André 46

Bonsoir, Je crois que je vais me résoudre à réinstaller Windows 7 avec lequel j'avais beaucoup moins de problèmes. En tous cas, un grand merci à tous ceux qui sont intervenus dans ce post. André

Bonsoir, Après avoir utilisé, comme indiqué, dotnetfx cleanup tool, j'ai, via le lien, téléchargé la dernière version de Net Framework. L'installation n'est pas possible car le programme existe déjà. Y-a-t-il autre chose à faire ? Bien cordialement

Bonjour, J'ai exécuté toutes les manipulations prescrites et mes problèmes ne sont pas résolus. Il ne s'agirait donc pas d'un virus ou d'une appartenance à un "bobnet". Concernant mon problème avec l'application "Sonos Desktop Controller", j'ai été en contact avec leur centre d'aide. Ils m'ont dit qu'il s'agissait très certainement d'un problème avec le programme ".net " dont la version 4.5 (pour Windows 8.1) devait être sur mon PC. Ils ont (à distance), sans succès, essayé de désinstaller puis de réinstaller " .net ". Pour terminer de me suggérer de réinstaller Windows 8.1, ce qui me déplairait. Pour info, quand j'ai essayé de faire tourner l'application "Sonos" en mode "sans échec", j'ai reçu un message complémentaire qui disait : "ERREUR D'APPLICATION - l'exception EXCEPTION logicielle inconnue (0xe0434352) s'est produite dans l'application à l'emplacement 0x77951d4d. Pensez vous qu'il y aurait encore une solution pour résoudre mon problème sans devoir tout réinstaller. Encore un grand merci pour votre intervention

Bonsoir, Merci à Notpa pour son tuyeau. Le message de ZHPFix disait ceci : " The parth. C:\users\Andre\AppData\Local\Temp\IMMMINENT\imminenrt.msi cannot be found. Verify that you have acces to this location and try again, or try to find thr installation package"imminent.msi" in a folder from wich you can install the product imminent" Néanmoins, si je ne me trompe pas, dans le rapport, le fichier semble effacé. Bonne soirée

Bonjour, Tout d'abord, merci pour votre intervention. Voici les rapports des diverses manipulations SFGTC http://cjoint.com/?0HqthBqKKaD JavaUpdate http://cjoint.com/?0HqtgAJE2zG FlashPlayer http://cjoint.com/?0HqtfDfotX5 AdwCleaner http://cjoint.com/?0Hqtd7YDhxL ZHPFix http://cjoint.com/?0HqtdarUapK Je précise que durant l'exécution de ZHPFix, j'ai reçu un message d'erreur me signalant que l'application ne trouvait pas le chemin de "imminent". Pourtant rapport signale sa suppression. J'ai fait une copie d'écran de ce message : http://cjoint.com/?3HqtAHC6ycL Merci encore pour le temps que vous me consacrez

~ Rapport de ZHPDiag v2014.8.13.118 - Nicolas Coolman (13/08/2014) ~ Lancé par Andre (16/08/2014 12:16:34) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17239 MFIE: Mozilla Firefox 31.0 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 8.1 Pro, 64-bit (Build 9600) Windows Server License Manager Script : OK ~ Windows® Operating System, RETAIL channel Windows ID Activation : OK ~ Windows Partial Key : DGJXV Windows License : OK ~ Windows Remaining Initializations Number : 999 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système G Data InternetSecurity v25.0.1.5 Malwarebytes Anti-Malware version 2.0.2.1012 Windows Defender W8 (Deactivate) ---\\ Logiciels d'optimisation du système CCleaner v4.15 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 14 Plugin Adobe Reader XI Java 7 Update 51 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6110 MB (48% free) System Restore: Activé (Enable) System drive C: has 1153 GB (85%) free of 1346 GB ---\\ Mode de connexion au système ~ Computer Name: LOUSTALOU-PC ~ User Name: Andre ~ All Users Names: Sonos, Rita, HomeGroupUser$, dede, Andre, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Andre\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Andre\AppData\Roaming\ ~ %Desktop% : C:\Users\Andre\Desktop\ ~ %Favorites% : C:\Users\Andre\Favorites\ ~ %LocalAppData% : C:\Users\Andre\AppData\Local\ ~ %StartMenu% : C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 1153 Go of 1346 Go) D: Hard drive, Flash drive, Thumb drive (Free 29 Go of 50 Go) E: CD-ROM drive (Free 0 Go of 2 Go) G: Floppy drive, Flash card reader, USB Key (Not Inserted) H: Floppy drive, Flash card reader, USB Key (Free 56 Go of 58 Go) I: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 46 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.CB0A4CACEB3CB41983FDE2945C99F3D2] - (.Microsoft Corporation - Explorateur Windows.) (.06/08/2014 - 01:48:54.) -- C:\Windows\Explorer.exe [2374816] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.8E71A5CB5312B8392D4DA4CA37BB5868] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/07/2014 - 11:52:06.) -- C:\Windows\System32\wininet.dll [2266624] [MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/02/2014 - 10:45:48.) -- C:\Windows\System32\Winlogon.exe [562176] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 04:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144] [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 12:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848] [MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 07:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624] [MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/07/2014 - 16:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:59:55.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520] [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 03:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 3/11176 ~ Mes musiques (My Musics) : 1/1581 ~ Mes Videos (My Videos) : 2/129 ~ Mes Favoris (My Favorites) : 1/1487 ~ Mes Documents (My Documents) : 4/2175 ~ Mon Bureau (My Desktop) : 2/691 ~ Menu demarrer (Programs) : 1/122 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.205B7F5C08338573CB9593C15E08F2B2] - (.Orange - ma Livebox.) -- C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe [149824] [PID.2696] [MD5.5B46DD64073617F75DD256EB5B464902] - (.Orange - Executable Orange Inside.) -- C:\Users\Andre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1554072] [PID.2704] [MD5.E2C460BE430173E81995BB1484FEEE0E] - (.G Data Software AG - G Data Security Software.) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1725048] [PID.2784] [MD5.CB60C7455AC362CAA58458A613908B7F] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476056] [PID.2792] [MD5.53742B73F45ED13B63D8B824E2814FD7] - (.G Data Software AG - G Data Security Software G Data GDKBFltExe.) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltexe32.exe [868472] [PID.2840] [MD5.05470C684B62C2F86325D8685E4513CB] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104] [PID.3300] [MD5.581FCE01AD0E51FD99311D41ADCEF849] - (.Royal Philips Electronics Inc - Philips Media Management for your Media Dev.) -- C:\Program Files (x86)\Philips\Media Manager\Philips Media Manager.exe [136704] [PID.3712] [MD5.0B6307FB3D24EACBB86A51E285E1F384] - (.G Data Software AG - G Data Personal Firewall.) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792] [PID.3824] [MD5.4FBC630768570E6AC35C3DE8F6EC79F5] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6970168] [PID.684] [MD5.9D0197D5B3CF3D2B4A1764DC79CC50BE] - (.iolo technologies, LLC - iolo LiveBoost.) -- C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe [5386320] [PID.984] [MD5.339FEEA95BB5F1F0888B923A31BCF6FF] - (.Microsoft Corporation - Microsoft Excel.) -- C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.exe [20394656] [PID.8916] [MD5.0BDAE865738D27A4D84D50591C8C9D2D] - (.Google Inc. - Google Chrome.) -- C:\Users\Andre\AppData\Local\Google\Chrome\Application\chrome.exe [860488] [PID.2548] [MD5.5BD8CAB122AC3EFB05018A3304E61809] - (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [389744] [PID.2848] [MD5.0ACECFB7EDC2D31B24B5D62AD35A2453] - (.Orange - ma Livebox.) -- C:\Program Files (x86)\Orange\ma Livebox\dist\ST2.exe [17678144] [PID.5884] [MD5.397D14958D6C9C2B365469A857B2AC4E] - (.Google Inc. - Google Crash Handler.) -- C:\Users\Andre\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe [230792] [PID.1084] [MD5.DC77081841F1EBF04D82A863A9D0749A] - (.Microsoft Corporation - Microsoft Word.) -- C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.exe [1423008] [PID.5932] [MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8091648] [PID.9612] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé) G2 - GCE: Preference [user Data\Default] [elicpjhcidhpjomhibiffojpinpmmpil] Video Downloader professional v.1.97.43, (Activé) G2 - GCE: Preference [user Data\Default] [hniladkejehjfchadikcbjmgjaogciic] vGet Extension (Video Downloader, DLNA) v.0.1.9 (Activé) G2 - GCE: Preference [user Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé) G2 - GCE: Preference [user Data\Default] [mlenniinblnemaeneglhgicafiahoibg] Video downloader v.1.1 (Activé) G2 - GCE: Preference [user Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [user Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [user Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé) ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\48ex8yau.default\prefs.js M2 - MFEP: prefs.js [Andre - 48ex8yau.default\nl-NL@dictionaries.addons.mozilla.org] [] Woordenboek Nederlands v3.1.1 (..) M2 - MFEP: prefs.js [Andre - 48ex8yau.default\{0545b830-f0aa-4d7e-8820-50a4629a56fe}] [] ColorfulTabs v1.2.1.12788 (..) M2 - MFEP: Extension [Andre - 48ex8yau.default] {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} M2 - MFEP: Extension [Andre - 48ex8yau.default] {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d} M2 - MFEP: Extension [Andre - 48ex8yau.default] {4176DFF4-4698-11DE-BEEB-45DA55D89593} M2 - MFEP: Extension [Andre - 48ex8yau.default] {73a6fe31-595d-460b-a920-fcc0f8843232} M2 - MFEP: Extension [Andre - 48ex8yau.default] {9AA46F4F-4DC7-4c06-97AF-5035170634FE} M2 - MFEP: Extension [Andre - 48ex8yau.default] {a7c6cf7f-112c-4500-a7ea-39801a327e5f} M2 - MFEP: Extension [Andre - 48ex8yau.default] {c45c406e-ab73-11d8-be73-000a95be3b12} M2 - MFEP: Extension [Andre - 48ex8yau.default] {DDC359D1-844A-42a7-9AA1-88A850A938A8} ~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Program [Public]: Your Software Deals.lnk . (...) -- C:\ProgramData\Ashampoo\YourDeals.exe ~ Global Startup: 1 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll O4 - HKLM\..\Run: [shadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\WINDOWS\system32\nvspcap64.dll O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe O4 - HKLM\..\Run: [Ashampoo Uninstaller 5 Guard] . (...) -- C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5Guard.exe O4 - HKCU\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKCU\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Andre\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKCU\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Andre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe O4 - HKLM\..\Wow6432Node\Run: [GDFirewallTray] . (.G Data Software AG - G Data Personal Firewall.) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Wow6432Node\Run: [autopoll] . (.Pas de propriétaire - AutoPoll Application.) -- C:\Program Files (x86)\Autopoll Application\autopoll.exe O4 - HKLM\..\Wow6432Node\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe O4 - HKUS\S-1-5-21-255153628-3934656512-2554854218-1003\..\Run: [GoogleDriveSync] . (.Google - Google Drive.) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe O4 - HKUS\S-1-5-21-255153628-3934656512-2554854218-1003\..\Run: [spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Andre\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKUS\S-1-5-21-255153628-3934656512-2554854218-1003\..\Run: [Vidalia] . (...) -- C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe O4 - HKUS\S-1-5-21-255153628-3934656512-2554854218-1003\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe O4 - HKUS\S-1-5-21-255153628-3934656512-2554854218-1003\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\Andre\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: eBay.fr [64Bits] - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -- Clé orpheline =>Toolbar.eBay O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{A04CCCFE-AC16-4F6B-90A9-4A424694D442}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{A04CCCFE-AC16-4F6B-90A9-4A424694D442}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: G Data AntiVirus Proxy (AVKProxy) . (...) - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: Planificateur G Data (AVKService) . (...) - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe ~ Services: 21 Legitimates Filtered in 00mn 05s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: ("""autocheck autochk *""") - File not found O34 - HKLM BootExecute: (s) - File not found O34 - HKLM BootExecute: (s÷ °) - File not found O34 - HKLM BootExecute: (Repair registry errors) - File not found O34 - HKLM BootExecute: (s÷ ) - File not found O34 - HKLM BootExecute: ( øÐxøÐÀöÐÐøЫªªªâä@âdª¥ä@) - File not found ~ BEX: 6 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.16AFB34618E1286FF856DC600AC49C79] [APT] [DivX Update MAGIX PCCT] (...) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [MD5.00000000000000000000000000000000] [APT] [{03C950F6-9665-448D-82D8-420F93D89EDD}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{06DC3012-38AE-4396-BCC4-5E77DC782811}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4CB4C3EE-4DBD-413C-B650-FB15F8A26484}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6605D6B5-059B-4CF9-A76E-8AF2CBBAA0DB}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.240D8A3785627AD3322EB354805D5CFA] [APT] [{87E0BF90-09DF-47D2-B44F-7245AFF9DCAA}] (...) -- C:\Users\Andre\Downloads\Download\Web\wsx5_full_fr.exe [33741312] [MD5.00000000000000000000000000000000] [APT] [{89CADF5C-B04D-4EF1-9DC6-FA77FDCFE5B5}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{94585E52-4214-45D5-A9D8-34D826585C09}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{94FABB59-5B8D-44B0-890A-AA05F7DB062D}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.240D8A3785627AD3322EB354805D5CFA] [APT] [{9E80A9CB-F54F-4A10-9D87-285ABDD8EA7E}] (...) -- C:\Users\Andre\Downloads\Download\Web\wsx5_full_fr.exe [33741312] [MD5.00000000000000000000000000000000] [APT] [{9E9C01C2-41ED-44D8-87FC-43BC4AE35E50}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A3F8369D-8437-4A72-A41E-259F3311A128}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.240D8A3785627AD3322EB354805D5CFA] [APT] [{A77AA915-57D4-481B-A56B-744DF843F9E3}] (...) -- C:\Users\Andre\Downloads\Download\Web\wsx5_full_fr.exe [33741312] [MD5.00000000000000000000000000000000] [APT] [{A9164C87-2370-489B-8408-25EE2D33F758}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B18D3381-D523-4A4C-BD2A-55F120453466}] (...) -- G:\Driver\Setup.exe (.not file.) [0] [MD5.240D8A3785627AD3322EB354805D5CFA] [APT] [{C35D8D76-858D-441C-B5E5-ACEBCAF8B9E0}] (...) -- C:\Users\Andre\Downloads\Download\Web\wsx5_full_fr.exe [33741312] [MD5.00000000000000000000000000000000] [APT] [{C56DB0A8-6BFF-406E-A2F1-92BE5CA0BE47}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D39E37F3-052D-4A24-803B-F0283B265044}] (...) -- C:\Users\Andre\Downloads\wsx5_full_fr.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{FCCCFB39-F101-411D-82DA-64777F974C0D}] (...) -- E:\Toshiba\Setup.exe (.not file.) [0] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: DivX Update MAGIX PCCT - (...) -- C:\Windows\Tasks\DivX Update MAGIX PCCT.job [414] O39 - APT: DivX Update MAGIX PCCT - (...) -- C:\Windows\System32\Tasks\DivX Update MAGIX PCCT [414] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-255153628-3934656512-2554854218-1003Core [1052] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-255153628-3934656512-2554854218-1003UA [1104] ~ Scheduled Task: 37 Legitimates Filtered in 00mn 02s ---\\ Logiciels installés (O42) O42 - Logiciel: Free Tarot - (...) [HKLM][64Bits] -- Free Tarot O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {6CE6E035-DC98-4330-906B-20D92DE1629F} =>Adware.IMBooster O42 - Logiciel: Je me mets au bridge - (.Goto Games.) [HKLM][64Bits] -- Je me mets au bridge O42 - Logiciel: OnSpec Autopoll Application - (...) [HKLM][64Bits] -- Autopoll Application V1.01 O42 - Logiciel: OnSpec Regen - (...) [HKLM][64Bits] -- OnSpec Regen ~ Logic: 35 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Free Tarot] [HKCU\Software\VB6Dock] [HKLM\Software\Wow6432Node\CompuApps] [HKLM\Software\Wow6432Node\Live Aquarium HD] [HKLM\Software\Wow6432Node\OnSpec] ~ Key Software: 514 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 22/07/2014 - 22:57:48 - [] ----D C:\Program Files (x86)\Free Tarot O43 - CFD: 31/08/2012 - 23:02:08 - [] ----D C:\Program Files (x86)\ING O43 - CFD: 14/01/2014 - 13:06:33 - [] ----D C:\Program Files (x86)\Jeux O43 - CFD: 20/10/2012 - 18:33:03 - [] ----D C:\Program Files (x86)\OnSpec O43 - CFD: 19/01/2014 - 17:38:05 - [] ----D C:\Program Files (x86)\WebSite X5 v10 - Evolution O43 - CFD: 21/03/2013 - 12:38:49 - [] ----D C:\Program Files (x86)\WebSite X5 v9 - Evolution O43 - CFD: 17/07/2014 - 22:13:52 - [0] ----D C:\ProgramData\ioloGovernor O43 - CFD: 28/08/2012 - 13:11:57 - [] -SH-D C:\ProgramData\Επιφάνεια εργασίας O43 - CFD: 17/11/2012 - 10:46:21 - [] ----D C:\Users\Andre\AppData\Roaming\CrashLog O43 - CFD: 25/02/2014 - 21:31:18 - [] ----D C:\Users\Andre\AppData\Roaming\Hightail O43 - CFD: 04/12/2013 - 23:40:40 - [] ----D C:\Users\Andre\AppData\Roaming\ioloGovernor O43 - CFD: 20/10/2012 - 18:33:43 - [] ----D C:\Users\Andre\AppData\Roaming\Regen O43 - CFD: 25/02/2014 - 21:31:28 - [] ----D C:\Users\Andre\AppData\Local\Hightail O43 - CFD: 13/06/2013 - 23:11:29 - [0] -SH-D C:\Users\Andre\AppData\Local\ms-drivers O43 - CFD: 21/10/2013 - 14:57:03 - [] ----D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Tarot O43 - CFD: 07/02/2014 - 23:09:31 - [] ----D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup O43 - CFD: 11/11/2013 - 17:16:27 - [] ----D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Home'Bank O43 - CFD: 21/10/2013 - 14:57:03 - [] ----D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WaveEditor O43 - CFD: 19/02/2014 - 16:35:33 - [0] ----D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Will-Bridge s.a ~ 13 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 314 Legitimates Filtered in 00mn 00s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.710AC12D9E7D83DA171A3F4811B3B014] - 14/08/2014 - 09:15:19 ---A- . (...) -- C:\Windows\ntbtlog.txt [228558] O44 - LFC:[MD5.5DA7E6F8AFD55185AE6E1CC138189236] - 14/08/2014 - 09:57:26 ---A- . (...) -- C:\ntuser.dat [262144] O44 - LFC:[MD5.575CB39AD4DC2F4C92341F2D377DCAE0] - 14/08/2014 - 10:07:42 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [387391] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/08/2014 - 08:16:02 ---A- . (...) -- C:\Windows\System32\Drivers\lvuvc.hs [0] O44 - LFC:[MD5.84AA3611F9BE86CCAE216B2A2F6F1720] - 16/08/2014 - 09:35:22 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [17468] ~ Files: 215 Legitimates Filtered in 00mn 01s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{3fc59713-f101-11e1-8bfa-8c89a5ce0cf7}\AutoRun\command. (...) -- I:\OnSpcLCK.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Eraser [Key] . (...) -- C:\Program Files (x86)\Eraser\Eraser.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Regen [Key] . (.CompuApps Inc. - Regen.) -- C:\Program Files (x86)\OnSpec\All Users\Regen\regen.exe ~ SMSR Keys: 12 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows ® Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624] O58 - SDL:07/10/2009 - 00:45:50 ---A- . (...) -- C:\Windows\System32\Drivers\LVPr2M64.sys [30232] O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072] O58 - SDL:15/10/2005 - 11:08:22 ---A- . (...) -- C:\Windows\SysWOW64\drivers\RGFILERW.SYS [3984] ~ Drivers: 67 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: Ad-Remover By C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {16A37D5A-A662-4CE9-B5BD-0F5C7236A0EE} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.055DCB70C113E441EF80BAF94E4C57DE] [sPRF][30/07/2014] (...) -- C:\Users\Andre\Desktop\AdwCleaner-3.301.exe [1365525] ~ Files: 2 Legitimates Filtered in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "530E6EC689CD033409B6029DD21E26F9" . (.Iminent.) -- C:\WINDOWS\Installer\{6CE6E035-DC98-4330-906B-20D92DE1629F}\imbooster.ico =>Adware.IMBooster ~ Update Products: 1 Legitimates Filtered in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE} O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B} O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA} O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C} O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0} O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641} ~ MNS: 6 Legitimates Filtered in 00mn 00s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowserSafeguard_RASAPI32 =>PUP.BrowserSafeguard HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowserSafeguard_RASMANCS =>PUP.BrowserSafeguard ~ BTK: 60 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Disabled 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 14/08/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Disabled 24/08/2009 544768 | (DfSdkS) . (.mst software GmbH, Germany.) - C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe SS - | Disabled 28/08/2012 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Disabled 28/08/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 07/11/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 13/05/2014 285795 | (HOSTS Anti-PUPs) . (...) - C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe SS - | Disabled 03/02/2012 628448 | (Intel® Capability Licensing Service Interface) . (.Intel® Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SS - | Disabled 07/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe SS - | Disabled 07/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Disabled 07/10/2009 191000 | (LVPrcS64) . (.Logitech Inc..) - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe SS - | Auto 28/09/2011 25824 | (MemeoBackgroundService) . (.Memeo.) - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe SS - | Demand 24/07/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe SS - | Demand 08/09/2012 529744 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Auto 07/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Auto 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 27/05/2014 2250360 | (AVKProxy) . (...) - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe SR - | Auto 19/12/2013 914552 | (AVKService) . (...) - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe SR - | Auto 20/05/2014 2683760 | (AVKWCtl) . (.G Data Software AG.) - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe SR - | Auto 28/10/2013 2255064 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 26/11/2013 1970544 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe SR - | Auto 23/01/2012 1858048 | (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe SR - | Demand 26/04/2011 2702848 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe SR - | Demand 20/05/2014 3203392 | (GDFwSvc) . (.G Data Software AG.) - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe SR - | Demand 20/05/2014 700536 | (GDScan) . (.G Data Software AG.) - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe SR - | Auto 02/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 14/05/2013 140936 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe SR - | Auto 13/07/2014 4700872 | (ioloSystemService) . (.iolo technologies, LLC.) - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe SR - | Auto 12/05/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 12/05/2014 860472 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 14/11/2013 232192 | (NETGEARGenieDaemon) . (.NETGEAR.) - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe SR - | Auto 25/07/2014 1720608 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe SR - | Auto 25/07/2014 18956064 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe SR - | Auto 02/07/2014 935368 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe SR - | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SR - | Auto 02/07/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe ~ Services: Scanned in 00mn 06s ---\\ Scan Additionnel (O88) Database Version : 13026 - (13/08/2014) Clés trouvées (Keys found) : 5 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6CE6E035-DC98-4330-906B-20D92DE1629F}] =>Adware.IMBooster^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster ~ Additionnel Scan: 430073 Items scanned in 00mn 40s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51) ~ AMI: 4 Legitimates Filtered in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/pup-browsersafeguard =>PUP.BrowserSafeguard http://nicolascoolman.fr/pup-tarma =>PUP.Tarma ~ MSI: 3 link(s) detected in 00mn 00s ~ 1210 Legitimates filtered by white list End of the scan (537 lines in 01mn 28s)(0)

Bonjour, Depuis plusieurs semaines, mon PC se comporte bizarrement. Je ne sais pas si je suis victime d’un virus, si mon PC rame ou si je suis devenu un « pc zombie ». Mon PC, unMEDION MS-7728, tourne sous Windows 8.1 professionnel 64 bits. Il est équipé d’un processeur Intel Core i7 3.40GHz et de 6,00 Go Canal-Double DDR3 @ 663 MHz (9-9-9-24). J’utilise l’antivirus de GData et Malwarebyte Antimalware (version payante) ainsi que AdwCleaner sont installés sur le PC. J’ai également l’utilitaire "System Mechanic" de Iolo sur ma machine. Plusieurs symptômes se présentent : · Un jeu de carte avec lequel j’ai joué pendant des semaines ne fonctionne plus. Lorsque je l’ouvre, son icone figure dans la barre des tâches et lorsque je survole l’icône avec le pointeur de la souris la mini fenêtre apparaît mais lorsque je clique… rien sur mon écran. · Divers programmes dont, particulièrement, Thunderbird (messagerie de Mozilla) ne fonctionnent plus pendant plusieurs minutes et affichent « ne répond pas ». · En ce qui concerne Thunderbird, je dois parfois, pas toujours, désactiver la protection « email » de GData pour pouvoir récupérer mes messages. Je les ai interrogés à ce sujet, mais je n’ai jamais reçu de réponse. Les mails mettent de 5 à 10 secondes avant de s’ouvrir et idem pour la suppression ou la mise en spam. · J’utilise Google Chrome et régulièrement tous mes réglages disparaissent et réapparaissent quelques jours plus tard. · Je viens d’acquérir un système « Sonos » de musique via Wifi. Pour que cela fonctionne, il faut installer une application qui refuse de fonctionner sur mon PC. Quand j’ouvre le programme, immédiatement, Windows me signale une erreur et ferme l’application. Même en mode sans échec cela ne fonctionne pas. Pourtant j’ai installé cette même application sur un PC portable et elle y fonctionne correctement. J’ai été sur le site de Microsoft et essayé toutes les solutions qu’ils suggèrent mais rien n’y fait. · En dehors de tout cela, d’une manière générale, mon PC est devenu très lent, toutes les opération mettent plusieurs secondes avant de s'exécuter, ce qui n’était pas le cas il y a quelques mois. J’ai déjà été sur votre site et procédé, sans résultat, à diverses manipulations proposées en cas de PC lent. ​ ​Encore une chose, je possède un site internet et j'ai plusieurs adresses email liées à mon nom de domaine. Il y a plusieurs mois, mon hébergeur (OVH) m'a prévenu qu'ils avaient bloqué une de mes adresses email parce qu'elle était utilisée pour l'envoi d'un nombre important de messages. Ils m'ont conseillé de changer de mot de passe. Et depuis lors, ils ne m'ont plus recontacté. Quelqu’un pourrait-il m’aider et me dire de quel mal souffre ma machine ? D’avance merci pour le temps que vous voudrez me consacrer. André 46

Bonjour à tous, Je suis (encore) sous XP pro. J'ai un abonnement internet (particulier) chez Orange et je possède une Livebox Inventel qui date de 2007. Je précise que je ne partage aucun fichier sur mon PC. J'exploite des chambres d'hôtes et permets à ceux-ci d'utiliser ma connexion internet via wifi. Ceci depuis plusieurs années et sans incident, enfin , jusqu’à il y a peu. En effet, dans le courant du mois de septembre, j'ai reçu un mail de "Hadopi" me signalant que j'avais mis à disposition sur internet (pas précisé si c'était via une réseau Peer to Peer ) une œuvre musicale couverte par des droits d'auteurs. Je leur ai répondu et demandé quelques précisions sur cet évènement. Dans leur courrier postal, ils me précisent la date , l'heure et le titre du morceau qui a fait l'objet du délit. Après recoupements, il semblerait que cela fût le fait d'un des enfants des hôtes qui séjournaient chez moi à ce moment. Compte tenu de ma responsabilité, du nombre limité d'infractions permisses et de mon souhait de pouvoir continuer à proposer ce service à nos hôtes, je me suis mis en quête de solutions. A ce jour, je n'ai trouvé aucun programme qui permettrait d'effectuer cette surveillance et bloquerait toute tentative de téléchargement. L'un de vous pourrait-il m'éclairer ? Existe-t-il un ou des programmes fiables qui solutionneraient le problème ou faut-il se tourner vers une solution "matériel" telle un modem-routeur ? D'avance merci pour l'attention que vous voudrez bien m'accorder André 46

Bonjour Thanos, Alors là, c'est à ne rien y comprendre. Ce matin, plus de trafic. internet intempestif La seule explication possible : hier, Acrobat reader (Adobe), Flash Player (Adobe) et .Net (Microsoft) ont proposé des mises à jour pour ces applications. J'ai fait ces updates car j'avais lu sur internet que plusieurs failles critiques avaient été découvertes dans ces programmes. Et ce matin, oups, plus de problème Cela dit, ce qui m'étonne, c'est que, compte tenu des infos sur internet, j'avais déjà désinstaller (puis réinstaller), sans résultat, Acrobat Reader pour vérifier si ce trafic internet cessait. J'en déduit, peut être un peu rapidement, que j'ai été victime d'une de ces failles et que durant un certain temps un hacker a pu se servir de mon ordinateur (zombie) pour envoyer des spam et au pire a pu subtiliser certaines de mes informations. Qu'en penses-tu ? Bien cordialement et encore merci pour ton intervention. André46

Bonjour Thanos, Je n'ai pas de nouvelle de Bitdefender. Par contre sur leur forum, je constate que plusieurs utilisateurs rencontrent des problèmes similaires, mais Bitdefender incrimine toujours des applications comme les "scan en ligne" de différents développeurs d'antivirus. Ce que je n'ai pas fait(ou pas pu faire). Ci-dessous, les deux fichiers d'un dernier Rsit. Merci pour ta patience André46 Logfile of random's system information tool 1.08 (written by random/random) Run by andre schroeven at 2010-10-06 14:56:47 Microsoft Windows XP Professional Service Pack 3 System drive C: has 66 GB (81%) free of 82 GB Total RAM: 1022 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:56:55, on 06/10/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\CmUCReye.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\andre schroeven\Desktop\RSIT.exe C:\Program Files\trend micro\andre schroeven.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283427919218 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283428267890 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6924 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}] EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960] {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [2010-08-10 160320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-23 7282688] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "CmUCRRun"=C:\WINDOWS\system32\CmUCReye.exe [2006-07-12 237568] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe [2010-08-10 71216] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2010-10-03 1405072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] NvMCTray.dll,NvTaskbarInit [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] C:\WINDOWS\RTHDCPL.EXE [2005-08-18 14820864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck] C:\WINDOWS\system32\dumprep 0 -u [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk] C:\PROGRA~1\SEC\MAGICT~1.6_C\GAMMAT~1.EXE [2004-07-03 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk] C:\PROGRA~1\SEC\MAGICT~1.6_C\MAGICT~2.EXE [2004-12-30 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NaturalColorLoad.lnk] C:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk] C:\DOCUME~1\ANDRES~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [2010-09-02 135680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Philips Media Manager.lnk] C:\PROGRA~1\Philips\MEDIAM~1\PHILIP~1.EXE [2006-07-14 136704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=323 "NoDriveAutoRun"=67108863 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 "NoDriveAutoRun"=67108863 "NoDriveTypeAutoRun"=323 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-10-06 12:43:23 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Canneverbe Limited 2010-10-06 12:43:23 ----D---- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited 2010-10-06 12:42:58 ----A---- C:\WINDOWS\system32\drivers\StarOpen.sys 2010-10-06 12:42:56 ----D---- C:\Program Files\CDBurnerXP 2010-10-06 12:23:26 ----D---- C:\WINDOWS\assembly 2010-10-06 12:21:43 ----D---- C:\WINDOWS\Microsoft.NET 2010-10-03 22:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$ 2010-09-17 14:33:02 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Avanquest 2010-09-17 14:31:17 ----D---- C:\Documents and Settings\All Users\Application Data\Avanquest 2010-09-17 14:31:16 ----D---- C:\Documents and Settings\All Users\Application Data\BVRP Software 2010-09-17 14:29:09 ----D---- C:\Program Files\Avanquest 2010-09-17 14:27:16 ----D---- C:\Documents and Settings\andre schroeven\Application Data\InstallShield 2010-09-17 09:15:07 ----D---- C:\Program Files\CurrPort 2010-09-16 23:11:42 ----A---- C:\RootRepeal report 09-16-10 (23-11-42).txt 2010-09-16 23:04:53 ----D---- C:\RootRepeal 2010-09-15 16:53:23 ----D---- C:\Program Files\TCP view 2010-09-15 15:08:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$ 2010-09-15 15:07:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$ 2010-09-15 15:07:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$ 2010-09-15 15:06:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$ 2010-09-15 15:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$ 2010-09-15 15:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$ 2010-09-15 15:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$ 2010-09-15 12:22:39 ----SHD---- C:\RECYCLER 2010-09-15 11:22:48 ----D---- C:\Program Files\ma-config.com 2010-09-15 11:22:47 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com 2010-09-15 11:09:29 ----A---- C:\ComboFix.txt 2010-09-15 10:51:07 ----A---- C:\Boot.bak 2010-09-15 10:51:01 ----RASHD---- C:\cmdcons 2010-09-15 10:48:47 ----A---- C:\WINDOWS\zip.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\SWXCACLS.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\SWSC.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\SWREG.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\sed.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\PEV.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\NIRCMD.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\MBR.exe 2010-09-15 10:48:47 ----A---- C:\WINDOWS\grep.exe 2010-09-15 10:48:20 ----D---- C:\WINDOWS\ERDNT 2010-09-15 10:44:44 ----D---- C:\Qoobox 2010-09-14 12:20:08 ----D---- C:\rsit 2010-09-13 23:54:48 ----D---- C:\Program Files\Common Files\Adobe 2010-09-13 23:54:48 ----D---- C:\Program Files\Adobe 2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml112.tmp 2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml111.tmp 2010-09-13 12:14:58 ----A---- C:\Documents and Settings\All Users\Application Data\xml110.tmp 2010-09-13 12:14:48 ----A---- C:\Documents and Settings\All Users\Application Data\xml10F.tmp 2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAudio2_7.dll 2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll 2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\xactengine3_7.dll 2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll 2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dx11_43.dll 2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll 2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\D3DX9_43.dll 2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\d3dx10_43.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-09-13 12:09:54 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-09-13 12:09:53 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-09-13 12:09:51 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-09-13 12:09:49 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2010-09-13 12:09:40 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2010-09-13 12:09:37 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2010-09-13 12:09:32 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2010-09-13 12:09:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2010-09-13 12:09:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2010-09-13 12:09:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2010-09-13 12:09:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2010-09-13 12:09:17 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2010-09-13 12:09:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2010-09-13 12:09:15 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-09-13 12:08:55 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2010-09-13 12:08:53 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2010-09-13 12:03:26 ----D---- C:\WINDOWS\Logs 2010-09-13 12:02:45 ----D---- C:\Program Files\SiSoftware 2010-09-13 11:53:42 ----D---- C:\Program Files\LSI SoftModem 2010-09-13 11:06:13 ----D---- C:\WINDOWS\system32\appmgmt 2010-09-12 13:52:00 ----D---- C:\WINDOWS\Sun 2010-09-12 13:51:53 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-09-12 13:51:51 ----D---- C:\Program Files\Common Files\Java 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaws.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaw.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\java.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-09-12 13:51:07 ----D---- C:\Program Files\Java 2010-09-12 13:46:54 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Sun 2010-09-12 13:39:45 ----A---- C:\TDSSKiller.2.4.2.1_12.09.2010_13.39.45_log.txt 2010-09-12 13:16:02 ----D---- C:\Program Files\CCleaner 2010-09-12 12:37:58 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Hulubulu 2010-09-12 12:37:54 ----D---- C:\Program Files\Advanced Renamer 2010-09-12 10:09:33 ----D---- C:\Program Files\Common Files\Borland Shared 2010-09-12 10:09:33 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL 2010-09-12 10:09:11 ----D---- C:\Program Files\ZebHelpProcess 2010-09-12 10:00:04 ----D---- C:\Program Files\ZHPDiag 2010-09-12 09:50:52 ----D---- C:\Program Files\Trend Micro 2010-09-11 13:15:31 ----A---- C:\WINDOWS\ntbtlog.txt 2010-09-11 01:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2010-09-11 01:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$ 2010-09-11 01:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$ 2010-09-11 01:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-09-11 00:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-09-11 00:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$ 2010-09-11 00:59:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$ 2010-09-11 00:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$ 2010-09-11 00:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$ 2010-09-11 00:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2010-09-11 00:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-09-11 00:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-09-11 00:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2010-09-11 00:49:11 ----D---- C:\WINDOWS\Prefetch 2010-09-11 00:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-09-11 00:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-09-11 00:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-09-11 00:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-09-11 00:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-09-11 00:43:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-09-11 00:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-09-11 00:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-09-11 00:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-09-11 00:42:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-09-11 00:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-09-11 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-09-11 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-09-11 00:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-09-11 00:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-09-11 00:40:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-09-11 00:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-09-11 00:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-09-11 00:39:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-09-11 00:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-09-11 00:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-09-11 00:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-09-11 00:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-09-11 00:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-09-11 00:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-09-11 00:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-09-11 00:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-09-11 00:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-09-11 00:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-09-11 00:35:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-09-11 00:35:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-09-11 00:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-09-11 00:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-09-11 00:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-09-11 00:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-09-11 00:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-09-11 00:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-09-11 00:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-09-11 00:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-09-11 00:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-09-11 00:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-09-11 00:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-09-11 00:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-09-11 00:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-09-11 00:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-09-11 00:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-09-11 00:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-09-11 00:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-09-11 00:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-09-11 00:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-09-11 00:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-09-11 00:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-09-11 00:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-09-11 00:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-09-11 00:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-09-11 00:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-09-11 00:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-09-11 00:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-09-11 00:10:27 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-09-09 12:12:42 ----D---- C:\Get-Rapports-2009 2010-09-07 12:54:11 ----D---- C:\Program Files\Common Files\i4j_jres 2010-09-07 12:53:57 ----D---- C:\Program Files\Philips 2010-09-07 10:56:54 ----HD---- C:\WINDOWS\PIF ======List of files/folders modified in the last 1 months====== 2010-10-06 13:56:20 ----D---- C:\WINDOWS\Temp 2010-10-06 13:52:38 ----A---- C:\WINDOWS\bdagent.INI 2010-10-06 13:52:34 ----D---- C:\WINDOWS\system32 2010-10-06 12:42:58 ----D---- C:\WINDOWS\system32\drivers 2010-10-06 12:42:56 ----RD---- C:\Program Files 2010-10-06 12:30:55 ----SHD---- C:\WINDOWS\Installer 2010-10-06 12:30:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-10-06 12:30:02 ----D---- C:\WINDOWS\WinSxS 2010-10-06 12:23:26 ----D---- C:\WINDOWS 2010-10-06 12:22:51 ----D---- C:\WINDOWS\system32\en-us 2010-10-06 12:21:54 ----D---- C:\Program Files\Microsoft.NET 2010-10-06 12:21:47 ----D---- C:\WINDOWS\system32\mui 2010-10-06 08:52:36 ----D---- C:\WINDOWS\system32\CatRoot2 2010-10-05 22:40:00 ----A---- C:\bdlog.txt 2010-10-05 22:39:59 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-10-03 22:28:24 ----D---- C:\Program Files\Microsoft Silverlight 2010-10-03 22:00:37 ----HD---- C:\WINDOWS\inf 2010-09-18 07:42:06 ----D---- C:\Program Files\Mozilla Firefox 2010-09-17 23:50:02 ----D---- C:\Program Files\Mozilla Thunderbird 2010-09-17 14:29:05 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-17 08:59:41 ----RASH---- C:\boot.ini 2010-09-17 08:59:41 ----A---- C:\WINDOWS\win.ini 2010-09-17 08:59:41 ----A---- C:\WINDOWS\system.ini 2010-09-15 15:08:19 ----A---- C:\WINDOWS\imsins.BAK 2010-09-15 15:07:57 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-15 15:07:39 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-15 15:02:38 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-15 11:04:43 ----D---- C:\WINDOWS\system32\drivers\etc 2010-09-15 11:02:54 ----D---- C:\WINDOWS\system32\config 2010-09-15 11:00:58 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-15 10:55:23 ----D---- C:\WINDOWS\AppPatch 2010-09-15 10:55:20 ----D---- C:\Program Files\Common Files 2010-09-13 23:55:16 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-09-13 12:10:02 ----D---- C:\WINDOWS\system32\DirectX 2010-09-13 12:08:36 ----HD---- C:\WINDOWS\msdownld.tmp 2010-09-13 11:45:59 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-09-12 09:50:52 ----SD---- C:\Documents and Settings\andre schroeven\Application Data\Microsoft 2010-09-11 19:26:47 ----SHD---- C:\System Volume Information 2010-09-11 19:26:47 ----D---- C:\WINDOWS\system32\Restore 2010-09-11 13:37:10 ----D---- C:\Documents and Settings 2010-09-11 01:01:03 ----D---- C:\WINDOWS\system32\CatRoot 2010-09-11 00:58:56 ----D---- C:\Program Files\Internet Explorer 2010-09-11 00:58:48 ----D---- C:\WINDOWS\ie8updates 2010-09-11 00:57:35 ----D---- C:\Program Files\Movie Maker 2010-09-11 00:50:16 ----A---- C:\WINDOWS\OEWABLog.txt 2010-09-11 00:49:16 ----A---- C:\WINDOWS\setuplog.txt 2010-09-11 00:48:32 ----D---- C:\WINDOWS\system32\Setup 2010-09-11 00:48:31 ----D---- C:\WINDOWS\system32\wbem 2010-09-11 00:48:30 ----RSD---- C:\WINDOWS\Fonts 2010-09-11 00:42:59 ----D---- C:\Program Files\Outlook Express 2010-09-11 00:31:39 ----D---- C:\WINDOWS\security 2010-09-11 00:26:42 ----D---- C:\Program Files\Messenger 2010-09-11 00:21:12 ----D---- C:\Program Files\Windows Media Player 2010-09-11 00:20:48 ----D---- C:\WINDOWS\system32\inetsrv 2010-09-11 00:20:48 ----D---- C:\WINDOWS\network diagnostic 2010-09-11 00:20:48 ----D---- C:\WINDOWS\ime 2010-09-11 00:20:48 ----D---- C:\WINDOWS\Help 2010-09-11 00:20:35 ----D---- C:\WINDOWS\system32\usmt 2010-09-11 00:20:34 ----D---- C:\WINDOWS\system32\scripting 2010-09-11 00:20:33 ----D---- C:\WINDOWS\l2schemas 2010-09-11 00:20:32 ----D---- C:\WINDOWS\system32\en 2010-09-11 00:20:32 ----D---- C:\WINDOWS\system32\bits 2010-09-11 00:20:32 ----D---- C:\WINDOWS\peernet 2010-09-11 00:17:19 ----D---- C:\WINDOWS\system32\npp 2010-09-11 00:17:17 ----D---- C:\WINDOWS\msagent 2010-09-11 00:17:16 ----D---- C:\WINDOWS\srchasst 2010-09-11 00:17:15 ----D---- C:\Program Files\NetMeeting 2010-09-11 00:17:14 ----D---- C:\WINDOWS\system32\Com 2010-09-11 00:17:10 ----D---- C:\Program Files\Windows NT 2010-09-11 00:17:07 ----D---- C:\Program Files\Common Files\System 2010-09-11 00:16:45 ----D---- C:\WINDOWS\system32\oobe 2010-09-11 00:16:43 ----D---- C:\WINDOWS\system 2010-09-11 00:13:45 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-09-11 00:04:58 ----D---- C:\WINDOWS\EHome 2010-09-10 15:49:38 ----D---- C:\WINDOWS\pss 2010-09-07 14:23:27 ----D---- C:\Program Files\Malwarebytes' Anti-Malware ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2010-07-09 327368] R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696] R1 Bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [] R1 BdRawPr;BdRawPr; C:\WINDOWS\system32\DRIVERS\bdrawpr.sys [2010-05-13 12960] R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352] R2 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2010-09-14 253072] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 BDFM;BDFM; C:\WINDOWS\system32\DRIVERS\bdfm.sys [2010-04-22 149520] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [] R3 bdselfpr;bdselfpr; \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys [] R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\WINDOWS\system32\DRIVERS\cmiucr.SYS [2007-01-05 93056] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-08-19 3856896] R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-23 3524640] R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S3 catchme;catchme; \??\C:\andre46\catchme.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [] S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2004-10-11 12062] S3 RT2500USB;RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-01-07 147328] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [] S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168] S4 avc3;avc3; C:\WINDOWS\system32\drivers\avc3.sys [2010-06-28 633424] S4 avckf;avckf; C:\WINDOWS\system32\drivers\avckf.sys [2010-06-28 970320] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-12 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-23 131139] R2 Updatesrv;BitDefender Desktop Update Service; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2010-08-10 42400] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2010-10-03 1886576] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2010-09-12 251248] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [2009-08-10 93848] S3 Update Server;BitDefender Update Server v2; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-07-23 307544] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-09-14 12:21:57 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Advanced Renamer-->"C:\Program Files\Advanced Renamer\unins000.exe" ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c BitDefender Internet Security 2011-->C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setup.exe /repair BitDefender Internet Security 2011-->MsiExec.exe /I{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE} Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5662C158-CA24-4228-BF6C-596FADA08682} /l1036 Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7B847C9D-6758-45E6-B598-3BD8F43EAE9E} Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A70D14C6-FF2C-4B8E-A643-7E74EC607614} Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E73534D5-CC93-4C63-9072-5A9734255C74} Canon EOS Kiss_N REBEL_XT 350D Pilote WIA -->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4} Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A} Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini Canon MP600 User Registration-->C:\Program Files\Canon\IJEREG\MP600\UNINST.EXE Canon MP600-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600 /L0x0009 Canon PhotoRecord-->MsiExec.exe /X{862983D7-FA08-493E-A9ED-6B7859E069D3} Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED} Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA} Canon Utilities Digital Photo Professional 1.6.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{789CF5F1-3326-4B7B-9D01-31047E0F5651} Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini Canon Utilities EOS Capture 1.3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{16480125-0428-4097-9A2A-74464004D169} Canon Utilities File Viewer Utility 1.2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF0DD8B7-471C-463B-A298-6066C2FABAF5} Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA} Canon Utilities RemoteCapture 2.7-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0} Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application C-Media Card Reader Driver USB2.0-->C:\WINDOWS\system32\CmUCRRm.exe DECAdry Express Business Cards 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{95398D6D-E2A6-45BC-A9B2-C8C1D9D00E6E} /l1036 Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} LSI PCI-SV92PP Soft Modem-->C:\WINDOWS\agrsmdel MagicTune3.6_Client_pivot-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x40c Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E3040C-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MozBackup 1.4.10-->C:\Program Files\MozBackup\Uninstall.exe Mozilla Firefox (3.6.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.1.3)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Natural Color-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}\setup.exe" NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Philips Media Manager 3.3.12.0004-->C:\Program Files\Philips\Media Manager\uninstall.exe Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{C1E693A4-B1D5-4DCD-B68D-2087835B7184} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Services Off-line de Home'Bank-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ING\Off-line\Uninst.isu" SiSoftware Sandra Lite 2010.SP2-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\unins000.exe" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ZebHelpProcess 2.34-->"C:\Program Files\ZebHelpProcess\unins000.exe" ZHPDiag 1.25-->"C:\Program Files\ZHPDiag\unins000.exe" ======Security center information====== AV: BitDefender Antivirus FW: BitDefender Pare-feu ======System event log====== Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070002: Windows XP Service Pack 3 (KB936929). Record Number: 479 Source Name: Windows Update Agent Time Written: 20100902190646.000000+120 Event Type: error User: Computer Name: LOUSTALOU Event Code: 4374 Message: Windows XP Service Pack 3 installation failed, leaving Windows XP partially updated. Service Pack 3 installation did not complete. Record Number: 478 Source Name: NtServicePack Time Written: 20100902183816.000000+120 Event Type: error User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 4373 Message: Windows XP Service Pack 3 installation failed. The system cannot find the file specified. Record Number: 469 Source Name: NtServicePack Time Written: 20100902182906.000000+120 Event Type: error User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP. Record Number: 447 Source Name: Windows Update Agent Time Written: 20100902174425.000000+120 Event Type: error User: Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. Record Number: 382 Source Name: Windows Update Agent Time Written: 20100902172342.000000+120 Event Type: error User: =====Application event log===== Computer Name: LOUSTALOU Event Code: 5603 Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality. Record Number: 36 Source Name: WinMgmt Time Written: 20100902152353.000000+120 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: LOUSTALOU Event Code: 63 Message: A provider, WMIProv, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Record Number: 25 Source Name: WinMgmt Time Written: 20100902150211.000000+120 Event Type: warning User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 63 Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Record Number: 24 Source Name: WinMgmt Time Written: 20100902150211.000000+120 Event Type: warning User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 4354 Message: The COM+ Event System failed to fire the ConnectionMade method on subscription {745D67FE-6F17-4DD5-BDFF-BF0BE202A767}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001. Record Number: 23 Source Name: EventSystem Time Written: 20100902134909.000000+120 Event Type: warning User: Computer Name: LOUSTALOU Event Code: 4354 Message: The COM+ Event System failed to fire the StartShell method on subscription {A5978620-5B3F-F1D1-8ED2-00FA0035B753}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001. Record Number: 19 Source Name: EventSystem Time Written: 20100902134125.000000+120 Event Type: warning User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0404 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "SAN_DIR"=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2 -----------------EOF-----------------

Bonjour Thanos, Me voilà revenu ! Je suis allé sur le site de "Virus Total" et j'ai exécuté les manipulations que tu m'avais indiquées. Résultats : Pas moyen d'ouvrir le fichier "c:\windows\pchealth\errorrep\userdumps\winlogon.exe", le nom n'est pas correct. Cela dit, dans le répertoire "c:\windows\pchealth\errorrep\userdumps", il existe plusieurs fichiers "winlogon.exe" qui portent respectivement une extension supplémentaire "20100916-85226-00.hdmp","20100916-85226-00.mdmp", "20100916-140250-00.hdmp" et "20100916-140250-00.mdmp". Voici les rapports d'analyse de ces divers fichiers : File name: winlogon.exe.20100916-085226-00.hdmp Submission date: 2010-10-04 10:49:28 (UTC) Current status: queued queued analysing finished Result: 0/ 43 (0.0%) File name: winlogon.exe.20100916-085226-00.mdmp Submission date: 2010-10-04 10:52:37 (UTC) Current status: queued (#7) queued analysing finished Result: 0/ 43 (0.0%) winlogon.exe.20100916-140250-00.hdmp Submission date: 2010-10-04 10:57:30 (UTC) Current status: queued (#9) queued (#9) analysing finished Result: 0/ 43 (0.0%) File name: winlogon.exe.20100916-140250-00.mdmp Submission date: 2010-10-04 11:56:29 (UTC) Current status: queued (#9) queued (#9) analysing finished Result: 0/ 43 (0.0%) En ce qui concerne le fichier "c:\documents and settings\All Users\Application Data\xml111.tmp", je ne reçois pas de réponse après l'envoi du fichier. Ce fichier ne contient d'ailleurs aucun byte Par contre, dans le même répertoire, il existe plusieurs fichiers "xml*" dont "xml10f.tmp" (le seul qui contienne des bytes) et dont voici le rapport : File name: xml10F.tmp Submission date: 2010-10-04 09:30:01 (UTC) Current status: queued (#9) queued (#1) analysing finished Result: 0/ 43 (0.0%) Le seul fichier indiqué pour lequel j'ai obtenu un résultat (après avoir fait "reanalyse") c'est le fichier "c:\windows\system32\drivers\_003646_.tmp.dll" dont le rapport suit File name: _003646_.tmp.dll Submission date: 2010-10-04 08:51:14 (UTC) Current status: queued queued (#3) analysing finished Result: 0/ 43 (0.0%) Apparemment, les analyses ne révèlent rien d'inquiétant. Mais peut être ne m'y suis-je pas pris correctement. Ces rapports sont-ils suffisants ? bien cordialement André46

Bonjour Thanos, Merci de réagir aussi rapidement. Je sais que je ne suis pas le seul à exposer mes problèmes et que vous (les spécialistes) n'avez pas que cela à faire. Actuellement, je suis en Belgique pour quelques jours. Je rentre le 03/10. Dès mon retour, je lance la manoeuvre et te tiens au courant du suivi. Enore mille merci André46

Bonjour, M'a-t-on oublié ou le problème est-il sans solution ? Il ne me reste donc plus qu'à réinstaller XP Merci à Thanos pour le temps qu'il m'a consacré André 46

Bonjour Thanos, J'ai contrôlé le trafic internet avec deux utilitaires : CurrPort et Tcpview. Avec CurrPort je n'ai rien remarqué de spécial, mais vu mes maigres connaissances... Par contre avec TCPview, j'ai vu apparaître une ligne contenant des informations qui m'intriguent: Dans la colone "remote address" : 243.138.167.89 packetexchange.net "remote port" : http Je ne vois pas ce que cela peut être. Quand j'ai fais les scan avec GEMR, il n'y avait plus de trafic. J'ai fais un rapport avec "CurrPort". Il s'agit d'un fichier "Firefox document" qui disparaît lorsque je ferme l'utilitaire. Y a-t-il un moyen de te le transmettre. D'autre part, j'ai fait une mise à jour de Bitdefender 2010 vers 2011. Lors de l'installation, on me demandait si je souhaitait un échange d'information avec d'autres utilisateurs. J'ai choisi l'option "non". Ce peut-il que cet échange ait quand même lieu ? Je vais essayer de m'informer auprès du helpdesk. Au pire des cas, je réinstallerai ma version 2010. Si tu as encore une solution dans ton trésor, n'hésite pas. Encore un grand merci pour le temps que tu me consacres André Ce message a été modifié par André 46 - Aujourd'hui, 13:29 .

Rebonsoir Thanos, Voilà qui est fait j'ai lancé RootRepeal comme convenu et je t'en joins le rapport. Cela a été bien plus rapide qu'avec GMER. J'espère que tu trouveras quelque chose. Faute de quoi, je pense qu'il ne me restera plus qu'à réinstaller XP. Je te remercie encore André ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2010/09/16 23:08 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xF3476000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xF7B24000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB92A6000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\Program Files\BitDefender\BitDefender 2011\installer\versions.id.3F794C456F23AECFB94AC4D3950580CE.upd Status: Visible to the Windows API, but not on disk. Path: c:\windows\pchealth\errorrep\userdumps\winlogon.exe.20100916-140250-00.hdmp Status: Allocation size mismatch (API: 14024704, Raw: 327680) Path: c:\documents and settings\andre schroeven\local settings\application data\mozilla\firefox\profiles\403cwarl.default\cache\_cache_003_ Status: Allocation size mismatch (API: 6094848, Raw: 5963776) SSDT ------------------- #: 017 Function Name: NtAllocateVirtualMemory Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6bce #: 019 Function Name: NtAssignProcessToJobObject Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6f4c #: 031 Function Name: NtConnectPort Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c82a2 #: 037 Function Name: NtCreateFile Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c796a #: 041 Function Name: NtCreateKey Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c8738 #: 047 Function Name: NtCreateProcess Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c7096 #: 048 Function Name: NtCreateProcessEx Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c7118 #: 050 Function Name: NtCreateSection Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c774a #: 053 Function Name: NtCreateThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c67d0 #: 066 Function Name: NtDeviceIoControlFile Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c8838 #: 068 Function Name: NtDuplicateObject Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3cb7b2 #: 084 Function Name: NtFsControlFile Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c8a5e #: 097 Function Name: NtLoadDriver Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c9582 #: 116 Function Name: NtOpenFile Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c785a #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3cb504 #: 125 Function Name: NtOpenSection Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c7646 #: 128 Function Name: NtOpenThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3cb632 #: 137 Function Name: NtProtectVirtualMemory Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6acc #: 180 Function Name: NtQueueApcThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6fee #: 193 Function Name: NtReplaceKey Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c90e4 #: 199 Function Name: NtRequestPort Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c8332 #: 200 Function Name: NtRequestWaitReplyPort Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c80c0 #: 204 Function Name: NtRestoreKey Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c9154 #: 210 Function Name: NtSecureConnectPort Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c84e6 #: 213 Function Name: NtSetContextThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c68c0 #: 237 Function Name: NtSetSecurityObject Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c9074 #: 240 Function Name: NtSetSystemInformation Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6cd2 #: 253 Function Name: NtSuspendProcess Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6a2e #: 254 Function Name: NtSuspendThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6990 #: 255 Function Name: NtSystemDebugControl Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6e96 #: 257 Function Name: NtTerminateProcess Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3cb474 #: 258 Function Name: NtTerminateThread Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3cb8c0 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c66ce Shadow SSDT ------------------- #: 307 Function Name: NtUserAttachThreadInput Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c635e #: 322 Function Name: NtUserCallNoParam Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c64f2 #: 323 Function Name: NtUserCallOneParam Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6480 #: 347 Function Name: NtUserDdeSetQualityOfService Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c62f2 #: 383 Function Name: NtUserGetAsyncKeyState Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c62b2 #: 414 Function Name: NtUserGetKeyboardState Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6174 #: 416 Function Name: NtUserGetKeyState Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c6130 #: 460 Function Name: NtUserMessageCall Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5ea6 #: 475 Function Name: NtUserPostMessage Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5d30 #: 476 Function Name: NtUserPostThreadMessage Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5d84 #: 491 Function Name: NtUserRegisterRawInputDevices Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5f04 #: 502 Function Name: NtUserSendInput Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5cf6 #: 549 Function Name: NtUserSetWindowsHookEx Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c5686 #: 552 Function Name: NtUserSetWinEventHook Status: Hooked by "C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys" at address 0xba3c59b8 ==EOF==

Bonsoir Thanos, Après moultes essai, je suis parvenus à faire un scan avec GMET, en désactivant les options que tu m'as indiquées. Je t'en joins le rapport. Cela dit, en désactivant ces options, le contenu du rapport est bien moins important. de plus, après le scan et le choix de "save", il faut sauver le rapport dans le répertoire proposé par défaut soit "My Documents". Si on tente de choisir un autre répertoire, le système se plante. De plus, après le scan, il est impossible de faire quoi que ce soit avec le pc, il se plante à chaque fois. J'ai lu ton message précédent. Je vais faire les manipulations que tu m'as proposées et je te tiens au courant. Encore mille mercis André GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-09-16 20:42:14 Windows 5.1.2600 Service Pack 3 Running: jds7gqrd.exe; Driver: C:\DOCUME~1\ANDRES~1\LOCALS~1\Temp\fwtdipoc.sys ---- System - GMER 1.0.15 ---- SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwAllocateVirtualMemory [0xBA3C6BCE] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwAssignProcessToJobObject [0xBA3C6F4C] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwConnectPort [0xBA3C82A2] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateFile [0xBA3C796A] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateKey [0xBA3C8738] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateProcess [0xBA3C7096] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateProcessEx [0xBA3C7118] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateSection [0xBA3C774A] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwCreateThread [0xBA3C67D0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwDeviceIoControlFile [0xBA3C8838] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwDuplicateObject [0xBA3CB7B2] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwFsControlFile [0xBA3C8A5E] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwLoadDriver [0xBA3C9582] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenFile [0xBA3C785A] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenProcess [0xBA3CB504] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenSection [0xBA3C7646] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwOpenThread [0xBA3CB632] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwProtectVirtualMemory [0xBA3C6ACC] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwQueueApcThread [0xBA3C6FEE] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwReplaceKey [0xBA3C90E4] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwRequestPort [0xBA3C8332] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwRequestWaitReplyPort [0xBA3C80C0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwRestoreKey [0xBA3C9154] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSecureConnectPort [0xBA3C84E6] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSetContextThread [0xBA3C68C0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSetSecurityObject [0xBA3C9074] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSetSystemInformation [0xBA3C6CD2] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSuspendProcess [0xBA3C6A2E] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSuspendThread [0xBA3C6990] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwSystemDebugControl [0xBA3C6E96] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwTerminateProcess [0xBA3CB474] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwTerminateThread [0xBA3CB8C0] SSDT \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender) ZwWriteVirtualMemory [0xBA3C66CE] ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC) AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC) AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC) AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----

OK, j'y vais de ce pas

Bonjour Thanos, Tu imagines bien, je n'utilise pas de logiciel P2P. Pour ce qui est du scan avec GMER Rootkit Scanner, un peu de patience... J'ai déjà dû le relancer plusieurs fois. - à la fin du scan le pc se bloque, pas moyen de sauver le rapport. - durant le scan, j'ai des messages d'erreur du type "Drwtsn32.exe this application failed to initialise properly (ox0000005) click on OK to terminate the application". Je clique OK et le scan se pousuit et soudain le pc s'arrête et se relance. - j'ai eu d'autres messages d'erreur où il fallait cliquer sur OK pour poursuivre le programme ou sur Cancel pour le débogger. - un scan dure plus de 3 heures. J'ai désactivé Bitdefender avant de scanner Je vais recommencer en annulant l'économiseur d'écran. Je te reviens dès que j'ai pu réaliser un scan correct André

Hello Thanos, Effectivement, j'ai installé un petit réseau avec le PC de mon épouse qui tourne sous Mandriva Linux. Mais cela ne date pas d'hier et, avant de réinstaller XP, je n'avais pas ce problème de trafic internet permanent. Merci pour le temps que tu me consacres André

Bonjour Thanos, Voilà, j'ai donc exécuté Combofix et je te joins le rapport. Cela dit, j'ai toujours du trafic internet ComboFix 10-09-14.01 - andre schroeven 15/09/2010 10:52:28.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.647 [GMT 2:00] Running from: c:\documents and settings\andre schroeven\Desktop\andre46.exe AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FW: BitDefender Pare-feu *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Downloaded Program Files\ODCTOOLS c:\windows\system32\_003609_.tmp.dll c:\windows\system32\_003610_.tmp.dll c:\windows\system32\_003611_.tmp.dll c:\windows\system32\_003612_.tmp.dll c:\windows\system32\_003619_.tmp.dll c:\windows\system32\_003620_.tmp.dll c:\windows\system32\_003621_.tmp.dll c:\windows\system32\_003623_.tmp.dll c:\windows\system32\_003624_.tmp.dll c:\windows\system32\_003627_.tmp.dll c:\windows\system32\_003628_.tmp.dll c:\windows\system32\_003630_.tmp.dll c:\windows\system32\_003631_.tmp.dll c:\windows\system32\_003632_.tmp.dll c:\windows\system32\_003634_.tmp.dll c:\windows\system32\_003637_.tmp.dll c:\windows\system32\_003638_.tmp.dll c:\windows\system32\_003642_.tmp.dll c:\windows\system32\_003643_.tmp.dll c:\windows\system32\_003645_.tmp.dll c:\windows\system32\_003648_.tmp.dll c:\windows\system32\_003650_.tmp.dll c:\windows\system32\_003651_.tmp.dll c:\windows\system32\_003652_.tmp.dll c:\windows\system32\_003653_.tmp.dll c:\windows\system32\_003654_.tmp.dll c:\windows\system32\_003655_.tmp.dll c:\windows\system32\_003656_.tmp.dll c:\windows\system32\_003657_.tmp.dll c:\windows\system32\_003658_.tmp.dll c:\windows\system32\_003659_.tmp.dll c:\windows\system32\_003660_.tmp.dll c:\windows\system32\_003661_.tmp.dll c:\windows\system32\_003662_.tmp.dll c:\windows\system32\_003665_.tmp.dll c:\windows\system32\_003666_.tmp.dll c:\windows\system32\_003667_.tmp.dll c:\windows\system32\_003668_.tmp.dll c:\windows\system32\_003669_.tmp.dll c:\windows\system32\_003670_.tmp.dll c:\windows\system32\_003671_.tmp.dll c:\windows\system32\_003672_.tmp.dll c:\windows\system32\_003673_.tmp.dll c:\windows\system32\_003674_.tmp.dll c:\windows\system32\_003676_.tmp.dll c:\windows\system32\_003677_.tmp.dll c:\windows\system32\_003680_.tmp.dll c:\windows\system32\_003681_.tmp.dll c:\windows\system32\_003683_.tmp.dll c:\windows\system32\_003684_.tmp.dll c:\windows\system32\_003685_.tmp.dll c:\windows\system32\_003687_.tmp.dll c:\windows\system32\_003688_.tmp.dll c:\windows\system32\_003690_.tmp.dll c:\windows\system32\_003691_.tmp.dll c:\windows\system32\_003692_.tmp.dll c:\windows\system32\_003693_.tmp.dll c:\windows\system32\_003694_.tmp.dll c:\windows\system32\_003695_.tmp.dll c:\windows\system32\_003696_.tmp.dll c:\windows\system32\_003698_.tmp.dll c:\windows\system32\_003699_.tmp.dll c:\windows\system32\_003700_.tmp.dll c:\windows\system32\_003701_.tmp.dll c:\windows\system32\_003703_.tmp.dll c:\windows\system32\_003704_.tmp.dll c:\windows\system32\_003705_.tmp.dll c:\windows\system32\_003706_.tmp.dll c:\windows\system32\_003708_.tmp.dll c:\windows\system32\_003709_.tmp.dll c:\windows\system32\_003710_.tmp.dll c:\windows\system32\_003711_.tmp.dll c:\windows\system32\_003712_.tmp.dll c:\windows\system32\_003713_.tmp.dll c:\windows\system32\_003714_.tmp.dll c:\windows\system32\_003716_.tmp.dll c:\windows\system32\_003717_.tmp.dll c:\windows\system32\_003718_.tmp.dll c:\windows\system32\_003719_.tmp.dll c:\windows\system32\_003720_.tmp.dll c:\windows\system32\_003721_.tmp.dll c:\windows\system32\_003723_.tmp.dll c:\windows\system32\_003726_.tmp.dll c:\windows\system32\_003727_.tmp.dll c:\windows\system32\_003731_.tmp.dll c:\windows\system32\_003732_.tmp.dll c:\windows\system32\_003734_.tmp.dll c:\windows\system32\_003737_.tmp.dll c:\windows\system32\_003739_.tmp.dll c:\windows\system32\_003740_.tmp.dll c:\windows\system32\_003741_.tmp.dll c:\windows\system32\_003742_.tmp.dll c:\windows\system32\_003745_.tmp.dll c:\windows\system32\_003746_.tmp.dll c:\windows\system32\_003747_.tmp.dll c:\windows\system32\_003748_.tmp.dll c:\windows\system32\_003749_.tmp.dll c:\windows\system32\_003754_.tmp.dll c:\windows\system32\_003756_.tmp.dll c:\windows\system32\_005930_.tmp.dll c:\windows\system32\_005931_.tmp.dll c:\windows\system32\_005932_.tmp.dll c:\windows\system32\_005933_.tmp.dll c:\windows\system32\_005940_.tmp.dll c:\windows\system32\_005941_.tmp.dll c:\windows\system32\_005942_.tmp.dll c:\windows\system32\_005943_.tmp.dll c:\windows\system32\_005945_.tmp.dll c:\windows\system32\_005946_.tmp.dll c:\windows\system32\_005949_.tmp.dll c:\windows\system32\_005950_.tmp.dll c:\windows\system32\_005953_.tmp.dll c:\windows\system32\_005954_.tmp.dll c:\windows\system32\_005956_.tmp.dll c:\windows\system32\_005959_.tmp.dll c:\windows\system32\_005960_.tmp.dll c:\windows\system32\_005965_.tmp.dll c:\windows\system32\_005967_.tmp.dll c:\windows\system32\_005970_.tmp.dll c:\windows\system32\_005972_.tmp.dll c:\windows\system32\_005973_.tmp.dll c:\windows\system32\_005974_.tmp.dll c:\windows\system32\_005975_.tmp.dll c:\windows\system32\_005976_.tmp.dll c:\windows\system32\_005979_.tmp.dll c:\windows\system32\_005980_.tmp.dll c:\windows\system32\_005981_.tmp.dll c:\windows\system32\_005982_.tmp.dll c:\windows\system32\_005983_.tmp.dll c:\windows\system32\_005988_.tmp.dll c:\windows\system32\_005990_.tmp.dll c:\windows\system32\SET170.tmp c:\windows\system32\SET1C5.tmp c:\windows\system32\SET1DD.tmp c:\windows\system32\SET35A.tmp c:\windows\system32\SET3E5.tmp c:\windows\system32\SET4C3.tmp c:\windows\system32\SET63C.tmp . ((((((((((((((((((((((((( Files Created from 2010-08-15 to 2010-09-15 ))))))))))))))))))))))))))))))) . 2010-09-14 10:20 . 2010-09-14 10:21 -------- d-----w- C:\rsit 2010-09-13 21:54 . 2010-09-13 21:55 -------- d-----w- c:\program files\Common Files\Adobe 2010-09-13 10:08 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll 2010-09-13 10:03 . 2010-09-13 10:03 -------- d-----w- c:\windows\Logs 2010-09-13 10:02 . 2010-09-13 10:02 -------- d-----w- c:\program files\SiSoftware 2010-09-13 09:53 . 2010-09-13 09:53 -------- d-----w- c:\program files\LSI SoftModem 2010-09-12 11:52 . 2010-09-12 11:52 -------- d-----w- c:\windows\Sun 2010-09-12 11:51 . 2010-09-12 11:51 503808 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\msvcp71.dll 2010-09-12 11:51 . 2010-09-12 11:51 12800 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-313fb5d1-n\decora-d3d.dll 2010-09-12 11:51 . 2010-09-12 11:51 61440 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-313fb5d1-n\decora-sse.dll 2010-09-12 11:51 . 2010-09-12 11:51 499712 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\jmc.dll 2010-09-12 11:51 . 2010-09-12 11:51 348160 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\msvcr71.dll 2010-09-12 11:51 . 2010-09-12 11:51 -------- d-----w- c:\program files\Common Files\Java 2010-09-12 11:51 . 2010-09-12 11:51 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-12 11:51 . 2010-09-12 11:51 -------- d-----w- c:\program files\Java 2010-09-12 11:16 . 2010-09-12 11:18 -------- d-----w- c:\program files\CCleaner 2010-09-12 10:37 . 2010-09-12 10:37 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Hulubulu 2010-09-12 10:37 . 2010-09-12 10:37 -------- d-----w- c:\program files\Advanced Renamer 2010-09-12 08:09 . 2010-09-12 08:09 -------- d-----w- c:\program files\Common Files\Borland Shared 2010-09-12 08:09 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL 2010-09-12 08:09 . 2010-09-12 10:04 -------- d-----w- c:\program files\ZebHelpProcess 2010-09-12 08:00 . 2010-09-12 09:42 -------- d-----w- c:\program files\ZHPDiag 2010-09-12 07:50 . 2010-09-14 10:20 -------- d-----w- c:\program files\Trend Micro 2010-09-12 07:50 . 2010-09-12 07:50 388096 ----a-r- c:\documents and settings\andre schroeven\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-09-11 15:08 . 2010-09-11 15:08 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2010-09-11 11:38 . 2010-09-11 11:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\QuickScan 2010-09-09 10:12 . 2010-09-09 10:20 -------- d-----w- c:\documents and settings\andre schroeven\Bureau 2010-09-09 10:12 . 2010-09-09 10:20 -------- d-----w- C:\Get-Rapports-2009 2010-09-07 14:49 . 2010-09-07 14:49 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan 2010-09-07 10:55 . 2010-09-07 10:55 -------- d-----w- c:\documents and settings\andre schroeven\.Philips 2010-09-07 10:54 . 2010-09-07 10:54 -------- d-----w- c:\program files\Common Files\i4j_jres 2010-09-07 10:53 . 2010-09-07 10:53 -------- d-----w- c:\program files\Philips 2010-09-07 08:56 . 2010-09-07 08:56 -------- d--h--w- c:\windows\PIF 2010-09-06 15:02 . 2010-09-06 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch 2010-09-06 07:19 . 2010-09-06 07:19 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Malwarebytes 2010-09-06 07:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-09-06 07:18 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-09-06 07:18 . 2010-09-06 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-09-06 07:18 . 2010-09-07 12:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-09-05 20:37 . 2010-09-05 20:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan 2010-09-05 20:31 . 2010-09-05 20:31 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\BitDefender 2010-09-05 20:21 . 2010-09-05 20:21 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\QuickScan 2010-09-05 20:11 . 2010-07-09 13:08 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys 2010-09-05 19:46 . 2010-09-14 12:05 253072 ----a-w- c:\windows\system32\drivers\trufos.sys 2010-09-05 19:46 . 2010-05-13 15:02 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys 2010-09-05 13:57 . 2010-09-05 13:57 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Canon 2010-09-05 13:02 . 2010-09-05 13:02 -------- d-----w- c:\documents and settings\andre schroeven\WINDOWS 2010-09-04 22:19 . 2010-09-05 06:10 -------- d-----w- c:\windows\system32\Lang 2010-09-04 22:18 . 2008-04-13 18:45 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2010-09-04 22:18 . 2008-04-13 19:17 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys 2010-09-04 22:18 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys 2010-09-04 22:17 . 2008-04-13 18:45 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys 2010-09-04 22:17 . 2008-04-13 16:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys 2010-09-04 22:17 . 2008-04-13 18:45 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys 2010-09-04 22:17 . 2008-04-13 18:45 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2010-09-04 22:17 . 2008-04-13 19:15 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys 2010-09-04 22:11 . 2005-08-18 22:35 3856896 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys 2010-09-04 22:11 . 2005-08-15 22:34 9703424 ----a-w- c:\windows\RTLCPL.EXE 2010-09-04 22:11 . 2005-07-15 23:48 40960 ----a-w- c:\windows\system32\ChCfg.exe 2010-09-04 22:11 . 2010-09-04 22:11 -------- d-----w- c:\program files\Realtek 2010-09-04 22:10 . 2005-04-17 05:20 487424 ----a-w- c:\windows\RtlExUpd.dll 2010-09-04 21:50 . 2010-09-13 21:52 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Adobe 2010-09-04 17:52 . 1998-11-13 11:16 308224 ----a-w- c:\windows\IsUn040c.exe 2010-09-04 11:50 . 2009-10-20 16:20 265728 ----a-w- c:\windows\system32\drivers\http.sys 2010-09-04 11:48 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys 2010-09-04 11:40 . 2008-04-13 19:19 51328 ----a-w- c:\windows\system32\drivers\rasl2tp.sys 2010-09-03 22:03 . 2010-09-03 22:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2 2010-09-03 21:49 . 2010-09-03 21:49 -------- d-----w- c:\program files\MSXML 4.0 2010-09-03 21:47 . 2001-02-06 13:29 65536 ----a-w- c:\windows\system32\Gif89.dll 2010-09-03 21:46 . 2004-10-01 16:37 36864 ----a-w- c:\windows\system32\nvapi9x.dll 2010-09-03 21:46 . 2004-09-28 16:05 40960 ----a-w- c:\windows\system32\nvgpio.dll 2010-09-03 21:46 . 2004-10-11 12:08 12062 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys 2010-09-03 21:45 . 2010-09-03 21:47 -------- d-----w- c:\program files\SEC 2010-09-03 21:19 . 2010-09-03 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2010-09-03 21:16 . 2010-09-03 21:22 -------- d-----w- c:\windows\nview 2010-09-03 21:16 . 2005-09-22 22:21 180224 ----a-w- c:\windows\system32\nvudisp.exe 2010-09-03 21:15 . 2005-09-22 14:38 180224 ----a-w- c:\windows\system32\NVUNINST.EXE 2010-09-03 14:09 . 2010-09-03 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Alfac 2010-09-03 14:09 . 2010-09-03 14:09 -------- d-----w- c:\program files\DECAdry 2010-09-03 13:57 . 2010-06-20 02:21 214016 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calbscmp.dll 2010-09-03 13:25 . 2010-05-25 14:43 10320 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\vlaamsechambresdhotes.com 2010-09-03 13:25 . 2010-02-24 17:12 2533221 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\petitfute.com 2010-09-03 13:25 . 2010-02-07 17:59 12022 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\logeerbijbelgen.com 2010-09-03 13:24 . 2010-09-04 09:01 197661 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\france-voyages.com 2010-09-03 13:24 . 2010-08-29 20:58 25308 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\bestchambresdhotes.com 2010-09-03 13:24 . 2010-06-28 07:55 8235 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\chambresdhotesfrance.com 2010-09-03 13:24 . 2010-04-26 14:15 50680 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\charmelogies.com 2010-09-03 11:10 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-09-03 10:58 . 2010-09-08 17:20 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Thunderbird 2010-09-03 10:58 . 2010-09-03 10:58 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Thunderbird 2010-09-03 10:40 . 2010-09-03 10:40 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Scansoft 2010-09-03 10:16 . 2004-08-04 06:00 71040 ------w- c:\windows\system32\drivers\_003646_.tmp.dll 2010-09-03 07:18 . 2010-09-03 07:18 -------- d-sh--w- c:\documents and settings\andre schroeven\PrivacIE 2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield 2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\ScanSoft 2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft 2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2010-09-03 07:15 . 2010-09-03 07:15 -------- d-----w- c:\program files\ScanSoft 2010-09-03 07:14 . 2010-09-05 14:18 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-09-03 07:14 . 2010-09-03 07:14 -------- d-----w- c:\program files\ArcSoft 2010-09-03 07:14 . 1995-07-31 11:44 212480 ----a-w- c:\windows\PCDLIB32.DLL 2010-09-03 07:14 . 2010-09-03 21:15 -------- d-----w- c:\program files\Common Files\InstallShield 2010-09-03 07:12 . 2003-09-18 12:32 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-09-03 07:12 . 2003-09-18 12:32 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-09-03 07:12 . 2003-09-18 12:32 1060864 ----a-w- c:\windows\system32\MFC71.dll 2010-09-03 07:12 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2010-09-03 07:11 . 2010-09-03 07:11 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ 2010-09-03 07:11 . 2006-09-12 20:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP87.DLL 2010-09-03 07:11 . 2006-09-12 20:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD87.DLL 2010-09-03 07:11 . 2006-09-12 20:00 197632 ----a-w- c:\windows\system32\CNMLM87.DLL 2010-09-03 07:11 . 2010-09-03 07:11 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information 2010-09-03 07:10 . 2006-06-29 05:29 106496 ----a-w- c:\windows\system32\cnco600.dll 2010-09-03 07:10 . 2006-05-26 01:54 135168 ----a-w- c:\windows\system32\CNCL600.DLL 2010-09-03 07:10 . 2006-07-20 06:51 1298432 ----a-w- c:\windows\system32\CNCC600.DLL 2010-09-03 07:10 . 2006-07-20 06:51 57344 ----a-w- c:\windows\system32\CNCI600.DLL 2010-09-03 07:10 . 2010-09-03 07:10 -------- d--h--w- c:\program files\CanonBJ 2010-09-03 07:09 . 2010-09-05 14:19 -------- d-----w- c:\program files\Canon 2010-09-02 22:02 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll 2010-09-02 22:02 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll 2010-09-02 22:00 . 2010-09-02 22:00 -------- d-----w- c:\program files\Microsoft.NET 2010-09-02 21:58 . 2010-09-03 21:54 -------- d-----w- c:\program files\Microsoft Works 2010-09-02 21:57 . 2010-09-02 22:00 -------- d-----w- c:\windows\SHELLNEW 2010-09-02 21:53 . 2010-09-02 21:53 -------- d-----r- C:\MSOCache 2010-09-02 21:51 . 2010-09-02 21:51 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\MozBackup 2010-09-02 21:41 . 2010-09-13 22:02 -------- d-----w- c:\program files\Mozilla Thunderbird . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-13 10:14 . 2010-09-13 10:14 0 ----a-w- c:\documents and settings\All Users\Application Data\xml112.tmp 2010-09-13 10:14 . 2010-09-13 10:14 0 ----a-w- c:\documents and settings\All Users\Application Data\xml111.tmp 2010-09-13 10:14 . 2010-09-13 10:14 13420 ----a-w- c:\documents and settings\All Users\Application Data\xml110.tmp 2010-09-13 10:14 . 2010-09-13 10:14 10390 ----a-w- c:\documents and settings\All Users\Application Data\xml10F.tmp 2010-09-11 11:37 . 2010-09-11 11:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender 2010-09-10 22:24 . 2010-09-02 11:35 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat 2010-09-05 20:37 . 2010-09-05 19:46 511157 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin 2010-09-04 22:11 . 2010-09-04 22:11 294912 ----a-w- c:\windows\HideWin.exe 2010-09-04 17:53 . 2010-09-04 17:53 -------- d-----w- c:\program files\ING 2010-09-02 14:41 . 2010-09-02 14:41 0 ----a-w- c:\windows\nsreg.dat 2010-09-02 11:36 . 2010-09-02 11:36 -------- d-----w- c:\program files\microsoft frontpage 2010-09-02 11:33 . 2010-09-02 11:33 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-07-31 15:37 . 2010-09-02 14:50 3862016 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll 2010-07-28 18:52 . 2010-09-02 14:50 24576 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll 2010-07-23 15:22 . 2010-09-02 14:50 1496064 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll 2010-07-23 15:22 . 2010-09-02 14:50 338944 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2010-07-23 15:22 . 2010-09-02 14:50 43008 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2010-07-23 15:22 . 2010-09-02 14:50 346112 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe 2010-06-30 12:31 . 2010-09-04 11:41 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-28 10:55 . 2010-06-28 10:55 970320 ----a-w- c:\windows\system32\drivers\avckf.sys 2010-06-28 10:55 . 2010-06-28 10:55 633424 ----a-w- c:\windows\system32\drivers\avc3.sys 2010-06-25 01:37 . 2010-09-02 14:50 110592 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll 2010-06-24 12:22 . 2001-08-23 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-23 13:44 . 2010-09-04 11:41 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2010-09-04 11:40 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 14:11 . 2010-06-18 14:11 111696 ----a-w- c:\windows\system32\drivers\bdfndisf.sys 2010-06-17 14:03 . 2001-08-23 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-22 7282688] "NvMediaCenter"="NvMCTray.dll" [2005-09-22 86016] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2010-08-10 71216] "BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2010-09-09 1405072] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "CmUCRRun"="c:\windows\system32\CmUCReye.exe" [2006-07-12 237568] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Color Calibration.lnk backup=c:\windows\pss\Color Calibration.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\MagicTune3.6.lnk backup=c:\windows\pss\MagicTune3.6.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NaturalColorLoad.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NaturalColorLoad.lnk backup=c:\windows\pss\NaturalColorLoad.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk] path=c:\documents and settings\andre schroeven\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk backup=c:\windows\pss\Notification de cadeaux MSN.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Philips Media Manager.lnk] path=c:\documents and settings\andre schroeven\Start Menu\Programs\Startup\Philips Media Manager.lnk backup=c:\windows\pss\Philips Media Manager.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-06-09 08:06 976832 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2005-09-22 22:21 1519616 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2005-08-18 14:20 14820864 ----a-w- c:\windows\RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010.SP2\\RpcAgentSrv.exe"= "c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010.SP2\\WNt500x86\\RpcSandraSrv.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [05/09/2010 21:46 12960] R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [10/08/2010 13:59 42400] R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [22/04/2010 13:19 149520] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [18/06/2010 16:11 111696] R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver;c:\windows\system32\drivers\cmiucr.SYS [05/01/2007 17:21 93056] S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [13/09/2010 12:02 93848] S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [23/07/2010 09:51 307544] S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [28/06/2010 12:55 633424] S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [28/06/2010 12:55 970320] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.msn.com IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html FF - ProfilePath - c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/ FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q= FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-Bing Bar - c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe MSConfigStartUp-Microsoft Default Manager - c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe AddRemove-LSI Soft Modem - c:\windows\agrsmdel ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-09-15 11:05 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ôw*] "C0403E1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(1364) c:\windows\system32\WININET.dll c:\program files\BitDefender\BitDefender 2011\pchook32.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\LSI SoftModem\agrsmsvc.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe . ************************************************************************** . Completion time: 2010-09-15 11:09:27 - machine was rebooted ComboFix-quarantined-files.txt 2010-09-15 09:09 Pre-Run: 69 982 990 336 bytes free Post-Run: 70 594 330 624 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn - - End Of File - - A03E75C2AFF4DC4C4F0E458C86D32144

Bonjour Thanos, Tout d'abord, merci de te pencher sur mon cas. En ce qui concerne les rapports "Bitdefender", j'en ai plusieurs. Je te poste deux, celui qui contient le moins d'alerte (le dernier en date) et celui qui en contient le plus. Ceci dit, j'ai également fait des scan en mode "sans échec" en ayant désactiver l'option "System restore". Ce qui a permis de supprimer la plupart des alertes. Merci encore pour ton intervention. BitDefender - Fichier journal Ici, le dernier scan apparemment vierge de tout virus Produit : BitDefender Internet Security 2011 Tâche d'analyse : Analyse Complète Date du journal : dimanche 12 septembre 2010 00:48:48 Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\6f349eda-6759-4378-b3c9-9174905515f7\1284242608_1_01.xml Chemins d'analyse : Chemin : C:\ Chemin : D:\ [-]Résumé de l'analyse détaillé [-]Standard Objets analysés : 217884 Élément(s) infecté(s) : 0 (aucun élément infecté n'a été détecté) Élément(s) suspect(s) : 0 (aucun élément suspect n'a été détecté) Élément(s) résolu(s) : 0 (aucune menace n'a été détectée au cours de cette analyse) Élément(s) non résolu(s) : 0 (aucun problème n'est demeuré non résolu) [-]Avancé Temps d'analyse : 00: 45: 18 Fichiers par seconde : 80 Élément(s) ignoré(s) : 118869 Élément(s) avec mot de passe : 0 Élément(s) ultra-compressé(s) : 0 Archives analysées : 415 Erreurs I/O : 0 Secteurs de boot analysés : 6 Processus analysés : 7785 Processus infectés : 0 Clés de registre analysées : 13865 Clés de registre infectées : 0 Cookies analysés : 0 Cookies infectés : 0 [-]Options d'analyse [-]Type des menaces ciblées Détecter les virus : Oui Détecter les adwares : Oui Détecter les spywares : Oui Détecter les applications : Oui Détecter les dialers : Oui Détecter les rootkits : Non Recherche de keyloggers : Oui [-]Options d'analyse antivirus : Analyse des clés de registre : Oui Analyser les cookies : Oui Analyser les secteurs de boot : Oui Analyser les processus mémoire : Oui Analyser les archives : Oui Analyser les packers lors de leur exécution : Oui Analyser les e-mails : Oui Analyser tous les fichiers : Oui Analyse heuristique : Oui Extensions analysées : non configuré Extensions exclues : non configuré [-]Traitement de la cible : Première action par défaut pour les objets infectés : Désinfecter Seconde action par défaut pour les objets infectés : Tout déplacer en quarantaine Première action par défaut pour les objets suspects : Tout déplacer en quarantaine Seconde action par défaut pour les objets suspects : Aucune Action par défaut pour les objets camouflés : Aucune Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement [-]Résumé de l'analyse Signatures de virus : 6366697 Ici, le scan qui en contient le plus BitDefender - Fichier journal Produit : BitDefender Internet Security 2011 Tâche d'analyse : Analyse Approfondie Date du journal : lundi 6 septembre 2010 00:46:50 Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1283720217_1_03.xml Chemins d'analyse : Chemin : C:\ Chemin : D:\ [-]Synthèse des Résultats de l'Analyse [-]Problèmes non résolus :Chemin d'accès à l'objet Nom de la menace État final C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 73)=>[subject: Resume][Date: Thu, 19 Aug 2010 08:56:58 +0300]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s) C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 72)=>[subject: *** PROBABLY SPAM *** Resume][Date: Thu, 19 Aug 2010 07:59:38 +0800]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s) C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\PROI11N.MSI=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé) C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 43)=>[subject: *** PROBABLY SPAM *** Resume][Date: Wed, 18 Aug 2010 21:07:18 -0300]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s) C:\WINDOWS\Installer\1d9c8c.msi=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé) C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 44)=>[subject: *** PROBABLY SPAM *** Resume][Date: Thu, 19 Aug 2010 11:05:00 +0700]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s) C:\System Volume Information\_restore{E9D1ED56-503B-48FC-8DAA-D71EE92885E5}\RP22\A0019966.msi=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé) [+]Problèmes résolusChemin d'accès à l'objet Nom de la menace État final C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 52)=>[subject: *** PROBABLY SPAM *** Burress Wedding ][Date: Tue, 17 Aug 2010 20:25:57 +0300]=>(MIME part)=>BURRESS_WEDDING_AUGUST2010.zip=>BURRESS_WEDDING_AUGUST2010.exe Trojan.Agent.AQLJ Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@apmebf[1].txt Cookie.Apmebf Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@ie82010h2.solution.weborama[2].txt Cookie.Weborama Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@hitbox[2].txt Cookie.Hitbox Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 96)=>[subject: *** PROBABLY SPAM *** Scan from a Xero][Date: Wed, 4 Aug 2010 01:04:55 +0300]=>(MIME part)=>Xerox WorkCentreReader.zip=>Xerox WorkCentreReader.exe Trojan.Downloader.Small.ABKN Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 53)=>[subject: *** PROBABLY SPAM *** Garages][Date: Mon, 16 Aug 2010 11:57:17 +0900]=>(MIME part)=>flash.zip=>flash.exe Trojan.Generic.KD.26961 Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 94)=>[subject: Software QA Engineer - 3+ Experience][Date: Mon, 9 Aug 2010 11:05:29 +0300]=>(MIME part)=>Rahul_Bhoraskar.zip=>Rahul_Bhoraskar.exe Trojan.Bredolab.CM Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@statse.webtrendslive[2].txt Cookie.WebTrendsSt Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 112)=>[subject: *** PROBABLY SPAM *** Wing Ding 32 Pro][Date: Fri, 20 Aug 2010 06:35:12 +0100]=>(MIME part)=>Wing Ding 32 Official Program.zip=>Wing Ding 32 Official Program.exe Trojan.Generic.KD.27672 Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@msnportal.112.2o7[1].txt Cookie.2o7 Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 100)=>[subject: *** PROBABLY SPAM *** Account Alert!][Date: Wed, 21 Jul 2010 11:10:01 +0200]=>(MIME part)=>Upload Documents.zip=>Upload Documents.exe Trojan.Downloader.JNHZ Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@m.webtrends[2].txt Cookie.WebTrends Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 103)=>[subject: *** PROBABLY SPAM *** loustalou.com ac][Date: Thu, 29 Jul 2010 15:26:43 +0530]=>(MIME part)=>instructions.zip=>instructions.exe Trojan.Bredolab.CK Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@weborama[1].txt Cookie.Weborama Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@ehg-zoomerang.hitbox[1].txt Cookie.Hitbox Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 97)=>[subject: *** PROBABLY SPAM *** Scan from a Xero][Date: Wed, 4 Aug 2010 00:06:16 +0200]=>(MIME part)=>Xerox WorkCentreReader.zip=>Xerox WorkCentreReader.exe Trojan.Downloader.Small.ABKN Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 92)=>[subject: FDIC has officially named your bank fa][Date: Thu, 5 Aug 2010 13:02:50 +0530]=>(MIME part)=>transaction report.zip=>transaction report.exe Trojan.Peed.Gen Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@mediaplex[1].txt Cookie.Mediaplex Supprimé C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 54)=>[subject: *** PROBABLY SPAM *** Sales Dept][Date: Sun, 15 Aug 2010 13:08:52 +0530]=>(MIME part)=>ARICertificate-C4H736 + FVM4X48.zip=>ARICertificate-C4H736 + FVM4X48.exe Trojan.Generic.KD.26961 Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@adviva[2].txt Cookie.Adviva Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@xiti[1].txt Cookie.Xiti Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@boursoramabanque.solution.weborama[2].txt Cookie.Weborama Supprimé C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@doubleclick[1].txt Cookie.DoubleClick Supprimé [-]Résumé de l'analyse détaillé [-]Standard Objets analysés : 409504 Élément(s) infecté(s) : 30 Élément(s) suspect(s) : 0 (aucun élément suspect n'a été détecté) Élément(s) résolu(s) : 23 Élément(s) non résolu(s) : 7 [-]Avancé Temps d'analyse : 01: 49: 51 Fichiers par seconde : 62 Élément(s) ignoré(s) : 68584 Élément(s) avec mot de passe : 0 Élément(s) ultra-compressé(s) : 0 Archives analysées : 944 Erreurs I/O : 0 Secteurs de boot analysés : 6 Processus analysés : 7920 Processus infectés : 0 Clés de registre analysées : 13872 Clés de registre infectées : 0 Cookies analysés : 44 Cookies infectés : 13 [-]Options d'analyse [-]Type des menaces ciblées Détecter les virus : Oui Détecter les adwares : Oui Détecter les spywares : Oui Détecter les applications : Oui Détecter les dialers : Oui Détecter les rootkits : Oui Recherche de keyloggers : Oui [-]Options d'analyse antivirus : Analyse des clés de registre : Oui Analyser les cookies : Oui Analyser les secteurs de boot : Oui Analyser les processus mémoire : Oui Analyser les archives : Oui Analyser les packers lors de leur exécution : Oui Analyser les e-mails : Oui Analyser tous les fichiers : Oui Analyse heuristique : Oui Extensions analysées : non configuré Extensions exclues : non configuré [-]Traitement de la cible : Première action par défaut pour les objets infectés : Désinfecter Seconde action par défaut pour les objets infectés : Tout déplacer en quarantaine Première action par défaut pour les objets suspects : Tout déplacer en quarantaine Seconde action par défaut pour les objets suspects : Aucune Action par défaut pour les objets camouflés : Aucune Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement [-]Résumé de l'analyse Signatures de virus : 6321515 Ci-dessous, les deux fichiers RSI info.txt logfile of random's system information tool 1.08 2010-09-14 12:21:57 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001} Advanced Renamer-->"C:\Program Files\Advanced Renamer\unins000.exe" ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c BitDefender Internet Security 2011-->C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setup.exe /repair BitDefender Internet Security 2011-->MsiExec.exe /I{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE} Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5662C158-CA24-4228-BF6C-596FADA08682} /l1036 Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7B847C9D-6758-45E6-B598-3BD8F43EAE9E} Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A70D14C6-FF2C-4B8E-A643-7E74EC607614} Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E73534D5-CC93-4C63-9072-5A9734255C74} Canon EOS Kiss_N REBEL_XT 350D Pilote WIA -->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4} Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A} Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini Canon MP600 User Registration-->C:\Program Files\Canon\IJEREG\MP600\UNINST.EXE Canon MP600-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600 /L0x0009 Canon PhotoRecord-->MsiExec.exe /X{862983D7-FA08-493E-A9ED-6B7859E069D3} Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED} Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA} Canon Utilities Digital Photo Professional 1.6.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{789CF5F1-3326-4B7B-9D01-31047E0F5651} Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini Canon Utilities EOS Capture 1.3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{16480125-0428-4097-9A2A-74464004D169} Canon Utilities File Viewer Utility 1.2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF0DD8B7-471C-463B-A298-6066C2FABAF5} Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA} Canon Utilities RemoteCapture 2.7-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0} Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application C-Media Card Reader Driver USB2.0-->C:\WINDOWS\system32\CmUCRRm.exe DECAdry Express Business Cards 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{95398D6D-E2A6-45BC-A9B2-C8C1D9D00E6E} /l1036 Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} LSI PCI-SV92PP Soft Modem-->C:\WINDOWS\agrsmdel MagicTune3.6_Client_pivot-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x40c Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E3040C-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} MozBackup 1.4.10-->C:\Program Files\MozBackup\Uninstall.exe Mozilla Firefox (3.6.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (3.1.3)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Natural Color-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}\setup.exe" NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Philips Media Manager 3.3.12.0004-->C:\Program Files\Philips\Media Manager\uninstall.exe Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{C1E693A4-B1D5-4DCD-B68D-2087835B7184} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Services Off-line de Home'Bank-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ING\Off-line\Uninst.isu" SiSoftware Sandra Lite 2010.SP2-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\unins000.exe" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ZebHelpProcess 2.34-->"C:\Program Files\ZebHelpProcess\unins000.exe" ZHPDiag 1.25-->"C:\Program Files\ZHPDiag\unins000.exe" ======Security center information====== AV: BitDefender Antivirus FW: BitDefender Pare-feu ======System event log====== Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070002: Windows XP Service Pack 3 (KB936929). Record Number: 479 Source Name: Windows Update Agent Time Written: 20100902190646.000000+120 Event Type: error User: Computer Name: LOUSTALOU Event Code: 4374 Message: Windows XP Service Pack 3 installation failed, leaving Windows XP partially updated. Service Pack 3 installation did not complete. Record Number: 478 Source Name: NtServicePack Time Written: 20100902183816.000000+120 Event Type: error User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 4373 Message: Windows XP Service Pack 3 installation failed. The system cannot find the file specified. Record Number: 469 Source Name: NtServicePack Time Written: 20100902182906.000000+120 Event Type: error User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP. Record Number: 447 Source Name: Windows Update Agent Time Written: 20100902174425.000000+120 Event Type: error User: Computer Name: LOUSTALOU Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. Record Number: 382 Source Name: Windows Update Agent Time Written: 20100902172342.000000+120 Event Type: error User: =====Application event log===== Computer Name: LOUSTALOU Event Code: 5603 Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality. Record Number: 36 Source Name: WinMgmt Time Written: 20100902152353.000000+120 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: LOUSTALOU Event Code: 63 Message: A provider, WMIProv, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Record Number: 25 Source Name: WinMgmt Time Written: 20100902150211.000000+120 Event Type: warning User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 63 Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Record Number: 24 Source Name: WinMgmt Time Written: 20100902150211.000000+120 Event Type: warning User: LOUSTALOU\andre schroeven Computer Name: LOUSTALOU Event Code: 4354 Message: The COM+ Event System failed to fire the ConnectionMade method on subscription {745D67FE-6F17-4DD5-BDFF-BF0BE202A767}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001. Record Number: 23 Source Name: EventSystem Time Written: 20100902134909.000000+120 Event Type: warning User: Computer Name: LOUSTALOU Event Code: 4354 Message: The COM+ Event System failed to fire the StartShell method on subscription {A5978620-5B3F-F1D1-8ED2-00FA0035B753}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001. Record Number: 19 Source Name: EventSystem Time Written: 20100902134125.000000+120 Event Type: warning User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0404 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "SAN_DIR"=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2 -----------------EOF----------------- Logfile of random's system information tool 1.08 (written by random/random) Run by andre schroeven at 2010-09-14 12:20:08 Microsoft Windows XP Professional Service Pack 3 System drive C: has 67 GB (82%) free of 82 GB Total RAM: 1022 MB (35% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:20:52, on 14/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\CmUCReye.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\BitDefender\BitDefender 2011\downloader.exe D:\TOOLS\Download\Sécurité\RSIT.exe C:\Program Files\trend micro\andre schroeven.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283427919218 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283428267890 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 7375 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}] EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-12 79648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960] {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [2010-08-10 160320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-23 7282688] "NvMediaCenter"=NvMCTray.dll,NvTaskbarInit [] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632] "BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe [2010-08-10 71216] "BDAgent"=C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2010-09-09 1405072] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "CmUCRRun"=C:\WINDOWS\system32\CmUCReye.exe [2006-07-12 237568] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bing Bar] C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] C:\WINDOWS\RTHDCPL.EXE [2005-08-18 14820864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk] C:\PROGRA~1\SEC\MAGICT~1.6_C\GAMMAT~1.EXE [2004-07-03 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk] C:\PROGRA~1\SEC\MAGICT~1.6_C\MAGICT~2.EXE [2004-12-30 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NaturalColorLoad.lnk] C:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk] C:\DOCUME~1\ANDRES~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [2010-09-02 135680] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Philips Media Manager.lnk] C:\PROGRA~1\Philips\MEDIAM~1\PHILIP~1.EXE [2006-07-14 136704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "notification packages"= scecli scecli scecli scecli scecli [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service" "C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2010-09-14 12:20:08 ----D---- C:\rsit 2010-09-13 23:54:48 ----D---- C:\Program Files\Common Files\Adobe 2010-09-13 23:54:48 ----D---- C:\Program Files\Adobe 2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml112.tmp 2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml111.tmp 2010-09-13 12:14:58 ----A---- C:\Documents and Settings\All Users\Application Data\xml110.tmp 2010-09-13 12:14:48 ----A---- C:\Documents and Settings\All Users\Application Data\xml10F.tmp 2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAudio2_7.dll 2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll 2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\xactengine3_7.dll 2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll 2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dx11_43.dll 2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll 2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\D3DX9_43.dll 2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\d3dx10_43.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAudio2_6.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll 2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\xactengine3_6.dll 2010-09-13 12:09:54 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll 2010-09-13 12:09:53 ----A---- C:\WINDOWS\system32\XAudio2_5.dll 2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\xactengine3_5.dll 2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll 2010-09-13 12:09:51 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll 2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx11_42.dll 2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx10_42.dll 2010-09-13 12:09:49 ----A---- C:\WINDOWS\system32\D3DX9_42.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DX9_41.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\d3dx10_41.dll 2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll 2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAudio2_4.dll 2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll 2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\xactengine3_4.dll 2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll 2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\d3dx10_40.dll 2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAudio2_3.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll 2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\D3DX9_40.dll 2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\xactengine3_3.dll 2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\xactengine3_2.dll 2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2010-09-13 12:09:40 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAudio2_1.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll 2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\xactengine3_1.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\d3dx10_38.dll 2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll 2010-09-13 12:09:37 ----A---- C:\WINDOWS\system32\D3DX9_38.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\XAudio2_0.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\xactengine3_0.dll 2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll 2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\d3dx10_37.dll 2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll 2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\xactengine2_10.dll 2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\D3DX9_37.dll 2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\d3dx10_36.dll 2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll 2010-09-13 12:09:32 ----A---- C:\WINDOWS\system32\d3dx9_36.dll 2010-09-13 12:09:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx10_35.dll 2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll 2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll 2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll 2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll 2010-09-13 12:09:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll 2010-09-13 12:09:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll 2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\d3dx10_33.dll 2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll 2010-09-13 12:09:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll 2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll 2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_5.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll 2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll 2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\xactengine2_3.dll 2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll 2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xinput1_2.dll 2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xactengine2_2.dll 2010-09-13 12:09:17 ----A---- C:\WINDOWS\system32\xinput1_1.dll 2010-09-13 12:09:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll 2010-09-13 12:09:15 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\xactengine2_0.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll 2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\d3dx9_29.dll 2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll 2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-09-13 12:08:55 ----A---- C:\WINDOWS\system32\d3dx9_27.dll 2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_26.dll 2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_25.dll 2010-09-13 12:08:53 ----A---- C:\WINDOWS\system32\d3dx9_24.dll 2010-09-13 12:03:26 ----D---- C:\WINDOWS\Logs 2010-09-13 12:02:45 ----D---- C:\Program Files\SiSoftware 2010-09-13 11:53:42 ----D---- C:\Program Files\LSI SoftModem 2010-09-13 11:06:13 ----D---- C:\WINDOWS\system32\appmgmt 2010-09-12 13:52:00 ----D---- C:\WINDOWS\Sun 2010-09-12 13:51:53 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-09-12 13:51:51 ----D---- C:\Program Files\Common Files\Java 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaws.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaw.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\java.exe 2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-09-12 13:51:07 ----D---- C:\Program Files\Java 2010-09-12 13:46:54 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Sun 2010-09-12 13:39:45 ----A---- C:\TDSSKiller.2.4.2.1_12.09.2010_13.39.45_log.txt 2010-09-12 13:16:02 ----D---- C:\Program Files\CCleaner 2010-09-12 12:37:58 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Hulubulu 2010-09-12 12:37:54 ----D---- C:\Program Files\Advanced Renamer 2010-09-12 10:09:33 ----D---- C:\Program Files\Common Files\Borland Shared 2010-09-12 10:09:33 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL 2010-09-12 10:09:11 ----D---- C:\Program Files\ZebHelpProcess 2010-09-12 10:00:04 ----D---- C:\Program Files\ZHPDiag 2010-09-12 09:50:52 ----D---- C:\Program Files\Trend Micro 2010-09-11 13:15:31 ----A---- C:\WINDOWS\ntbtlog.txt 2010-09-11 01:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$ 2010-09-11 01:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$ 2010-09-11 01:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$ 2010-09-11 01:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-09-11 00:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-09-11 00:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$ 2010-09-11 00:59:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$ 2010-09-11 00:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$ 2010-09-11 00:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$ 2010-09-11 00:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2010-09-11 00:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$ 2010-09-11 00:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2010-09-11 00:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2010-09-11 00:49:11 ----D---- C:\WINDOWS\Prefetch 2010-09-11 00:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-09-11 00:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2010-09-11 00:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-09-11 00:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2010-09-11 00:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2010-09-11 00:43:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-09-11 00:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-09-11 00:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-09-11 00:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-09-11 00:42:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-09-11 00:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-09-11 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-09-11 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-09-11 00:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2010-09-11 00:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-09-11 00:40:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-09-11 00:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-09-11 00:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-09-11 00:39:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-09-11 00:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-09-11 00:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-09-11 00:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-09-11 00:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-09-11 00:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-09-11 00:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-09-11 00:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-09-11 00:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-09-11 00:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-09-11 00:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-09-11 00:35:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-09-11 00:35:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-09-11 00:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-09-11 00:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-09-11 00:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-09-11 00:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-09-11 00:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-09-11 00:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-09-11 00:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-09-11 00:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-09-11 00:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-09-11 00:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-09-11 00:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-09-11 00:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-09-11 00:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-09-11 00:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-09-11 00:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-09-11 00:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-09-11 00:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-09-11 00:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-09-11 00:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-09-11 00:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-09-11 00:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-09-11 00:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-09-11 00:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-09-11 00:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-09-11 00:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-09-11 00:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-09-11 00:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2010-09-11 00:10:27 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-09-09 12:12:42 ----D---- C:\Get-Rapports-2009 2010-09-07 12:54:11 ----D---- C:\Program Files\Common Files\i4j_jres 2010-09-07 12:53:57 ----D---- C:\Program Files\Philips 2010-09-07 10:56:54 ----HD---- C:\WINDOWS\PIF 2010-09-06 17:02:10 ----D---- C:\Documents and Settings\All Users\Application Data\bdch 2010-09-06 09:19:13 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Malwarebytes 2010-09-06 09:18:42 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2010-09-06 09:18:39 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2010-09-06 09:18:38 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-09-06 09:18:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-09-05 22:31:16 ----D---- C:\Documents and Settings\andre schroeven\Application Data\BitDefender 2010-09-05 22:21:22 ----D---- C:\Documents and Settings\andre schroeven\Application Data\QuickScan 2010-09-05 22:11:35 ----A---- C:\WINDOWS\system32\drivers\bdfsfltr.sys 2010-09-05 21:46:28 ----A---- C:\WINDOWS\system32\drivers\trufos.sys 2010-09-05 21:46:22 ----A---- C:\WINDOWS\system32\drivers\bdrawpr.sys 2010-09-05 15:57:34 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Canon 2010-09-05 15:34:27 ----N---- C:\WINDOWS\system32\spmsg.dll 2010-09-05 15:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2010-09-05 15:02:38 ----A---- C:\WINDOWS\OpPrintServer.INI 2010-09-05 00:19:40 ----D---- C:\WINDOWS\system32\Lang 2010-09-05 00:18:03 ----A---- C:\WINDOWS\system32\drivers\splitter.sys 2010-09-05 00:18:01 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys 2010-09-05 00:18:00 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys 2010-09-05 00:17:58 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys 2010-09-05 00:17:57 ----A---- C:\WINDOWS\system32\drivers\aec.sys 2010-09-05 00:17:55 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys 2010-09-05 00:17:53 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys 2010-09-05 00:17:49 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys 2010-09-05 00:17:46 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys 2010-09-05 00:17:42 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys 2010-09-05 00:17:39 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys 2010-09-05 00:17:08 ----A---- C:\WINDOWS\system32\ksuser.dll 2010-09-05 00:17:05 ----A---- C:\WINDOWS\system32\drivers\drmk.sys 2010-09-05 00:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2010-09-05 00:11:15 ----A---- C:\WINDOWS\HideWin.exe 2010-09-05 00:11:13 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2010-09-05 00:11:13 ----A---- C:\WINDOWS\RTHDCPL.EXE 2010-09-05 00:11:13 ----A---- C:\WINDOWS\MicCal.exe 2010-09-05 00:11:13 ----A---- C:\WINDOWS\ALCWZRD.EXE 2010-09-05 00:11:13 ----A---- C:\WINDOWS\ALCMTR.EXE 2010-09-05 00:11:12 ----D---- C:\WINDOWS\system32\RTCOM 2010-09-05 00:11:12 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys 2010-09-05 00:11:12 ----A---- C:\WINDOWS\system32\ChCfg.exe 2010-09-05 00:11:12 ----A---- C:\WINDOWS\RTLCPL.EXE 2010-09-05 00:11:03 ----D---- C:\Program Files\Realtek 2010-09-05 00:10:55 ----A---- C:\WINDOWS\RtlExUpd.dll 2010-09-05 00:09:31 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Macromedia 2010-09-04 23:45:14 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\vbar332.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\Vb5db.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msxbse35.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msrepl35.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msrd2x35.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\Msjint35.dll 2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msjet35.dll 2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\msjter35.dll 2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\Dzactx.dll 2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\Duzactx.dll 2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\actrpt.dll 2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Dzip32.dll 2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Dunzip32.dll 2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Adme.dll 2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Wint351.exe 2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Dtcutil.dll 2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Dtctrace.dll 2010-09-04 19:53:44 ----A---- C:\WINDOWS\system32\Dtccm.dll 2010-09-04 19:53:44 ----A---- C:\WINDOWS\system32\Axdist.exe 2010-09-04 19:53:11 ----D---- C:\Program Files\ING 2010-09-04 19:52:45 ----A---- C:\WINDOWS\IsUn040c.exe 2010-09-04 15:14:33 ----A---- C:\WINDOWS\system32\SET12BC.tmp 2010-09-04 15:14:29 ----A---- C:\WINDOWS\system32\SET12B6.tmp 2010-09-04 15:13:58 ----A---- C:\WINDOWS\system32\SET1290.tmp 2010-09-04 15:13:25 ----A---- C:\WINDOWS\system32\SET1267.tmp 2010-09-04 15:13:20 ----A---- C:\WINDOWS\system32\SET1261.tmp 2010-09-04 15:13:16 ----A---- C:\WINDOWS\system32\SET125C.tmp 2010-09-04 15:13:12 ----A---- C:\WINDOWS\system32\SET1257.tmp 2010-09-04 15:13:07 ----A---- C:\WINDOWS\system32\SET1252.tmp 2010-09-04 14:26:59 ----A---- C:\WINDOWS\fonts\SET6E0.tmp 2010-09-04 14:26:58 ----A---- C:\WINDOWS\fonts\SET6DF.tmp 2010-09-04 14:26:57 ----A---- C:\WINDOWS\fonts\SET6DE.tmp 2010-09-04 14:26:56 ----A---- C:\WINDOWS\fonts\SET6DD.tmp 2010-09-04 14:26:55 ----A---- C:\WINDOWS\fonts\SET6DC.tmp 2010-09-04 14:26:54 ----A---- C:\WINDOWS\fonts\SET6DB.tmp 2010-09-04 14:26:44 ----A---- C:\WINDOWS\SET6D1.tmp 2010-09-04 14:26:08 ----A---- C:\WINDOWS\system32\SET6AC.tmp 2010-09-04 14:26:06 ----A---- C:\WINDOWS\system32\SET6AA.tmp 2010-09-04 14:26:04 ----A---- C:\WINDOWS\system32\SET6A8.tmp 2010-09-04 14:26:01 ----A---- C:\WINDOWS\system32\SET6A4.tmp 2010-09-04 14:25:59 ----A---- C:\WINDOWS\system32\SET6A1.tmp 2010-09-04 14:25:51 ----A---- C:\WINDOWS\system32\SET698.tmp 2010-09-04 14:25:50 ----A---- C:\WINDOWS\system32\SET697.tmp 2010-09-04 14:25:46 ----A---- C:\WINDOWS\system32\SET693.tmp 2010-09-04 14:25:46 ----A---- C:\WINDOWS\system32\SET692.tmp 2010-09-04 14:25:42 ----A---- C:\WINDOWS\system32\SET68E.tmp 2010-09-04 14:25:42 ----A---- C:\WINDOWS\system32\SET68D.tmp 2010-09-04 14:25:40 ----A---- C:\WINDOWS\system32\SET68C.tmp 2010-09-04 14:25:35 ----A---- C:\WINDOWS\system32\SET686.tmp 2010-09-04 14:25:33 ----A---- C:\WINDOWS\system32\SET682.tmp 2010-09-04 14:25:30 ----A---- C:\WINDOWS\system32\SET67E.tmp 2010-09-04 14:25:27 ----A---- C:\WINDOWS\system32\SET678.tmp 2010-09-04 14:25:23 ----A---- C:\WINDOWS\system32\SET673.tmp 2010-09-04 14:25:18 ----A---- C:\WINDOWS\system32\SET668.tmp 2010-09-04 14:25:11 ----A---- C:\WINDOWS\system32\SET659.tmp 2010-09-04 14:25:10 ----A---- C:\WINDOWS\system32\SET658.tmp 2010-09-04 14:25:06 ----A---- C:\WINDOWS\system32\SET652.tmp 2010-09-04 14:25:04 ----A---- C:\WINDOWS\system32\SET64F.tmp 2010-09-04 14:25:01 ----A---- C:\WINDOWS\system32\SET64C.tmp 2010-09-04 14:25:01 ----A---- C:\WINDOWS\system32\SET64B.tmp 2010-09-04 14:24:59 ----A---- C:\WINDOWS\system32\SET649.tmp 2010-09-04 14:24:58 ----A---- C:\WINDOWS\system32\SET647.tmp 2010-09-04 14:24:56 ----A---- C:\WINDOWS\system32\SET645.tmp 2010-09-04 14:24:55 ----A---- C:\WINDOWS\system32\SET644.tmp 2010-09-04 14:24:54 ----A---- C:\WINDOWS\system32\SET643.tmp 2010-09-04 14:24:53 ----A---- C:\WINDOWS\system32\SET640.tmp 2010-09-04 14:24:52 ----A---- C:\WINDOWS\system32\SET63E.tmp 2010-09-04 14:24:51 ----A---- C:\WINDOWS\system32\SET63D.tmp 2010-09-04 14:24:50 ----A---- C:\WINDOWS\system32\SET63B.tmp 2010-09-04 14:24:43 ----A---- C:\WINDOWS\system32\SET627.tmp 2010-09-04 14:24:37 ----A---- C:\WINDOWS\system32\SET61E.tmp 2010-09-04 14:24:12 ----A---- C:\WINDOWS\system32\SET5FB.tmp 2010-09-04 14:24:08 ----A---- C:\WINDOWS\system32\SET5F4.tmp 2010-09-04 14:24:08 ----A---- C:\WINDOWS\system32\SET5F3.tmp 2010-09-04 14:23:53 ----A---- C:\WINDOWS\system32\SET5DF.tmp 2010-09-04 14:23:44 ----A---- C:\WINDOWS\system32\SET5D1.tmp 2010-09-04 14:23:40 ----A---- C:\WINDOWS\system32\SET5CD.tmp 2010-09-04 14:23:33 ----A---- C:\WINDOWS\system32\SET5C1.tmp 2010-09-04 14:23:32 ----A---- C:\WINDOWS\system32\SET5C0.tmp 2010-09-04 14:23:31 ----A---- C:\WINDOWS\system32\SET5BF.tmp 2010-09-04 14:23:29 ----A---- C:\WINDOWS\system32\SET5BD.tmp 2010-09-04 14:23:25 ----A---- C:\WINDOWS\system32\SET5B4.tmp 2010-09-04 14:23:16 ----A---- C:\WINDOWS\system32\SET5A6.tmp 2010-09-04 14:23:13 ----A---- C:\WINDOWS\system32\SET5A1.tmp 2010-09-04 14:23:07 ----A---- C:\WINDOWS\system32\SET59B.tmp 2010-09-04 14:23:07 ----A---- C:\WINDOWS\system32\SET59A.tmp 2010-09-04 14:23:05 ----A---- C:\WINDOWS\system32\SET597.tmp 2010-09-04 14:23:00 ----A---- C:\WINDOWS\system32\SET590.tmp 2010-09-04 14:22:48 ----A---- C:\WINDOWS\system32\SET57E.tmp 2010-09-04 14:22:44 ----A---- C:\WINDOWS\system32\SET57A.tmp 2010-09-04 14:22:40 ----A---- C:\WINDOWS\system32\SET572.tmp 2010-09-04 14:22:38 ----A---- C:\WINDOWS\system32\SET56F.tmp 2010-09-04 14:22:36 ----A---- C:\WINDOWS\system32\SET56C.tmp 2010-09-04 14:22:33 ----A---- C:\WINDOWS\system32\SET568.tmp 2010-09-04 14:22:18 ----A---- C:\WINDOWS\system32\SET552.tmp 2010-09-04 14:22:16 ----A---- C:\WINDOWS\system32\SET550.tmp 2010-09-04 14:22:12 ----A---- C:\WINDOWS\system32\SET54C.tmp 2010-09-04 14:22:11 ----A---- C:\WINDOWS\system32\SET549.tmp 2010-09-04 14:22:07 ----A---- C:\WINDOWS\system32\SET545.tmp 2010-09-04 14:22:04 ----A---- C:\WINDOWS\system32\SET53E.tmp 2010-09-04 14:21:58 ----A---- C:\WINDOWS\system32\SET530.tmp 2010-09-04 14:21:54 ----A---- C:\WINDOWS\system32\SET52C.tmp 2010-09-04 14:21:53 ----A---- C:\WINDOWS\system32\SET52B.tmp 2010-09-04 14:21:49 ----A---- C:\WINDOWS\system32\SET526.tmp 2010-09-04 14:21:39 ----A---- C:\WINDOWS\system32\SET513.tmp 2010-09-04 14:21:33 ----A---- C:\WINDOWS\system32\SET505.tmp 2010-09-04 14:21:32 ----A---- C:\WINDOWS\system32\SET503.tmp 2010-09-04 14:21:31 ----A---- C:\WINDOWS\system32\SET500.tmp 2010-09-04 14:21:27 ----A---- C:\WINDOWS\system32\SET4FB.tmp 2010-09-04 14:21:26 ----A---- C:\WINDOWS\system32\SET4F6.tmp 2010-09-04 14:21:24 ----A---- C:\WINDOWS\system32\SET4F0.tmp 2010-09-04 14:21:24 ----A---- C:\WINDOWS\system32\SET4EF.tmp 2010-09-04 14:21:23 ----A---- C:\WINDOWS\system32\SET4EE.tmp 2010-09-04 14:21:20 ----A---- C:\WINDOWS\system32\SET4E9.tmp 2010-09-04 14:21:08 ----A---- C:\WINDOWS\system32\SET4D6.tmp 2010-09-04 14:21:03 ----A---- C:\WINDOWS\system32\SET4CF.tmp 2010-09-04 14:21:01 ----A---- C:\WINDOWS\system32\SET4CB.tmp 2010-09-04 14:21:00 ----A---- C:\WINDOWS\system32\SET4C5.tmp 2010-09-04 14:20:58 ----A---- C:\WINDOWS\system32\SET4C2.tmp 2010-09-04 14:20:57 ----A---- C:\WINDOWS\system32\SET4C0.tmp 2010-09-04 14:20:56 ----A---- C:\WINDOWS\system32\SET4BB.tmp 2010-09-04 14:20:54 ----A---- C:\WINDOWS\system32\SET4AE.tmp 2010-09-04 14:20:36 ----A---- C:\WINDOWS\system32\SET48F.tmp 2010-09-04 14:20:35 ----A---- C:\WINDOWS\system32\SET48E.tmp 2010-09-04 14:20:33 ----A---- C:\WINDOWS\system32\SET48A.tmp 2010-09-04 14:20:30 ----A---- C:\WINDOWS\system32\SET487.tmp 2010-09-04 14:20:19 ----A---- C:\WINDOWS\system32\SET475.tmp 2010-09-04 14:20:18 ----A---- C:\WINDOWS\system32\SET474.tmp 2010-09-04 14:20:14 ----A---- C:\WINDOWS\system32\SET471.tmp 2010-09-04 14:20:13 ----A---- C:\WINDOWS\system32\SET470.tmp 2010-09-04 14:20:05 ----A---- C:\WINDOWS\system32\SET460.tmp 2010-09-04 14:19:59 ----A---- C:\WINDOWS\system32\SET459.tmp 2010-09-04 14:19:55 ----A---- C:\WINDOWS\system32\SET44C.tmp 2010-09-04 14:19:53 ----A---- C:\WINDOWS\system32\SET449.tmp 2010-09-04 14:19:52 ----A---- C:\WINDOWS\system32\SET448.tmp 2010-09-04 14:19:50 ----A---- C:\WINDOWS\system32\SET445.tmp 2010-09-04 14:19:48 ----A---- C:\WINDOWS\system32\SET440.tmp 2010-09-04 14:19:46 ----A---- C:\WINDOWS\system32\SET43F.tmp 2010-09-04 14:19:44 ----A---- C:\WINDOWS\system32\SET439.tmp 2010-09-04 14:19:43 ----A---- C:\WINDOWS\system32\SET438.tmp 2010-09-04 14:19:41 ----A---- C:\WINDOWS\system32\SET432.tmp 2010-09-04 14:19:38 ----A---- C:\WINDOWS\system32\SET425.tmp 2010-09-04 14:19:36 ----A---- C:\WINDOWS\system32\SET422.tmp 2010-09-04 14:19:35 ----A---- C:\WINDOWS\system32\SET420.tmp 2010-09-04 14:19:34 ----A---- C:\WINDOWS\system32\SET41F.tmp 2010-09-04 14:19:30 ----A---- C:\WINDOWS\system32\SET417.tmp 2010-09-04 14:19:29 ----A---- C:\WINDOWS\system32\SET410.tmp 2010-09-04 14:19:28 ----A---- C:\WINDOWS\system32\SET40D.tmp 2010-09-04 14:19:24 ----A---- C:\WINDOWS\system32\SET3FD.tmp 2010-09-04 14:19:22 ----A---- C:\WINDOWS\system32\SET3F7.tmp 2010-09-04 14:19:20 ----A---- C:\WINDOWS\system32\SET3EE.tmp 2010-09-04 14:19:19 ----A---- C:\WINDOWS\system32\SET3E6.tmp 2010-09-04 14:19:18 ----A---- C:\WINDOWS\system32\SET3E4.tmp 2010-09-04 14:19:17 ----A---- C:\WINDOWS\system32\SET3DF.tmp 2010-09-04 14:19:16 ----A---- C:\WINDOWS\system32\SET3D5.tmp 2010-09-04 14:19:15 ----A---- C:\WINDOWS\system32\SET3D1.tmp 2010-09-04 14:19:14 ----A---- C:\WINDOWS\system32\SET3CE.tmp 2010-09-04 14:19:13 ----A---- C:\WINDOWS\system32\SET3CD.tmp 2010-09-04 14:19:12 ----A---- C:\WINDOWS\system32\SET3CA.tmp 2010-09-04 14:19:11 ----A---- C:\WINDOWS\system32\SET3C8.tmp 2010-09-04 14:19:11 ----A---- C:\WINDOWS\system32\SET3C7.tmp 2010-09-04 14:19:08 ----A---- C:\WINDOWS\system32\SET3C3.tmp 2010-09-04 14:19:07 ----A---- C:\WINDOWS\system32\SET3C2.tmp 2010-09-04 14:19:02 ----A---- C:\WINDOWS\system32\SET3AE.tmp 2010-09-04 14:19:01 ----A---- C:\WINDOWS\system32\SET3AC.tmp 2010-09-04 14:18:47 ----A---- C:\WINDOWS\system32\SET383.tmp 2010-09-04 14:18:44 ----A---- C:\WINDOWS\system32\SET377.tmp 2010-09-04 14:18:43 ----A---- C:\WINDOWS\system32\SET374.tmp 2010-09-04 14:18:40 ----A---- C:\WINDOWS\system32\SET36D.tmp 2010-09-04 14:18:40 ----A---- C:\WINDOWS\system32\SET36C.tmp 2010-09-04 14:18:38 ----A---- C:\WINDOWS\system32\SET35F.tmp 2010-09-04 14:18:26 ----A---- C:\WINDOWS\system32\SET341.tmp 2010-09-04 14:18:26 ----A---- C:\WINDOWS\system32\SET33F.tmp 2010-09-04 14:18:25 ----A---- C:\WINDOWS\system32\SET33E.tmp 2010-09-04 14:18:23 ----A---- C:\WINDOWS\system32\SET339.tmp 2010-09-04 14:18:21 ----A---- C:\WINDOWS\system32\SET335.tmp 2010-09-04 14:18:12 ----A---- C:\WINDOWS\system32\SET2FA.tmp 2010-09-04 14:18:12 ----A---- C:\WINDOWS\system32\SET2F9.tmp 2010-09-04 14:18:08 ----A---- C:\WINDOWS\system32\SET2EF.tmp 2010-09-04 14:18:05 ----A---- C:\WINDOWS\system32\SET2EB.tmp 2010-09-04 14:18:04 ----A---- C:\WINDOWS\system32\SET2EA.tmp 2010-09-04 14:18:03 ----A---- C:\WINDOWS\system32\SET2E9.tmp 2010-09-04 14:17:58 ----A---- C:\WINDOWS\system32\SET2DE.tmp 2010-09-04 14:17:52 ----A---- C:\WINDOWS\system32\SET2C3.tmp 2010-09-04 14:17:51 ----A---- C:\WINDOWS\system32\SET2C0.tmp 2010-09-04 14:17:50 ----A---- C:\WINDOWS\system32\SET2BF.tmp 2010-09-04 14:17:46 ----A---- C:\WINDOWS\system32\SET2AC.tmp 2010-09-04 14:17:45 ----A---- C:\WINDOWS\system32\SET2AB.tmp 2010-09-04 14:17:44 ----A---- C:\WINDOWS\system32\SET2AA.tmp 2010-09-04 14:17:42 ----A---- C:\WINDOWS\system32\SET2A7.tmp 2010-09-04 14:17:41 ----A---- C:\WINDOWS\system32\SET2A6.tmp 2010-09-04 14:17:38 ----A---- C:\WINDOWS\system32\SET29C.tmp 2010-09-04 14:17:37 ----A---- C:\WINDOWS\system32\SET29B.tmp 2010-09-04 14:17:34 ----A---- C:\WINDOWS\system32\SET293.tmp 2010-09-04 14:17:30 ----A---- C:\WINDOWS\system32\SET292.tmp 2010-09-04 14:17:29 ----A---- C:\WINDOWS\system32\SET28F.tmp 2010-09-04 14:17:27 ----A---- C:\WINDOWS\system32\SET28B.tmp 2010-09-04 14:17:25 ----A---- C:\WINDOWS\system32\SET288.tmp 2010-09-04 14:17:21 ----A---- C:\WINDOWS\system32\SET282.tmp 2010-09-04 14:17:09 ----A---- C:\WINDOWS\system32\SET252.tmp 2010-09-04 14:17:08 ----A---- C:\WINDOWS\system32\SET251.tmp 2010-09-04 14:17:07 ----A---- C:\WINDOWS\system32\SET249.tmp 2010-09-04 14:17:06 ----A---- C:\WINDOWS\system32\SET243.tmp 2010-09-04 14:17:05 ----A---- C:\WINDOWS\system32\SET242.tmp 2010-09-04 14:17:03 ----A---- C:\WINDOWS\system32\SET23D.tmp 2010-09-04 14:17:00 ----A---- C:\WINDOWS\system32\SET23A.tmp 2010-09-04 14:16:59 ----A---- C:\WINDOWS\system32\SET237.tmp 2010-09-04 14:16:51 ----A---- C:\WINDOWS\system32\SET223.tmp 2010-09-04 14:16:49 ----A---- C:\WINDOWS\system32\SET21E.tmp 2010-09-04 14:16:47 ----A---- C:\WINDOWS\system32\SET219.tmp 2010-09-04 14:16:46 ----A---- C:\WINDOWS\system32\SET218.tmp 2010-09-04 14:16:42 ----A---- C:\WINDOWS\system32\SET212.tmp 2010-09-04 14:16:40 ----A---- C:\WINDOWS\system32\SET20C.tmp 2010-09-04 14:16:39 ----A---- C:\WINDOWS\system32\SET20B.tmp 2010-09-04 14:16:37 ----A---- C:\WINDOWS\system32\SET207.tmp 2010-09-04 14:16:34 ----A---- C:\WINDOWS\system32\SET201.tmp 2010-09-04 14:16:33 ----A---- C:\WINDOWS\system32\SET200.tmp 2010-09-04 14:16:29 ----A---- C:\WINDOWS\system32\SET1F5.tmp 2010-09-04 14:16:25 ----A---- C:\WINDOWS\system32\SET1E5.tmp 2010-09-04 14:16:24 ----A---- C:\WINDOWS\system32\SET1E4.tmp 2010-09-04 14:16:23 ----A---- C:\WINDOWS\system32\SET1E0.tmp 2010-09-04 14:16:22 ----A---- C:\WINDOWS\system32\SET1DE.tmp 2010-09-04 14:16:21 ----A---- C:\WINDOWS\system32\SET1D8.tmp 2010-09-04 14:16:17 ----A---- C:\WINDOWS\system32\SET1CE.tmp 2010-09-04 14:16:15 ----A---- C:\WINDOWS\system32\SET1C5.tmp 2010-09-04 14:16:14 ----A---- C:\WINDOWS\system32\SET1C3.tmp 2010-09-04 14:16:13 ----A---- C:\WINDOWS\system32\SET1C1.tmp 2010-09-04 14:16:11 ----A---- C:\WINDOWS\system32\SET1BD.tmp 2010-09-04 14:16:07 ----A---- C:\WINDOWS\system32\SET1B7.tmp 2010-09-04 14:16:06 ----A---- C:\WINDOWS\system32\SET1B6.tmp 2010-09-04 14:16:04 ----A---- C:\WINDOWS\system32\SET1AA.tmp 2010-09-04 14:16:02 ----A---- C:\WINDOWS\system32\SET19E.tmp 2010-09-04 14:16:00 ----A---- C:\WINDOWS\system32\SET19C.tmp 2010-09-04 14:15:54 ----A---- C:\WINDOWS\system32\SET191.tmp 2010-09-04 14:15:51 ----A---- C:\WINDOWS\system32\SET18D.tmp 2010-09-04 14:15:50 ----A---- C:\WINDOWS\system32\SET18B.tmp 2010-09-04 14:15:49 ----A---- C:\WINDOWS\system32\SET18A.tmp 2010-09-04 14:15:47 ----A---- C:\WINDOWS\system32\SET186.tmp 2010-09-04 14:15:46 ----A---- C:\WINDOWS\system32\SET185.tmp 2010-09-04 14:15:45 ----A---- C:\WINDOWS\system32\SET182.tmp 2010-09-04 14:15:44 ----A---- C:\WINDOWS\system32\SET181.tmp 2010-09-04 14:15:43 ----A---- C:\WINDOWS\system32\SET17E.tmp 2010-09-04 14:15:41 ----A---- C:\WINDOWS\system32\SET177.tmp 2010-09-04 14:15:41 ----A---- C:\WINDOWS\system32\SET176.tmp 2010-09-04 14:15:35 ----A---- C:\WINDOWS\system32\SET163.tmp 2010-09-04 14:15:20 ----A---- C:\WINDOWS\system32\SET145.tmp 2010-09-04 14:15:18 ----A---- C:\WINDOWS\system32\SET142.tmp 2010-09-04 14:15:17 ----A---- C:\WINDOWS\system32\SET141.tmp 2010-09-04 14:15:12 ----A---- C:\WINDOWS\system32\SET139.tmp 2010-09-04 14:15:10 ----A---- C:\WINDOWS\system32\SET137.tmp 2010-09-04 14:15:09 ----A---- C:\WINDOWS\system32\SET135.tmp 2010-09-04 14:15:07 ----A---- C:\WINDOWS\system32\SET133.tmp 2010-09-04 14:15:05 ----A---- C:\WINDOWS\system32\SET132.tmp 2010-09-04 14:10:04 ----A---- C:\WINDOWS\003272_.tmp 2010-09-04 14:01:29 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll 2010-09-04 14:01:29 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\agp440.sys 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll 2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll 2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\amdk7.sys 2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys 2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys 2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll 2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll 2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll 2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll 2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys 2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys 2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys 2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys 2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll 2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys 2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys 2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\fltmgr.sys 2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll 2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys 2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\mssmbios.sys 2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\ip6fw.sys 2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\intelppm.sys 2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\hidir.sys 2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys 2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys 2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys 2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys 2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\siint5.dll 2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sffp_sd.sys 2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sffdisk.sys 2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sdbus.sys 2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys 2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys 2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\tunmp.sys 2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\smbali.sys 2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys 2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys 2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll 2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys 2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\usbehci.sys 2010-09-04 14:01:17 ----N---- C:\WINDOWS\system32\xpsp2res.dll 2010-09-04 14:01:17 ----A---- C:\WINDOWS\system32\qmgr.dll 2010-09-04 13:50:15 ----A---- C:\WINDOWS\system32\drivers\http.sys 2010-09-04 13:48:52 ----N---- C:\WINDOWS\system32\drivers\bthport.sys 2010-09-04 13:41:35 ----A---- C:\WINDOWS\system32\advapi32.dll 2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\cmd.exe 2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\cacls.exe 2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\autoconv.exe 2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\autochk.exe 2010-09-04 13:41:33 ----A---- C:\WINDOWS\system32\comdlg32.dll 2010-09-04 13:41:33 ----A---- C:\WINDOWS\system32\comctl32.dll 2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\imagehlp.dll 2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\ftp.exe 2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\format.com 2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll 2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\csrsrv.dll 2010-09-04 13:41:31 ----A---- C:\WINDOWS\system32\lmhsvc.dll 2010-09-04 13:41:31 ----A---- C:\WINDOWS\system32\kernel32.dll 2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\lsasrv.dll 2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\locator.exe 2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\localspl.dll 2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\nslookup.exe 2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\msv1_0.dll 2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\msgsvc.dll 2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\mgmtapi.dll 2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntvdm.exe 2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntprint.dll 2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntlsapi.dll 2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntdll.dll 2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\perfctrs.dll 2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\olecnv32.dll 2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\oleaut32.dll 2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\nwprovau.dll 2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasdlg.dll 2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasauto.dll 2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasapi32.dll 2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\printui.dll 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\savedump.exe 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\samsrv.dll 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\samlib.dll 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rshx32.dll 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rastapi.dll 2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rasman.dll 2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\services.exe 2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\schannel.dll 2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\scardsvr.exe 2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\smss.exe 2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\setupapi.dll 2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\sessmgr.exe 2010-09-04 13:41:22 ----A---- C:\WINDOWS\system32\srvsvc.dll 2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\ulib.dll 2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll 2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\syssetup.dll 2010-09-04 13:41:20 ----A---- C:\WINDOWS\system32\userinit.exe 2010-09-04 13:41:20 ----A---- C:\WINDOWS\system32\untfs.dll 2010-09-04 13:41:17 ----A---- C:\WINDOWS\system32\win32spl.dll 2010-09-04 13:41:17 ----A---- C:\WINDOWS\system32\win32k.sys 2010-09-04 13:41:16 ----A---- C:\WINDOWS\system32\wkssvc.dll 2010-09-04 13:41:16 ----A---- C:\WINDOWS\system32\drivers\1394bus.sys 2010-09-04 13:41:15 ----A---- C:\WINDOWS\system32\drivers\afd.sys 2010-09-04 13:41:15 ----A---- C:\WINDOWS\system32\drivers\acpi.sys 2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\atapi.sys 2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys 2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys 2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys 2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\bridge.sys 2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys 2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys 2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys 2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys 2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys 2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys 2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\dmio.sys 2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys 2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys 2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\disk.sys 2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fips.sys 2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fdc.sys 2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys 2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\dxg.sys 2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys 2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys 2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys 2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys 2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys 2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\imapi.sys 2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys 2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\ks.sys 2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys 2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys 2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\irenum.sys 2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys 2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\modem.sys 2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\mf.sys 2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys 2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys 2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys 2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys 2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys 2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\mup.sys 2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys 2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\msfs.sys 2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys 2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys 2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys 2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys 2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndis.sys 2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\npfs.sys 2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys 2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys 2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\netbt.sys 2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\netbios.sys 2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\parport.sys 2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\p3.sys 2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\ohci1394.sys 2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys 2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys 2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys 2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys 2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pci.sys 2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys 2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys 2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\psched.sys 2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\processr.sys 2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys 2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys 2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys 2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys 2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys 2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys 2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys 2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\redbook.sys 2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys 2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys 2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\serenum.sys 2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys 2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys 2010-09-04 13:40:55 ----A---- C:\WINDOWS\system32\drivers\sr.sys 2010-09-04 13:40:55 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys 2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\tape.sys 2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\swenum.sys 2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\stream.sys 2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\srv.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\termdd.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdi.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys 2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys 2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys 2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys 2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\update.sys 2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\udfs.sys 2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys 2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys 2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys 2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys 2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys 2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys 2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys 2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbport.sys 2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys 2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys 2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\vga.sys 2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys 2010-09-04 13:40:48 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys 2010-09-04 13:40:46 ----A---- C:\WINDOWS\system32\ntoskrnl.exe 2010-09-04 13:40:46 ----A---- C:\WINDOWS\system32\HAL.DLL 2010-09-04 13:40:44 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe 2010-09-04 11:08:58 ----D---- C:\WINDOWS\pss 2010-09-04 00:03:26 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2010-09-03 23:49:35 ----D---- C:\Program Files\MSXML 4.0 2010-09-03 23:47:24 ----A---- C:\WINDOWS\system32\Gif89.dll 2010-09-03 23:46:46 ----A---- C:\WINDOWS\system32\nvgpio.dll 2010-09-03 23:46:46 ----A---- C:\WINDOWS\system32\nvapi9x.dll 2010-09-03 23:46:45 ----A---- C:\WINDOWS\system32\drivers\MTiCtwl.sys 2010-09-03 23:45:42 ----D---- C:\Program Files\SEC 2010-09-03 23:19:13 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA 2010-09-03 23:16:51 ----D---- C:\WINDOWS\nview 2010-09-03 23:16:50 ----A---- C:\WINDOWS\system32\nvudisp.exe 2010-09-03 23:15:47 ----A---- C:\WINDOWS\system32\NVUNINST.EXE 2010-09-03 16:09:18 ----D---- C:\Documents and Settings\All Users\Application Data\Alfac 2010-09-03 16:09:12 ----D---- C:\Program Files\DECAdry 2010-09-03 13:10:16 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-09-03 13:10:16 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-09-03 12:58:01 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Thunderbird 2010-09-03 12:17:42 ----N---- C:\WINDOWS\system32\_003756_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003754_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003749_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003748_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003747_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003746_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003745_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003742_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003741_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003740_.tmp.dll 2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003739_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003737_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003734_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003732_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003731_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003727_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003726_.tmp.dll 2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003723_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003719_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003717_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003716_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003714_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003708_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003700_.tmp.dll 2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003699_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003694_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003693_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003692_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003671_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003670_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003669_.tmp.dll 2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003666_.tmp.dll 2010-09-03 12:16:26 ----N---- C:\WINDOWS\system32\drivers\_003646_.tmp.dll 2010-09-03 09:16:25 ----A---- C:\WINDOWS\MAXLINK.INI 2010-09-03 09:16:24 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2010-09-03 09:16:21 ----D---- C:\Documents and Settings\andre schroeven\Application Data\ScanSoft 2010-09-03 09:16:12 ----D---- C:\Program Files\Common Files\ScanSoft Shared 2010-09-03 09:16:12 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft 2010-09-03 09:15:46 ----D---- C:\Program Files\ScanSoft 2010-09-03 09:14:40 ----HD---- C:\Program Files\InstallShield Installation Information 2010-09-03 09:14:40 ----D---- C:\Program Files\ArcSoft 2010-09-03 09:14:40 ----A---- C:\WINDOWS\PCDLIB32.DLL 2010-09-03 09:14:20 ----D---- C:\Program Files\Common Files\InstallShield 2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\msvcr71.dll 2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\msvcp71.dll 2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\MFC71.dll 2010-09-03 09:12:07 ----A---- C:\WINDOWS\IsUninst.exe 2010-09-03 09:11:22 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ 2010-09-03 09:11:07 ----A---- C:\WINDOWS\system32\CNMLM87.DLL 2010-09-03 09:11:02 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information 2010-09-03 09:10:52 ----A---- C:\WINDOWS\system32\cnco600.dll 2010-09-03 09:10:51 ----A---- C:\WINDOWS\system32\CNCL600.DLL 2010-09-03 09:10:50 ----A---- C:\WINDOWS\system32\CNCI600.DLL 2010-09-03 09:10:50 ----A---- C:\WINDOWS\system32\CNCC600.DLL 2010-09-03 09:10:36 ----HD---- C:\Program Files\CanonBJ 2010-09-03 09:09:25 ----D---- C:\Program Files\Canon 2010-09-03 00:02:43 ----A---- C:\WINDOWS\ODBC.INI 2010-09-03 00:02:30 ----A---- C:\WINDOWS\system32\mdimon.dll 2010-09-03 00:00:43 ----D---- C:\Program Files\Microsoft.NET 2010-09-02 23:58:37 ----D---- C:\Program Files\Common Files\DESIGNER 2010-09-02 23:58:23 ----D---- C:\Program Files\Microsoft Works 2010-09-02 23:58:05 ----D---- C:\Program Files\Microsoft Visual Studio 2010-09-02 23:57:05 ----D---- C:\WINDOWS\SHELLNEW 2010-09-02 23:56:43 ----D---- C:\Program Files\Microsoft Office 2010-09-02 23:53:31 ----RHD---- C:\MSOCache 2010-09-02 23:51:32 ----D---- C:\Documents and Settings\andre schroeven\Application Data\MozBackup 2010-09-02 23:41:14 ----D---- C:\Program Files\Mozilla Thunderbird 2010-09-02 23:17:07 ----SHD---- C:\RECYCLER 2010-09-02 21:56:37 ----N---- C:\WINDOWS\system32\_003721_.tmp.dll 2010-09-02 21:56:37 ----N---- C:\WINDOWS\system32\_003720_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003718_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003713_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003712_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003711_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003710_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003709_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003706_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003705_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003704_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003703_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003701_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003698_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003696_.tmp.dll 2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003695_.tmp.dll 2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003691_.tmp.dll 2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003690_.tmp.dll 2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003688_.tmp.dll 2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003687_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003685_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003684_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003683_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003681_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003680_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003677_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003676_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003674_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003673_.tmp.dll 2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003672_.tmp.dll 2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\drivers\_003635_.tmp.dll 2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003662_.tmp.dll 2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003661_.tmp.dll 2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003655_.tmp.dll 2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003654_.tmp.dll 2010-09-02 21:26:41 ----D---- C:\WINDOWS\ie8updates 2010-09-02 21:25:43 ----D---- C:\WINDOWS\WBEM 2010-09-02 21:24:49 ----HDC---- C:\WINDOWS\ie8 2010-09-02 21:24:20 ----D---- C:\Program Files\Microsoft 2010-09-02 21:24:08 ----D---- C:\Program Files\Microsoft Silverlight 2010-09-02 20:03:17 ----HD---- C:\WINDOWS\msdownld.tmp 2010-09-02 19:39:11 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2010-09-02 18:27:57 ----D---- C:\WINDOWS\system32\en-us 2010-09-02 18:27:55 ----D---- C:\WINDOWS\system32\scripting 2010-09-02 18:27:54 ----D---- C:\WINDOWS\l2schemas 2010-09-02 18:27:53 ----D---- C:\WINDOWS\system32\en 2010-09-02 18:21:51 ----D---- C:\WINDOWS\network diagnostic 2010-09-02 18:16:48 ----N---- C:\WINDOWS\system32\_003668_.tmp.dll 2010-09-02 18:16:47 ----N---- C:\WINDOWS\system32\_003667_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003665_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003660_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003659_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003658_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003657_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003656_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003653_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003652_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003651_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003650_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003648_.tmp.dll 2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003645_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003643_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003642_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003638_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003637_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003634_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003632_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003631_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003630_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003628_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003627_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003624_.tmp.dll 2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003623_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003621_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003620_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003619_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003612_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003611_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003610_.tmp.dll 2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003609_.tmp.dll 2010-09-02 18:15:37 ----N---- C:\WINDOWS\system32\drivers\_003590_.tmp.dll 2010-09-02 17:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$ 2010-09-02 17:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$ 2010-09-02 17:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$ 2010-09-02 17:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2010-09-02 17:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2010-09-02 17:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2010-09-02 17:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2010-09-02 17:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2010-09-02 17:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$ 2010-09-02 17:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$ 2010-09-02 17:26:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$ 2010-09-02 17:25:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2010-09-02 17:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-09-02 17:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2010-09-02 17:25:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$ 2010-09-02 17:25:02 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$ 2010-09-02 17:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$ 2010-09-02 17:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$ 2010-09-02 17:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$ 2010-09-02 17:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$ 2010-09-02 17:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2010-09-02 17:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$ 2010-09-02 17:05:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$ 2010-09-02 17:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$ 2010-09-02 17:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$ 2010-09-02 17:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ 2010-09-02 17:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$ 2010-09-02 17:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$ 2010-09-02 17:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ 2010-09-02 17:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$ 2010-09-02 17:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ 2010-09-02 17:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$ 2010-09-02 17:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-09-02 17:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$ 2010-09-02 17:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$ 2010-09-02 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-09-02 17:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ 2010-09-02 17:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$ 2010-09-02 17:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$ 2010-09-02 17:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$ 2010-09-02 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-09-02 17:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$ 2010-09-02 17:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2010-09-02 17:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2010-09-02 17:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$ 2010-09-02 17:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$ 2010-09-02 17:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2010-09-02 17:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-09-02 17:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ 2010-09-02 16:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-09-02 16:59:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$ 2010-09-02 16:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$ 2010-09-02 16:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2010-09-02 16:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-09-02 16:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$ 2010-09-02 16:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ 2010-09-02 16:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$ 2010-09-02 16:57:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2010-09-02 16:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$ 2010-09-02 16:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$ 2010-09-02 16:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-09-02 16:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ 2010-09-02 16:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$ 2010-09-02 16:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$ 2010-09-02 16:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-09-02 16:55:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2010-09-02 16:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2010-09-02 16:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$ 2010-09-02 16:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2010-09-02 16:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$ 2010-09-02 16:54:46 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-09-02 16:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ 2010-09-02 16:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$ 2010-09-02 16:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$ 2010-09-02 16:51:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2010-09-02 16:49:26 ----D---- C:\Program Files\MozBackup 2010-09-02 16:44:35 ----N---- C:\WINDOWS\system32\SETFCC.tmp 2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET2C2.tmp 2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET121E.tmp 2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET10A6.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SETFD0.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C9.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C7.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C6.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET169.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET167.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET166.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET1222.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET122.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET120.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET11F.tmp 2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET10AA.tmp 2010-09-02 16:44:33 ----N---- C:\WINDOWS\system32\SETFD5.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2E4.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2E2.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2D6.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2D2.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET180.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET17F.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET16E.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET16B.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET12E.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET12D.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET126.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET124.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET1227.tmp 2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET10AF.tmp 2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET2E8.tmp 2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET184.tmp 2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET131.tmp 2010-09-02 16:44:29 ----N---- C:\WINDOWS\system32\wmphoto.dll 2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET300.tmp 2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET199.tmp 2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET140.tmp 2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET316.tmp 2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET1A0.tmp 2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET146.tmp 2010-09-02 16:44:20 ----N---- C:\WINDOWS\system32\wlanapi.dll 2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET317.tmp 2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET1A1.tmp 2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET147.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET328.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET320.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31F.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31E.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31D.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET319.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1AC.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A9.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A6.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A5.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A4.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A3.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14F.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14D.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14C.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14B.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14A.tmp 2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET149.tmp 2010-09-02 16:44:18 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2010-09-02 16:44:18 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SETFDA.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET32C.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET32A.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET1B4.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET1B3.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET152.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET151.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET150.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET122C.tmp 2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET10B4.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET343.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET340.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET334.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET1C0.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET1BE.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15F.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15D.tmp 2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15C.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET349.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET346.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1C6.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1C4.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET164.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET162.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1230.tmp 2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET10B8.tmp 2010-09-02 16:44:13 ----N---- C:\WINDOWS\system32\verclsid.exe 2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET34A.tmp 2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET1C8.tmp 2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET165.tmp 2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET358.tmp 2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET354.tmp 2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET1D4.tmp 2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET16C.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET35B.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET35A.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET359.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET1DD.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET1DC.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET170.tmp 2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET16F.tmp 2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET35C.tmp 2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET1DF.tmp 2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET172.tmp 2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET363.tmp 2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET1E7.tmp 2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET179.tmp 2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET174.tmp 2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET173.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET368.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET366.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET365.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1EA.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1E9.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1E8.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17C.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17B.tmp 2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17A.tmp 2010-09-02 16:44:07 ----N---- C:\WINDOWS\system32\tspkg.dll 2010-09-02 16:44:07 ----N---- C:\WINDOWS\system32\tsgqec.dll 2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET36B.tmp 2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET1EC.tmp 2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET17D.tmp 2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET6B4.tmp 2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET53B.tmp 2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET45F.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET37B.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET375.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET1FE.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET1F7.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET188.tmp 2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET183.tmp 2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET381.tmp 2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET1FF.tmp 2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET189.tmp 2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET386.tmp 2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET202.tmp 2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET18C.tmp 2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET38C.tmp 2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET38A.tmp 2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET206.tmp 2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET205.tmp 2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET190.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\system32\SET38E.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET6B6.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET6B5.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET53D.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET53C.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET461.tmp 2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET460.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET395.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET393.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET211.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET210.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET198.tmp 2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET197.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET3A1.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET3A0.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET39A.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET213.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET19A.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET1236.tmp 2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET10BE.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET3B0.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET3AF.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET227.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET225.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET1A8.tmp 2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET1A7.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET3B5.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET3B3.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET22C.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET22A.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET1AD.tmp 2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET1AB.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B9.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B7.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B6.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22F.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22E.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22D.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1B0.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1AF.tmp 2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1AE.tmp 2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET3BA.tmp 2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET230.tmp 2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET1B1.tmp 2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET3BB.tmp 2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET231.tmp 2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET1B2.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET3E8.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET3DA.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET257.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET24D.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET1C7.tmp 2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET1C2.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3EF.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3ED.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3EC.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET25E.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET259.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET1CB.tmp 2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET1C9.tmp 2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET3F0.tmp 2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET25F.tmp 2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET1CC.tmp 2010-09-02 16:43:42 ----N---- C:\WINDOWS\system32\setupn.exe 2010-09-02 16:43:42 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F6.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F5.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F2.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F1.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET268.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET267.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET261.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET260.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1D1.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1D0.tmp 2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1CD.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET400.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET3FC.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET3FB.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET274.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET271.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET26F.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D9.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D6.tmp 2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D5.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET404.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET401.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET278.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET275.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET1DB.tmp 2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET1DA.tmp 2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET411.tmp 2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET27F.tmp 2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET1E1.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET416.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET413.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET281.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET280.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET1E3.tmp 2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET1E2.tmp 2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET421.tmp 2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET28A.tmp 2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET1EB.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42F.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42D.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42A.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET296.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET295.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET294.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F3.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F2.tmp 2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F1.tmp 2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET431.tmp 2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET297.tmp 2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET1F4.tmp 2010-09-02 16:43:32 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET433.tmp 2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET299.tmp 2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET1F6.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET43C.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET43B.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET2A0.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET29F.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET1FC.tmp 2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET1FB.tmp 2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET44B.tmp 2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET2AF.tmp 2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET208.tmp 2010-09-02 16:43:29 ----N---- C:\WINDOWS\system32\rasqec.dll 2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET450.tmp 2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET44D.tmp 2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET2BA.tmp 2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET2B6.tmp 2010-09-02 16:43:28 ----N---- C:\WINDOWS\system32\qutil.dll 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET455.tmp 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET454.tmp 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET2BC.tmp 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET2BB.tmp 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET20E.tmp 2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET20D.tmp 2010-09-02 16:43:24 ----N---- C:\WINDOWS\system32\qcliprov.dll 2010-09-02 16:43:23 ----N---- C:\WINDOWS\system32\qagentrt.dll 2010-09-02 16:43:23 ----N---- C:\WINDOWS\system32\qagent.dll 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET469.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET466.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET465.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET462.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2D5.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CE.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CC.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CA.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET220.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21D.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21C.tmp 2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21A.tmp 2010-09-02 16:43:21 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET46C.tmp 2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET2D7.tmp 2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET222.tmp 2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET46F.tmp 2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET2DD.tmp 2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET226.tmp 2010-09-02 16:43:18 ----A---- C:\WINDOWS\system32\SET478.tmp 2010-09-02 16:43:18 ----A---- C:\WINDOWS\system32\SET2E7.tmp 2010-09-02 16:43:12 ----N---- C:\WINDOWS\system32\onex.dll 2010-09-02 16:43:12 ----A---- C:\WINDOWS\system32\SET47F.tmp 2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET484.tmp 2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET2F1.tmp 2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET238.tmp 2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET485.tmp 2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET2F4.tmp 2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET239.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET493.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET492.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET491.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET490.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET48D.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET48C.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET305.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET304.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET302.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET301.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET2FD.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET2FC.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET247.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET246.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET245.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET244.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET241.tmp 2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET240.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49C.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49B.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49A.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET498.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET497.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET496.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET494.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30F.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30E.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30D.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30B.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30A.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET309.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET306.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET250.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24F.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24E.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24C.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24B.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24A.tmp 2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET248.tmp 2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET49E.tmp 2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET312.tmp 2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET253.tmp 2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET4A1.tmp 2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET315.tmp 2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET256.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET4A9.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET4A7.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET31B.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET31A.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET25C.tmp 2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET25B.tmp 2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET4AB.tmp 2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET31C.tmp 2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET25D.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET4B4.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET4B0.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET322.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET321.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET263.tmp 2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET262.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4C4.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4BF.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4B9.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET32B.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET326.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET324.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET269.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET266.tmp 2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET264.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4CC.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4C7.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4C6.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET331.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET32E.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET32D.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET26C.tmp 2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET26B.tmp 2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET4D0.tmp 2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET4CD.tmp 2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET336.tmp 2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET333.tmp 2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET270.tmp 2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napstat.exe 2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napmontr.dll 2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napipsec.dll 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D7.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D5.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D4.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33D.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33B.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33A.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET277.tmp 2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET276.tmp 2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET4DD.tmp 2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET342.tmp 2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET27E.tmp 2010-09-02 16:42:35 ----N---- C:\WINDOWS\system32\msxml6r.dll 2010-09-02 16:42:35 ----N---- C:\WINDOWS\system32\msxml6.dll 2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET4E5.tmp 2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET348.tmp 2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET284.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F9.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F4.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F1.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET356.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET352.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET351.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET290.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET28D.tmp 2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET28C.tmp 2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET4FA.tmp 2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET357.tmp 2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET291.tmp 2010-09-02 16:42:29 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2010-09-02 16:42:29 ----N---- C:\WINDOWS\system32\mssha.dll 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET50D.tmp 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET507.tmp 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET367.tmp 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET364.tmp 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET2A1.tmp 2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET29E.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET510.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET50F.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET36A.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET369.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET2A4.tmp 2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET2A3.tmp 2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET51C.tmp 2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET37A.tmp 2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET2B0.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51F.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51E.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51D.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET37D.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET37C.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET2B3.tmp 2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET2B2.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET525.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET523.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET521.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET520.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET384.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET382.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET37F.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET37E.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2BD.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B9.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B7.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B5.tmp 2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B4.tmp 2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET528.tmp 2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET387.tmp 2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET2C1.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET538.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET537.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET536.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET534.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET398.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET397.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET396.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET394.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2D1.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2D0.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2CF.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2CD.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET125E.tmp 2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET10E6.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET540.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET53B.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET53A.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET3A2.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET39B.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET2D9.tmp 2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET2D4.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET543.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET542.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET3A6.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET3A5.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET2DC.tmp 2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET2DB.tmp 2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET54A.tmp 2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET3AD.tmp 2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET2E3.tmp 2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcperf.exe 2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcex.dll 2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET555.tmp 2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET3B8.tmp 2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET2EE.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET55A.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET559.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET3BD.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET3BC.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET2F3.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET2F2.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET6B7.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET53E.tmp 2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET462.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET566.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET55E.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3D0.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3CC.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3C1.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET303.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET2FF.tmp 2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET2F7.tmp 2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET570.tmp 2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET56E.tmp 2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET3E1.tmp 2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET3DC.tmp 2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET307.tmp 2010-09-02 16:42:00 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2010-09-02 16:42:00 ----N---- C:\WINDOWS\system32\kmsvc.dll 2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET576.tmp 2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET574.tmp 2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET3E9.tmp 2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET3E7.tmp 2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET310.tmp 2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdpash.dll 2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58F.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58D.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58B.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET587.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET409.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET405.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET402.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET3FE.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET329.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET327.tmp 2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET323.tmp 2010-09-02 16:41:51 ----N---- C:\WINDOWS\system32\smtpapi.dll 2010-09-02 16:41:51 ----N---- C:\WINDOWS\system32\rwnh.dll 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET599.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET595.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET418.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET412.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET337.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET332.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET6B8.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET53F.tmp 2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET463.tmp 2010-09-02 16:41:47 ----N---- C:\WINDOWS\system32\ieencode.dll 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET5A7.tmp 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET5A5.tmp 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET42C.tmp 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET34D.tmp 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET1283.tmp 2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET110B.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5B6.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5B0.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AF.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AE.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AD.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET43D.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET437.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET436.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET434.tmp 2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET353.tmp 2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET5BA.tmp 2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET5B9.tmp 2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET441.tmp 2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET360.tmp 2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET5BB.tmp 2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET442.tmp 2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET361.tmp 2010-09-02 16:41:42 ----N---- C:\WINDOWS\system32\SET1036.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\system32\SET1289.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\system32\SET1111.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\005531_.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\003288_.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\003262_.tmp 2010-09-02 16:41:42 ----A---- C:\WINDOWS\003224_.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CC.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CB.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CA.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5C8.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET453.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET452.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET451.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET44F.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET372.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET371.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET370.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET36E.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET6AA.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET531.tmp 2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET455.tmp 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapsvc.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapqec.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappprxy.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapphost.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappgnui.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappcfg.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapolqec.dll 2010-09-02 16:41:38 ----A---- C:\WINDOWS\system32\SET5D4.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5E3.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5DD.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5D8.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET46A.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET464.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET45F.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET38B.tmp 2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET380.tmp 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3ui.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3svc.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3msm.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3api.dll 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5FC.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5F7.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5F6.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET483.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET47E.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET47D.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET3A4.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET39F.tmp 2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET39E.tmp 2010-09-02 16:41:33 ----N---- C:\WINDOWS\system32\dimsroam.dll 2010-09-02 16:41:33 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2010-09-02 16:41:32 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET61C.tmp 2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET619.tmp 2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET4A3.tmp 2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET3C4.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET628.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET623.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET621.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET4AA.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET4A8.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET3CB.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET3C9.tmp 2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET12A3.tmp 2010-09-02 16:41:30 ----N---- C:\WINDOWS\system32\credssp.dll 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET63C.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET63A.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET637.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET636.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET635.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET633.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET631.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET630.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62F.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62E.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62C.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62B.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62A.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4C3.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4C1.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BE.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BD.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BC.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BA.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B8.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B7.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B6.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B5.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B3.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B2.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B1.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E5.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E3.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E0.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DE.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DD.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DB.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D9.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D8.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D7.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D6.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D4.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D3.tmp 2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D2.tmp 2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET641.tmp 2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET4C8.tmp 2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET3EA.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET64A.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET642.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET4D1.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET4C9.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET3F3.tmp 2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET3EB.tmp 2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET651.tmp 2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET4D8.tmp 2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET3FA.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET663.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65F.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65D.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65A.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET656.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4EA.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E6.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E4.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E1.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET40C.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET408.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET406.tmp 2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET403.tmp 2010-09-02 16:41:24 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2010-09-02 16:41:24 ----N---- C:\WINDOWS\system32\azroles.dll 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET66C.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET66B.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET667.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET666.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET665.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4F3.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4F2.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4ED.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4EC.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET415.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET414.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET40F.tmp 2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET40E.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET671.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET670.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET4F8.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET4F7.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET41A.tmp 2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET419.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET67D.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET67A.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET504.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET501.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET426.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET423.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET6B9.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET540.tmp 2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET464.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET683.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET681.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET50A.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET508.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET42E.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET42B.tmp 2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET428.tmp 2010-09-02 16:41:14 ----N---- C:\WINDOWS\system32\aaclient.dll 2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET685.tmp 2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET50C.tmp 2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET430.tmp 2010-09-02 16:41:04 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Mozilla 2010-09-02 16:40:47 ----D---- C:\Program Files\Mozilla Firefox 2010-09-02 16:16:49 ----N---- C:\WINDOWS\system32\xpsp4res.dll 2010-09-02 16:16:48 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2010-09-02 16:15:00 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-09-02 16:14:42 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-09-02 16:10:46 ----A---- C:\WINDOWS\bdagent.INI 2010-09-02 16:10:30 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2010-09-02 16:10:15 ----D---- C:\WINDOWS\system32\PreInstall 2010-09-02 16:10:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-09-02 16:10:13 ----HD---- C:\WINDOWS\$hf_mig$ 2010-09-02 16:07:21 ----A---- C:\bdlog.txt 2010-09-02 15:54:08 ----D---- C:\Program Files\BitDefender 2010-09-02 15:54:08 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender 2010-09-02 15:33:59 ----D---- C:\Program Files\Common Files\BitDefender 2010-09-02 15:31:05 ----A---- C:\WINDOWS\system32\h323log.txt 2010-09-02 15:27:41 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803$ 2010-09-02 15:26:14 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Adobe 2010-09-02 15:24:50 ----A---- C:\WINDOWS\system32\MRT.exe 2010-09-02 15:22:58 ----SD---- C:\WINDOWS\system32\Microsoft 2010-09-02 15:03:30 ----A---- C:\WINDOWS\system32\drivers\audstub.sys 2010-09-02 15:02:57 ----A---- C:\WINDOWS\system32\drivers\rtl8139.sys 2010-09-02 15:02:56 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys 2010-09-02 15:02:41 ----A---- C:\WINDOWS\system32\usbui.dll 2010-09-02 15:01:47 ----A---- C:\WINDOWS\imsins.BAK 2010-09-02 15:01:44 ----D---- C:\WINDOWS\provisioning 2010-09-02 15:01:44 ----D---- C:\WINDOWS\peernet 2010-09-02 15:01:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-09-02 15:01:43 ----D---- C:\Program Files\Common Files\ODBC 2010-09-02 15:01:43 ----A---- C:\WINDOWS\ODBCINST.INI 2010-09-02 15:01:40 ----D---- C:\Program Files\Common Files\SpeechEngines 2010-09-02 15:01:40 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-09-02 15:01:39 ----RD---- C:\Program Files 2010-09-02 15:01:39 ----D---- C:\Program Files\Common Files 2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdur.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdru.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2010-09-02 15:01:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdest.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdro.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2010-09-02 15:01:28 ----A---- C:\WINDOWS\system32\irclass.dll 2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\spxcoins.dll 2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\dgsetup.dll 2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\batt.dll 2010-09-02 15:01:25 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2010-09-02 15:01:25 ----A---- C:\WINDOWS\TASKMAN.EXE 2010-09-02 15:01:25 ----A---- C:\WINDOWS\notepad.exe 2010-09-02 15:01:24 ----A---- C:\WINDOWS\system32\storprop.dll 2010-09-02 15:01:17 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2010-09-02 15:01:15 ----RA---- C:\WINDOWS\SET7.tmp 2010-09-02 15:01:12 ----RA---- C:\WINDOWS\SET3.tmp 2010-09-02 15:01:07 ----D---- C:\WINDOWS\system32\CatRoot2 2010-09-02 15:01:07 ----D---- C:\WINDOWS\system32\CatRoot 2010-09-02 15:01:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-09-02 15:00:52 ----A---- C:\WINDOWS\setuplog.txt 2010-09-02 15:00:49 ----D---- C:\Documents and Settings 2010-09-02 15:00:34 ----D---- C:\WINDOWS\ServicePackFiles 2010-09-02 14:58:38 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-09-02 14:58:20 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2010-09-02 14:56:50 ----D---- C:\WINDOWS\EHome 2010-09-02 14:13:23 ----RASH---- C:\boot.ini 2010-09-02 14:10:27 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-09-02 14:10:27 ----RSD---- C:\WINDOWS\Fonts 2010-09-02 14:10:27 ----RD---- C:\WINDOWS\Web 2010-09-02 14:10:27 ----HD---- C:\WINDOWS\inf 2010-09-02 14:10:27 ----D---- C:\WINDOWS\WinSxS 2010-09-02 14:10:27 ----D---- C:\WINDOWS\twain_32 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Temp 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\wins 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\wbem 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\usmt 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\spool 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ShellExt 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\Setup 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ras 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\oobe 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\npp 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\mui 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\inetsrv 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\IME 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\icsxml 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ias 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\export 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers\etc 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers\disdn 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\dhcp 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\config 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\3com_dmi 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\3076 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\2052 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1054 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1042 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1041 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1037 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1033 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1031 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1028 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1025 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32 2010-09-02 14:10:27 ----D---- C:\WINDOWS\system 2010-09-02 14:10:27 ----D---- C:\WINDOWS\security 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Resources 2010-09-02 14:10:27 ----D---- C:\WINDOWS\repair 2010-09-02 14:10:27 ----D---- C:\WINDOWS\mui 2010-09-02 14:10:27 ----D---- C:\WINDOWS\msapps 2010-09-02 14:10:27 ----D---- C:\WINDOWS\msagent 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Media 2010-09-02 14:10:27 ----D---- C:\WINDOWS\java 2010-09-02 14:10:27 ----D---- C:\WINDOWS\ime 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Help 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Driver Cache 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Debug 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Cursors 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Connection Wizard 2010-09-02 14:10:27 ----D---- C:\WINDOWS\Config 2010-09-02 14:10:27 ----D---- C:\WINDOWS\AppPatch 2010-09-02 14:10:27 ----D---- C:\WINDOWS\addins 2010-09-02 14:10:27 ----D---- C:\WINDOWS 2010-09-02 14:10:27 ----ASH---- C:\pagefile.sys 2010-09-02 14:05:27 ----A---- C:\WINDOWS\system32\spnpinst.exe 2010-09-02 13:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2010-09-02 13:47:21 ----D---- C:\WINDOWS\system32\bits 2010-09-02 13:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$ 2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\xpob2res.dll 2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\winhttp.dll 2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wups2.dll 2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wups.dll 2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wucltui.dll.mui 2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wucltui.dll 2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui 2010-09-02 13:46:01 ----A---- C:\WINDOWS\system32\wuapi.dll.mui 2010-09-02 13:46:01 ----A---- C:\WINDOWS\system32\wuapi.dll 2010-09-02 13:45:24 ----D---- C:\WINDOWS\SoftwareDistribution 2010-09-02 13:41:13 ----SHD---- C:\WINDOWS\Installer 2010-09-02 13:41:11 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Identities 2010-09-02 13:41:07 ----HD---- C:\Program Files\Uninstall Information 2010-09-02 13:41:04 ----SD---- C:\Documents and Settings\andre schroeven\Application Data\Microsoft 2010-09-02 13:41:04 ----ASH---- C:\Documents and Settings\andre schroeven\Application Data\desktop.ini 2010-09-02 13:38:46 ----SHD---- C:\System Volume Information 2010-09-02 13:38:38 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-09-02 13:36:09 ----D---- C:\WINDOWS\system32\xircom 2010-09-02 13:36:09 ----D---- C:\Program Files\xerox 2010-09-02 13:36:09 ----D---- C:\Program Files\microsoft frontpage 2010-09-02 13:35:57 ----RASH---- C:\MSDOS.SYS 2010-09-02 13:35:57 ----RASH---- C:\IO.SYS 2010-09-02 13:35:57 ----A---- C:\WINDOWS\control.ini 2010-09-02 13:35:57 ----A---- C:\CONFIG.SYS 2010-09-02 13:35:57 ----A---- C:\AUTOEXEC.BAT 2010-09-02 13:35:51 ----A---- C:\WINDOWS\OEWABLog.txt 2010-09-02 13:35:14 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-09-02 13:35:14 ----RD---- C:\WINDOWS\Offline Web Pages 2010-09-02 13:35:14 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2010-09-02 13:35:10 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2010-09-02 13:34:58 ----D---- C:\WINDOWS\srchasst 2010-09-02 13:34:52 ----D---- C:\WINDOWS\system32\Macromed 2010-09-02 13:34:52 ----D---- C:\WINDOWS\system32\DirectX 2010-09-02 13:34:41 ----D---- C:\Program Files\Movie Maker 2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrslv.dll 2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrdm.dll 2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\racpldlg.dll 2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\atrace.dll 2010-09-02 13:34:24 ----A---- C:\WINDOWS\system32\desktop.ini 2010-09-02 13:34:24 ----A---- C:\WINDOWS\desktop.ini 2010-09-02 13:34:19 ----D---- C:\WINDOWS\system32\Restore 2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srsvc.dll 2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srrstr.dll 2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srclient.dll 2010-09-02 13:34:18 ----D---- C:\Program Files\Windows Media Player 2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\mnmdd.dll 2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\ils.dll 2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\msconf.dll 2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2010-09-02 13:34:15 ----D---- C:\Program Files\NetMeeting 2010-09-02 13:34:14 ----D---- C:\WINDOWS\PCHEALTH 2010-09-02 13:34:14 ----D---- C:\Program Files\Common Files\Services 2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\msoert2.dll 2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\msoeacct.dll 2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\acctres.dll 2010-09-02 13:34:13 ----A---- C:\WINDOWS\system32\inetres.dll 2010-09-02 13:34:13 ----A---- C:\WINDOWS\system32\inetcomm.dll 2010-09-02 13:34:10 ----SD---- C:\WINDOWS\Tasks 2010-09-02 13:34:10 ----D---- C:\Program Files\Outlook Express 2010-09-02 13:34:10 ----A---- C:\WINDOWS\system32\schedsvc.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\mstinit.exe 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\mstask.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\isign32.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\inetcfg.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icwphbk.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icwdial.dll 2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2010-09-02 13:34:07 ----D---- C:\Program Files\Common Files\MSSoap 2010-09-02 13:34:04 ----D---- C:\Program Files\Common Files\System 2010-09-02 13:34:02 ----D---- C:\Program Files\Internet Explorer 2010-09-02 13:33:38 ----D---- C:\Program Files\ComPlus Applications 2010-09-02 13:33:37 ----A---- C:\WINDOWS\vbaddin.ini 2010-09-02 13:33:37 ----A---- C:\WINDOWS\vb.ini 2010-09-02 13:33:34 ----D---- C:\WINDOWS\Registration 2010-09-02 13:33:30 ----HD---- C:\Program Files\WindowsUpdate 2010-09-02 13:33:30 ----D---- C:\Program Files\Online Services 2010-09-02 13:33:24 ----D---- C:\Program Files\Messenger 2010-09-02 13:33:19 ----D---- C:\Program Files\MSN 2010-09-02 13:33:16 ----D---- C:\Program Files\MSN Gaming Zone 2010-09-02 13:33:16 ----A---- C:\WINDOWS\system32\write.exe 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\sndvol32.exe 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\sndrec32.exe 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\mplay32.exe 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\hypertrm.dll 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\hticons.dll 2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\accwiz.exe 2010-09-02 13:33:08 ----D---- C:\Program Files\Windows NT 2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\winchat.exe 2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avwav.dll 2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avtapi.dll 2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avmeter.dll 2010-09-02 13:33:07 ----A---- C:\WINDOWS\system32\mspaint.exe 2010-09-02 13:33:04 ----A---- C:\WINDOWS\system32\clipbrd.exe 2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\getuname.dll 2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\charmap.exe 2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\calc.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\wuaueng.dll 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\wuauclt.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\winmine.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\spider.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\sol.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\mshearts.exe 2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\freecell.exe 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\wuauserv.dll 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\reset.exe 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\remotepg.dll 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\rdshost.exe 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\mstscax.dll 2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\mstsc.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tslabels.ini 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tskill.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tscon.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\termsrv.dll 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\shadow.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rwinsta.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\regini.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpclip.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdchost.dll 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qwinsta.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qprocess.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qappsrv.exe 2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\msg.exe 2010-09-02 13:32:59 ----D---- C:\WINDOWS\system32\MsDtc 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\mtxoci.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtctm.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\logoff.exe 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\icaapi.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\cdmodem.dll 2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\xolehlp.dll 2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtclog.dll 2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtc.exe 2010-09-02 13:32:57 ----D---- C:\WINDOWS\system32\Com 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\stclient.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxex.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxdm.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\comrepl.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\comaddin.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\colbact.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\clbcatex.dll 2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\catsrvps.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comuid.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comsvcs.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comsnap.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\clbcatq.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\catsrvut.dll 2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\catsrv.dll 2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\servdeps.dll 2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\mmfutil.dll 2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\licwmi.dll 2010-09-02 13:32:47 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2010-09-12 01:14:29 ----A---- C:\WINDOWS\system.ini 2010-09-11 01:05:07 ----A---- C:\WINDOWS\win.ini 2010-09-02 14:59:07 ----RASH---- C:\NTDETECT.COM 2010-09-02 13:35:40 ----ASH---- C:\WINDOWS\fonts\desktop.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2010-07-09 327368] R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696] R1 Bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [] R1 BdRawPr;BdRawPr; C:\WINDOWS\system32\DRIVERS\bdrawpr.sys [2010-05-13 12960] R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352] R2 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2010-09-13 303008] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 BDFM;BDFM; C:\WINDOWS\system32\DRIVERS\bdfm.sys [2010-04-22 149520] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [] R3 bdselfpr;bdselfpr; \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys [] R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\WINDOWS\system32\DRIVERS\cmiucr.SYS [2007-01-05 93056] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-08-19 3856896] R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-23 3524640] R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792] S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2004-10-11 12062] S3 RT2500USB;RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-01-07 147328] S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys [] S4 avc3;avc3; C:\WINDOWS\system32\drivers\avc3.sys [2010-06-28 633424] S4 avckf;avckf; C:\WINDOWS\system32\drivers\avckf.sys [2010-06-28 970320] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-12 153376] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-23 131139] R2 Updatesrv;BitDefender Desktop Update Service; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2010-08-10 42400] R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2010-09-09 1886576] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [2009-08-10 93848] S3 Update Server;BitDefender Update Server v2; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-07-23 307544] -----------------EOF-----------------

Bonjour à tous, J'aurais besoin de votre intervention car je dois avoir chopé une saleté sur mon PC. Je vais essayer, brièvement, de vous décrire la situation. J'ai un PC Medion equipé d'un processeur Intel Pentium D (double coeur)et un antivirus Bitdefender 2011 (Internet Security) Suite à une mauvaise manipulation j'ai bousillé le MBR du disque dur. Je ne pouvais plus réinstaller Windows XP avec le cd fourni par Medion. Comme j'étais encore en possession d'un XP Pro (avec licence), je l'ai installé et cela fonctionne. (j'ai immédiatement réinstallé Bitdefender). Comme il s'agit d'une version ancienne de XP Pro, Windows update a fait le nécessaire pour installer les SP 2 et 3. C'est là que commence mes soucis. Lors des installations successives des updates, Bitdefender à signalé (et supprimé) des fichier contenant des "trojans". J'ai également réinstallé diverses applications telles que Firefox, Thunderbird, Office 2003, Acrobat Reader... Depuis, j'ai constamment du trafic "internet" (que je peux vérifié sur ma Livebox ainsi que sur la "barre de l'analyse d'activité de Bitdefender). Ainsi, je ne peux plus mettre à jour les modules complémentaires de Firefox et j'ai également échoué dans un scan Online avec Kaspersky. Dans Bitdefender, j'ai, dans les informations relatives au pare-feu, découvert un fichier " \nos\...\adobe (ou Acrobat) qu'il était impossible de retrouver sur mon disque dur. Je l'ai effacé croyant qu'il s'agissait d'un Malware, mais rien y fait. J'ai également désinstallé Acrobat Reader (car j'ai lu qu'il y avait une faille qui permettait une possibilité de prise de contrôle )mais cela ne change rien. Je suis inquiet parce que j'utilise internet pour la gestion de mes compte bancaires. J'ai fait différents scan avec Bitdefender qui me trouvait des traces de rootkit qui modifiait le nom de certains fichiers (sans me préciser lesquels). Après quelques manipulations, ces messages n'apparaissent plus. J'ai également fait divers scan avec "Malwares Byte Antimalware" qui ne trouve rien. Je vous joins une copie des fichiers Hijackthis ainsi que de MBA. J'espère que vous pourrez vous pencher sur mon problème et soit me rassurer soit y trouver une solution. D'avance je vous remercie pour votre intervention. André 46 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 09:51:11, on 12/09/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283427919218 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283428267890 O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- End of file - 6117 bytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4600 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12/09/2010 18:20:31 mbam-log-2010-09-12 (18-20-31).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 221846 Temps écoulé: 44 minute(s), 26 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonsoir à tous, Apparemment beaucoup de curieux, mais toujours personne pour venir à mon secours. Y-a-t-il une personne de bonne volonté (et de compétence) qui puisse m'aider à résoudre mon problème. Ai-je posé mon problème de la bonne manière. Ai-je disconvenu à la "forum étiquette" ? De plus, à plusieurs reprises, je me suis retrouvé avec un XP SP3 dont tous les services étaient désactivés. Ce qui représente travail lassant en ce qui concerne la réactivation(je n'ai pas trouvé de moyen automatique). Un grand merci à celui qui voudra essayer de résoudre mon problème. André 46

Bonjour à tous, Mon PC met un temps fou à charger certains programmes (p.ex : 90 secondes pour lancer Firefox) ou à exécuter certaines tâches (p.ex : changer de police ou de taille des caractères. De plus, en exécutant un scan Hijackthis, j'ai constaté qu'il y avait un nombre important de lignes concernant "Desktop Messenger" et je ne parviens pas à supprimer cette application. L'un de vous pourrait-il m'aider ? Ci-dessous, une copie d'un rapport ZHPDiag et d'un scan MBAM D'avance merci pour le temps que vous voudrez bien me consacrer André Rapport de ZHPDiag v1.25.1403 par Nicolas Coolman Run by dd at 21/04/2010 16:48:45 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.6.3) ---\\ System Information Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 Processor: x86 Family 15 Model 4 Stepping 4, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1022 MB (32% free) System drive C: has 50 GB (62%) free of 80 GB ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 50 Go of 80 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 32 Go of 73 Go) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) M:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK ---\\ Processus lancés [MD5.CC64BB2D200031B11A16FF69DF3E3907] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe [1123360] [MD5.F4A2B8D5E61443043F7BF07AA54A0EF5] - (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe [71152] [MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [246504] [MD5.0743B9D5F36CF73C0913988D44A33AAF] - (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll [7282688] [MD5.73F53075B35124D83479C29780BA6D73] - (.Pas de propriétaire - CmCardMonitor MFC Application.) -- C:\WINDOWS\system32\CmUCReye.exe [237568] [MD5.03E0CDD5CCF362593EA52B0151750D0A] - (.Logitech Inc. - Logitech Communications Manager.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe [497200] [MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272] [MD5.58CD0490E2341844237532874DCC34B4] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1135912] [MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [952768] [MD5.59DC5BB82E4C8E0B3EADCFDBC44BA6E4] - (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe [15360] [MD5.6416F9B6B220F0A890525C38235AFAD7] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336] [MD5.E4BDF223CD75478BF44567B4D5C2634D] - (.Microsoft Corporation - Generic Host Process for Win32 Services.) -- C:\WINDOWS\system32\svchost.exe [14336] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [MD5.AA2364E962727447B611E06B7B96311D] - (.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [183880] [MD5.0E5E4957549056E2BF2C49F4F6B601AD] - (.Microsoft Corporation - Microsoft ASP.NET State Server.) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [34312] [MD5.793EF38A5FD086C3C8E48A8A861562ED] - (.Microsoft Corporation - Content Index service.) -- C:\WINDOWS\system32\cisvc.exe [5632] [MD5.EAD2B8AAEB16E538106D295CD7BD7A48] - (.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) -- C:\WINDOWS\System32\dmadmin.exe [225280] [MD5.C3FB1D70CB88722267949694BA51759E] - (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\WINDOWS\system32\services.exe [111104] [MD5.8BA7C024070F2B7FDD98ED8A4BA41789] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [MD5.C01AC32DC5C03076CFB852CB5DA5229C] - (.Microsoft Corporation - Windows CardSpace.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664] [MD5.C4221678BBAA55239C23632875759961] - (.Microsoft Corporation - API Image Mastering.) -- C:\WINDOWS\system32\imapi.exe [150528] [MD5.77AC10DB097DFD0CD3071465B644D0AB] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [MD5.655D4DA7A440FFCF1ADFF2EB9D3072B4] - (.BitDefender S.R.L. - BitDefender Update Service.) -- C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe [308552] [MD5.44B3B997E25C5D9A81D6C501451A96D7] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [99888] [MD5.7B4607C0C664DA98753508F85BB10694] - (.Logitech Inc. - Service Launcher.) -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe [91696] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [MD5.D3A2870CD96CDA7BCFF3DC54F64087AD] - (.Microsoft Corporation - Partage de Bureau à distance NetMeeting.) -- C:\WINDOWS\system32\mnmsrvc.exe [32768] [MD5.8648D670AE0D95C95E7BBB5B80661796] - (.Microsoft Corporation - MS DTC console program.) -- C:\WINDOWS\system32\msdtc.exe [6144] [MD5.0411F7EE63AE48D2918AB4F2C79AB6C4] - (.Microsoft Corporation - Windows® installer.) -- C:\WINDOWS\system32\msiexec.exe [78848] [MD5.5C9B1D83755B36237B70F95DF3D46A52] - (.Microsoft Corporation - DDE Réseau - Communication DDE.) -- C:\WINDOWS\system32\netdde.exe [114176] [MD5.91E6024D6D4DCDECDB36C43ECF9BBECB] - (.Microsoft Corporation - LSA Shell (Export Version).) -- C:\WINDOWS\system32\lsass.exe [13312] [MD5.D34612C5D02D026535B3095D620626AE] - (.Microsoft Corporation - SMSvcHost.exe.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [132096] [MD5.FD306FBCCE7ADB1077B709742E7148E9] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [MD5.1BC6BCFC305270A73A91A2D2751E8FDB] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.82.) -- C:\WINDOWS\system32\nvsvc32.exe [131139] [MD5.7A56CF3E3F12E8AF599963B16F50FB6A] - (.Microsoft Corporation - Office Source Engine.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.exe [89136] [MD5.9F63D9C5B238ED1C375D417EFF3D5BE7] - (.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bu.) -- C:\WINDOWS\system32\sessmgr.exe [142848] [MD5.414964844F4793ACB868D057E8ED997E] - (.Microsoft Corporation - Microsoft RSVP.) -- C:\WINDOWS\system32\rsvp.exe [132608] [MD5.460E4CE148BD07218DA0B6A3D31885A9] - (.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe [57856] [MD5.71863C174B45DBD6CABBB4D980CCB538] - (.BitDefender S.R.L. - BitDefender Security Service.) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe [1614152] [MD5.C9BEA742CE225CC993C9465FDDAE4656] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows M.) -- C:\Program Files\Windows Media Player\WMPNetwk.exe [918016] ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Internet Explorer URLSearchHook (R3) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18904 (longhorn_ie8_gdr.100222-1700)) -- C:\WINDOWS\system32\ieframe.dll ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} . (.Pas de propriétaire - Pas de description.) -- (.not file.) O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} . (.Pas de propriétaire - Easy-WebPrint EWPBrowseLoader Module.) -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKLM\..\Run: [bDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [CmUCRRun] . (.Pas de propriétaire - CmCardMonitor MFC Application.) -- C:\WINDOWS\system32\CmUCReye.exe O4 - HKLM\..\Run: [LogitechCommunicationsManager] . (.Logitech Inc. - Logitech Communications Manager.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Add to Google Photos Screensa&ver . (.Google Inc. - Google Photos Screensaver.) -- C:\WINDOWS\system32\GPhotos.scr O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.exe O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O8 - Extra context menu item: Easy-WebPrint Impression rapide . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O8 - Extra context menu item: Easy-WebPrint Imprimer . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O8 - Extra context menu item: Easy-WebPrint Prévisualiser . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~4\OFFICE11\REFBARH.ICO O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.not file.) - C:\Program Files\Messenger\msmsgs.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1264105107390 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1264105211625 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: bw+0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw+0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw-0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw-0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw00 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw00s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw10 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw10s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw20 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw20s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw30 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw30s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw40 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw40s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw50 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw50s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw60 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw60s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw70 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw70s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw80 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw80s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw90 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bw90s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwa0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwa0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwb0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwb0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwc0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwc0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwd0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwd0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwe0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwe0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwf0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwf0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Handler: bwg0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwg0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwh0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwh0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwi0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwi0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwj0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwj0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwk0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwk0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwl0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwl0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwm0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwm0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwn0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwn0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwo0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwo0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwp0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwp0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwq0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwq0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwr0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwr0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bws0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bws0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwt0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwt0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwu0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwu0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwv0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwv0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bww0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bww0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwx0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwx0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwy0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwy0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwz0 - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: bwz0s - {30233877-838c-4f47-9fa0-5e839c3db78f} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Pas de propriétaire - Pas de description.) -- O18 - Handler: offline-8876480 - {30233877-838C-4F47-9FA0-5E839C3DB78F} . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher (LVSrvLauncher) . (.Logitech Inc. - Service Launcher.) - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NMSAccessU (NMSAccessU) . (.Pas de propriétaire - Pas de description.) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.82.) - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Personnalisation du navigateur - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS . (.Pas de propriétaire - Pas de description.) -- RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Shockwave Flash - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r88.) -- C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: bdftdif (bdftdif) . (.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Reader 9.3.2 - Français - (.Adobe Systems Incorporated.) [HKLM] O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] O42 - Logiciel: ArcSoft PhotoStudio 5.5 - (.ArcSoft.) [HKLM] O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM] O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] O42 - Logiciel: C-Media USB2.0 Card Reader - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] O42 - Logiciel: CD-LabelPrint - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] O42 - Logiciel: Canon Camera Support Core Library - (.Canon.) [HKLM] O42 - Logiciel: Canon Camera Window DS for ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Canon Camera Window DVC for ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Canon Camera Window for ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Canon EOS Kiss_N REBEL_XT 350D Pilote WIA - (.Canon.) [HKLM] O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] O42 - Logiciel: Canon MP Navigator 3.0 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon MP600 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon PhotoRecord - (.Cisra.) [HKLM] O42 - Logiciel: Canon RAW Image Task for ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Canon RemoteCapture Task for ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Canon Utilities Digital Photo Professional 1.6.1 - (.Canon.) [HKLM] O42 - Logiciel: Canon Utilities EOS Capture 1.3 - (.Canon.) [HKLM] O42 - Logiciel: Canon Utilities Easy-PhotoPrint - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Canon Utilities File Viewer Utility 1.2 - (.Canon.) [HKLM] O42 - Logiciel: Canon Utilities PhotoStitch 3.1 - (.Canon.) [HKLM] O42 - Logiciel: Canon Utilities RemoteCapture 2.7 - (.Canon.) [HKLM] O42 - Logiciel: Canon ZoomBrowser EX - (.Canon.) [HKLM] O42 - Logiciel: Configuration DivX - (.DivX, Inc. .) [HKLM] O42 - Logiciel: DECAdry Express Business Cards 4 - (.Alfac.) [HKLM] O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM] O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] O42 - Logiciel: Easy-WebPrint - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: FileZilla Client 3.3.2.1 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: FrostWire 4.18.6 - (.FrostWire, LLC.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Incomedia WebSite X5 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Java 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: LSI PCI-SV92PP Soft Modem - (.LSI Corporation.) [HKLM] O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Logitech Audio Echo Cancellation Component - (.Logitech Inc..) [HKLM] O42 - Logiciel: Logitech Desktop Messenger - (.Logitech, Inc..) [HKLM] O42 - Logiciel: Logitech QuickCam - (.Logitech Inc..) [HKLM] O42 - Logiciel: Logitech Video Enumerator - (.Logitech Inc..) [HKLM] O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Baseline Security Analyzer 1.2.1 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM] O42 - Logiciel: Mozilla Thunderbird (3.0.4) - (.Mozilla.) [HKLM] O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Notepad++ - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: OVH MoM - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: PC Wizard 2010.1.92 - (.Laurent KUTIL & Franck DELATTRE.) [HKLM] O42 - Logiciel: Philips Media Manager 3.3.12.0004 - (.Royal Philips Electronics Inc.) [HKLM] O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] O42 - Logiciel: PowerQuest PartitionMagic 8.0 - (.PowerQuest.) [HKLM] O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] O42 - Logiciel: Recuva - (.Piriform.) [HKLM] O42 - Logiciel: Revo Uninstaller 1.80 - (.VS Revo Group.) [HKLM] O42 - Logiciel: Revo Uninstaller Pro 2.1.5 - (.VS Revo Group, Ltd..) [HKLM] O42 - Logiciel: ScanSoft OmniPage SE 4.0 - (.Nuance Communications, Inc..) [HKLM] O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] O42 - Logiciel: Services Off-line de Home'Bank - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: SiSoftware Sandra Lite 2010 - (.SiSoftware.) [HKLM] O42 - Logiciel: Signature995 - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] O42 - Logiciel: Songbird 1.4.3 (Build 1438) - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: UMVPLStandalone - (.Logitech Inc..) [HKLM] O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] O42 - Logiciel: What's Running 2.2 - (.WhatsRunning.net.) [HKLM] O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] O42 - Logiciel: ZebHelpProcess 2.34 - (.Nicolas Coolman.) [HKLM] ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\Alfac] [HKCU\Software\AppDataLow] [HKCU\Software\ArcSoft] [HKCU\Software\Ask.com] [HKCU\Software\AskToolbar] [HKCU\Software\BBL] [HKCU\Software\Bitdefender] [HKCU\Software\CISRA] [HKCU\Software\CPUID] [HKCU\Software\Canneverbe Limited] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Data Dynamics] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Eden] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\Logitech] [HKCU\Software\LowRegistry] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\Mainconcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaNavigation] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OVH] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerQuest] [HKCU\Software\Realtek] [HKCU\Software\ScanSoft] [HKCU\Software\Secunia] [HKCU\Software\SiSoftware] [HKCU\Software\Skype] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VS Revo Group] [HKCU\Software\VSRevoGroup] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ej-technologies] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\Alfac] [HKLM\Software\America Online] [HKLM\Software\AppDataLow] [HKLM\Software\ArcSoft] [HKLM\Software\BackWeb] [HKLM\Software\BitDefender] [HKLM\Software\Borland] [HKLM\Software\C07ft5Y] [HKLM\Software\CISRA] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\FileZilla 3] [HKLM\Software\Gemplus] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ING] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Logitech] [HKLM\Software\MDC] [HKLM\Software\Macromedia] [HKLM\Software\MidasHeurScanner] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OVH] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PowerQuest] [HKLM\Software\Program Groups] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\ScanSoft] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\SiSoftware] [HKLM\Software\Skype] [HKLM\Software\Softwin] [HKLM\Software\Songbird] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\WhatsRunning] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory ----D- C:\Program Files\7-Zip O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft O43 - CFD:Common File Directory ----D- C:\Program Files\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\BitTorrent O43 - CFD:Common File Directory ----D- C:\Program Files\C-Media USB2.0 Card Reader O43 - CFD:Common File Directory ----D- C:\Program Files\Canon O43 - CFD:Common File Directory --H-D- C:\Program Files\CanonBJ O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files O43 - CFD:Common File Directory ----D- C:\Program Files\CPUID O43 - CFD:Common File Directory ----D- C:\Program Files\DECAdry O43 - CFD:Common File Directory ----D- C:\Program Files\DivX O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers communs O43 - CFD:Common File Directory ----D- C:\Program Files\FileZilla FTP Client O43 - CFD:Common File Directory ----D- C:\Program Files\FrostWire O43 - CFD:Common File Directory ----D- C:\Program Files\Google O43 - CFD:Common File Directory ----D- C:\Program Files\ING O43 - CFD:Common File Directory ----D- C:\Program Files\InstallShield Installation Information O43 - CFD:Common File Directory ----D- C:\Program Files\Intel O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer O43 - CFD:Common File Directory ----D- C:\Program Files\Inventel O43 - CFD:Common File Directory ----D- C:\Program Files\Java O43 - CFD:Common File Directory ----D- C:\Program Files\JRE O43 - CFD:Common File Directory ----D- C:\Program Files\Kompozer 08b1 O43 - CFD:Common File Directory ----D- C:\Program Files\Kompozer-Windows O43 - CFD:Common File Directory ----D- C:\Program Files\LocalCooling O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\LSI SoftModem O43 - CFD:Common File Directory ----D- C:\Program Files\LudoSoft O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Baseline Security Analyzer O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Expression O43 - CFD:Common File Directory ----D- C:\Program Files\microsoft frontpage O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sites publics français O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild O43 - CFD:Common File Directory ----D- C:\Program Files\MSECache O43 - CFD:Common File Directory ----D- C:\Program Files\MSN Gaming Zone O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 6.0 O43 - CFD:Common File Directory ----D- C:\Program Files\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\NetMeeting O43 - CFD:Common File Directory ----D- C:\Program Files\Notepad++ O43 - CFD:Common File Directory ----D- C:\Program Files\OnSpec O43 - CFD:Common File Directory ----D- C:\Program Files\Orange O43 - CFD:Common File Directory ----D- C:\Program Files\Outlook Express O43 - CFD:Common File Directory ----D- C:\Program Files\OVH O43 - CFD:Common File Directory ----D- C:\Program Files\pdf995 O43 - CFD:Common File Directory ----D- C:\Program Files\Philips O43 - CFD:Common File Directory ----D- C:\Program Files\PowerQuest O43 - CFD:Common File Directory ----D- C:\Program Files\RALINK O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek O43 - CFD:Common File Directory ----D- C:\Program Files\Recherche O43 - CFD:Common File Directory ----D- C:\Program Files\Recuva O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies O43 - CFD:Common File Directory ----D- C:\Program Files\ScanSoft O43 - CFD:Common File Directory ----D- C:\Program Files\Secunia O43 - CFD:Common File Directory ----D- C:\Program Files\Services en ligne O43 - CFD:Common File Directory ----D- C:\Program Files\SiSoftware O43 - CFD:Common File Directory R---D- C:\Program Files\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Songbird O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group O43 - CFD:Common File Directory ----D- C:\Program Files\WhatsRunning O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Desktop Search O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Installer Clean Up O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal Viewer O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Connect 2 O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT O43 - CFD:Common File Directory --H-D- C:\Program Files\WindowsUpdate O43 - CFD:Common File Directory ----D- C:\Program Files\X10 Hardware O43 - CFD:Common File Directory ----D- C:\Program Files\xerox O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess O43 - CFD:Common File Directory ----D- C:\Program Files\ZHPDiag O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe AIR O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\BitDefender O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\CANON O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DESIGNER O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\DivX Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\France Telecom O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\i4j_jres O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Java O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Logitech O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Macromedia O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\muvee Technologies O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\ScanSoft Shared O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Skype O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory ----D- C:\Program Files\Fichiers Communs\Windows Live O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\X10 ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4BC02BD73338C3A26265F5C64DBEC770] - 21/04/2010 - 15:46:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\BDEADMIN.CPL [183808] O44 - LFC:[MD5.8C25E347F5E2C2BCA9B5258A68B72AE7] - 21/04/2010 - 15:46:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\DBCLIENT.DLL [210032] O44 - LFC:[MD5.00000000000000000000000000000000] - 21/04/2010 - 15:42:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\WindowsUpdate.log [1787845] O44 - LFC:[MD5.00000000000000000000000000000000] - 21/04/2010 - 07:40:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2010 - 07:40:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 21/04/2010 - 07:40:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.D3B68A0A4837E133FCC7B143ED7E8522] - 21/04/2010 - 07:39:49 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\nvapps.xml [37469] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 21/04/2010 - 07:39:37 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/04/2010 - 07:39:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\drivers\lvuvc.hs [0] O44 - LFC:[MD5.00000000000000000000000000000000] - 21/04/2010 - 00:03:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\SchedLgU.Txt [32538] O44 - LFC:[MD5.BA3DB15E1250E86DB75D4B7E3BBF701A] - 21/04/2010 - 00:03:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\bdagent.INI [121] O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 18/04/2010 - 23:44:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ashttpstats.csv [52] O44 - LFC:[MD5.EE41666473DF2225B633FCAFB3A94AC7] - 16/04/2010 - 07:55:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\win.ini [1843] O44 - LFC:[MD5.FF82BFFC37355D1A60E3B4DE1D2D6FA5] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\comsetup.log [227299] O44 - LFC:[MD5.2D11F16B100BCEE9D366713A8D023239] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\iis6.log [98686] O44 - LFC:[MD5.76A3C22CE32FC60395ABD66EB99E5DD9] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.90DD3A5075DB97FFB90E41D0307DA223] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ntdtcsetup.log [137332] O44 - LFC:[MD5.19DBAD4562040A39A7C1A8D1A90B6A51] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocmsn.log [35246] O44 - LFC:[MD5.1C0B1C0B595E2AEE5918C0C55D086F4E] - 15/04/2010 - 08:55:18 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\tsoc.log [245654] O44 - LFC:[MD5.F64DA454AB896DA1391095AFCBC5977F] - 15/04/2010 - 08:55:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\FaxSetup.log [636043] O44 - LFC:[MD5.97C2644EFA75128F579F0AB4EAC5A10C] - 15/04/2010 - 08:55:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978338.log [91823] O44 - LFC:[MD5.566596276694C29ABF383C5BE8634961] - 15/04/2010 - 08:55:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\msgsocm.log [31738] O44 - LFC:[MD5.338E4A9950B7B8105C657D9CEDF865B4] - 15/04/2010 - 08:55:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\ocgen.log [313030] O44 - LFC:[MD5.607A8A237944B57D535D31337F753A68] - 15/04/2010 - 08:55:16 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\setupapi.log [255742] O44 - LFC:[MD5.7B6EA5755B4E4DFF799B8D77D4720A9F] - 15/04/2010 - 08:55:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB977816.log [91459] O44 - LFC:[MD5.9912F2FC61FBBF309FA9602B3F38BFE7] - 15/04/2010 - 08:55:05 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.AC9FB78F5AECCFB125AFAF2A05CB9821] - 14/04/2010 - 08:50:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979683.log [27335] O44 - LFC:[MD5.2650F5D7FB64D9E2A0D49DC2C69494BC] - 14/04/2010 - 08:49:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980232.log [25878] O44 - LFC:[MD5.DF5E649D79DA9B683E521E8208B8369B] - 14/04/2010 - 08:43:58 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB978601.log [48343] O44 - LFC:[MD5.B7529167A9949538068834A28227CC8D] - 14/04/2010 - 08:43:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\updspapi.log [160586] O44 - LFC:[MD5.7D2297B890C02BC483FFFCBB41940E69] - 14/04/2010 - 08:43:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB981332-IE8.log [25184] O44 - LFC:[MD5.A29E859CEDDE71847D552149968F679E] - 14/04/2010 - 08:43:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB979309.log [47465] O44 - LFC:[MD5.7A2750BB371B9CE11F455598178433F0] - 03/04/2010 - 19:01:03 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\wpa.dbl [2206] O44 - LFC:[MD5.FDF192C4A2A6942BE67ED7EDCDAEB6A8] - 03/04/2010 - 18:56:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB976002-v5.log [3425] O44 - LFC:[MD5.A327FA401E7D4464BB2916B9F133CF47] - 03/04/2010 - 16:55:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system.ini [327] O44 - LFC:[MD5.D3BCEE679ED4285FFB025FC71C1F073B] - 03/04/2010 - 16:55:28 -SH-- . (.Pas de propriétaire - Pas de description.) -- C:\boot.ini [216] O44 - LFC:[MD5.7FB633D0CC15AF023B8F2D31E9D307FD] - 02/04/2010 - 14:33:09 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\bdlog.txt [41928] O44 - LFC:[MD5.8FB8356FA999055EC106171A0CAC8C55] - 31/03/2010 - 21:44:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\KB980182-IE8.log [32281] O44 - LFC:[MD5.4072352C13FC290B82D01EE784F283FF] - 01/04/2010 - 14:34:19 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\System32\drivers\bdfndisf.sys [110984] O44 - LFC:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 01/04/2010 - 14:34:03 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\System32\drivers\bdfsfltr.sys [291352] O44 - LFC:[MD5.8B5B8A11306190C6963D3473F052D3C8] - 31/03/2010 - 12:43:50 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\WINDOWS\System32\drivers\revoflt.sys [27064] O44 - LFC:[MD5.22A543DA58C08A3D7CB3E7DFFCA1B8A9] - 31/03/2010 - 02:58:24 ---A- . (.DivX, Inc. - DivX Control Panel.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl [353592] O44 - LFC:[MD5.E3ABB14786A33B251973AD1DB3961048] - 28/03/2010 - 16:05:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh00C.dat [503628] O44 - LFC:[MD5.9580BBCC1529AC4758A8ED5D43509AA6] - 28/03/2010 - 16:05:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\PerfStringBackup.INI [1102292] O44 - LFC:[MD5.2E06073F509DE306FAD796DE4706A826] - 28/03/2010 - 16:05:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc009.dat [68292] O44 - LFC:[MD5.BD83CFC21E2C20E58634918DF2FA8BE2] - 28/03/2010 - 16:05:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfc00C.dat [81626] O44 - LFC:[MD5.04DE3FBF5D59C1F96A963F591206362D] - 28/03/2010 - 16:05:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\perfh009.dat [435396] O44 - LFC:[MD5.780B0DD7EF7FC1816754EF5056CD6596] - 24/03/2010 - 16:52:33 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\wmsetup.log [13021] ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA) (O47) O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "..." [Enabled] .(.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Program Files\Logitech\Logitech Vid\Vid.exe" [Enabled] .(.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe O47 - AAKE:Key Export SP - "..." [Enabled] .(.SiSoftware - SiSoftware Deployment Agent Service (NT)(Unicode).) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Plugin Manager\skypePM.exe" [Enabled] .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe O47 - AAKE:Key Export SP - "C:\Program Files\Skype\Phone\Skype.exe" [Enabled] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O47 - AAKE:Key Export SP - "..." [Enabled] .(.Royal Philips Electronics Inc - Philips Media Management for your Media Devices.) -- C:\Program Files\Philips\Media Manager\Philips Media Manager.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "..." [Enabled] .(.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" [Enabled] .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{84a868b1-06b9-11df-a788-001617252bd6}\Shell\AutoRun\command. (.Pas de propriétaire - Pas de description.) -- H:\OnSpcLCK.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.I420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\WINDOWS\System32\lvcodec2.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\System32\DivX.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (.Pas de propriétaire - Pas de description.) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.) ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\LDM [Key] . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O53 - SMSR:HKLM\...\startupreg\Logitech Vid [Key] . (.Logitech Inc. - Logitech Vid.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe O53 - SMSR:HKLM\...\startupreg\LogitechQuickCamRibbon [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\QuickCam10\QuickCam10.exe O53 - SMSR:HKLM\...\startupreg\LVCOMSX [Key] . (.Logitech Inc. - LVCom Server.) -- C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\OpwareSE4 [Key] . (.ScanSoft, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoCDBurning"=0 ---\\ Liste des Drivers Système (SDL) (O58) O58 - SDL:[MD5.78F9F9EFBA9000FEB475F617C23B078F] - 17/10/2005 - 14:52:58 R--A- . (.Philips Semiconductors GmbH - 3xHybrid.) -- C:\WINDOWS\system32\drivers\3xHybrid.sys O58 - SDL:[MD5.7560F465F1CE69C53BF17559EE195548] - 13/08/2009 - 15:07:12 ---A- . (.LSI Corporation - SoftModem Device Driver.) -- C:\WINDOWS\system32\drivers\AGRSM.sys O58 - SDL:[MD5.67C2A47DB7190673350A3F9F5A1507CB] - 10/02/2010 - 15:02:42 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfm.sys O58 - SDL:[MD5.4072352C13FC290B82D01EE784F283FF] - 01/04/2010 - 14:34:19 ---A- . (.BitDefender LLC - BitDefender Firewall NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\bdfndisf.sys O58 - SDL:[MD5.A21A4A0E6BDF0C2BE0FABFA16D8C8F76] - 01/04/2010 - 14:34:03 ---A- . (.BitDefender - BitDefender AntiVirus FS filter driver.) -- C:\WINDOWS\system32\drivers\bdfsfltr.sys O58 - SDL:[MD5.CA54223D5A5B6A7E3559CB100A0B5E57] - 10/02/2010 - 15:02:41 ---A- . (.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender AntiVirus Hypervisor driver.) -- C:\WINDOWS\system32\drivers\bdhv.sys O58 - SDL:[MD5.33392317FE8AB70B46C013D8AF8FE119] - 22/09/2009 - 08:22:06 ---A- . (.BitDefender - FileVault Disk Driver.) -- C:\WINDOWS\system32\drivers\BDVEDISK.sys O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys O58 - SDL:[MD5.EE2519E054904B12BF0A42CA84A2D464] - 04/08/2005 - 00:30:52 R--A- . (.C-Media Corporation - USB 2.0 card reader driver.) -- C:\WINDOWS\system32\drivers\cmiucr.SYS O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 05/08/2004 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys O58 - SDL:[MD5.4AC51459805264AFFD5F6FDFB9D9235F] - 23/12/2009 - 12:03:22 ---A- . (.GEAR Software Inc. - CD/DVD Class Filter Driver.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys O58 - SDL:[MD5.2D0AB9D29E6B0C42CCE955B5A8E0D62D] - 26/06/2006 - 10:33:28 ---A- . (.Logitech Inc. - Logitech Kernel Audio Processing Filter Driver.) -- C:\WINDOWS\system32\drivers\Lvckap.sys O58 - SDL:[MD5.A3963E3D997C3646E1D3338EB88A48E9] - 26/06/2006 - 10:33:36 ---A- . (.Logitech Inc. - Logitech Machine Vision Engine Loader.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys O58 - SDL:[MD5.2154EA3701F4F1F8F2AB7750B41F149B] - 23/06/2006 - 23:29:40 R--A- . (.Logitech Inc. - Logitech AudioProcessing Filter Driver.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys O58 - SDL:[MD5.39C767BD6D99C23D28E71B6E0CBA3129] - 26/06/2006 - 10:33:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys O58 - SDL:[MD5.6E59BC28A41F8A2B702D345A5604652F] - 23/06/2006 - 23:29:43 R--A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\WINDOWS\system32\drivers\lvselsus.sys O58 - SDL:[MD5.6AD3F5275F117F08C12EAB2233A9E3FB] - 23/06/2006 - 23:29:46 R--A- . (.Logitech Inc. - USB Statistic Driver.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys O58 - SDL:[MD5.B48E599A8CF96876760C7EE62C1352EC] - 23/06/2006 - 23:29:47 R--A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\WINDOWS\system32\drivers\lvuvc.sys O58 - SDL:[MD5.64795F5368272D034A108D34C0F4E44F] - 23/06/2006 - 23:29:47 R--A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys O58 - SDL:[MD5.654A3F014903DC62CAF5E037F3D316D2] - 07/01/2010 - 16:07:04 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys O58 - SDL:[MD5.C0D40BEAA6DFC05602FC8F484696F7F5] - 07/01/2010 - 16:07:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys O58 - SDL:[MD5.935FAD55F5AD83524E390CFB8018BA23] - 23/09/2005 - 23:21:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 81.82.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys O58 - SDL:[MD5.87D211BA1E9759E26B6296E625A31CE8] - 16/09/2002 - 18:07:24 ---A- . (.PowerQuest Corporation - PowerQuest Boot Mode Driver..) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys O58 - SDL:[MD5.8B5B8A11306190C6963D3473F052D3C8] - 30/12/2009 - 10:20:54 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\WINDOWS\system32\drivers\revoflt.sys O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 05/08/2004 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys O58 - SDL:[MD5.98B7FAB86755A42FE8EB04538A4CD6C8] - 19/08/2005 - 23:35:04 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys O58 - SDL:[MD5.D507C1400284176573224903819FFDA3] - 04/08/2004 - 23:31:34 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- C:\WINDOWS\system32\drivers\RTL8139.sys O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/04/2008 - 17:39:15 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\drivers\StarOpen.sys O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 05/08/2004 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys O58 - SDL:[MD5.41CF36A3CC7786575247ED456918E112] - 19/05/2005 - 16:52:58 ---A- . (.X10 Wireless Technology, Inc. - X10 USB Control Interface.) -- C:\WINDOWS\system32\drivers\x10ufx2.sys O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ansi.sys O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\country.sys O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\himem.sys O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\key01.sys O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\keyboard.sys O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos.sys O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos404.sys O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos411.sys O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos412.sys O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntdos804.sys O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio.sys O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio404.sys O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio411.sys O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio412.sys O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 05/08/2004 - 13:00:00 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\ntio804.sys ---\\ Liste des outils de nettoyage (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.) O63 - Logiciel: Dial-a-fix - (Djlizard) O63 - Logiciel: RSIT - (random/random) O63 - Logiciel: Toolbar SD - (IDN Team) ---\\ Liste des services Legacy (LALS) (O64) O64 - Services: CurCS - (.not file.) - 05a9683e (05a9683e) .(.Pas de propriétaire - Pas de description.) - LEGACY_05A9683E O64 - Services: CurCS - (.not file.) - 0b9c02e1 (0b9c02e1) .(.Pas de propriétaire - Pas de description.) - LEGACY_0B9C02E1 O64 - Services: CurCS - (.not file.) - 0bf8b11b (0bf8b11b) .(.Pas de propriétaire - Pas de description.) - LEGACY_0BF8B11B O64 - Services: CurCS - (.not file.) - 0c02f830 (0c02f830) .(.Pas de propriétaire - Pas de description.) - LEGACY_0C02F830 O64 - Services: CurCS - (.not file.) - 20ce7b43 (20ce7b43) .(.Pas de propriétaire - Pas de description.) - LEGACY_20CE7B43 O64 - Services: CurCS - (.not file.) - 21b7d751 (21b7d751) .(.Pas de propriétaire - Pas de description.) - LEGACY_21B7D751 O64 - Services: CurCS - (.not file.) - 2a8a7d2b (2a8a7d2b) .(.Pas de propriétaire - Pas de description.) - LEGACY_2A8A7D2B O64 - Services: CurCS - (.not file.) - 32b76026 (32b76026) .(.Pas de propriétaire - Pas de description.) - LEGACY_32B76026 O64 - Services: CurCS - (.not file.) - 36fdfdaf (36fdfdaf) .(.Pas de propriétaire - Pas de description.) - LEGACY_36FDFDAF O64 - Services: CurCS - (.not file.) - 58ceca61 (58ceca61) .(.Pas de propriétaire - Pas de description.) - LEGACY_58CECA61 O64 - Services: CurCS - (.not file.) - 5fbbbf6d (5fbbbf6d) .(.Pas de propriétaire - Pas de description.) - LEGACY_5FBBBF6D O64 - Services: CurCS - (.not file.) - 6438dca8 (6438dca8) .(.Pas de propriétaire - Pas de description.) - LEGACY_6438DCA8 O64 - Services: CurCS - (.not file.) - 69ba51ed (69ba51ed) .(.Pas de propriétaire - Pas de description.) - LEGACY_69BA51ED O64 - Services: CurCS - (.not file.) - 6d3617f0 (6d3617f0) .(.Pas de propriétaire - Pas de description.) - LEGACY_6D3617F0 O64 - Services: CurCS - (.not file.) - 6efe1809 (6efe1809) .(.Pas de propriétaire - Pas de description.) - LEGACY_6EFE1809 O64 - Services: CurCS - (.not file.) - 75770ca0 (75770ca0) .(.Pas de propriétaire - Pas de description.) - LEGACY_75770CA0 O64 - Services: CurCS - (.not file.) - 7ec86cc3 (7ec86cc3) .(.Pas de propriétaire - Pas de description.) - LEGACY_7EC86CC3 O64 - Services: CurCS - (.not file.) - 99a01e5f (99a01e5f) .(.Pas de propriétaire - Pas de description.) - LEGACY_99A01E5F O64 - Services: CurCS - (.not file.) - 9fac9114 (9fac9114) .(.Pas de propriétaire - Pas de description.) - LEGACY_9FAC9114 O64 - Services: CurCS - (.not file.) - ad0c1746 (ad0c1746) .(.Pas de propriétaire - Pas de description.) - LEGACY_AD0C1746 O64 - Services: CurCS - C:\Program Files\LSI SoftModem\agrsmsvc.exe - Agere Modem Call Progress Audio (AgereModemAudio) .(.LSI Corporation - LSI Soft Modem Call Progress Service.) - LEGACY_AGEREMODEMAUDIO O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe - BitDefender Serveur Arrakis (Arrakis3) .(.BitDefender S.R.L. http://www.bitdefender.c - Arrakis Web Server.) - LEGACY_ARRAKIS3 O64 - Services: CurCS - (.not file.) - bbde2521 (bbde2521) .(.Pas de propriétaire - Pas de description.) - LEGACY_BBDE2521 O64 - Services: CurCS - C:\WINDOWS\system32\drivers\bdfm.sys - BDFM (bdfm) .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM O64 - Services: CurCS - C:\WINDOWS\system32\drivers\bdfsfltr.sys - bdfsfltr (bdfsfltr) .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys - bdftdif (bdftdif) .(.BitDefender LLC - BitDefender Firewall TDI Filter Driver.) - LEGACY_BDFTDIF O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdselfpr.sys - BDSelfPr (BDSelfPr) .(.BitDefender - BitDefender Self Protection Driver.) - LEGACY_BDSELFPR O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys - BDVEDISK (BDVEDISK) .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK O64 - Services: CurCS - (.not file.) - c638662d (c638662d) .(.Pas de propriétaire - Pas de description.) - LEGACY_C638662D O64 - Services: CurCS - (.not file.) - cd698b9f (cd698b9f) .(.Pas de propriétaire - Pas de description.) - LEGACY_CD698B9F O64 - Services: CurCS - (.not file.) - cf4a4f37 (cf4a4f37) .(.Pas de propriétaire - Pas de description.) - LEGACY_CF4A4F37 O64 - Services: CurCS - (.not file.) - d2c91b38 (d2c91b38) .(.Pas de propriétaire - Pas de description.) - LEGACY_D2C91B38 O64 - Services: CurCS - (.not file.) - d9cd406a (d9cd406a) .(.Pas de propriétaire - Pas de description.) - LEGACY_D9CD406A O64 - Services: CurCS - (.not file.) - db34747d (db34747d) .(.Pas de propriétaire - Pas de description.) - LEGACY_DB34747D O64 - Services: CurCS - (.not file.) - Lanceur de processus serveur DCOM (DcomLaunch) .(.Pas de propriétaire - Pas de description.) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - (.not file.) - ed8dbbc1 (ed8dbbc1) .(.Pas de propriétaire - Pas de description.) - LEGACY_ED8DBBC1 O64 - Services: CurCS - (.not file.) - f99ec7bc (f99ec7bc) .(.Pas de propriétaire - Pas de description.) - LEGACY_F99EC7BC O64 - Services: CurCS - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter (JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe - BitDefender Desktop Update Service (LIVESRV) .(.BitDefender S.R.L. - BitDefender Update Service.) - LEGACY_LIVESRV O64 - Services: CurCS - C:\WINDOWS\system32\drivers\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON O64 - Services: CurCS - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe - Logitech Process Monitor (LVPrcSrv) .(.Logitech Inc. - Logitech LVPrcSrv Module..) - LEGACY_LVPRCSRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe - LVSrvLauncher (LVSrvLauncher) .(.Logitech Inc. - Service Launcher.) - LEGACY_LVSRVLAUNCHER O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR O64 - Services: CurCS - (.not file.) - mountmgr (mountmgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR O64 - Services: CurCS - (.not file.) - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP O64 - Services: CurCS - (.not file.) - Pilote système NDIS (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS O64 - Services: CurCS - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(.Pas de propriétaire - Pas de description.) - LEGACY_NMSACCESSU O64 - Services: CurCS - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service (NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 81.82.) - LEGACY_NVSVC O64 - Services: CurCS - (.not file.) - PartMgr (PartMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_PARTMGR O64 - Services: CurCS - C:\WINDOWS\system32\Drivers\PQNTDRV.sys - PQNTDrv (PQNTDrv) .(.PowerQuest Corporation - PowerQuest Boot Mode Driver..) - LEGACY_PQNTDRV O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\profos.sys - Profos (Profos) .(.BitDefender S.R.L. - Profos Kernel Module.) - LEGACY_PROFOS O64 - Services: CurCS - (.not file.) - RDPNP (RDPNP) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPNP O64 - Services: CurCS - (.not file.) - Appel de procédure distante (RPC) (RpcSs) .(.Pas de propriétaire - Pas de description.) - LEGACY_RPCSS O64 - Services: CurCS - (.not file.) - Services Terminal Server (TermService) .(.Pas de propriétaire - Pas de description.) - LEGACY_TERMSERVICE O64 - Services: CurCS - C:\Program Files\Fichiers communs\BitDefender\BitDefender Threat Scanner\trufos.sys - Trufos (Trufos) .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS O64 - Services: CurCS - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe - BitDefender Virus Shield (VSSERV) .(.BitDefender S.R.L. - BitDefender Security Service.) - LEGACY_VSSERV ---\\ Observateur d'évènement d'application (OEA) (O66) O66 - EventLog: ID=4126 (Ci) - (.Pas de propriétaire - Pas de description.) -- c:\system volume information\catalog.wci"}; (.not file.) O66 - EventLog: ID=4124 (Ci) - (.Pas de propriétaire - Pas de description.) -- c:\system volume information\catalog.wci"}; (.not file.) O66 - EventLog: ID=4689 (COM+) - (.Pas de propriétaire - Pas de description.) -- f:\xpsp3\com\com1x\src\comsvcs\events\lcedisp.cpp(131), Hr = 80040206 : Failed to CoCreate EventSystem (.not file.) O66 - EventLog: ID=4689 (COM+) - (.Pas de propriétaire - Pas de description.) -- f:\xpsp3\com\com1x\src\comsvcs\package\cpackage.cpp(1184), Hr = 80080005 : InitEventCollector failed"}; (.not file.) ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Pas de propriétaire - Pas de description.) -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Recherche d'infection Master Boot Record (O80) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS kernel: MBR read successfully user & kernel MBR OK ---\\ Infection BT - BHO/Toolbar (Possible) [HKCU\Software\Ask.com] End of the scan (919 lines in 00mn 35s) Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3879 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 22/04/2010 13:29:30 mbam-log-2010-04-22 (13-29-30).txt Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 266932 Temps écoulé: 3 hour(s), 26 minute(s), 33 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonsoir bleuet, Merci pour ton intervention. Comment fait-on pour transférer le post vers l'équipe sécurité ?