DRM\CACHE\INDIV01.TMP Mon 30 Jun 2008 0 A.SH. --- I:\DOCUME~1\ALLUSE~1\DRM\CACHE\INDIV02.TMP Wed 15 Aug 2007 72 A..H. --- I:\PROGRA~1\COMMON~1\X10\COMMON\X10PROD.SYS Wed 29 Aug 2007 4,348 ...H. --- I:\DOCUME~1\BENOIT~1\MESDOC~1\MAMUSI~1\SAUVEG~1\DRMV1KEY.BAK Wed 29 Aug 2007 20 A..H. --- I:\DOCUME~1\BENOIT~1\MESDOC~1\MAMUSI~1\SAUVEG~1\DRMV1LIC.BAK Wed 29 Aug 2007 400 ...H. --- I:\DOCUME~1\BENOIT~1\MESDOC~1\MAMUSI~1\SAUVEG~1\DRMV2KEY.BAK Wed 29 Aug 2007 1,536 A..H. --- I:\DOCUME~1\BENOIT~1\MESDOC~1\MAMUSI~1\SAUVEG~1\DRMV2LIC.BAK Finished!
  24. Drog-
    dans runthis quand j appuie sur Y ca me ferme la fenetre dos est ce normale
  25. Drog-
    [REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\I:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk] "path"="I:\\Documents and Settings\\All Users\\Menu Démarrer\\Programmes\\Démarrage\\Microsoft Office.lnk" "backup"="I:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup" "location"="Common Startup" "command"="I:\\PROGRA~1\\MICROS~3\\Office\\OSA9.EXE -b -l" "item"="Microsoft Office" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\!AVG Anti-Spyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="avgas" "hkey"="HKLM" "command"="\"I:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\a-squared] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="a2guard" "hkey"="HKLM" "command"="\"I:\\Program Files\\a-squared Anti-Malware\\a2guard.exe\" /d=60" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgnt] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="avgnt" "hkey"="HKLM" "command"="\"I:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="daemon" "hkey"="HKCU" "command"="\"I:\\Program Files\\DAEMON Tools Lite\\daemon.exe\" -autorun" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HiYo] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HiYo" "hkey"="HKLM" "command"="I:\\Program Files\\HiYo\\bin\\HiYo.exe /RunFromStartup" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ICQ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ICQ" "hkey"="HKCU" "command"="\"I:\\Program Files\\ICQ6\\ICQ.exe\" silent" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Corporation Svchost Service] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mssvc" "hkey"="HKLM" "command"="mssvc.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="I:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OODefragTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="oodtray" "hkey"="HKLM" "command"="I:\\WINDOWS\\system32\\oodtray.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Orb] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OrbTray" "hkey"="HKCU" "command"="\"I:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCMService] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PCMService" "hkey"="HKLM" "command"="\"I:\\Program Files\\Home Cinema\\PowerCinema\\PCMService.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="jusched" "hkey"="HKLM" "command"="\"I:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME" "hkey"="HKLM" "command"="\"I:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UnlockerAssistant" "hkey"="HKLM" "command"="\"I:\\Program Files\\Unlocker\\UnlockerAssistant.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winampa" "hkey"="HKLM" "command"="\"I:\\Program Files\\Winamp\\winampa.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\{7147f2b1-74f9-82c9-6bdd-49be6cbfe9fb}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="kcjzxnuekosgnnaxj" "hkey"="HKLM" "command"="I:\\WINDOWS\\System32\\Rundll32.exe \"I:\\WINDOWS\\system32\\kcjzxnuekosgnnaxj.dll\" DllStart" "inimapping"="0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini"=dword:00000000 "win.ini"=dword:00000000 "services"=dword:00000000 "startup"=dword:00000002
×
×
  • Créer...