Total Rigole

Bonjour Sur mes DD non system les fichiers exe ont: 1)Changés d'icones (voir image jointe) 2)Ne se lance pas J'ai installé antivir, report 0 infection. Merci pour votre aide. je ne sais pas joindre l'image ou était représenté les nom de fichiers avec leurs icones ??????

Bonjour Golf J'ai fait la manip mais OtList2 reste planté. J'ai essayé avec les outils de sécurité desactivés, j'ai essayé sans echec, j'ai essayé avec les outils de sécurité activés RIEN. Juste un dossier ouvert en C:\ _OTListIt\MovedFiles\03282009_072401\ Ce dossier reste vide

Ok j'ai chargé et lancé comme decrit ce logicel dont voici le compte rendu. Ad-Awre Watct list et Nod32 V4 étant en fonction OTListIt logfile created on: 27/03/2009 18:54:45 - Run 1 OTListIt2 by OldTimer - Version 2.0.7.2 Folder = C:\Infection msn Windows Vista Ultimate Edition Service Pack 2, v.286 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.16670) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,19% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free Paging file location(s): c:\pagefile.sys 4500 4500; %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 80,01 Gb Total Space | 36,88 Gb Free Space | 46,09% Space Free | Partition Type: NTFS Drive D: | 106,30 Gb Total Space | 75,73 Gb Free Space | 71,24% Space Free | Partition Type: NTFS Drive E: | 43,96 Gb Total Space | 29,47 Gb Free Space | 67,04% Space Free | Partition Type: NTFS Drive F: | 77,35 Gb Total Space | 49,33 Gb Free Space | 63,78% Space Free | Partition Type: NTFS Drive G: | 47,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 516,00 Mb Total Space | 484,11 Mb Free Space | 93,82% Space Free | Partition Type: UDF I: Drive not present or media not loaded Drive Z: | 85,00 Gb Total Space | 42,99 Gb Free Space | 50,58% Space Free | Partition Type: NTFS Computer Name: PC-DE-TOTALRIGO Current User Name: Total Rigole Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Output = Standard File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - [2009/03/25 14:55:24 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009/02/06 14:23:36 | 00,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2008/01/21 03:47:13 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe PRC - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe PRC - [2008/09/30 12:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2007/05/28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\rsvp.exe PRC - [2008/08/04 16:21:08 | 00,721,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe PRC - [2006/10/17 11:47:22 | 00,087,584 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe PRC - [2009/03/22 18:21:09 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2007/10/14 20:38:52 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe PRC - [2008/04/30 18:30:06 | 00,498,176 | ---- | M] () -- C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe PRC - [2009/03/23 14:45:28 | 00,515,416 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2008/11/07 04:00:00 | 00,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe PRC - [2006/10/18 17:58:48 | 01,185,264 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2006/10/18 18:02:40 | 01,961,576 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe PRC - [2009/02/06 17:07:48 | 00,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe PRC - [2009/02/24 13:42:08 | 32,010,240 | ---- | M] () -- C:\Program Files (x86)\MSI\DualCoreCenter\DualCoreCenter.exe PRC - [2009/01/30 22:28:40 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysWOW64\wbem\wmiprvse.exe PRC - [2007/10/19 20:46:08 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe PRC - [2007/11/02 18:44:16 | 00,610,304 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe PRC - [2009/01/30 22:28:40 | 00,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysWOW64\wbem\wmiprvse.exe PRC - [2007/11/02 20:12:50 | 00,262,144 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe PRC - [2009/03/25 18:04:08 | 00,249,344 | ---- | M] (TODO: <Company name>) -- C:\Users\TOTALR~1\AppData\Local\Temp\~temp\hmunmlcn88\svchost.exe PRC - [2009/01/30 22:29:04 | 00,634,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe PRC - [2007/11/06 01:50:44 | 00,116,032 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe PRC - [2009/03/27 18:52:47 | 00,498,688 | ---- | M] (OldTimer Tools) -- C:\Infection msn\OTListIt2.exe ========== Win32 Services (SafeList) ========== SRV - [2006/10/18 15:26:16 | 00,285,216 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc [Auto | Running]) SRV - File not found -- -- (aspnet_state [On_Demand | Stopped]) SRV - [2008/12/14 17:02:50 | 00,067,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2008/12/14 17:17:44 | 00,090,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) SRV - [2009/01/30 22:50:30 | 00,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\cscsvc.dll -- (CscService [Auto | Running]) SRV - [2008/01/21 03:50:39 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped]) SRV - [2008/01/21 03:50:39 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped]) SRV - [2006/11/02 16:03:44 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped]) SRV - [2009/02/06 14:27:10 | 00,023,296 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped]) SRV - [2009/02/06 14:23:36 | 00,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn [Auto | Running]) SRV - [2008/01/21 03:47:07 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\fxssvc.exe -- (Fax [On_Demand | Stopped]) SRV - [2008/12/16 16:47:38 | 00,043,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2009/03/27 09:15:30 | 00,137,200 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped]) SRV - [2007/11/06 21:16:54 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running]) SRV - [2007/11/06 21:16:54 | 00,139,264 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running]) SRV - [2008/12/16 16:47:30 | 00,857,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Running]) SRV - [2009/03/25 14:55:24 | 00,951,632 | ---- | M] (Lavasoft) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running]) SRV - [2008/11/07 16:49:10 | 00,160,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ [On_Demand | Stopped]) SRV - [2009/03/26 16:49:52 | 00,179,856 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService [Auto | Stopped]) SRV - [2006/10/26 13:40:34 | 00,335,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe -- (MDM [Auto | Running]) SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped]) SRV - [2008/08/04 16:21:08 | 00,261,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc [Auto | Running]) SRV - [2008/09/30 12:48:28 | 00,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0 [Auto | Running]) SRV - [2008/12/16 16:47:30 | 00,117,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped]) SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped]) SRV - [2008/01/21 03:47:01 | 00,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\pcasvc.dll -- (PcaSvc [Auto | Running]) SRV - [2008/01/21 03:50:03 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\perfhost.exe -- (PerfHost [On_Demand | Stopped]) SRV - [2007/05/28 17:57:54 | 00,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE [Auto | Running]) SRV - [2009/03/23 14:55:04 | 00,505,600 | ---- | M] (TuneUp Software) -- C:\Windows\sysnative\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Running]) SRV - [2009/03/23 14:55:09 | 00,841,472 | ---- | M] (TuneUp Software) -- C:\Windows\sysnative\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Running]) SRV - [2009/01/30 22:50:46 | 00,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\umrdp.dll -- (UmRdpService [On_Demand | Stopped]) SRV - [2008/12/11 13:31:36 | 00,027,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp [Auto | Running]) SRV - [2009/01/30 22:50:18 | 01,149,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\wbengine.exe -- (wbengine [On_Demand | Stopped]) SRV - [2008/01/21 03:51:24 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV - [2009/01/30 20:22:44 | 00,461,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\drivers\csc.sys -- (CSC [system | Running]) DRV - [2008/12/08 11:32:44 | 00,044,344 | ---- | M] (MICRO-STAR INT'L CO., LTD.) -- C:\Program Files (x86)\MSI\DualCoreCenter\NTGLM7X64.sys -- (DualCoreCenter [On_Demand | Running]) DRV - [2009/02/06 14:19:56 | 00,141,728 | ---- | M] (ESET) -- C:\Windows\sysnative\DRIVERS\eamon.sys -- (eamon [Auto | Running]) DRV - [2009/02/06 14:23:20 | 00,132,464 | ---- | M] (ESET) -- C:\Windows\sysnative\DRIVERS\ehdrv.sys -- (ehdrv [system | Running]) DRV - [2009/02/06 14:24:50 | 00,120,128 | ---- | M] (ESET) -- C:\Windows\sysnative\DRIVERS\epfwwfpr.sys -- (epfwwfpr [Auto | Running]) DRV - [2008/01/21 03:51:10 | 00,161,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\DRIVERS\fvevol.sys -- (fvevol [boot | Running]) DRV - [2006/11/02 06:28:10 | 00,273,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Stopped]) DRV - [2007/11/26 04:16:32 | 00,086,016 | ---- | M] (JMicron Technology Corp.) -- C:\Windows\sysnative\DRIVERS\jraid.sys -- (JRAID [boot | Running]) DRV - [2008/09/26 09:55:00 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\Windows\sysnative\DRIVERS\L8042Kbd.sys -- (L8042Kbd [On_Demand | Running]) DRV - [2008/09/26 09:56:00 | 00,113,680 | ---- | M] (Logitech, Inc.) -- C:\Windows\sysnative\DRIVERS\L8042mou.Sys -- (L8042mou [On_Demand | Running]) DRV - [2009/03/25 14:55:27 | 00,069,664 | ---- | M] (Lavasoft AB) -- C:\Windows\sysnative\DRIVERS\Lbd.sys -- (Lbd [boot | Running]) DRV - [2008/09/26 09:56:00 | 00,112,144 | ---- | M] (Logitech, Inc.) -- C:\Windows\sysnative\DRIVERS\LMouKE.Sys -- (LMouKE [On_Demand | Running]) DRV - [2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys -- (MBAMProtector [On_Demand | Stopped]) DRV - [2008/02/14 07:56:14 | 00,160,768 | ---- | M] (Realtek Corporation ) -- C:\Windows\sysnative\DRIVERS\Rtlh64.sys -- (RTL8169 [On_Demand | Running]) DRV - [2008/12/16 11:27:32 | 00,076,088 | ---- | M] (Your Corporation) -- C:\Program Files (x86)\MSI\DualCoreCenter\RushTop64.sys -- (RushTopDevice2 [On_Demand | Running]) DRV - [2009/03/25 18:08:05 | 00,198,944 | ---- | M] (Acronis) -- C:\Windows\sysnative\DRIVERS\snapman.sys -- (snapman [boot | Running]) DRV - [2009/03/22 18:41:13 | 00,860,656 | ---- | M] () -- C:\Windows\sysnative\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2009/03/25 18:08:12 | 00,065,312 | ---- | M] (Acronis) -- C:\Windows\sysnative\DRIVERS\tifsfilt.sys -- (tifsfilter [Auto | Running]) DRV - [2009/03/25 18:08:12 | 00,629,536 | ---- | M] (Acronis) -- C:\Windows\sysnative\DRIVERS\timntr.sys -- (timounter [boot | Running]) DRV - [2009/01/30 21:07:08 | 00,098,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running]) DRV - [2008/08/04 16:21:10 | 02,064,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\sysnative\DRIVERS\VX1000.sys -- (VX1000 [On_Demand | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\S-1-5-21-1211498328-2187118138-2454678604-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.) O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O3 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll () O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" (Lavasoft) O4 - HKLM..\Run: [DelReg] "C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe" () O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation) O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" (Microsoft Corporation) O4 - HKLM..\Run: [LiveMonitor] "C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe" () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray (Malwarebytes Corporation) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-19..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (Microsoft Corporation) O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\axcmd.exe" /automount () O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation) O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [nodenable] C:\Program Files\eset\nodenable.exe () O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) F3 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000 WinNT: Load - (C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\dllhst3g.exe) - C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\dllhst3g.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKU\S-1-5-21-1211498328-2187118138-2454678604-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\system32\Explorer.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found ========== Files/Folders - Created Within 30 Days ========== [1 C:\Windows\System32\*.tmp files] [2009/03/27 17:08:05 | 00,086,016 | ---- | C] () -- C:\Windows\rsvp.exe [2009/03/27 17:08:05 | 00,086,016 | ---- | C] () -- C:\Users\Total Rigole\AppData\Local\dllhst3g.exe [2009/03/27 10:10:27 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\EsetOnlineScanner [2009/03/27 10:00:54 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Malwarebytes [2009/03/27 10:00:52 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/03/27 10:00:52 | 00,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/03/27 10:00:50 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/03/27 10:00:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/03/27 09:59:35 | 00,001,847 | ---- | C] () -- C:\Users\Total Rigole\Desktop\CCleaner.lnk [2009/03/27 09:48:56 | 00,000,000 | ---D | C] -- C:\Infection msn [2009/03/25 18:07:49 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis [2009/03/25 17:42:26 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Mes Sauvegardes [2009/03/25 17:40:58 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Acronis [2009/03/25 17:31:44 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis [2009/03/25 16:56:42 | 03,034,953 | -H-- | C] () -- C:\Users\Total Rigole\AppData\Local\IconCache.db [2009/03/25 16:20:40 | 42,940,86656 | -HS- | C] () -- C:\hiberfil.sys [2009/03/25 15:02:44 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Nero [2009/03/25 14:56:09 | 00,000,536 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/03/25 14:44:30 | 00,002,630 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2009/03/25 14:38:24 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2009/03/25 14:38:01 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero [2009/03/25 14:38:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2009/03/25 14:37:43 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2009/03/25 13:47:48 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\QuickPar [2009/03/25 13:16:14 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Adobe [2009/03/25 11:09:44 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\InfraRecorder [2009/03/24 18:04:08 | 00,086,016 | ---- | C] () -- C:\Windows\System\sessmgr.exe [2009/03/24 18:04:08 | 00,086,016 | ---- | C] () -- C:\Windows\ieudinit.exe [2009/03/24 16:39:22 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\vlc [2009/03/24 09:57:48 | 00,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2009/03/24 09:52:06 | 00,086,016 | ---- | C] () -- C:\Windows\sessmgr.exe [2009/03/24 09:51:06 | 00,086,016 | ---- | C] () -- C:\Windows\System32\drivers\clipsrv.exe [2009/03/24 09:43:51 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\ESET [2009/03/24 09:43:31 | 00,086,016 | ---- | C] () -- C:\Windows\System\mqtgsvc.exe [2009/03/24 09:08:59 | 00,000,010 | -H-- | C] () -- C:\xrjmns.tce [2009/03/23 19:49:16 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009/03/23 19:49:16 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/03/23 19:49:16 | 00,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2009/03/23 19:49:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Xvid [2009/03/23 18:43:00 | 00,000,000 | ---D | C] -- C:\Windows\Minidump [2009/03/23 18:33:30 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\AVS4YOU [2009/03/23 18:33:29 | 00,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2009/03/23 18:32:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU [2009/03/23 18:30:42 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia [2009/03/23 18:30:40 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll [2009/03/23 18:30:40 | 00,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll [2009/03/23 18:30:40 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll [2009/03/23 18:30:40 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll [2009/03/23 18:23:06 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Journaux MCE [2009/03/23 18:21:09 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2009/03/23 18:21:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\VistaCodecPack [2009/03/23 17:51:23 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\aignes [2009/03/23 17:43:47 | 00,012,499 | ---- | C] () -- C:\Windows\System32\Seagate.bin [2009/03/23 17:38:54 | 00,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe [2009/03/23 15:22:56 | 00,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\winhlp32.exe [2009/03/23 15:22:56 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftsrch.dll [2009/03/23 15:22:56 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx041e.dll [2009/03/23 15:22:56 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftlx0411.dll [2009/03/23 15:20:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems [2009/03/23 15:10:56 | 00,003,120 | ---- | C] () -- C:\Windows\System32\ALLFSAF6a.ocx [2009/03/23 15:09:09 | 00,644,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX [2009/03/23 15:06:30 | 01,526,844 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2009/03/23 15:05:24 | 00,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP [2009/03/23 14:55:06 | 00,027,904 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2009/03/23 14:55:06 | 00,017,152 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2009/03/23 14:54:54 | 00,000,546 | ---- | C] () -- C:\Windows\tasks\Maintenance en 1 clic.job [2009/03/23 14:54:54 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\TuneUp Software [2009/03/23 14:54:43 | 00,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2009/03/23 14:53:49 | 00,000,000 | -HSD | C] -- C:\ProgramData\{55A29068-F2CE-456C-9148-C869879E2357} [2009/03/23 14:51:45 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\Frameworkx.com [2009/03/23 14:43:40 | 00,000,000 | -H-D | C] -- C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800} [2009/03/23 14:43:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft [2009/03/23 14:43:35 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2009/03/23 13:28:53 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games [2009/03/23 13:23:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2009/03/23 11:48:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2009/03/23 11:48:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2009/03/23 11:48:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2009/03/23 11:33:37 | 01,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSVidCtl.dll [2009/03/23 11:33:37 | 01,335,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll [2009/03/23 11:33:37 | 01,183,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll [2009/03/23 11:33:37 | 00,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll [2009/03/23 11:33:37 | 00,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2009/03/23 11:33:37 | 00,680,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll [2009/03/23 11:33:37 | 00,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll [2009/03/23 11:33:37 | 00,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll [2009/03/23 11:33:37 | 00,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll [2009/03/23 11:33:37 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll [2009/03/23 11:33:37 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2009/03/23 11:33:37 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll [2009/03/23 11:33:36 | 03,173,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll [2009/03/23 11:33:36 | 02,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll [2009/03/23 11:33:36 | 02,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2009/03/23 11:33:36 | 00,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll [2009/03/23 11:33:36 | 00,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll [2009/03/23 11:33:36 | 00,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2009/03/23 11:33:36 | 00,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2009/03/23 11:33:36 | 00,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2009/03/23 11:33:36 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2009/03/23 11:33:36 | 00,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2009/03/23 11:33:36 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netplwiz.dll [2009/03/23 11:33:36 | 00,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2009/03/23 11:33:36 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2009/03/23 11:33:36 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2009/03/23 11:33:36 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2009/03/23 11:33:35 | 02,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstscax.dll [2009/03/23 11:33:35 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll [2009/03/23 11:33:35 | 00,609,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL [2009/03/23 11:33:35 | 00,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll [2009/03/23 11:33:35 | 00,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll [2009/03/23 11:33:35 | 00,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll [2009/03/23 11:33:35 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2009/03/23 11:33:35 | 00,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2009/03/23 11:33:35 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2009/03/23 11:33:35 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2009/03/23 11:33:34 | 02,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2009/03/23 11:33:34 | 01,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll [2009/03/23 11:33:34 | 01,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2009/03/23 11:33:34 | 01,316,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll [2009/03/23 11:33:34 | 00,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstsc.exe [2009/03/23 11:33:34 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/03/23 11:33:34 | 00,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2009/03/23 11:33:34 | 00,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll [2009/03/23 11:33:34 | 00,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll [2009/03/23 11:33:34 | 00,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll [2009/03/23 11:33:34 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2009/03/23 11:33:34 | 00,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll [2009/03/23 11:33:34 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2009/03/23 11:33:34 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2009/03/23 11:33:34 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll [2009/03/23 11:33:34 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll [2009/03/23 11:33:34 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2009/03/23 11:33:34 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2009/03/23 11:33:33 | 00,644,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\p2psvc.dll [2009/03/23 11:33:33 | 00,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2009/03/23 11:33:33 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2009/03/23 11:33:33 | 00,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2009/03/23 11:33:33 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2009/03/23 11:33:33 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/03/23 11:33:33 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2009/03/23 11:33:33 | 00,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2009/03/23 11:33:32 | 12,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2009/03/23 11:33:32 | 02,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2009/03/23 11:33:32 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2009/03/23 11:33:31 | 03,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2009/03/23 11:33:31 | 01,165,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll [2009/03/23 11:33:31 | 00,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2009/03/23 11:33:31 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll [2009/03/23 11:33:31 | 00,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2009/03/23 11:33:31 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL [2009/03/23 11:33:31 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll [2009/03/23 11:33:31 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2009/03/23 11:33:31 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2009/03/23 11:33:31 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll [2009/03/23 11:33:30 | 00,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2009/03/23 11:33:30 | 00,279,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll [2009/03/23 11:33:30 | 00,156,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2009/03/23 11:33:30 | 00,081,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2009/03/23 11:33:30 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2009/03/23 11:33:29 | 02,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2009/03/23 11:33:29 | 01,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [2009/03/23 11:33:29 | 01,102,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmsys.cpl [2009/03/23 11:33:29 | 00,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll [2009/03/23 11:33:29 | 00,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2009/03/23 11:33:28 | 01,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll [2009/03/23 11:33:28 | 00,506,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL [2009/03/23 11:33:28 | 00,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2009/03/23 11:33:28 | 00,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009/03/23 11:33:28 | 00,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll [2009/03/23 11:33:28 | 00,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll [2009/03/23 11:33:28 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2009/03/23 11:33:28 | 00,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll [2009/03/23 11:33:28 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll [2009/03/23 11:33:28 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll [2009/03/23 11:33:28 | 00,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2009/03/23 11:33:28 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll [2009/03/23 11:33:28 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll [2009/03/23 11:33:28 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll [2009/03/23 11:33:27 | 03,595,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/03/23 11:33:27 | 02,243,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll [2009/03/23 11:33:27 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/03/23 11:33:27 | 00,807,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll [2009/03/23 11:33:27 | 00,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2009/03/23 11:33:27 | 00,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2009/03/23 11:33:27 | 00,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll [2009/03/23 11:33:27 | 00,461,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/03/23 11:33:27 | 00,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll [2009/03/23 11:33:27 | 00,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll [2009/03/23 11:33:27 | 00,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2009/03/23 11:33:27 | 00,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2009/03/23 11:33:27 | 00,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll [2009/03/23 11:33:27 | 00,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll [2009/03/23 11:33:27 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msiexec.exe [2009/03/23 11:33:27 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll [2009/03/23 11:33:27 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2009/03/23 11:33:27 | 00,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2009/03/23 11:33:26 | 00,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2009/03/23 11:33:26 | 00,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2009/03/23 11:33:26 | 00,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe [2009/03/23 11:33:26 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2009/03/23 11:33:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe [2009/03/23 11:33:26 | 00,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2009/03/23 11:33:26 | 00,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2009/03/23 11:33:26 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe [2009/03/23 11:33:26 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll [2009/03/23 11:33:26 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll [2009/03/23 11:33:26 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2009/03/23 11:33:26 | 00,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2009/03/23 11:33:25 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll [2009/03/23 11:33:25 | 00,413,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll [2009/03/23 11:33:25 | 00,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll [2009/03/23 11:33:25 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll [2009/03/23 11:33:25 | 00,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2009/03/23 11:33:25 | 00,242,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll [2009/03/23 11:33:25 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2009/03/23 11:33:25 | 00,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll [2009/03/23 11:33:25 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrrun.dll [2009/03/23 11:33:25 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2009/03/23 11:33:25 | 00,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2009/03/23 11:33:25 | 00,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SCardSvr.dll [2009/03/23 11:33:25 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2009/03/23 11:33:23 | 00,779,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2009/03/23 11:33:23 | 00,323,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2009/03/23 11:33:23 | 00,041,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2009/03/23 11:33:22 | 01,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2009/03/23 11:33:22 | 00,869,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printui.dll [2009/03/23 11:33:22 | 00,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll [2009/03/23 11:33:22 | 00,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2009/03/23 11:33:22 | 00,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2009/03/23 11:33:22 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2009/03/23 11:33:22 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2009/03/23 11:33:22 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\photowiz.dll [2009/03/23 11:33:22 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2009/03/23 11:33:22 | 00,102,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2009/03/23 11:33:22 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll [2009/03/23 11:33:22 | 00,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2009/03/23 11:33:22 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2009/03/23 11:33:21 | 01,823,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2009/03/23 11:33:21 | 01,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2009/03/23 11:33:21 | 00,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2009/03/23 11:33:21 | 00,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2009/03/23 11:33:21 | 00,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll [2009/03/23 11:33:21 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2009/03/23 11:33:21 | 00,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll [2009/03/23 11:33:21 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2009/03/23 11:33:21 | 00,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2009/03/23 11:33:21 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2009/03/23 11:33:21 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2009/03/23 11:33:21 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2009/03/23 11:33:21 | 00,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll [2009/03/23 11:33:21 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll [2009/03/23 11:33:21 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2009/03/23 11:33:21 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll [2009/03/23 11:33:20 | 01,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll [2009/03/23 11:33:20 | 01,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2009/03/23 11:33:20 | 00,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll [2009/03/23 11:33:20 | 00,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2009/03/23 11:33:20 | 00,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2009/03/23 11:33:20 | 00,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2009/03/23 11:33:20 | 00,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2009/03/23 11:33:20 | 00,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2009/03/23 11:33:20 | 00,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2009/03/23 11:33:20 | 00,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2009/03/23 11:33:20 | 00,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2009/03/23 11:33:20 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2009/03/23 11:33:20 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2009/03/23 11:33:20 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2009/03/23 11:33:19 | 00,884,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2009/03/23 11:33:19 | 00,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2009/03/23 11:33:19 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2009/03/23 11:33:19 | 00,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll [2009/03/23 11:33:19 | 00,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2009/03/23 11:33:19 | 00,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll [2009/03/23 11:33:19 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2009/03/23 11:33:19 | 00,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2009/03/23 11:33:19 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2009/03/23 11:33:19 | 00,001,520 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2009/03/23 11:33:19 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2009/03/23 11:33:17 | 01,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2009/03/23 11:33:17 | 00,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll [2009/03/23 11:33:17 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2009/03/23 11:33:17 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe [2009/03/23 11:33:17 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll [2009/03/23 11:33:17 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll [2009/03/23 11:33:17 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2009/03/23 11:33:16 | 00,377,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2009/03/23 11:33:16 | 00,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll [2009/03/23 11:33:16 | 00,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2009/03/23 11:33:16 | 00,094,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll [2009/03/23 11:33:15 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll [2009/03/23 11:33:15 | 00,450,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll [2009/03/23 11:33:14 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2009/03/23 11:33:14 | 01,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll [2009/03/23 11:33:14 | 00,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll [2009/03/23 11:33:14 | 00,971,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll [2009/03/23 11:33:14 | 00,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll [2009/03/23 11:33:14 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2009/03/23 11:33:14 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll [2009/03/23 11:33:14 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll [2009/03/23 11:33:14 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptsvc.dll [2009/03/23 11:33:14 | 00,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2009/03/23 11:33:14 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/03/23 11:33:14 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2009/03/23 11:33:14 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2009/03/23 11:33:14 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll [2009/03/23 11:33:14 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll [2009/03/23 11:33:14 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2009/03/23 11:33:13 | 03,081,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2009/03/23 11:33:13 | 02,927,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\explorer.exe [2009/03/23 11:33:13 | 01,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll [2009/03/23 11:33:13 | 00,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2009/03/23 11:33:13 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2009/03/23 11:33:13 | 00,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\es.dll [2009/03/23 11:33:13 | 00,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2009/03/23 11:33:13 | 00,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2009/03/23 11:33:13 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\extmgr.dll [2009/03/23 11:33:13 | 00,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll [2009/03/23 11:33:13 | 00,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2009/03/23 11:33:13 | 00,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2009/03/23 11:33:13 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2009/03/23 11:33:13 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2009/03/23 11:33:13 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2009/03/23 11:33:13 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2009/03/23 11:33:12 | 01,122,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appwiz.cpl [2009/03/23 11:33:12 | 00,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2009/03/23 11:33:12 | 00,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2009/03/23 11:33:12 | 00,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2009/03/23 11:33:12 | 00,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2009/03/23 11:33:12 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2009/03/23 11:33:12 | 00,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2009/03/23 11:33:12 | 00,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2009/03/23 11:33:12 | 00,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll [2009/03/23 11:33:12 | 00,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2009/03/23 11:33:12 | 00,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2009/03/23 11:33:12 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asferror.dll [2009/03/23 11:33:11 | 02,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2009/03/23 11:33:11 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2009/03/23 11:33:11 | 01,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2009/03/23 11:33:11 | 00,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autochk.exe [2009/03/23 11:33:11 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll [2009/03/23 11:33:11 | 00,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AUDIOKSE.dll [2009/03/23 11:33:11 | 00,171,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll [2009/03/23 11:33:11 | 00,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgmts.dll [2009/03/23 11:33:11 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2009/03/23 11:33:11 | 00,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2009/03/23 11:33:11 | 00,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2009/03/23 11:33:11 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2009/03/23 11:33:10 | 01,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2009/03/23 11:33:10 | 01,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2009/03/23 11:33:10 | 00,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll [2009/03/23 11:33:10 | 00,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2009/03/23 11:33:10 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll [2009/03/23 11:33:10 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2009/03/23 11:33:10 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll [2009/03/23 11:33:09 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2009/03/23 11:33:09 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2009/03/23 11:33:09 | 00,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2009/03/23 11:33:09 | 00,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll [2009/03/23 11:33:09 | 00,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll [2009/03/23 11:33:09 | 00,275,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2009/03/23 11:33:09 | 00,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe [2009/03/23 11:33:09 | 00,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2009/03/23 11:33:09 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime [2009/03/23 11:33:09 | 00,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime [2009/03/23 11:33:09 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe [2009/03/23 11:33:09 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll [2009/03/23 11:33:08 | 01,324,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll [2009/03/23 11:33:08 | 01,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2009/03/23 11:33:08 | 00,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2009/03/23 11:33:08 | 00,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2009/03/23 11:33:08 | 00,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2009/03/23 11:33:08 | 00,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2009/03/23 11:33:08 | 00,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2009/03/23 11:33:08 | 00,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2009/03/23 11:33:08 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe [2009/03/23 11:33:07 | 01,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2009/03/23 11:33:07 | 00,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll [2009/03/23 11:33:07 | 00,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll [2009/03/23 11:33:07 | 00,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2009/03/23 11:33:07 | 00,095,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll [2009/03/23 11:33:07 | 00,035,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl [2009/03/23 11:33:06 | 00,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll [2009/03/23 11:33:06 | 00,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2009/03/23 11:33:06 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2009/03/23 11:33:06 | 00,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2009/03/23 11:33:06 | 00,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL [2009/03/23 11:33:06 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/03/23 11:33:06 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe [2009/03/23 11:33:05 | 00,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2009/03/23 11:33:05 | 00,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2009/03/23 11:33:05 | 00,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll [2009/03/23 11:33:05 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2009/03/23 11:33:05 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2009/03/23 11:33:05 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2009/03/23 11:33:04 | 02,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2009/03/23 11:33:04 | 01,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2009/03/23 11:33:04 | 01,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2009/03/23 11:33:04 | 00,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2009/03/23 11:33:03 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2009/03/23 11:33:02 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2009/03/23 11:33:02 | 00,857,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll [2009/03/23 11:33:02 | 00,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe [2009/03/23 11:33:02 | 00,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll [2009/03/23 11:33:02 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll [2009/03/23 11:33:02 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LAPRXY.DLL [2009/03/23 11:33:01 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls [2009/03/23 11:33:01 | 00,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2009/03/23 11:33:01 | 00,621,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2009/03/23 11:33:01 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2009/03/23 11:33:01 | 00,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2009/03/23 11:33:01 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2009/03/23 11:33:00 | 01,696,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2009/03/23 11:33:00 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll [2009/03/23 11:33:00 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2009/03/23 11:33:00 | 00,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2009/03/23 11:33:00 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2009/03/23 11:33:00 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2009/03/23 11:33:00 | 00,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2009/03/23 11:33:00 | 00,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2009/03/23 11:33:00 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2009/03/23 11:33:00 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2009/03/23 11:33:00 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2009/03/23 11:33:00 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.dll [2009/03/23 11:33:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpscript.exe [2009/03/23 11:33:00 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2009/03/23 11:33:00 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2009/03/23 11:33:00 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2009/03/23 11:32:59 | 02,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2009/03/23 11:32:59 | 00,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2009/03/23 11:32:59 | 00,398,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/03/23 11:32:59 | 00,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2009/03/23 11:32:59 | 00,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2009/03/23 11:32:59 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2009/03/23 11:32:59 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2009/03/23 11:32:59 | 00,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll [2009/03/23 11:32:59 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2009/03/23 11:32:58 | 06,081,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/03/23 11:32:58 | 00,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2009/03/23 11:32:58 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2009/03/23 11:32:58 | 00,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/03/23 11:32:58 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2009/03/23 11:32:55 | 00,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2009/03/23 11:32:55 | 00,377,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2009/03/23 11:32:54 | 00,619,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe [2009/03/23 11:32:54 | 00,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2009/03/23 11:32:54 | 00,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2009/03/23 11:32:54 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll [2009/03/23 11:32:54 | 00,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll [2009/03/23 11:32:54 | 00,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2009/03/23 11:32:54 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2009/03/23 11:32:54 | 00,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2009/03/23 11:32:54 | 00,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll [2009/03/23 11:32:54 | 00,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2009/03/23 11:32:54 | 00,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll [2009/03/23 11:32:54 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2009/03/23 11:32:54 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2009/03/23 11:32:54 | 00,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2009/03/23 11:32:54 | 00,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2009/03/23 11:32:54 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll [2009/03/23 11:32:54 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hidserv.dll [2009/03/23 11:32:54 | 00,009,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll [2009/03/23 11:32:53 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2009/03/23 11:32:53 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime [2009/03/23 11:32:53 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe [2009/03/23 11:32:53 | 00,035,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe [2009/03/23 11:32:52 | 00,615,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themeui.dll [2009/03/23 11:32:51 | 01,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2009/03/23 11:32:51 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2009/03/23 11:32:51 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll [2009/03/23 11:32:50 | 00,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe [2009/03/23 11:32:50 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2009/03/23 11:32:48 | 01,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2009/03/23 11:32:47 | 00,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2009/03/23 11:32:47 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\version.dll [2009/03/23 11:32:47 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsbyuv.dll [2009/03/23 11:32:45 | 00,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe [2009/03/23 11:32:45 | 00,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll [2009/03/23 11:32:45 | 00,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2009/03/23 11:32:44 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll [2009/03/23 11:32:38 | 00,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2009/03/23 11:32:37 | 01,167,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/03/23 11:32:37 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp [2009/03/23 11:32:36 | 00,100,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll [2009/03/23 11:32:35 | 01,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2009/03/23 11:32:34 | 00,648,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\user32.dll [2009/03/23 11:32:34 | 00,502,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll [2009/03/23 11:32:27 | 02,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2009/03/23 11:32:27 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2009/03/23 11:32:26 | 01,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2009/03/23 11:32:26 | 00,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2009/03/23 11:32:26 | 00,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll [2009/03/23 11:32:26 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2009/03/23 11:32:26 | 00,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll [2009/03/23 11:32:26 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/03/23 11:32:26 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll [2009/03/23 11:32:26 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009/03/23 11:32:24 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2009/03/23 11:32:24 | 00,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tapisrv.dll [2009/03/23 11:32:24 | 00,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2009/03/23 11:32:24 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe [2009/03/23 11:32:22 | 00,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2009/03/23 11:32:21 | 10,625,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll [2009/03/23 11:32:21 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2009/03/23 11:32:21 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2009/03/23 11:32:21 | 01,642,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll [2009/03/23 11:32:21 | 00,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2009/03/23 11:32:21 | 00,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2009/03/23 11:32:21 | 00,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL [2009/03/23 11:32:21 | 00,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2009/03/23 11:32:21 | 00,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2009/03/23 11:32:21 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2009/03/23 11:32:21 | 00,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll [2009/03/23 11:32:21 | 00,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2009/03/23 11:32:21 | 00,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll [2009/03/23 11:32:21 | 00,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll [2009/03/23 11:32:21 | 00,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2009/03/23 11:32:20 | 00,747,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmSvc.dll [2009/03/23 11:32:20 | 00,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2009/03/23 11:32:20 | 00,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll [2009/03/23 11:32:20 | 00,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2009/03/23 11:32:20 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll [2009/03/23 11:32:20 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL [2009/03/23 11:32:20 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll [2009/03/23 11:32:20 | 00,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2009/03/23 11:32:20 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx [2009/03/23 11:32:20 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshext.dll [2009/03/23 11:32:20 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshbth.dll [2009/03/23 11:32:20 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2009/03/23 11:32:19 | 02,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2009/03/23 11:32:19 | 01,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL [2009/03/23 11:32:19 | 01,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2009/03/23 11:32:19 | 01,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2009/03/23 11:32:19 | 00,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL [2009/03/23 11:32:19 | 00,535,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2009/03/23 11:32:19 | 00,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll [2009/03/23 11:32:19 | 00,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll [2009/03/23 11:32:19 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2009/03/23 11:32:19 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll [2009/03/23 11:32:19 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscript.exe [2009/03/23 11:32:19 | 00,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcsvc.dll [2009/03/23 11:32:19 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2009/03/23 11:32:19 | 00,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll [2009/03/23 11:32:18 | 01,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll [2009/03/23 11:32:18 | 01,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2009/03/23 11:32:18 | 00,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll [2009/03/23 11:32:18 | 00,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2009/03/23 11:32:18 | 00,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2009/03/23 11:32:18 | 00,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll [2009/03/23 11:32:18 | 00,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll [2009/03/23 11:32:18 | 00,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll [2009/03/23 11:32:18 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe [2009/03/23 11:32:18 | 00,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WebClnt.dll [2009/03/23 11:32:18 | 00,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv [2009/03/23 11:32:18 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe [2009/03/23 11:32:17 | 01,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll [2009/03/23 11:32:17 | 00,828,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/03/23 11:32:17 | 00,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcncsvc.dll [2009/03/23 11:32:17 | 00,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll [2009/03/23 11:32:17 | 00,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe [2009/03/23 11:32:17 | 00,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv [2009/03/23 11:32:17 | 00,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll [2009/03/23 11:32:17 | 00,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll [2009/03/23 11:32:17 | 00,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll [2009/03/23 11:32:16 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2009/03/23 11:32:16 | 00,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll [2009/03/23 11:32:16 | 00,347,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2009/03/23 11:32:16 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll [2009/03/23 11:32:14 | 00,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2009/03/23 11:32:14 | 00,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll [2009/03/23 11:32:14 | 00,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2009/03/23 11:32:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2009/03/23 11:32:13 | 01,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll [2009/03/23 11:32:13 | 00,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll [2009/03/23 11:32:13 | 00,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2009/03/23 11:32:13 | 00,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2009/03/23 11:32:13 | 00,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll [2009/03/23 11:32:13 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll [2009/03/23 11:32:13 | 00,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll [2009/03/23 11:32:13 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2009/03/23 11:32:13 | 00,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2009/03/23 11:32:13 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll [2009/03/23 11:32:13 | 00,008,280 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2009/03/23 11:32:12 | 11,584,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll [2009/03/23 11:32:12 | 01,591,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll [2009/03/23 11:32:12 | 00,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2009/03/23 11:32:12 | 00,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2009/03/23 11:32:12 | 00,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll [2009/03/23 11:32:12 | 00,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\zipfldr.dll [2009/03/23 11:32:12 | 00,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\services.exe [2009/03/23 11:32:12 | 00,247,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsvcs.dll [2009/03/23 11:32:12 | 00,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2009/03/23 11:32:12 | 00,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll [2009/03/23 11:32:12 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2009/03/23 11:32:12 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sendmail.dll [2009/03/23 11:32:11 | 01,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll [2009/03/23 11:32:09 | 00,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2009/03/23 11:32:09 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2009/03/23 11:32:09 | 00,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spp.dll [2009/03/23 11:32:09 | 00,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2009/03/23 11:32:09 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2009/03/23 11:32:09 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll [2009/03/23 11:32:09 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2009/03/23 10:49:17 | 00,162,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2009/03/23 10:49:17 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2009/03/22 19:12:37 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET [2009/03/22 19:05:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam [2009/03/22 19:04:00 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2009/03/22 19:00:04 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Google [2009/03/22 19:00:04 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\Google [2009/03/22 19:00:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Google [2009/03/22 18:53:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\add-u [2009/03/22 18:52:24 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Media Player Classic [2009/03/22 18:47:21 | 00,334,792 | ---- | C] (Alcohol Soft Development Team) -- C:\Windows\System32\_AxShlEx.dll [2009/03/22 18:34:09 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\uTorrent [2009/03/22 18:21:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2009/03/22 17:34:33 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2009/03/22 17:34:18 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2009/03/22 17:34:01 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2009/03/22 17:28:35 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2009/03/22 17:11:28 | 00,718,912 | ---- | C] (Resplendence Software Projects Sp. ) -- C:\Users\Public\Documents\whocrashedSetup.exe [2009/03/22 17:11:28 | 00,673,026 | ---- | C] () -- C:\Users\Public\Documents\Smartkey_Win.zip [2009/03/22 17:11:28 | 00,402,656 | ---- | C] () -- C:\Users\Public\Documents\NeroDiscSpeed_Fra.exe [2009/03/22 17:11:28 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\Smartkey_Win [2009/03/22 17:11:28 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\NeroDiscSpeed_Fra [2009/03/22 17:11:28 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2009/03/22 17:11:28 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\MANiveau PC [2009/03/22 17:11:28 | 00,000,000 | ---D | C] -- C:\Users\Public\Documents\BVRP Software [2009/03/22 17:11:27 | 06,718,399 | ---- | C] (Aimersoft Software ) -- C:\Users\Public\Documents\mkv-converter_full409_322667.exe [2009/03/22 17:11:27 | 03,545,088 | ---- | C] () -- C:\Users\Public\Documents\ir0462_x64.msi [2009/03/22 17:11:27 | 00,058,360 | ---- | C] () -- C:\Users\Public\Documents\ImportExportTools-1.6.xpi [2009/03/22 17:11:27 | 00,010,110 | ---- | C] () -- C:\Users\Public\Documents\free eve.docx [2009/03/22 17:11:27 | 00,001,406 | ---- | C] () -- C:\Users\Public\Documents\icon-3.ico [2009/03/22 17:11:27 | 00,001,406 | ---- | C] () -- C:\Users\Public\Documents\icon-2.ico [2009/03/22 17:11:27 | 00,001,078 | ---- | C] () -- C:\Users\Public\Documents\icon-1.ico [2009/03/22 17:11:27 | 00,001,078 | ---- | C] () -- C:\Users\Public\Documents\icon-0.ico [2009/03/22 17:11:26 | 17,360,896 | ---- | C] () -- C:\Users\Public\Documents\eav_nod64-v3_enu.msi [2009/03/22 17:11:26 | 00,833,539 | ---- | C] (Resplendence Software Projects Sp. ) -- C:\Users\Public\Documents\antiFreezeSetup.exe [2009/03/22 17:11:26 | 00,130,536 | ---- | C] () -- C:\Users\Public\Documents\attachment_extractor-0.9.1.1-tb.xpi [2009/03/22 17:04:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Mes pockets [2009/03/22 17:04:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Mes numérisations [2009/03/22 17:04:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Mes fichiers reçus [2009/03/22 17:04:36 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Mes docs [2009/03/22 17:03:11 | 00,013,824 | ---- | C] () -- C:\Users\Total Rigole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/22 17:03:03 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Ma carte avec tomtom 7 ok [2009/03/22 17:02:58 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Ma carte avec navigon [2009/03/22 17:02:22 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Ma carte avec igo8 et les radars europe tout ok 2° [2009/03/22 17:01:43 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Ma carte avec igo8 et les radars europe tout OK [2009/03/22 17:01:43 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Keytchup dossier [2009/03/22 17:01:42 | 00,000,000 | R--D | C] -- C:\Users\Total Rigole\Documents\Fichiers LifeCam [2009/03/22 17:01:42 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Free Eve_fichiers [2009/03/22 17:01:42 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Fax [2009/03/22 17:01:42 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Dossier Bluetooth Exchange [2009/03/22 17:01:42 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Documents sur Smartphone de Total Rigole [2009/03/22 17:01:34 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Documents sur HTC_X7510 de Total Rigole [2009/03/22 17:01:34 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Documents sur Assistant personnel de Total Rigole [2009/03/22 17:01:30 | 00,000,000 | R--D | C] -- C:\Users\Total Rigole\Documents\Scanned Documents [2009/03/22 17:01:30 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Documents sur Assistant personnel de Total Recall 1 [2009/03/22 17:01:30 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Desistement vehicule succession [2009/03/22 17:01:30 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Config [2009/03/22 17:01:29 | 00,590,336 | ---- | C] () -- C:\Users\Total Rigole\Documents\Synthese vocale.pub [2009/03/22 17:01:29 | 00,205,967 | ---- | C] () -- C:\Users\Total Rigole\Documents\Poser une toiture plastique.pdf [2009/03/22 17:01:29 | 00,118,784 | ---- | C] () -- C:\Users\Total Rigole\Documents\homme.pub [2009/03/22 17:01:29 | 00,095,232 | ---- | C] () -- C:\Users\Total Rigole\Documents\Dessin Douchette grohe.pub [2009/03/22 17:01:29 | 00,092,096 | ---- | C] () -- C:\Users\Total Rigole\Documents\bookmark.htm [2009/03/22 17:01:29 | 00,024,423 | ---- | C] () -- C:\Users\Total Rigole\Documents\Objet Transformation des comptes.htm [2009/03/22 17:01:29 | 00,013,193 | ---- | C] () -- C:\Users\Total Rigole\Documents\Liste CC.xlsx [2009/03/22 17:01:29 | 00,001,790 | ---- | C] () -- C:\Users\Total Rigole\Documents\justif.html [2009/03/22 17:01:29 | 00,000,775 | ---- | C] () -- C:\Users\Total Rigole\Documents\Mes dossiers de partage.lnk [2009/03/22 17:01:29 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Objet Transformation des_fichiers [2009/03/22 17:01:29 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\Annie [2009/03/22 17:01:28 | 00,000,000 | R--D | C] -- C:\Users\Total Rigole\Documents\Notes [2009/03/22 17:01:28 | 00,000,000 | R--D | C] -- C:\Users\Total Rigole\Documents\My Stationery [2009/03/22 17:01:27 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\My Mobile Device Backups [2009/03/22 17:01:25 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\My Mobile Backups [2009/03/22 17:00:33 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\My ISO Files [2009/03/22 17:00:33 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\Documents\My DVDs [2009/03/22 16:59:13 | 01,510,560 | ---- | C] () -- C:\Users\Total Rigole\Desktop\POIUpdates.upd [2009/03/22 16:59:13 | 00,244,907 | ---- | C] () -- C:\Users\Total Rigole\Desktop\SpeedcamUpdates.spud [2009/03/22 16:59:13 | 00,000,861 | ---- | C] () -- C:\Users\Total Rigole\Desktop\Documents sur Assistant personnel de Total Recall 1.LNK [2009/03/22 16:59:13 | 00,000,777 | ---- | C] () -- C:\Users\Total Rigole\Desktop\Documents sur HTC_X7510 de Total Rigole.LNK [2009/03/22 16:57:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Acronis [2009/03/22 15:20:43 | 00,001,066 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk [2009/03/22 15:20:42 | 01,622,016 | ---- | C] (NVIDIA) -- C:\Windows\NVBenchMarks.dll [2009/03/22 15:20:42 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\MFC71.dll [2009/03/22 15:20:42 | 00,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcp71.dll [2009/03/22 15:20:42 | 00,421,888 | ---- | C] (NVIDIA) -- C:\Windows\nvsulib.dll [2009/03/22 15:20:42 | 00,380,928 | ---- | C] (NVIDIA) -- C:\Windows\ntuneoem.dll [2009/03/22 15:20:42 | 00,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\msvcr71.dll [2009/03/22 15:20:42 | 00,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [2009/03/22 15:20:42 | 00,045,056 | ---- | C] (NVIDIA) -- C:\Windows\NTuneGpu.dll [2009/03/22 15:20:42 | 00,028,672 | ---- | C] (NVIDIA) -- C:\Windows\AutoTuneScript.dll [2009/03/22 15:20:42 | 00,018,216 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclk64.sys [2009/03/22 15:20:42 | 00,006,912 | ---- | C] (NVidia Corp.) -- C:\Windows\nvoclock.sys [2009/03/22 15:17:11 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Macromedia [2009/03/22 14:40:46 | 00,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2009/03/22 14:40:26 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\HP [2009/03/22 14:40:26 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\HP [2009/03/22 14:39:44 | 00,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2009/03/22 14:37:51 | 00,002,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009/03/22 14:37:33 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2009/03/22 14:37:29 | 00,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2009/03/22 14:37:15 | 00,000,000 | ---D | C] -- C:\Windows\System32\spool [2009/03/22 14:37:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard [2009/03/22 14:37:02 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2009/03/22 14:36:36 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2009/03/22 14:36:12 | 00,233,472 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\System32\hpzc35ha.dll [2009/03/22 14:35:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2009/03/22 14:35:29 | 00,185,347 | ---- | C] () -- C:\Windows\hpoins21.dat [2009/03/22 14:35:29 | 00,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat [2009/03/22 14:34:44 | 00,000,000 | ---D | C] -- C:\ProgramData\HP [2009/03/22 14:31:55 | 00,000,432 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{5B5CE806-D1B4-42D4-9B1C-180E06F5A6FC}.job [2009/03/22 14:22:59 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Logitech [2009/03/22 14:18:38 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2009/03/22 14:17:24 | 00,001,695 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/03/22 14:17:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Logitech [2009/03/22 14:12:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\MSI [2009/03/22 14:11:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2009/03/22 14:11:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2009/03/22 14:11:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2009/03/22 14:10:55 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2009/03/22 14:10:55 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2009/03/22 14:07:01 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\Microsoft Help [2009/03/22 14:06:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2009/03/22 14:06:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2009/03/22 14:06:39 | 00,000,000 | RH-D | C] -- C:\MSOCache [2009/03/22 13:58:48 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2009/03/22 13:57:13 | 00,000,000 | ---D | C] -- C:\Windows\System32\AGEIA [2009/03/22 13:57:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2009/03/22 13:56:48 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2009/03/22 13:50:55 | 00,000,000 | -HSD | C] -- C:\Windows\Installer [2009/03/22 13:50:30 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\WinRAR [2009/03/22 11:03:53 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\InstallShield [2009/03/22 11:03:45 | 00,000,553 | R--- | C] () -- C:\Windows\USetup.iss [2009/03/22 11:03:34 | 00,128,512 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE [2009/03/22 11:03:31 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2009/03/22 11:03:14 | 00,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2009/03/22 11:03:07 | 05,684,736 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe [2009/03/22 11:03:07 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2009/03/22 10:59:16 | 00,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2009/03/22 10:59:12 | 00,000,000 | ---D | C] -- C:\RaidTool [2009/03/22 10:58:57 | 00,000,000 | ---D | C] -- C:\Windows\RaidTool [2009/03/22 10:58:19 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2009/03/22 10:53:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Add [2009/03/22 10:33:09 | 00,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2009/03/22 10:33:09 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2009/03/22 10:33:01 | 00,000,000 | ---D | C] -- C:\Intel [2009/03/22 10:28:15 | 00,171,136 | RHS- | C] () -- C:\grldr [2009/03/22 10:17:14 | 00,099,880 | ---- | C] () -- C:\Users\Total Rigole\AppData\Local\GDIPFONTCACHEV1.DAT [2009/03/22 10:17:07 | 00,000,402 | -HS- | C] () -- C:\Users\Total Rigole\Documents\desktop.ini [2009/03/22 10:17:07 | 00,000,282 | -HS- | C] () -- C:\Users\Total Rigole\Desktop\desktop.ini [2009/03/22 10:17:07 | 00,000,174 | -HS- | C] () -- C:\Users\Total Rigole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [2009/03/22 10:16:58 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Identities [2009/03/22 10:16:56 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\VirtualStore [2009/03/22 10:16:52 | 00,000,732 | ---- | C] () -- C:\Users\Total Rigole\AppData\Local\d3d9caps64.dat [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\Documents\Mes vidéos [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\Documents\Mes images [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\Documents\Ma musique [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\AppData\Local\Temporary Internet Files [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\AppData\Local\Historique [2009/03/22 10:16:51 | 00,000,000 | -HSD | C] -- C:\Users\Total Rigole\AppData\Local\Application Data [2009/03/22 10:16:50 | 00,000,000 | --SD | C] -- C:\Users\Total Rigole\AppData\Roaming\Microsoft [2009/03/22 10:16:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Roaming\Media Center Programs [2009/03/22 10:16:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\Temp [2009/03/22 10:16:50 | 00,000,000 | ---D | C] -- C:\Users\Total Rigole\AppData\Local\Microsoft [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\ProgramData\Modèles [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoris [2009/03/22 10:13:58 | 00,000,000 | -HSD | C] -- C:\ProgramData\Bureau [2009/03/22 10:13:32 | 00,000,000 | ---D | C] -- C:\Windows\Debug [2009/03/22 09:39:26 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2009/03/22 09:37:18 | 00,000,000 | ---D | C] -- C:\Windows\CSC [2009/03/22 09:35:36 | 00,000,000 | ---D | C] -- C:\Windows\Prefetch [2009/03/22 09:35:10 | 00,000,000 | -HSD | C] -- C:\System Volume Information [2009/03/22 09:34:21 | 00,000,000 | ---D | C] -- C:\Windows\Panther [2009/03/22 09:34:07 | 00,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2009/03/22 09:34:05 | 00,333,077 | RHS- | C] () -- C:\bootmgr [2009/03/22 09:34:05 | 00,000,000 | -HSD | C] -- C:\Boot ========== Files - Modified Within 30 Days ========== [1 C:\Windows\System32\*.tmp files] [2009/03/27 18:00:00 | 00,000,546 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job [2009/03/27 17:14:23 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/03/27 17:14:21 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/03/27 17:14:19 | 42,940,86656 | -HS- | M] () -- C:\hiberfil.sys [2009/03/27 17:12:58 | 03,034,953 | -H-- | M] () -- C:\Users\Total Rigole\AppData\Local\IconCache.db [2009/03/27 10:00:52 | 00,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/03/27 09:59:35 | 00,001,847 | ---- | M] () -- C:\Users\Total Rigole\Desktop\CCleaner.lnk [2009/03/27 08:55:03 | 00,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5B5CE806-D1B4-42D4-9B1C-180E06F5A6FC}.job [2009/03/26 16:49:56 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/03/26 16:49:50 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/03/25 15:05:01 | 00,000,536 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/03/25 14:44:30 | 00,002,630 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2009/03/25 11:48:09 | 00,013,824 | ---- | M] () -- C:\Users\Total Rigole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\System32\drivers\clipsrv.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\System\sessmgr.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\System\mqtgsvc.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\sessmgr.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\rsvp.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Windows\ieudinit.exe [2009/03/24 09:42:31 | 00,086,016 | ---- | M] () -- C:\Users\Total Rigole\AppData\Local\dllhst3g.exe [2009/03/24 09:18:27 | 00,000,010 | -H-- | M] () -- C:\xrjmns.tce [2009/03/23 18:33:27 | 00,099,880 | ---- | M] () -- C:\Users\Total Rigole\AppData\Local\GDIPFONTCACHEV1.DAT [2009/03/23 17:43:47 | 00,012,499 | ---- | M] () -- C:\Windows\System32\Seagate.bin [2009/03/23 15:10:56 | 00,003,120 | ---- | M] () -- C:\Windows\System32\ALLFSAF6a.ocx [2009/03/23 15:07:02 | 01,526,844 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/03/22 15:20:43 | 00,001,066 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DualCoreCenter.lnk [2009/03/22 14:40:55 | 00,185,347 | ---- | M] () -- C:\Windows\hpoins21.dat [2009/03/22 14:40:18 | 00,000,179 | ---- | M] () -- C:\Windows\win.ini [2009/03/22 14:37:51 | 00,002,011 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009/03/22 14:17:24 | 00,001,695 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2009/03/22 13:53:55 | 00,000,732 | ---- | M] () -- C:\Users\Total Rigole\AppData\Local\d3d9caps64.dat [2009/03/22 11:03:15 | 00,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2009/03/22 10:42:53 | 00,171,136 | RHS- | M] () -- C:\grldr [2009/03/22 10:17:09 | 00,000,402 | -HS- | M] () -- C:\Users\Total Rigole\Documents\desktop.ini [2009/03/22 10:17:09 | 00,000,282 | -HS- | M] () -- C:\Users\Total Rigole\Desktop\desktop.ini [2009/03/22 10:17:09 | 00,000,174 | -HS- | M] () -- C:\Users\Total Rigole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [2009/03/22 09:34:07 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2009/03/13 09:26:22 | 00,095,232 | ---- | M] () -- C:\Users\Total Rigole\Documents\Dessin Douchette grohe.pub < End of report >

J'ai supprimé C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\ieudinit.exe F3 - REG:win.ini: load=C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\ieudinit.exe O4 - HKLM\..\Policies\Explorer\Run: [MqtgSVC] C:\Windows\System\mqtgsvc.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [sessMgr] C:\Windows\System\sessmgr.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [Esent Utl] C:\Windows\System\esentutl.exe /waitservice

J'ai fait et apres un nouveau Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:08:01, on 27/03/2009 Platform: Windows Vista SP2, v.286 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.16670) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\ieudinit.exe C:\Program Files (x86)\MSI\DualCoreCenter\DualCoreCenter.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbam.exe C:\Users\TOTALR~1\AppData\Local\Temp\~temp\hmunmlcn88\svchost.exe E:\Outil Jack\jackoutil\Jackoutil 2.02.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [LiveMonitor] "C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe" O4 - HKLM\..\Run: [DelReg] "C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Add-U\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\Users\TOTALR~1\AppData\Roaming\MICROS~1\dllhst3g.exe /waitservice O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System32\drivers\clipsrv.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System32\drivers\clipsrv.exe /waitservice (User 'Default user') O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files (x86)\MSI\DualCoreCenter\StartUpDualCoreCenter.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing) O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10721 bytes

Merci pour la reponse rapide J'ai desactive Ad-Aware "ad watch live" J'ai desactivé Nod32 j'ai lancé MalwareBytes voici le log Malwarebytes' Anti-Malware 1.35 Version de la base de données: 1905 Windows 6.0.6002 Service Pack 2, v.286 27/03/2009 17:00:53 mbam-log-2009-03-27 (17-00-53).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 188075 Temps écoulé: 18 minute(s), 27 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Bonjour windows live mail est infecté par un virus "fota haha" et des messages sont envoyés à chaque connexion. Je suis sous vista 64 bits et MSNFix ne fonctionne pas. J'ai essayé differentes solutions sans succès. Je joins le dernier rapport hijackThis en esperant une solution. Pour l'instant j'ai oté mon mot de passe pour eviter les connexions et propagation. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:45:01, on 27/03/2009 Platform: Windows Vista SP2, v.286 (WinNT 6.00.1906) MSIE: Internet Explorer v7.00 (7.00.6002.16670) Boot mode: Normal Running processes: C:\Windows\vVX1000.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\ieudinit.exe C:\Program Files (x86)\MSI\DualCoreCenter\DualCoreCenter.exe C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe E:\Outil Jack\jackoutil\Jackoutil 2.02.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file) F3 - REG:win.ini: load=C:\Users\TOTALR~1\LOCALS~1\APPLIC~1\ieudinit.exe O1 - Hosts: ::1 localhost O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [LiveMonitor] "C:\Program Files (x86)\MSI\Live Update 3\LMonitor.exe" O4 - HKLM\..\Run: [DelReg] "C:\Program Files (x86)\MSI\DualCoreCenter\DelReg.exe" O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKLM\..\Policies\Explorer\Run: [MqtgSVC] C:\Windows\System\mqtgsvc.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [sessMgr] C:\Windows\System\sessmgr.exe /waitservice O4 - HKLM\..\Policies\Explorer\Run: [Esent Utl] C:\Windows\System\esentutl.exe /waitservice O4 - HKCU\..\Policies\Explorer\Run: [DllHst] C:\Users\TOTALR~1\AppData\Roaming\MICROS~1\dllhst3g.exe /waitservice O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System32\drivers\clipsrv.exe /waitservice (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System32\drivers\clipsrv.exe /waitservice (User 'Default user') O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files (x86)\MSI\DualCoreCenter\StartUpDualCoreCenter.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\add-u\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Add\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing) O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10653 bytes