nikigabal
-
Compteur de contenus
292 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par nikigabal
-
[Résolu] Mon PC est infecté par un virus informatique ou un malware
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2699 Windows 5.1.2600 Service Pack 3 31/10/2009 22:24:44 mbam-log-2009-10-31 (22-24-44).txt Type de recherche: Examen rapide Eléments examinés: 105471 Temps écoulé: 15 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
[Résolu] Mon PC est infecté par un virus informatique ou un malware
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
bonjour, Aujourd'hui ça a marché. voici ce qui s'est affiché. Logfile of random's system information tool 1.06 (written by random/random) Run by windows at 2009-10-31 10:10:13 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 48 GB (20%) free of 238 GB Total RAM: 1023 MB (56% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:10:33, on 31/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Search Guard PlusU\sgpUpdaters.exe C:\Program Files\Search Guard Plus\SearchGuardPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\windows\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Documents and Settings\windows\Bureau\windows.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [E06FXLRD_9269343] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab) (pr2aluab) - Koch Media - C:\WINDOWS\system32\pr2aluab.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9904 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-29 263280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-10-29 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}] UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll [2009-05-04 398784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-16 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-16 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2009-06-17 1858496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}] Search Assistant - C:\Program Files\SGPSA\BHO.dll [2009-10-13 287232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2009-05-04 529856] {147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-29 263280] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-13 14679552] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-16 148888] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "NPSStartup"= [] "SGPUpdater"=C:\Program Files\Search Guard PlusU\sgpUpdaters.exe [2009-05-15 67456] "FBSearch"=C:\Program Files\Search Guard Plus\SearchGuardPlus.exe [2009-05-04 194432] "Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-27 122880] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-09-03 3342336] "E06FXLRD_9269343"=C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE [2005-06-04 301776] "AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-27 39408] "AdobeUpdater"=C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] C:\Documents and Settings\windows\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\bandoo\bndhook.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza" "C:\CreativesFiles\Shareaza.exe"="C:\CreativesFiles\Shareaza.exe:*:Enabled:Shareaza" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE" "C:\Documents and Settings\windows\Bureau\freezer.exe"="C:\Documents and Settings\windows\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager" "C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server" "C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-10-30 18:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-10-30 13:27:06 ----A---- C:\WINDOWS\system32\muweb.dll 2009-10-30 13:27:06 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-10-30 13:27:06 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-10-29 22:24:11 ----D---- C:\Program Files\Microsoft Silverlight 2009-10-29 22:23:14 ----D---- C:\Program Files\Microsoft Sync Framework 2009-10-29 22:22:21 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-10-29 22:21:27 ----D---- C:\Program Files\Microsoft 2009-10-29 22:21:10 ----D---- C:\Program Files\Windows Live SkyDrive 2009-10-29 22:20:46 ----D---- C:\Program Files\Windows Live 2009-10-29 22:08:00 ----D---- C:\Program Files\Fichiers communs\Windows Live 2009-10-29 21:44:50 ----D---- C:\Program Files\Adobe 2009-10-29 15:39:44 ----D---- C:\WINDOWS\Downloaded Installations 2009-10-27 18:52:13 ----D---- C:\Documents and Settings\All Users\Application Data\Google 2009-10-27 18:43:37 ----D---- C:\Program Files\Search Guard PlusU 2009-10-27 18:43:37 ----D---- C:\Program Files\Search Guard Plus 2009-10-27 18:43:36 ----D---- C:\Program Files\SGPSA 2009-10-20 18:12:29 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-10-15 19:14:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$ 2009-10-15 19:14:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2009-10-15 19:14:03 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2009-10-15 19:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2009-10-15 19:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2009-10-15 19:13:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2009-10-15 19:13:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2009-10-15 19:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$ 2009-10-15 19:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$ 2009-10-15 19:12:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2009-10-12 19:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-10-08 20:51:35 ----D---- C:\users 2009-10-04 15:09:23 ----D---- C:\Documents and Settings\All Users\Application Data\171D4 2009-10-04 15:07:56 ----A---- C:\WINDOWS\NAVIGMA.INI ======List of files/folders modified in the last 1 months====== 2009-10-31 10:10:18 ----D---- C:\WINDOWS\Prefetch 2009-10-31 10:04:51 ----D---- C:\WINDOWS\Temp 2009-10-31 10:03:23 ----D---- C:\WINDOWS\system32\Lang 2009-10-31 10:03:18 ----D---- C:\WINDOWS\system32\CatRoot2 2009-10-31 08:10:26 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-10-30 22:16:32 ----D---- C:\WINDOWS 2009-10-30 18:43:37 ----SHD---- C:\WINDOWS\Installer 2009-10-30 18:43:19 ----HD---- C:\WINDOWS\inf 2009-10-30 18:43:17 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-10-30 18:43:16 ----D---- C:\WINDOWS\system32 2009-10-30 18:42:49 ----D---- C:\WINDOWS\WinSxS 2009-10-30 16:12:20 ----D---- C:\Documents and Settings\windows\Application Data\uTorrent 2009-10-30 14:56:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-10-30 14:22:01 ----HD---- C:\WINDOWS\$hf_mig$ 2009-10-29 22:50:58 ----D---- C:\WINDOWS\Microsoft.NET 2009-10-29 22:50:28 ----RSD---- C:\WINDOWS\assembly 2009-10-29 22:26:44 ----SD---- C:\Documents and Settings\windows\Application Data\Microsoft 2009-10-29 22:24:11 ----RD---- C:\Program Files 2009-10-29 22:23:56 ----D---- C:\WINDOWS\system32\drivers 2009-10-29 22:23:50 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-10-29 22:23:05 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-10-29 22:22:31 ----D---- C:\WINDOWS\system32\DirectX 2009-10-29 22:21:15 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared 2009-10-29 22:20:53 ----RSD---- C:\WINDOWS\Fonts 2009-10-29 22:08:00 ----D---- C:\Program Files\Fichiers communs 2009-10-29 21:45:12 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-10-29 21:45:05 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-10-29 21:39:13 ----D---- C:\Program Files\Messenger 2009-10-29 18:46:16 ----D---- C:\Program Files\Mozilla Firefox 2009-10-27 18:53:13 ----D---- C:\Program Files\Google 2009-10-24 23:11:16 ----D---- C:\WINDOWS\Help 2009-10-24 07:51:41 ----A---- C:\WINDOWS\LEXSTAT.INI 2009-10-15 19:14:25 ----A---- C:\WINDOWS\imsins.BAK 2009-10-02 19:01:57 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-29 1241088] R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS [] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-13 3851264] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-03-26 45568] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 a2yvrddu;a2yvrddu; C:\WINDOWS\system32\drivers\a2yvrddu.sys [] S3 catchme;catchme; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\catchme.sys [] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\mc23.tmp [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-29 376832] R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2009-06-17 1513920] R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-16 152984] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104] R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S2 pr2aluab;Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab); C:\WINDOWS\system32\pr2aluab.exe [2007-09-12 411032] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-27 182768] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040] S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- et encore..... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:13:25, on 31/10/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Search Guard PlusU\sgpUpdaters.exe C:\Program Files\Search Guard Plus\SearchGuardPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\windows\Bureau\windows.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sGPUpdater] C:\Program Files\Search Guard PlusU\sgpUpdaters.exe O4 - HKLM\..\Run: [FBSearch] C:\Program Files\Search Guard Plus\SearchGuardPlus.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [E06FXLRD_9269343] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_674125AABFE11C21.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab) (pr2aluab) - Koch Media - C:\WINDOWS\system32\pr2aluab.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 9814 bytes -
[Résolu] Mon PC est infecté par un virus informatique ou un malware
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Mince je dois partir. Je me reconnecte en rentrant pour essayer de régler ce pb. Merci encore de m'aider. A tout à l'heure... -
[Résolu] Mon PC est infecté par un virus informatique ou un malware
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Oui je clique sur le lien je met enregistrer sur le bureau aprés il me demande executer et une fentre me dit que ce n'est pas valide -
[Résolu] Mon PC est infecté par un virus informatique ou un malware
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Impossible de télécharger Random. Il en prend que la moitié dc du coup ça marche pas -
Bonsoir, J'ai encore attrapé un virus j'en ai marre grrrrrrrrrrrr. Avira m'a détecté un logiciel ou virus malveillant et voici le rapport. Merci de me dire comment faire. Avira AntiVir Personal Date de création du fichier de rapport : vendredi 30 octobre 2009 12:00 La recherche porte sur 1831685 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : PRO-CA7E3505773 Informations de version : BUILD.DAT : 9.0.0.70 18071 Bytes 25/09/2009 12:03:00 AVSCAN.EXE : 9.0.3.7 466689 Bytes 21/07/2009 12:35:43 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 08:21:42 ANTIVIR2.VDF : 7.1.6.112 4833792 Bytes 15/10/2009 18:54:37 ANTIVIR3.VDF : 7.1.6.157 440832 Bytes 28/10/2009 10:09:37 Version du moteur : 8.2.1.44 AEVDF.DLL : 8.1.1.2 106867 Bytes 16/09/2009 09:51:18 AESCRIPT.DLL : 8.1.2.40 487804 Bytes 22/10/2009 19:54:08 AESCN.DLL : 8.1.2.5 127346 Bytes 04/09/2009 17:48:06 AERDL.DLL : 8.1.3.2 479604 Bytes 03/10/2009 19:13:55 AEPACK.DLL : 8.2.0.2 422263 Bytes 22/10/2009 19:54:03 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39 AEHEUR.DLL : 8.1.0.167 2011511 Bytes 08/10/2009 19:49:43 AEHELP.DLL : 8.1.7.0 237940 Bytes 04/09/2009 17:48:05 AEGEN.DLL : 8.1.1.68 364918 Bytes 20/10/2009 19:52:56 AEEMU.DLL : 8.1.1.0 393587 Bytes 03/10/2009 19:04:14 AECORE.DLL : 8.1.8.1 184693 Bytes 16/09/2009 09:51:16 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.3.0 44289 Bytes 26/09/2009 16:38:49 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Disques durs locaux Fichier de configuration......................: C:\Program Files\Avira\AntiVir Desktop\alldiscs.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: arrêt Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Sélection de fichiers intelligente Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : vendredi 30 octobre 2009 12:00 La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'sstext3d.scr' - '1' module(s) sont contrôlés Processus de recherche 'wlcomm.exe' - '1' module(s) sont contrôlés Processus de recherche 'msnmsgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'BndCore.exe' - '1' module(s) sont contrôlés Processus de recherche 'SeaPort.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'uTorrent.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés Processus de recherche 'NMIndexStoreSvr.exe' - '1' module(s) sont contrôlés Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés Processus de recherche 'NPSAgent.exe' - '1' module(s) sont contrôlés Processus de recherche 'EDICT.EXE' - '1' module(s) sont contrôlés Processus de recherche 'Core.exe' - '1' module(s) sont contrôlés Processus de recherche 'daemon.exe' - '1' module(s) sont contrôlés Processus de recherche 'SuperCopier2.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'SearchGuardPlus.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'RTHDCPL.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMIndexingService.exe' - '1' module(s) sont contrôlés Processus de recherche 'Bandoo.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'PSIService.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'FsUsbExService.Exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '50' processus ont été contrôlés avec '50' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '50' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP153\A0025918.exe [0] Type d'archive: NSIS --> ProgramFilesDir/Smrt-Shpr.dll [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/SmartShoper --> ProgramFilesDir/[TempDir]/Smrt-Shpr.dll [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/SmartShoper C:\WINDOWS\system32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Début de la désinfection : C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP153\A0025918.exe [AVERTISSEMENT] Fichier ignoré. Fin de la recherche : vendredi 30 octobre 2009 13:12 Temps nécessaire: 50:53 Minute(s) La recherche a été effectuée intégralement 8994 Les répertoires ont été contrôlés 458529 Des fichiers ont été contrôlés 2 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 458525 Fichiers non infectés 4185 Les archives ont été contrôlées 3 Avertissements 1 Consignes
-
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
ok merci. Comme tu me dis que c'est longb et comme je vais partir je m'occupe de ça ce soir ou demain et te tiens au courant. -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Un peu lent par rapport à d'habitude et avira m'averti encore de virus .. -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Bonjour, Désolé, je n'ai pas eu le temps avant aujourd'hui de m'occuper de l'ordi. Voici le rapport HijackThis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:14:39, on 01/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\windows\Bureau\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.shareazaweb.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [E06FXLRD_9269343] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab) (pr2aluab) - Koch Media - C:\WINDOWS\system32\pr2aluab.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 8283 bytes -
Merci. Je vais voir ça.
-
Bonjour, J'ai acheté une clé usb. Lorsque je la branche sur l'ordi un message me dit "nouveau matériél détecté" et immédiatement aprés périphérique non reconnu. Comment dois je faire ? De plus lorsque je branche la clé la souris ne fonctionne plus je dois la débrancher puis la rebrancher. Merci
-
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2699 Windows 5.1.2600 Service Pack 3 26/08/2009 18:26:35 mbam-log-2009-08-26 (18-26-35).txt Type de recherche: Examen rapide Eléments examinés: 102487 Temps écoulé: 16 minute(s), 19 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Salut, Dsl hier soir n'ayant pas de réponse je suis allée me coucher mdr... J'ai donc relancer loolbar voici le rapport : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Default System BIOS USER : windows ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:232 Go (Free:98 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) K:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [2] ( 26/08/2009|14:44 ) -----------\\ SUPPRESSION Supprime! - [service] ASKService Supprime! - [service] ASKUpgrade Supprime! - C:\Program Files\AskBarDis\bar Supprime! - C:\Program Files\AskBarDis\unins000.dat Supprime! - C:\Program Files\AskBarDis\unins000.exe Supprime! - C:\Program Files\AskBarDis -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ Extensions (windows) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (windows) - {f592709f-ff4a-4862-b659-4afabda56312} => mininova -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Bar"="http://search.shareazaweb.com/sidebar.html?src=ssb" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.msn.com/" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\windows\Bureau\anciennes donn‚es\WINDOWS\Application Data\IM\Identities\{FDEE4642-52F4-11DA-951E-444553540000}\Message Store\Attachments\keygen.exe C:\DOCUME~1\windows\Bureau\anciennes donn‚es\WINDOWS\Application Data\IM\Identities\{FDEE4642-52F4-11DA-951E-444553540000}\Message Store\Attachments\{72177870-3E78-11DB-951E-B5959D785C32}\keygen.exe C:\DOCUME~1\windows\Recent\The.Sims.3.Crack.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 25/08/2009|21:41 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 26/08/2009|14:48 - Option : [2] -----------\\ Fin du rapport a 14:48:48,71 -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Fix Navipromo version 4.0.1 commencé le 25/08/2009 21:51:03,23 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 18.07.2009 à 11h00 par IL-MAFIOSO Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Default System BIOS USER : windows ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:232 Go (Free:91 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) K:\ (CD or DVD) Recherche executée en mode normal Nettoyage exécuté au redémarrage de l'ordinateur C:\WINDOWS\prefetch\wijzc*.pf supprimé ! C:\Documents and Settings\windows\locals~1\applic~1\wijzc.exe supprimé ! C:\Documents and Settings\windows\locals~1\applic~1\wijzc.dat supprimé ! C:\Documents and Settings\windows\locals~1\applic~1\wijzc_nav.dat supprimé ! C:\Documents and Settings\windows\locals~1\applic~1\wijzc_navps.dat supprimé ! Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\windows\locals~1\Temp effectué ! *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Scan terminé 25/08/2009 22:19:50,34 *** -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Le scan s'est lancé. Je comprends pas j'ai essayé de téléchargé les sims 3 et comme ça faisait que bugué j'avais tout enlevé.. -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
-----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.00GHz ) BIOS : Default System BIOS USER : windows ( Administrator ) BOOT : Normal boot Antivirus : AntiVir Desktop 9.0.1.32 (Activated) C:\ (Local Disk) - NTFS - Total:232 Go (Free:79 Go) D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go) E:\ (USB) F:\ (USB) G:\ (USB) H:\ (USB) I:\ (USB) K:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( 25/08/2009|21:37 ) -----------\\ Recherche de Fichiers / Dossiers ... [service] ASKService [service] ASKUpgrade C:\Program Files\AskBarDis C:\Program Files\AskBarDis\bar C:\Program Files\AskBarDis\unins000.dat C:\Program Files\AskBarDis\unins000.exe C:\Program Files\AskBarDis\bar\bin C:\Program Files\AskBarDis\bar\Cache C:\Program Files\AskBarDis\bar\History C:\Program Files\AskBarDis\bar\Settings C:\Program Files\AskBarDis\bar\bin\askBar.dll C:\Program Files\AskBarDis\bar\bin\askPopStp.dll C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\AskSplash.exe C:\Program Files\AskBarDis\bar\bin\AskTBApp.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\AskBarDis\bar\bin\psvince.dll C:\Program Files\AskBarDis\bar\Cache\067A702E C:\Program Files\AskBarDis\bar\Cache\067A74C2 C:\Program Files\AskBarDis\bar\Cache\067A76A6.bin C:\Program Files\AskBarDis\bar\Cache\067A78D9.bin C:\Program Files\AskBarDis\bar\Cache\067A7A50.bin C:\Program Files\AskBarDis\bar\Cache\067A7BC7.bin C:\Program Files\AskBarDis\bar\Cache\067A7D3E.bin C:\Program Files\AskBarDis\bar\Cache\067A7EA5.bin C:\Program Files\AskBarDis\bar\Cache\067A801C.bin C:\Program Files\AskBarDis\bar\Cache\files.ini C:\Program Files\AskBarDis\bar\History\search C:\Program Files\AskBarDis\bar\Settings\AskLogo.ico C:\Program Files\AskBarDis\bar\Settings\config.dat C:\Program Files\AskBarDis\bar\Settings\config.dat.bak C:\Program Files\AskBarDis\bar\Settings\prevcfg.htm C:\DOCUME~1\windows\LOCALS~1\Temp\nsj80.tmp C:\DOCUME~1\windows\LOCALS~1\Temp\nsw9B.tmp -----------\\ Extensions (windows) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar (windows) - {f592709f-ff4a-4862-b659-4afabda56312} => mininova -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://www.orange.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Bar"="http://search.shareazaweb.com/sidebar.html?src=ssb" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Start Page"="http://www.tropal.net/" --------------------\\ Recherche d'autres infections C:\DOCUME~1\windows\LOCALS~1\APPLIC~1\wijzc.dat C:\DOCUME~1\windows\LOCALS~1\APPLIC~1\wijzc.exe C:\DOCUME~1\windows\LOCALS~1\APPLIC~1\wijzc_nav.dat C:\DOCUME~1\windows\LOCALS~1\APPLIC~1\wijzc_navps.dat ==> EGDACCESS <== --------------------\\ Cracks & Keygens .. C:\DOCUME~1\windows\Bureau\anciennes donn‚es\WINDOWS\Application Data\IM\Identities\{FDEE4642-52F4-11DA-951E-444553540000}\Message Store\Attachments\keygen.exe C:\DOCUME~1\windows\Bureau\anciennes donn‚es\WINDOWS\Application Data\IM\Identities\{FDEE4642-52F4-11DA-951E-444553540000}\Message Store\Attachments\{72177870-3E78-11DB-951E-B5959D785C32}\keygen.exe C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack.rar C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack\The.Sims.3.Crack C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack\The.Sims.3.Crack\The_Sims_3_Crack C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack\The.Sims.3.Crack\The_Sims_3_Crack\rzr-s3cf.nfo C:\DOCUME~1\windows\Mes documents\Downloads\Sims 3\The.Sims.3.Crack\The.Sims.3.Crack\The_Sims_3_Crack\TS3.exe C:\DOCUME~1\windows\Recent\The.Sims.3.Crack.lnk 1 - "C:\ToolBar SD\TB_1.txt" - 25/08/2009|21:41 - Option : [1] -----------\\ Fin du rapport a 21:41:05,64 -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
log : Logfile of random's system information tool 1.06 (written by random/random) Run by windows at 2009-08-25 21:21:35 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 82 GB (34%) free of 238 GB Total RAM: 1023 MB (51% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:21:49, on 25/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\wdfmgr.exe C:\PROGRA~1\Bandoo\Bandoo.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Electronic Arts\EADM\Core.exe C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE C:\documents and settings\windows\local settings\application data\wijzc.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Bandoo\BndCore.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\windows\Bureau\RSIT.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\trend micro\windows.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.shareazaweb.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tropal.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirec...amp;gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirec...p;gc=1&q=%s R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Shareaza MediaBar - {196C3A46-4758-433D-A600-802C804AF39C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [E06FXLRD_9269343] "C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE" -m O4 - HKCU\..\Run: [wijzc] "c:\documents and settings\windows\local settings\application data\wijzc.exe" wijzc O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab) (pr2aluab) - Koch Media - C:\WINDOWS\system32\pr2aluab.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe -- End of file - 8996 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{955BE0B8-BC85-4CAF-856E-8E0D8B610560}] BHO pour Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-06-14 1171456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}] UrlHelper Class - C:\Program Files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll [2009-05-04 398784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-16 35840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-16 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}] BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2009-06-17 1858496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-06-14 1171456] {196C3A46-4758-433D-A600-802C804AF39C} - Shareaza MediaBar - C:\Program Files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll [2009-05-04 529856] {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192] {147D6308-0614-4112-89B1-31402F9B82C4} - Compagnon Web Encarta - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL [2005-06-04 228048] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe [2007-03-01 153136] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-07-13 14679552] "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-16 148888] "MessengerPlus3"=C:\Program Files\MessengerPlus! 3\MsgPlus.exe [2009-06-30 190024] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872] "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2006-07-07 1052672] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856] "EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240] "E06FXLRD_9269343"=C:\Program Files\Microsoft Encarta\Collection Microsoft Encarta 2006 DVD\EDICT.EXE [2005-06-04 301776] "wijzc"=c:\documents and settings\windows\local settings\application data\wijzc.exe [2009-08-19 249856] C:\Documents and Settings\windows\Menu Démarrer\Programmes\Démarrage OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\bandoo\bndhook.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2005-06-29 46080] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "D:\Installation\Setupx.exe"="D:\Installation\Setupx.exe:*:Enabled:Nero ProductSetup" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe"="C:\Program Files\Shareaza Applications\Shareaza\Shareaza.exe:*:Enabled:Shareaza" "C:\CreativesFiles\Shareaza.exe"="C:\CreativesFiles\Shareaza.exe:*:Enabled:Shareaza" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE" "C:\Documents and Settings\windows\Bureau\freezer.exe"="C:\Documents and Settings\windows\Bureau\freezer.exe:*:Enabled:freezer" "C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager" "C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5c0685c1-57fc-11de-99b2-806d6172696f}] shell\AutoRun\command - D:\AUTORUN.EXE ======List of files/folders created in the last 1 months====== 2009-08-25 21:21:37 ----D---- C:\Program Files\trend micro 2009-08-25 21:21:35 ----D---- C:\rsit 2009-08-25 19:20:17 ----D---- C:\WINDOWS\LastGood 2009-08-25 19:20:09 ----D---- C:\Program Files\Avira 2009-08-25 19:20:09 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2009-08-25 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2009-08-24 03:05:17 ----D---- C:\WINDOWS\system32\XPSViewer 2009-08-24 03:05:12 ----D---- C:\Program Files\MSBuild 2009-08-24 03:05:09 ----D---- C:\WINDOWS\system32\en-US 2009-08-24 03:05:01 ----D---- C:\Program Files\Reference Assemblies 2009-08-24 03:04:28 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2009-08-24 03:04:28 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2009-08-24 03:04:28 ----N---- C:\WINDOWS\system32\prntvpt.dll 2009-08-24 03:04:28 ----D---- C:\22c91523bb1e5f177fdf2a 2009-08-13 23:03:34 ----N---- C:\WINDOWS\system32\WINGDE.DLL 2009-08-13 23:03:34 ----N---- C:\WINDOWS\system32\WING32.DLL 2009-08-13 23:03:34 ----N---- C:\WINDOWS\system32\WING.DLL 2009-08-13 20:01:24 ----D---- C:\Documents and Settings\windows\Application Data\LiveCAD2 2009-08-13 17:00:21 ----D---- C:\Program Files\Sierra On-Line 2009-08-13 17:00:18 ----D---- C:\SIERRA 2009-08-13 17:00:08 ----A---- C:\WINDOWS\SIERRA.INI 2009-08-13 16:48:23 ----A---- C:\WINDOWS\wininit.ini 2009-08-13 16:45:28 ----A---- C:\WINDOWS\IsUn040c.exe 2009-08-13 16:45:09 ----A---- C:\WINDOWS\AUTORUN.INI 2009-08-13 12:33:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-08-13 12:33:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-08-13 12:32:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-08-13 12:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-08-13 12:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-08-13 12:32:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-08-13 12:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-08-13 12:32:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-08-13 12:30:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-08-06 17:21:19 ----D---- C:\Program Files\Fichiers communs\DirectX 2009-07-31 09:03:08 ----D---- C:\Program Files\Deep Silver 2009-07-30 03:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$ ======List of files/folders modified in the last 1 months====== 2009-08-25 21:21:37 ----RD---- C:\Program Files 2009-08-25 20:58:34 ----D---- C:\WINDOWS\Temp 2009-08-25 19:21:23 ----D---- C:\WINDOWS\Prefetch 2009-08-25 19:20:19 ----D---- C:\WINDOWS\system32\drivers 2009-08-25 19:20:18 ----HD---- C:\WINDOWS\inf 2009-08-25 19:20:17 ----D---- C:\WINDOWS\system32\CatRoot2 2009-08-25 19:20:17 ----D---- C:\WINDOWS 2009-08-25 19:19:38 ----SHD---- C:\WINDOWS\Installer 2009-08-25 19:19:37 ----D---- C:\WINDOWS\WinSxS 2009-08-25 19:09:49 ----D---- C:\WINDOWS\system32\Lang 2009-08-25 19:08:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-08-25 19:07:45 ----D---- C:\WINDOWS\system32 2009-08-25 03:02:20 ----D---- C:\WINDOWS\system32\CatRoot 2009-08-25 03:00:31 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-08-24 03:25:32 ----D---- C:\WINDOWS\Microsoft.NET 2009-08-24 03:25:31 ----RSD---- C:\WINDOWS\assembly 2009-08-24 03:09:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-08-24 03:05:07 ----RSD---- C:\WINDOWS\Fonts 2009-08-24 03:04:44 ----D---- C:\WINDOWS\system32\spool 2009-08-23 11:57:17 ----D---- C:\Documents and Settings\windows\Application Data\uTorrent 2009-08-22 22:18:22 ----A---- C:\WINDOWS\NeroDigital.ini 2009-08-22 20:54:25 ----D---- C:\WINDOWS\Help 2009-08-22 19:35:46 ----A---- C:\WINDOWS\LEXSTAT.INI 2009-08-18 15:22:42 ----D---- C:\Program Files\Mozilla Firefox 2009-08-17 16:10:57 ----D---- C:\Program Files\eMule 2009-08-15 14:10:23 ----D---- C:\WINDOWS\Network Diagnostic 2009-08-13 20:01:07 ----D---- C:\WINDOWS\system32\DirectX 2009-08-13 12:33:13 ----A---- C:\WINDOWS\imsins.BAK 2009-08-13 12:32:50 ----HD---- C:\WINDOWS\$hf_mig$ 2009-08-13 12:32:34 ----D---- C:\Program Files\Outlook Express 2009-08-10 21:16:46 ----D---- C:\Documents and Settings\All Users\Application Data\Electronic Arts 2009-08-10 21:04:54 ----D---- C:\Program Files\Electronic Arts 2009-08-10 21:04:52 ----HD---- C:\Program Files\InstallShield Installation Information 2009-08-06 17:21:19 ----D---- C:\Program Files\Fichiers communs 2009-08-05 19:43:01 ----D---- C:\Program Files\EA GAMES 2009-08-05 15:03:12 ----D---- C:\Documents and Settings\windows\Application Data\Ahead 2009-08-05 15:03:12 ----D---- C:\Documents and Settings\All Users\Application Data\Ahead 2009-08-05 11:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2009-08-04 19:10:34 ----D---- C:\Program Files\Fichiers communs\Adobe 2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-27 03:02:02 ----D---- C:\WINDOWS\Registration 2009-07-26 11:28:43 ----D---- C:\Program Files\WinRAR ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-29 1241088] R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-07-13 3851264] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-03-26 45568] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 apfn2dki;apfn2dki; C:\WINDOWS\system32\drivers\apfn2dki.sys [] S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 mchInjDrv;mchInjDrv; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\mc21.tmp [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264] R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-29 376832] R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2009-06-17 1513920] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-06-16 152984] R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104] R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848] S2 pr2aluab;Wildlife Park 2 AddOn2 Horses Drivers Auto Removal (pr2aluab); C:\WINDOWS\system32\pr2aluab.exe [2007-09-12 411032] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info : info.txt logfile of random's system information tool 1.06 2009-08-25 21:21:51 ======Uninstall list====== -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->MsiExec.exe /X{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} Adobe Reader 8.1.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003} Alexandra Ledermann - La colline aux chevaux sauvages-->"C:\Program Files\InstallShield Installation Information\{F715F7A4-67BA-11DD-93EF-B74D56D89593}\setup.exe" -runfromtemp -l0x040c -removeonly Alexandra Ledermann 5-->C:\Program Files\UbiSoft\Lexis Numérique\Alexandra Ledermann 5\Desinst.exe Alexandra Ledermann 7-->C:\Program Files\UbiSoft\Lexis Numérique\Alexandra Ledermann 7\Desinst.exe Alexandra Ledermann le Haras de la vallée-->"C:\Program Files\InstallShield Installation Information\{E6D02BE6-55F6-44B8-8135-DB9857C02992}\setup.exe" -runfromtemp -l0x040c -removeonly Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Bandoo-->C:\Program Files\Bandoo\PreUninstall.exe Collection Microsoft Encarta 2006 DVD-->MsiExec.exe /I{06180081-3E21-46D6-9A91-D927BA08F41D} Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Deep Silver-->"C:\Program Files\InstallShield Installation Information\{DFE311BB-9AB2-4A27-A7A9-FA95F058BC80}\setup.exe" -runfromtemp -l0x040c -removeonly EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe eMule-->"C:\Program Files\eMule\Uninstall.exe" Favorit-->"c:\documents and settings\windows\local settings\application data\wijzc.exe" -uninstall Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll" HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} K-Lite Codec Pack 4.5.3 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe Les Sims™ 3-->"C:\Program Files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x040c -removeonly Les Sims™ 2 Au fil des saisons-->C:\Program Files\EA GAMES\Les Sims 2 Au fil des saisons\EAUninstall.exe Lexmark Z600 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBCUN5C.EXE -dLexmark Z600 Series Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log McDonald's Dragons-->C:\Program Files\McDonaldsDragons\uninstall.exe MediaBar 2.0-->C:\Program Files\Shareaza Applications\Shareaza MediaBar\Uninstall.exe Messenger Plus! 3-->"C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /Remove Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mission Equitation-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DA98964-804D-4DCF-AD6A-DE9D9EF3A825}\setup.exe" -l0x40c -removeonly Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 7 Essentials-->MsiExec.exe /X{BD49141C-188C-4B75-9F46-C2C42F2D1036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} OpenOffice.org 3.0 Language Pack (French)-->MsiExec.exe /I{2A0DB319-6365-4876-B7D8-994A79AA1329} OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33} PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe" RTLSetup 2.50.503-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\Setup.exe" -l0x9 REMOVE Shareaza 2.4.0.0-->"C:\CreativesFiles\Uninstall\unins000.exe" Sierra Home Architecte-->C:\WINDOWS\IsUn040c.exe -fC:\SIERRA\SHAF\Uninst.isu SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe" Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe Vuze Toolbar-->"C:\Program Files\AskBarDis\unins000.exe" Wildlife Park 2 + Horses-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13C406DB-02AF-437E-85E9-ABBA2687289F}\setup.exe" -l0x40c -removeonly Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll ======Security center information====== AV: AntiVir Desktop ======System event log====== Computer Name: PRO-CA7E3505773 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications. Record Number: 4546 Source Name: Service Control Manager Time Written: 20090727212734.000000+120 Event Type: Informations User: PRO-CA7E3505773\windows Computer Name: PRO-CA7E3505773 Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 4545 Source Name: Service Control Manager Time Written: 20090727212734.000000+120 Event Type: erreur User: Computer Name: PRO-CA7E3505773 Event Code: 7036 Message: Le service Gestion d'applications est entré dans l'état : arrêté. Record Number: 4544 Source Name: Service Control Manager Time Written: 20090727212734.000000+120 Event Type: Informations User: Computer Name: PRO-CA7E3505773 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications. Record Number: 4543 Source Name: Service Control Manager Time Written: 20090727212734.000000+120 Event Type: Informations User: PRO-CA7E3505773\windows Computer Name: PRO-CA7E3505773 Event Code: 7023 Message: Le service Gestion d'applications s'est arrêté avec l'erreur : Le module spécifié est introuvable. Record Number: 4542 Source Name: Service Control Manager Time Written: 20090727212734.000000+120 Event Type: erreur User: =====Application event log===== Computer Name: PRO-CA7E3505773 Event Code: 102 Message: wuaueng.dll (2720) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0). Record Number: 167 Source Name: ESENT Time Written: 20090616171859.000000+120 Event Type: Informations User: Computer Name: PRO-CA7E3505773 Event Code: 100 Message: wuauclt (2720) Le moteur de base de données 5.01.2600.5512 est démarré. Record Number: 166 Source Name: ESENT Time Written: 20090616171859.000000+120 Event Type: Informations User: Computer Name: PRO-CA7E3505773 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 165 Source Name: SecurityCenter Time Written: 20090616171814.000000+120 Event Type: Informations User: Computer Name: PRO-CA7E3505773 Event Code: 0 Message: Record Number: 164 Source Name: NMIndexingService Time Written: 20090616171813.000000+120 Event Type: Informations User: Computer Name: PRO-CA7E3505773 Event Code: 1517 Message: Windows a sauvegardé le Registre utilisateur PRO-CA7E3505773\windows alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé. Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local. Record Number: 163 Source Name: Userenv Time Written: 20090616163332.000000+120 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: PRO-CA7E3505773 Event Code: 849 Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré. Origine de la stratégie : Stratégie locale Profil utilisé : Standard Nom : Free Download Manager Chemin d'accès : C:\Program Files\Free Download Manager\fdm.exe État : Activé Étendue : Tous les sous-réseaux Record Number: 10417 Source Name: Security Time Written: 20090815094012.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: PRO-CA7E3505773 Event Code: 849 Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré. Origine de la stratégie : Stratégie locale Profil utilisé : Standard Nom : eMule Chemin d'accès : C:\Program Files\eMule\emule.exe État : Activé Étendue : Tous les sous-réseaux Record Number: 10416 Source Name: Security Time Written: 20090815094012.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: PRO-CA7E3505773 Event Code: 849 Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré. Origine de la stratégie : Stratégie locale Profil utilisé : Standard Nom : EA Download Manager Chemin d'accès : C:\Program Files\Electronic Arts\EADM\Core.exe État : Activé Étendue : Tous les sous-réseaux Record Number: 10415 Source Name: Security Time Written: 20090815094012.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: PRO-CA7E3505773 Event Code: 849 Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré. Origine de la stratégie : Stratégie locale Profil utilisé : Standard Nom : freezer Chemin d'accès : C:\Documents and Settings\windows\Bureau\freezer.exe État : Activé Étendue : Tous les sous-réseaux Record Number: 10414 Source Name: Security Time Written: 20090815094012.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM Computer Name: PRO-CA7E3505773 Event Code: 849 Message: Une application générait une erreur d'exception lorsque le Pare-feu Windows a démarré. Origine de la stratégie : Stratégie locale Profil utilisé : Standard Nom : Shareaza Chemin d'accès : C:\CreativesFiles\Shareaza.exe État : Activé Étendue : Tous les sous-réseaux Record Number: 10413 Source Name: Security Time Written: 20090815094012.000000+120 Event Type: Succès de l'audit User: AUTORITE NT\SYSTEM ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0409 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF----------------- -
Encore besoin d'aide encore des virus....
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
>Hé oui c'est l'autre PC j'en ait ras le bol Je vais donc encore t'embêter. Je fais ce que tu m'indiques. A toute... -
Encore besoin d'aide encore des virus....
nikigabal a posté un sujet dans Analyses et éradication malwares
Re-bonjour, Après avoir éliminer tous les virus sur l'ordi de ma fille, j'ai changé d'antivirus sur MON pc. J'avais avast et comme il me l'a été conseillé je l'ai désinstaller et j'ai installé ANTIVIR. Et voila que ce dernier me trouve 6 virus...grrrrr J'ai donc encore besoin de vos lumières pour en venir à bout. Merci. Voici le rapport d'antivir : Avira AntiVir Personal Date de création du fichier de rapport : mardi 25 août 2009 19:41 La recherche porte sur 1662031 souches de virus. Détenteur de la licence : Avira AntiVir Personal - FREE Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows XP Version de Windows : (Service Pack 3) [5.1.2600] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : PRO-CA7E3505773 Informations de version : BUILD.DAT : 9.0.0.67 17958 Bytes 04/08/2009 14:47:00 AVSCAN.EXE : 9.0.3.7 466689 Bytes 21/07/2009 12:35:43 AVSCAN.DLL : 9.0.3.0 49409 Bytes 03/03/2009 09:21:02 LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 10:35:11 LUKERES.DLL : 9.0.2.0 13569 Bytes 03/03/2009 09:21:31 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36 ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 08:21:42 ANTIVIR2.VDF : 7.1.5.146 3087360 Bytes 21/08/2009 17:22:10 ANTIVIR3.VDF : 7.1.5.162 149504 Bytes 25/08/2009 17:22:11 Version du moteur : 8.2.1.3 AEVDF.DLL : 8.1.1.1 106868 Bytes 28/07/2009 12:17:15 AESCRIPT.DLL : 8.1.2.25 459130 Bytes 25/08/2009 17:22:27 AESCN.DLL : 8.1.2.4 127348 Bytes 23/07/2009 08:59:39 AERDL.DLL : 8.1.2.4 430452 Bytes 23/07/2009 08:59:39 AEPACK.DLL : 8.1.3.18 401783 Bytes 28/07/2009 12:17:14 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/07/2009 08:59:39 AEHEUR.DLL : 8.1.0.155 1921400 Bytes 25/08/2009 17:22:25 AEHELP.DLL : 8.1.6.0 233846 Bytes 25/08/2009 17:22:15 AEGEN.DLL : 8.1.1.57 356725 Bytes 25/08/2009 17:22:14 AEEMU.DLL : 8.1.0.9 393588 Bytes 09/10/2008 13:32:40 AECORE.DLL : 8.1.7.6 184694 Bytes 23/07/2009 08:59:39 AEBB.DLL : 8.1.0.3 53618 Bytes 09/10/2008 13:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:30 AVPREF.DLL : 9.0.0.1 43777 Bytes 03/12/2008 10:39:26 AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 07/11/2008 14:24:42 AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 14:05:22 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 09:36:37 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 07:20:57 NETNT.DLL : 9.0.0.0 11521 Bytes 07/11/2008 14:40:59 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 17/06/2009 12:44:26 RCTEXT.DLL : 9.0.37.0 88321 Bytes 15/04/2009 09:07:05 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: c:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Catégories de dangers divergentes.............: +APPL,+GAME,+JOKE,+PCK,+SPR, Début de la recherche : mardi 25 août 2009 19:41 La recherche d'objets cachés commence. '107460' objets ont été contrôlés, '0' objets cachés ont été trouvés. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'IEXPLORE.EXE' - '1' module(s) sont contrôlés Processus de recherche 'BndCore.exe' - '1' module(s) sont contrôlés Processus de recherche 'IEXPLORE.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'soffice.bin' - '1' module(s) sont contrôlés Processus de recherche 'NMIndexStoreSvr.exe' - '1' module(s) sont contrôlés Processus de recherche 'soffice.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMIndexingService.exe' - '1' module(s) sont contrôlés Processus de recherche 'wijzc.exe' - '1' module(s) sont contrôlés Processus de recherche 'EDICT.EXE' - '1' module(s) sont contrôlés Processus de recherche 'Core.exe' - '1' module(s) sont contrôlés Processus de recherche 'daemon.exe' - '1' module(s) sont contrôlés Processus de recherche 'SuperCopier2.exe' - '1' module(s) sont contrôlés Processus de recherche 'NMBgMonitor.exe' - '1' module(s) sont contrôlés Processus de recherche 'ctfmon.exe' - '1' module(s) sont contrôlés Processus de recherche 'MsgPlus.exe' - '1' module(s) sont contrôlés Processus de recherche 'jusched.exe' - '1' module(s) sont contrôlés Processus de recherche 'RTHDCPL.EXE' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'alg.exe' - '1' module(s) sont contrôlés Processus de recherche 'Bandoo.exe' - '1' module(s) sont contrôlés Processus de recherche 'wdfmgr.exe' - '1' module(s) sont contrôlés Processus de recherche 'PSIService.exe' - '1' module(s) sont contrôlés Processus de recherche 'jqs.exe' - '1' module(s) sont contrôlés Processus de recherche 'ASKUpgrade.exe' - '1' module(s) sont contrôlés Processus de recherche 'AskService.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXPPS.EXE' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'LEXBCES.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'ati2evxx.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '46' processus ont été contrôlés avec '46' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD2 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD3 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD4 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD5 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '48' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! [REMARQUE] Ce fichier est un fichier système Windows. [REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche. C:\Documents and Settings\windows\Bureau\anciennes données\WINDOWS\TEMP\ImInstaller\IncrediMail\IMLOADER.EXE [RESULTAT] Contient le modèle de détection du programme SPR/Dldr.ImLoader.G.3 C:\Documents and Settings\windows\Mes documents\LOGICIEL\Craagle.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Craagle.19.6 C:\Documents and Settings\windows\Mes documents\LOGICIEL\Speed-Downloading_setup.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Downloader.NaviPromo.B.32 C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP58\A0009578.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP97\A0013976.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Craagle.19.6 C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP97\A0013977.exe [RESULTAT] Contient le modèle de détection du programme SPR/Dldr.ImLoader.G.3 C:\WINDOWS\system32\drivers\sptd.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Début de la désinfection : C:\Documents and Settings\windows\Bureau\anciennes données\WINDOWS\TEMP\ImInstaller\IncrediMail\IMLOADER.EXE [RESULTAT] Contient le modèle de détection du programme SPR/Dldr.ImLoader.G.3 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ae03511.qua' ! C:\Documents and Settings\windows\Mes documents\LOGICIEL\Craagle.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Craagle.19.6 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af53537.qua' ! C:\Documents and Settings\windows\Mes documents\LOGICIEL\Speed-Downloading_setup.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Downloader.NaviPromo.B.32 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4af93535.qua' ! C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP58\A0009578.exe [RESULTAT] Contient le cheval de Troie TR/Crypt.ZPACK.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4ac434f5.qua' ! C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP97\A0013976.exe [RESULTAT] Contient le modèle de détection du logiciel espion ou publicitaire ADSPY/Craagle.19.6 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b427f8e.qua' ! C:\System Volume Information\_restore{2B044C76-38DB-4EC1-A363-17977E1AF6F4}\RP97\A0013977.exe [RESULTAT] Contient le modèle de détection du programme SPR/Dldr.ImLoader.G.3 [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '498f5186.qua' ! Fin de la recherche : mardi 25 août 2009 21:00 Temps nécessaire: 1:18:30 Heure(s) La recherche a été effectuée intégralement 8426 Les répertoires ont été contrôlés 475430 Des fichiers ont été contrôlés 6 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 6 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 2 Impossible de contrôler des fichiers 475422 Fichiers non infectés 4179 Les archives ont été contrôlées 2 Avertissements 7 Consignes 107460 Des objets ont été contrôlés lors du Rootkitscan 0 Des objets cachés ont été trouvés -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Merci encore. Je vais tout de suite désinstaller avast et télécharger antivir. Après j'en ferai autant sur celui de ma fille. Tout marche impeccable je te remercie. Bonne soirée. -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
avast ne suffit pas ? Vaut mieux que j'en mette un autre ? -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
oh mince dsl Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:45, on 25/08/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Super Banane\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...rio&pf=cnnb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [updatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9008 bytes -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
C'est bien grace a toi aussi sans toi j'aurai jamais fait tout ça. Mille merci ya qu'a demander mdr Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2693 Windows 6.0.6001 Service Pack 1 25/08/2009 17:52:30 mbam-log-2009-08-25 (17-52-30).txt Type de recherche: Examen rapide Eléments examinés: 88868 Temps écoulé: 4 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Ouaw génial Falkra, je ne sais comment te remercier. PC nickel. Ha si j'osais...allez j'ose tu es un amour mdr... Tu m'as enlevé un gros poids Voici le dernier rapport Malwarebytes' Anti-Malware 1.40 Version de la base de données: 2693 Windows 6.0.6001 Service Pack 1 25/08/2009 17:52:30 mbam-log-2009-08-25 (17-52-30).txt Type de recherche: Examen rapide Eléments examinés: 88868 Temps écoulé: 4 minute(s), 2 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) -
virus total security (résolu)
nikigabal a répondu à un(e) sujet de nikigabal dans Analyses et éradication malwares
Merci Angélique, tout remarche à nouvea a nouveau ouf................(dsl mauvaise manip) Voici le rapport conbofix ComboFix 09-08-24.06 - Super Banane 25/08/2009 16:33.3.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.33.1036.18.1790.1074 [GMT 2:00] Running from: c:\users\Super Banane\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Default\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms c:\users\Niki'\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms c:\users\Super Banane\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms c:\windows\system32\config\systemprofile\ntuser.dat{350e4ef8-c7c1-11dc-b86a-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms c:\windows\system32\tmp.reg c:\users\Super Banane\NTUSER.DAT{4b766740-8b1e-11de-9ada-001f16d6dbc9}.TMContainer00000000000000000001.regtrans-ms . . . . failed to delete c:\windows\ServiceProfiles\LocalService\NTUSER.DAT{d8932e65-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms . . . . failed to delete c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT{d8932e61-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms . . . . failed to delete . ((((((((((((((((((((((((( Files Created from 2009-07-25 to 2009-08-25 ))))))))))))))))))))))))))))))) . 2009-08-25 14:40 . 2009-08-25 14:40 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-08-25 14:40 . 2009-08-25 14:40 -------- d-----w- c:\users\Niki'\AppData\Local\temp 2009-08-25 14:40 . 2009-08-25 14:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-08-25 14:05 . 2009-08-25 14:05 -------- d-----w- c:\users\Super Banane\AppData\Roaming\Malwarebytes 2009-08-25 14:05 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-25 14:05 . 2009-08-25 14:05 -------- d-----w- c:\programdata\Malwarebytes 2009-08-25 14:05 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-08-25 14:05 . 2009-08-25 14:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-22 06:34 . 2009-08-22 06:34 1 ----a-w- c:\users\Niki'\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-08-22 06:27 . 2009-08-22 06:27 -------- d-----w- c:\users\Niki'\AppData\Roaming\OpenOffice.org 2009-08-21 19:20 . 2009-08-24 19:58 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-08-21 19:20 . 2009-08-24 19:52 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-08-17 22:48 . 2009-08-22 14:00 35 ----a-w- c:\users\Super Banane\AppData\Roaming\SetValue.bat 2009-08-17 22:41 . 2009-08-17 22:42 -------- d-----w- c:\windows\system32\SmitfraudFix 2009-08-17 21:58 . 2009-06-15 18:20 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2009-08-17 21:58 . 2009-06-15 15:24 175104 ----a-w- c:\windows\system32\wdigest.dll 2009-08-17 21:58 . 2009-06-15 15:24 72704 ----a-w- c:\windows\system32\secur32.dll 2009-08-17 21:58 . 2009-06-15 15:24 270848 ----a-w- c:\windows\system32\schannel.dll 2009-08-17 21:58 . 2009-06-15 15:23 1256448 ----a-w- c:\windows\system32\lsasrv.dll 2009-08-17 21:58 . 2009-06-15 15:22 213504 ----a-w- c:\windows\system32\msv1_0.dll 2009-08-17 21:58 . 2009-06-15 15:21 499712 ----a-w- c:\windows\system32\kerberos.dll 2009-08-17 21:58 . 2009-06-15 12:57 9728 ----a-w- c:\windows\system32\lsass.exe 2009-08-17 17:51 . 2009-08-17 17:51 -------- d-----w- c:\program files\Common Files\TSCUninstall 2009-08-17 11:15 . 2009-08-17 11:15 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-08-17 06:17 . 2009-08-17 06:17 -------- d-----w- C:\4deeeb9a9fc24972717f0d49558e 2009-08-16 15:14 . 2009-08-24 11:45 1 ----a-w- c:\users\Super Banane\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-08-16 15:13 . 2009-08-16 15:13 -------- d-----w- c:\users\Super Banane\AppData\Roaming\OpenOffice.org 2009-08-16 14:58 . 2009-08-16 14:59 -------- d-----w- c:\program files\OpenOffice.org 3 2009-08-16 13:44 . 2009-08-25 14:13 -------- d-----w- c:\users\Super Banane\Tracing 2009-08-16 13:14 . 2009-08-16 13:14 -------- d-----w- c:\users\Super Banane\AppData\Roaming\HP TCS 2009-08-16 08:59 . 2009-08-16 08:59 -------- d--h--r- c:\users\Niki'\AppData\Roaming\SecuROM 2009-08-16 08:33 . 2008-10-22 01:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-08-16 08:13 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2009-08-16 08:13 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-08-16 08:13 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2009-08-16 08:13 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2009-08-16 08:13 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2009-08-16 08:13 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2009-08-16 08:13 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe 2009-08-16 07:22 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll 2009-08-16 07:22 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll 2009-08-16 07:22 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-08-16 07:22 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2009-08-16 07:22 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2009-08-16 07:20 . 2009-08-16 07:20 -------- d-----w- c:\program files\MSXML 4.0 2009-08-15 17:21 . 2008-01-21 02:33 638976 ----a-w- c:\windows\system32\win_utilman.exe 2009-08-15 17:21 . 2009-08-15 17:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-15 17:20 . 2009-08-15 17:20 93640 ----a-w- c:\windows\system32\ezUninst.exe 2009-08-15 17:20 . 2009-08-15 17:20 51656 ----a-w- c:\windows\system32\ezUPBHook.dll 2009-08-15 17:20 . 2009-08-15 17:20 271304 ----a-w- c:\windows\system32\ezSetup.exe 2009-08-15 17:20 . 2009-08-15 17:20 18376 ----a-w- c:\windows\system32\ezMAPIHelper.exe 2009-08-15 17:20 . 2009-08-15 17:20 115656 ----a-w- c:\windows\system32\ezShellStart.exe 2009-08-15 17:18 . 2009-08-15 17:19 -------- d-----w- c:\program files\PhotoFiltre 2009-08-15 17:11 . 2009-08-16 13:25 -------- d-----w- c:\users\Super Banane\AbiSuite 2009-08-15 17:11 . 2009-08-16 07:17 -------- d-----w- c:\program files\AbiSuite2 2009-08-15 12:56 . 2009-08-15 12:56 -------- d--h--r- c:\users\Super Banane\AppData\Roaming\SecuROM 2009-08-15 12:49 . 2009-08-15 12:49 -------- d-----w- c:\program files\Electronic Arts 2009-08-15 12:49 . 2006-07-28 07:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll 2009-08-15 12:49 . 2006-07-28 07:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll 2009-08-15 12:48 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll 2009-08-15 11:32 . 2009-08-15 11:32 -------- d-----w- c:\program files\Microsoft 2009-08-15 11:32 . 2009-08-15 11:32 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-08-15 11:31 . 2009-08-15 11:32 -------- d-----w- c:\program files\Windows Live 2009-08-15 11:21 . 2009-08-15 11:21 -------- d-----w- c:\program files\Common Files\Windows Live 2009-08-15 07:42 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-15 07:42 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-15 07:42 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-15 07:42 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-15 07:42 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-15 07:41 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-15 07:41 . 2009-02-05 20:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2009-08-15 07:41 . 2009-08-15 07:41 -------- d-----w- c:\program files\Alwil Software 2009-08-15 07:10 . 2009-08-15 07:10 -------- d-----w- c:\users\Super Banane\AppData\Local\Hewlett-Packard 2009-08-15 07:10 . 2009-08-15 07:10 -------- d-----w- c:\users\Super Banane\AppData\Roaming\Hewlett-Packard 2009-08-15 07:09 . 2009-08-16 18:54 79440 ----a-w- c:\users\Super Banane\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-15 07:09 . 2009-08-15 12:49 -------- d-----w- c:\users\Super Banane\AppData\Local\Google 2009-08-15 05:25 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-08-15 05:24 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-08-15 05:23 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys 2009-08-15 05:23 . 2008-06-23 01:59 2868736 ----a-w- c:\windows\system32\mf.dll 2009-08-15 05:23 . 2008-06-23 01:59 996352 ----a-w- c:\windows\system32\WMNetMgr.dll 2009-08-15 05:23 . 2008-06-23 01:58 94720 ----a-w- c:\windows\system32\logagent.exe 2009-08-15 05:23 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll 2009-08-15 05:23 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-08-15 05:23 . 2008-09-10 03:40 1334272 ----a-w- c:\windows\system32\msxml6.dll 2009-08-15 05:10 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe 2009-08-15 05:10 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll 2009-08-15 05:10 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2009-08-15 05:10 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll 2009-08-15 05:10 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll 2009-08-15 05:10 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll 2009-08-15 05:10 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll 2009-08-15 05:10 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll 2009-08-15 05:10 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe 2009-08-14 21:11 . 2009-08-14 21:12 -------- d-----w- c:\users\Niki'\AppData\Local\Google 2009-08-14 21:10 . 2009-08-14 21:11 -------- d-----w- c:\program files\Google 2009-08-14 19:59 . 2009-08-14 19:59 -------- d-----w- c:\users\Niki'\AppData\Local\Hewlett-Packard 2009-08-14 19:58 . 2009-08-14 19:59 -------- d-----w- c:\users\Niki'\AppData\Roaming\hewlett-packard 2009-08-14 19:56 . 2009-08-21 20:09 79440 ----a-w- c:\users\Niki'\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-14 19:53 . 2009-08-14 19:53 -------- d-----w- c:\users\Niki'\AppData\Roaming\HP TCS 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\Modèles 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\Menu Démarrer 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\AppData\Local\Historique 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Modèles 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Menu Démarrer 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Favoris 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Bureau 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\program files\Fichiers communs 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\Voisinage réseau 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\Voisinage d'impression 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\users\Default\Mes documents . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-25 14:17 . 2008-10-25 13:59 669566 ----a-w- c:\windows\system32\perfh00C.dat 2009-08-25 14:17 . 2008-10-25 13:59 123556 ----a-w- c:\windows\system32\perfc00C.dat 2009-08-22 14:00 . 2009-08-17 22:48 691 ----a-w- c:\users\Super Banane\AppData\Roaming\GetValue.vbs 2009-08-20 21:08 . 2009-08-15 08:39 28504 ----a-w- c:\programdata\nvModes.dat 2009-08-19 11:40 . 2008-10-25 06:30 -------- d-----w- c:\program files\SMINST 2009-08-17 11:16 . 2008-10-25 06:05 -------- d-----w- c:\programdata\Microsoft Help 2009-08-16 14:08 . 2009-08-16 14:08 0 ----a-w- c:\users\Super Banane\AppData\Roaming\wklnhst.dat 2009-08-16 13:16 . 2008-10-25 05:06 -------- d-----w- c:\programdata\Norton 2009-08-16 08:45 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-08-16 08:42 . 2008-10-25 05:53 -------- d-----w- c:\program files\Microsoft Works 2009-08-15 17:21 . 2008-10-25 06:24 -------- d-----w- c:\program files\EasyBits For Kids 2009-08-15 17:21 . 2008-10-25 06:24 8308 ----a-w- c:\windows\system32\ezdigsgn.dat 2009-08-14 21:03 . 2008-10-25 06:25 -------- d-----w- c:\programdata\AOL 2009-08-14 19:53 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar 2009-08-14 19:51 . 2009-08-14 19:51 0 --sha-r- c:\windows\system32\drivers\103C_HP_cNB_Presario CQ60 Notebook PC_Y5335KV_0U_Q2CE922GXRH_E508164-051_4A_I303C_SWistron_V08.54_F.3C_T090520_WV2-1_L40C_M1790_J250_7AMD_8F31_92.10_#090608_N168C001C;10DE0760_(VA156EA#ABF)_XMOBI LE_CN10_Z_2F.3C.MRK 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Modèles 2009-08-14 19:49 . 2009-08-14 19:49 -------- d-sh--we c:\programdata\Menu Démarrer 2009-07-18 16:06 . 2009-08-15 05:24 827904 ----a-w- c:\windows\system32\wininet.dll 2009-07-18 16:01 . 2009-08-15 05:24 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-07-18 09:46 . 2009-08-15 05:24 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-17 14:35 . 2009-08-15 05:25 71680 ----a-w- c:\windows\system32\atl.dll 2009-07-14 13:00 . 2009-08-15 05:24 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-14 12:59 . 2009-08-15 05:24 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-14 12:58 . 2009-08-15 05:24 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-14 10:59 . 2009-08-15 05:24 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-06-15 15:24 . 2009-08-15 05:25 156672 ----a-w- c:\windows\system32\t2embed.dll 2009-06-15 15:20 . 2009-08-15 05:25 72704 ----a-w- c:\windows\system32\fontsub.dll 2009-06-15 15:20 . 2009-08-15 05:25 10240 ----a-w- c:\windows\system32\dciman32.dll 2009-06-15 12:52 . 2009-08-15 05:25 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-06-10 12:12 . 2009-08-15 05:25 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-10 12:07 . 2009-08-15 05:24 91136 ----a-w- c:\windows\system32\avifil32.dll 2009-06-08 17:13 . 2009-06-08 17:13 53319 ----a-w- c:\programdata\Temp\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe 2009-06-08 17:12 . 2009-06-08 17:12 53319 ----a-w- c:\programdata\Temp\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}\PostBuild.exe 2009-06-08 17:11 . 2009-06-08 17:12 36864 ----a-w- c:\programdata\Temp\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}\PostBuild.exe 2009-06-08 17:09 . 2009-06-08 17:09 36864 ----a-w- c:\programdata\Temp\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}\PostBuild.exe 2009-06-08 17:09 . 2009-06-08 17:09 53319 ----a-w- c:\programdata\Temp\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}\PostBuild.exe 2009-06-08 17:09 . 2008-10-25 06:14 1053232 ----a-w- c:\windows\system32\MFC71u.dll 2009-06-08 17:09 . 2008-08-06 13:29 353840 ----a-w- c:\windows\system32\msvcr71.dll 2009-06-08 17:09 . 2008-08-06 13:27 505392 ----a-w- c:\windows\system32\msvcp71.dll 2009-06-08 17:09 . 2008-10-25 06:14 1066544 ----a-w- c:\windows\system32\MFC71.dll 2009-06-08 17:09 . 2008-10-25 06:13 36864 ----a-w- c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe 2009-06-04 12:34 . 2009-08-15 05:25 2066432 ----a-w- c:\windows\system32\mstscax.dll 2008-10-25 14:22 . 2008-10-25 14:02 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((( SnapShot@2009-08-17_18.58.16 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 02:32 . 2008-01-21 02:32 16896 c:\windows\winsxs\x86_wsdprint.inf_31bf3856ad364e35_6.0.6002.18005_none_173ab75eae68bace\WSDPrint.sys + 2008-01-21 02:32 . 2008-01-21 02:32 39936 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdUsb.sys + 2008-01-21 02:32 . 2008-01-21 02:32 60928 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdMtpUS.dll + 2008-01-21 02:32 . 2008-01-21 02:32 66560 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdMtpIP.dll + 2008-01-21 02:32 . 2008-01-21 02:32 33280 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdConns.dll + 2008-10-25 14:03 . 2008-10-25 14:03 18904 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_7.0.6002.1800 5_none_8ae0ca49e0ec3b69\StructuredQuerySchemaTrivial.bin + 2008-01-21 02:32 . 2008-01-21 02:32 23552 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\usbuhci.sys + 2008-01-21 02:32 . 2008-01-21 02:32 15872 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\hcrstco.dll + 2008-01-21 02:32 . 2008-01-21 02:32 73216 c:\windows\winsxs\x86_usb.inf_31bf3856ad364e35_6.0.6002.18005_none_cce3e0020b941ebb\usbccgp.sys + 2008-01-21 02:32 . 2008-01-21 02:32 89088 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\wiafbdrv.dll + 2008-01-21 02:32 . 2008-01-21 02:32 35328 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys + 2008-01-21 02:32 . 2008-01-21 02:32 14848 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\scsiscan.sys + 2008-01-21 02:32 . 2008-01-21 02:32 13312 c:\windows\winsxs\x86_sffdisk.inf_31bf3856ad364e35_6.0.6002.18005_none_a627020ee70bbf15\sffdisk.sys + 2006-11-02 12:33 . 2006-11-02 12:33 11368 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MsMpLics.dll + 2008-01-21 02:33 . 2008-01-21 02:33 58936 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpRtPlug.dll + 2008-01-21 02:33 . 2008-01-21 02:33 90680 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpOAV.dll + 2006-11-02 12:33 . 2006-11-02 12:33 16488 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpAsDesc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 17920 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_9bffb484c4fe88e5\wfapigp.dll + 2008-01-21 02:34 . 2008-01-21 02:34 64000 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_9bffb484c4fe88e5\mpsdrv.sys + 2008-01-21 02:34 . 2008-01-21 02:34 87552 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_9bffb484c4fe88e5\icfupgd.dll + 2008-01-21 02:34 . 2008-01-21 02:34 16896 c:\windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.0.6002.18005_none_6862e2e7643773d9\SharedReg12.dll + 2008-01-21 02:33 . 2008-01-21 02:33 16896 c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.0.6002.18005_none_8199f0814373a5b3\sbscmp20_mscorwks.dll + 2008-01-21 02:33 . 2008-01-21 02:33 16896 c:\windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.0.6002.18005_none_54ad0b7a61344e8c\sbscmp20_mscorlib.dll + 2008-01-21 02:33 . 2008-01-21 02:33 16896 c:\windows\winsxs\x86_netfx-sbscmp10_dll_31bf3856ad364e35_6.0.6002.18005_none_76f179ae021db881\sbscmp10.dll + 2008-01-21 02:32 . 2008-01-21 02:32 20024 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\viaide.sys + 2008-01-21 02:32 . 2008-01-21 02:32 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\intelide.sys + 2008-01-21 02:32 . 2008-01-21 02:32 19000 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\cmdide.sys + 2008-01-21 02:32 . 2008-01-21 02:32 17976 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\amdide.sys + 2008-01-21 02:32 . 2008-01-21 02:32 17464 c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\aliide.sys + 2008-01-21 02:34 . 2008-01-21 02:34 91136 c:\windows\winsxs\x86_microsoft-windows-wmiperf_31bf3856ad364e35_6.0.6002.18005_none_a1858d34af79a11c\WmiPerfClass.dll + 2008-01-21 02:33 . 2008-01-21 02:33 19968 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\mofcomp.exe + 2008-01-21 02:34 . 2008-01-21 02:34 77824 c:\windows\winsxs\x86_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.0.6002.18005_none_a29e34dbf412e9da\WinMgmt.exe + 2008-01-21 02:32 . 2008-01-21 02:32 64512 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\wlanapi.dll + 2008-01-21 02:32 . 2008-01-21 02:32 15181 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\gatherWirelessInfo.vbs + 2006-11-02 08:48 . 2006-11-02 09:46 41984 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.0.6002.18005_none_570ee68146eaef3c\wabimp.dll + 2006-11-02 08:48 . 2006-11-02 09:45 66048 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6002.18005_none_4494d68cd4b469ae\wabmig.exe + 2006-11-02 08:48 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6002.18005_none_4494d68cd4b469ae\wabfind.dll + 2008-01-21 02:34 . 2008-01-21 02:34 32768 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wups2.dll + 2008-01-21 02:34 . 2008-01-21 02:34 43008 c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe + 2006-11-02 12:33 . 2006-11-02 12:33 12800 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiatrace.dll + 2008-01-21 02:33 . 2008-01-21 02:33 32768 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiarpc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 23040 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.0.6002.18005_none_884f8c864562464f\wups.dll + 2008-01-21 02:34 . 2008-01-21 02:34 80384 c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.0.6002.18005_none_884f8c864562464f\wudriver.dll + 2008-01-21 02:34 . 2008-01-21 02:34 13312 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmRes.dll + 2008-01-21 02:34 . 2008-01-21 02:34 54784 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmProv.dll + 2008-01-21 02:34 . 2008-01-21 02:34 30720 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WSManHTTPConfig.exe + 2008-01-21 02:34 . 2008-01-21 02:34 69120 c:\windows\winsxs\x86_microsoft-windows-vssapi_31bf3856ad364e35_6.0.6002.18005_none_d6d2575c7ee3769a\vsstrace.dll + 2008-01-21 02:34 . 2008-01-21 02:34 19968 c:\windows\winsxs\x86_microsoft-windows-vssapi_31bf3856ad364e35_6.0.6002.18005_none_d6d2575c7ee3769a\eventcls.dll + 2008-01-21 02:34 . 2008-01-21 02:34 19968 c:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vdsldr.exe + 2008-01-21 02:34 . 2008-01-21 02:34 37888 c:\windows\winsxs\x86_microsoft-windows-virtualdiskservice_31bf3856ad364e35_6.0.6002.18005_none_6cd64babf7d06785\vds_ps.dll + 2006-11-02 08:58 . 2006-11-02 09:46 34816 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\uicom.dll + 2008-01-21 02:33 . 2008-01-21 02:33 15360 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\serialui.dll + 2008-01-21 02:34 . 2008-01-21 02:34 22528 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6002.18005_none_63710ee88c7b7604\netiougc.exe + 2008-01-21 02:34 . 2008-01-21 02:34 49664 c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6002.18005_none_63710ee88c7b7604\netiomig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 17920 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\ROUTE.EXE + 2006-11-02 08:58 . 2006-11-02 09:45 27136 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\NETSTAT.EXE + 2006-11-02 08:58 . 2006-11-02 09:45 11264 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\MRINFO.EXE + 2006-11-02 08:58 . 2006-11-02 09:45 10240 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\finger.exe + 2006-11-02 08:58 . 2006-11-02 09:44 19968 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\ARP.EXE + 2009-08-15 05:25 . 2009-04-11 06:28 53248 c:\windows\winsxs\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.0.6002.18005_none_31d980c8c2ca01c9\tsgqec.dll + 2006-11-02 12:34 . 2006-11-02 12:34 68096 c:\windows\winsxs\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6002.18005_none_d2fbc584d9efb14a\TabSvc.dll + 2008-01-21 02:35 . 2008-01-21 02:35 14848 c:\windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6002.18005_none_48cb48f3b060c975\srdelayed.exe + 2008-01-21 02:35 . 2008-01-21 02:35 40960 c:\windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6002.18005_none_48cb48f3b060c975\srclient.dll + 2008-01-21 02:32 . 2008-01-21 02:32 28160 c:\windows\winsxs\x86_microsoft-windows-spp-main_31bf3856ad364e35_6.0.6002.18005_none_e6326fcda9fe9b59\sxproxy.dll + 2008-01-21 02:33 . 2008-01-21 02:33 99328 c:\windows\winsxs\x86_microsoft-windows-speechengine_31bf3856ad364e35_6.0.6002.18005_none_f0a9964297040c1c\spsrx.dll + 2008-01-21 02:34 . 2008-01-21 02:34 43520 c:\windows\winsxs\x86_microsoft-windows-speechcommon_31bf3856ad364e35_6.0.6002.18005_none_d7edc1a2cfccb087\SCGMigPlugin.dll + 2006-11-02 12:33 . 2006-11-02 12:33 16384 c:\windows\winsxs\x86_microsoft-windows-speech-userexperience_31bf3856ad364e35_6.0.6002.18005_none_1df5691748ee6b08\SpeechUXPS.DLL + 2006-11-02 08:43 . 2006-11-02 09:46 66560 c:\windows\winsxs\x86_microsoft-windows-smartcardsubsystem_31bf3856ad364e35_6.0.6002.18005_none_19e8b8b06714b3ae\SCardDlg.dll + 2008-01-21 02:32 . 2008-01-21 02:32 11776 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6002.18005_none_d0c824c923c9e622\sbunattend.exe + 2006-11-02 12:34 . 2006-11-02 12:34 66048 c:\windows\winsxs\x86_microsoft-windows-sidebar_31bf3856ad364e35_6.0.6002.18005_none_d0c824c923c9e622\sbdrop.dll + 2008-01-21 02:34 . 2008-01-21 02:34 62976 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\windeploy.exe + 2008-01-21 02:34 . 2008-01-21 02:34 47616 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\wdsutil.dll + 2008-01-21 02:34 . 2008-01-21 02:34 94720 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\sysprep.exe + 2008-01-21 02:34 . 2008-01-21 02:34 54272 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\spprgrss.dll + 2008-01-21 02:34 . 2008-01-21 02:34 42496 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\oobeldr.exe + 2008-01-21 02:34 . 2008-01-21 02:34 31232 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\diagER.dll + 2008-01-21 02:34 . 2008-01-21 02:34 52736 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\audit.exe + 2009-08-16 14:01 . 2009-04-11 06:28 51712 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll + 2009-08-16 14:01 . 2009-04-11 06:28 83968 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wmiutils.dll + 2009-08-16 14:01 . 2009-04-11 06:28 30208 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wbemprox.dll + 2009-08-16 14:01 . 2009-04-11 06:28 35328 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\mspatcha.dll + 2009-08-16 14:01 . 2009-04-11 06:28 22016 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsMsg.dll + 2008-01-21 02:33 . 2008-01-21 02:33 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\wshcon.dll + 2008-01-21 02:33 . 2008-01-21 02:33 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6002.18005_none_4a53cc21fd7bbcc7\dispex.dll + 2008-01-21 02:32 . 2008-01-21 02:32 88064 c:\windows\winsxs\x86_microsoft-windows-scanprofiles_31bf3856ad364e35_6.0.6002.18005_none_4952ad655043b399\wiascanprofiles.dll + 2008-01-21 02:32 . 2008-01-21 02:32 98816 c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6002.18005_none_26f5355863ea5f18\sdshext.dll + 2006-11-02 08:57 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-rmcast_31bf3856ad364e35_6.0.6002.18005_none_5669453d850ccabc\wshrm.dll + 2008-01-21 02:33 . 2008-01-21 02:33 47616 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmutil.dll + 2008-01-21 02:33 . 2008-01-21 02:33 14336 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmstplua.dll + 2008-01-21 02:33 . 2008-01-21 02:33 84992 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmstp.exe + 2008-01-21 02:33 . 2008-01-21 02:33 26112 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmpbk32.dll + 2008-01-21 02:33 . 2008-01-21 02:33 56320 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmmigr.dll + 2008-01-21 02:33 . 2008-01-21 02:33 32768 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmlua.dll + 2008-01-21 02:33 . 2008-01-21 02:33 72704 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmdl32.exe + 2008-01-21 02:33 . 2008-01-21 02:33 31232 c:\windows\winsxs\x86_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_610bb87d5da7583b\cmcfg32.dll + 2008-01-21 02:34 . 2008-01-21 02:34 39424 c:\windows\winsxs\x86_microsoft-windows-rasclienttools_31bf3856ad364e35_6.0.6002.18005_none_713248d4a5d30dec\rasphone.exe + 2008-01-21 02:34 . 2008-01-21 02:34 62464 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\wanarp.sys + 2006-11-02 08:58 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\rasser.dll + 2006-11-02 08:58 . 2006-11-02 09:46 32768 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\rasmxs.dll + 2008-01-21 02:34 . 2008-01-21 02:34 81408 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\rascfg.dll + 2008-01-21 02:34 . 2008-01-21 02:34 49664 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\ndproxy.sys + 2008-01-21 02:34 . 2008-01-21 02:34 20992 c:\windows\winsxs\x86_microsoft-windows-rasbase_31bf3856ad364e35_6.0.6002.18005_none_0fcbe0ed77911065\ndistapi.sys + 2006-11-02 08:57 . 2006-11-02 09:46 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\wshqos.dll + 2006-11-02 08:57 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\traffic.dll + 2006-11-02 08:57 . 2006-11-02 09:46 15360 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6002.18005_none_b036e19c54c66d2f\pacerprf.dll + 2008-01-21 02:33 . 2008-01-21 02:33 29184 c:\windows\winsxs\x86_microsoft-windows-profsvc_31bf3856ad364e35_6.0.6002.18005_none_fd9cd0792fced6f5\profprov.dll + 2008-01-21 02:34 . 2008-01-21 02:34 24064 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18005_none_dc87d5dda8042659\wbhstipm.dll + 2008-01-21 02:34 . 2008-01-21 02:34 22528 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18005_none_dc87d5dda8042659\wbhst_pm.dll + 2008-01-21 02:34 . 2008-01-21 02:34 15872 c:\windows\winsxs\x86_microsoft-windows-processmodellibraries_31bf3856ad364e35_6.0.6002.18005_none_dc87d5dda8042659\w3tp.dll + 2006-11-02 08:33 . 2006-11-02 09:46 53248 c:\windows\winsxs\x86_microsoft-windows-pnphotplugui_31bf3856ad364e35_6.0.6002.18005_none_eaccaa9547e03a1f\hotplug.dll + 2008-01-21 02:33 . 2008-01-21 02:33 42496 c:\windows\winsxs\x86_microsoft-windows-pnpdevicemanager_31bf3856ad364e35_6.0.6002.18005_none_15c2137e1ca283f9\dmocx.dll + 2008-01-21 02:34 . 2008-01-21 02:34 46592 c:\windows\winsxs\x86_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.0.6002.18005_none_9df537379e15bb5c\pdhui.dll + 2008-01-21 02:35 . 2008-01-21 02:35 66048 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollabElev.dll + 2008-01-21 02:35 . 2008-01-21 02:35 20480 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollabDecorator.dll + 2008-01-21 02:35 . 2008-01-21 02:35 56320 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollabContacts.dll + 2008-01-21 02:35 . 2008-01-21 02:35 39424 c:\windows\winsxs\x86_microsoft-windows-p..rnetprinting-client_31bf3856ad364e35_6.0.6002.18005_none_8cbddeb9c585058e\wpnpinst.exe + 2008-01-21 02:33 . 2008-01-21 02:33 96256 c:\windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\PlaMig.dll + 2006-11-02 09:15 . 2006-11-02 09:45 61440 c:\windows\winsxs\x86_microsoft-windows-p..randprintui-ntprint_31bf3856ad364e35_6.0.6002.18005_none_f1eef3487a8e01f0\ntprint.exe + 2006-11-02 08:35 . 2006-11-02 09:46 35840 c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfproc.dll + 2006-11-02 08:35 . 2006-11-02 09:46 28672 c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfos.dll + 2008-01-21 02:33 . 2008-01-21 02:33 19968 c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfnet.dll + 2006-11-02 08:35 . 2006-11-02 09:46 39424 c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll + 2008-01-21 02:34 . 2008-01-21 02:34 37888 c:\windows\winsxs\x86_microsoft-windows-p..ooler-networkclient_31bf3856ad364e35_6.0.6002.18005_none_3b5eb3c56e0bcf3e\printcom.dll + 2006-11-02 08:35 . 2006-11-02 09:45 39936 c:\windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6002.18005_none_630ef3dcfbf6e9a4\typeperf.exe + 2006-11-02 08:35 . 2006-11-02 09:45 37376 c:\windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6002.18005_none_630ef3dcfbf6e9a4\relog.exe + 2006-11-02 08:35 . 2006-11-02 09:45 17408 c:\windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6002.18005_none_630ef3dcfbf6e9a4\diskperf.exe + 2006-11-02 09:15 . 2006-11-02 09:45 60416 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6002.18005_none_d83fb8abf30e1638\printui.exe + 2008-01-21 02:34 . 2008-01-21 02:34 64512 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6002.18005_none_d83fb8abf30e1638\findnetprinters.dll + 2006-11-02 06:25 . 2006-09-18 21:43 13312 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\win87em.dll + 2006-11-02 07:10 . 2006-11-02 07:10 12704 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WFWNET.DRV + 2008-01-21 02:34 . 2008-01-21 02:34 41984 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\vdmredir.dll + 2006-11-02 07:10 . 2006-11-02 07:10 47840 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\USER.EXE + 2006-11-02 07:10 . 2006-11-02 07:10 13888 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\TOOLHELP.DLL + 2006-11-02 06:25 . 2006-09-18 21:43 18896 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\sysedit.exe + 2006-11-02 07:09 . 2006-11-02 07:09 11753 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\setver.exe + 2006-11-02 06:25 . 2006-09-18 21:43 46592 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\pmspl.dll + 2006-11-02 07:10 . 2006-11-02 07:10 24064 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\OLESVR.DLL + 2006-11-02 06:25 . 2006-09-18 21:43 82944 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\olecli.dll + 2006-11-02 08:35 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\ntvdmd.dll + 2006-11-02 07:09 . 2006-11-02 07:09 34672 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTIO804.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 35536 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTIO412.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 35776 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTIO411.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 34672 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTIO404.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 33952 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTIO.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 29146 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTDOS804.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 29274 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTDOS412.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 29370 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTDOS411.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 29146 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTDOS404.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 27866 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\NTDOS.SYS + 2006-11-02 07:10 . 2006-11-02 07:10 68992 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\MMSYSTEM.DLL + 2006-11-02 07:09 . 2006-11-02 07:09 39274 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\mem.exe + 2006-11-02 07:10 . 2006-11-02 07:10 92320 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\krnl386.exe + 2006-11-02 07:09 . 2006-11-02 07:09 42537 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\KEYBOARD.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 42809 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\KEY01.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 14710 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\KB16.COM + 2006-11-02 07:09 . 2006-11-02 07:09 19694 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\GRAPHICS.COM + 2008-01-21 02:34 . 2008-01-21 02:34 56320 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\graftabl.com + 2006-11-02 07:10 . 2006-11-02 07:10 24576 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\GDI.EXE + 2006-11-02 07:09 . 2006-11-02 07:09 12642 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\edlin.exe + 2006-11-02 07:09 . 2006-09-18 21:43 69886 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\edit.com + 2006-11-02 07:10 . 2006-11-02 07:10 28112 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\DRWATSON.EXE + 2006-11-02 07:10 . 2006-11-02 07:10 53536 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\dosx.exe + 2006-11-02 07:09 . 2006-11-02 07:09 20634 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\debug.exe + 2006-11-02 07:10 . 2006-11-02 07:10 39424 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\DDEML.DLL + 2006-11-02 06:25 . 2006-09-18 21:43 27200 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\ctl3dv2.dll + 2006-11-02 07:09 . 2006-11-02 07:09 27097 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\country.sys + 2006-11-02 07:10 . 2006-11-02 07:10 32816 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\COMMDLG.DLL + 2006-11-02 07:09 . 2006-11-02 07:09 50648 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\COMMAND.COM + 2006-11-02 07:10 . 2006-11-02 07:10 10544 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\COMM.drv + 2006-11-02 07:09 . 2006-11-02 07:09 12498 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\append.exe + 2008-01-21 02:33 . 2008-01-21 02:33 15360 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\bridgeunattend.exe + 2008-01-21 02:33 . 2008-01-21 02:33 61952 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\bridgemigplugin.dll + 2006-11-02 08:56 . 2006-11-02 09:46 24064 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\brdgcfg.dll + 2008-01-21 02:34 . 2008-01-21 02:34 21504 c:\windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.0.6002.18005_none_6250416df465f2b1\netbtugc.exe + 2008-01-21 02:33 . 2008-01-21 02:33 17408 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6002.18005_none_d31a09b83321829f\iashost.exe + 2008-01-21 02:33 . 2008-01-21 02:33 18944 c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll + 2008-01-21 02:34 . 2008-01-21 02:34 69632 c:\windows\winsxs\x86_microsoft-windows-n..essprotection-agent_31bf3856ad364e35_6.0.6002.18005_none_0883ae29eaa2c24f\QCLIPROV.DLL + 2008-01-21 02:34 . 2008-01-21 02:34 61440 c:\windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.0.6002.18005_none_45f9f0dde92709b8\winipsec.dll + 2006-11-02 12:34 . 2006-11-02 12:34 13824 c:\windows\winsxs\x86_microsoft-windows-msmq-admin_31bf3856ad364e35_6.0.6002.18005_none_b9397aaa3a8e3002\mqcertui.dll + 2008-01-21 02:34 . 2008-01-21 02:34 58880 c:\windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6002.18005_none_c92df35a758f4008\msobjs.dll + 2008-01-21 02:34 . 2008-01-21 02:34 41472 c:\windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6002.18005_none_c92df35a758f4008\auditpol.exe + 2008-01-21 02:33 . 2008-01-21 02:33 54272 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\usmt2xtr.dll + 2008-01-21 02:33 . 2008-01-21 02:33 87552 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\MXEAgent.dll + 2008-01-21 02:34 . 2008-01-21 02:34 87552 c:\windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6002.18005_none_eb13e63d87485b7f\msoert2.dll + 2006-11-02 07:28 . 2006-11-02 07:28 39424 c:\windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6002.18005_none_eb13e63d87485b7f\ACCTRES.dll + 2006-11-02 07:28 . 2006-11-02 08:48 84480 c:\windows\winsxs\x86_microsoft-windows-mail-comm-dll_31bf3856ad364e35_6.0.6002.18005_none_7b9ca37655ae6fb5\INETRES.dll + 2008-01-21 02:32 . 2008-01-21 02:32 81408 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\oeimport.dll + 2006-11-02 12:33 . 2006-11-02 12:33 24064 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\DirectDB.dll + 2008-01-21 02:33 . 2008-01-21 02:33 98304 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TapiMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 31232 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TableTextServiceMig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 72704 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\SxsMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\nlscoremig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 59904 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\msdtcstp.dll + 2008-01-21 02:33 . 2008-01-21 02:33 22528 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imtcmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 31744 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imscmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 35328 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\imjpmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\icfupgd.dll + 2008-01-21 02:33 . 2008-01-21 02:33 87552 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\CscMig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 55808 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\commig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 56320 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\cmmigr.dll + 2008-01-21 02:33 . 2008-01-21 02:33 73216 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\BthMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 61952 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\bridgemigplugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 60928 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\bitsmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 89088 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\adammigrate.dll + 2009-08-17 21:58 . 2009-06-15 15:00 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\secur32.dll + 2009-08-17 21:58 . 2009-06-15 14:53 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\secur32.dll + 2009-08-17 21:58 . 2009-06-15 15:25 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\secur32.dll + 2009-08-17 21:58 . 2009-06-15 15:24 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\secur32.dll + 2009-08-17 21:58 . 2009-06-15 15:08 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\secur32.dll + 2009-08-17 21:58 . 2009-06-15 15:28 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\secur32.dll + 2006-11-02 12:35 . 2006-11-02 12:35 10752 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\wamregps.dll + 2008-01-21 02:35 . 2008-01-21 02:35 26624 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\rsca.dll + 2008-01-21 02:35 . 2008-01-21 02:35 59392 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iissyspr.dll + 2008-01-21 02:35 . 2008-01-21 02:35 30720 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisrstas.exe + 2008-01-21 02:35 . 2008-01-21 02:35 14848 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisreset.exe + 2008-01-21 02:35 . 2008-01-21 02:35 89088 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisreg.dll + 2008-01-21 02:35 . 2008-01-21 02:35 27136 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\ahadmin.dll + 2008-01-21 02:35 . 2008-01-21 02:35 51712 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\admwprox.dll + 2008-01-21 02:35 . 2008-01-21 02:35 32256 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\wamreg.dll + 2006-11-02 12:35 . 2006-11-02 12:35 19968 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\iscomlog.dll + 2008-01-21 02:35 . 2008-01-21 02:35 55296 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\isatq.dll + 2006-11-02 12:35 . 2006-11-02 12:35 16384 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\infoadmn.dll + 2008-01-21 02:35 . 2008-01-21 02:35 13824 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\inetinfo.exe + 2008-01-21 02:35 . 2008-01-21 02:35 20480 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\iisadmin.dll + 2008-01-21 02:35 . 2008-01-21 02:35 75776 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\coadmin.dll + 2008-01-21 02:34 . 2008-01-21 02:34 23552 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.18005_none_d195813326668869\w3dt.dll + 2008-01-21 02:34 . 2008-01-21 02:34 12800 c:\windows\winsxs\x86_microsoft-windows-iis-corewebengine_31bf3856ad364e35_6.0.6002.18005_none_d195813326668869\hwebcore.dll + 2008-01-21 02:33 . 2008-01-21 02:33 69120 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iesetup.dll + 2008-01-21 02:33 . 2008-01-21 02:33 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\iernonce.dll + 2008-01-21 02:33 . 2008-01-21 02:33 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6002.18005_none_c7bc2e305b9b14ba\ie4uinit.exe + 2006-11-02 08:36 . 2006-11-02 09:46 16384 c:\windows\winsxs\x86_microsoft-windows-ie-runoncessetup_31bf3856ad364e35_6.0.6002.18005_none_8ada417dc83b84b1\iessetup.dll + 2006-11-02 08:49 . 2006-11-02 09:45 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\ieUnatt.exe + 2008-01-21 02:34 . 2008-01-21 02:34 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_6.0.6002.18005_none_fe396815d7e3cf11\msfeedssync.exe + 2008-01-21 02:33 . 2008-01-21 02:33 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6002.18005_none_b01d9ad903e7b4d8\admparse.dll + 2006-11-02 08:38 . 2006-11-02 09:46 32256 c:\windows\winsxs\x86_microsoft-windows-icm-base_31bf3856ad364e35_6.0.6002.18005_none_24b3636086850491\WcsPlugInService.dll + 2009-08-15 05:24 . 2009-04-11 06:28 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\WininetPlugin.dll + 2009-08-15 05:24 . 2009-04-11 06:28 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\jsproxy.dll + 2008-01-21 02:33 . 2008-01-21 02:33 18944 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18005_none_1732cf8206b3dc2f\tzupd.exe + 2008-01-21 02:34 . 2008-01-21 02:34 23040 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18005_none_13ce8bde797c36f2\tunnel.sys + 2008-01-21 02:34 . 2008-01-21 02:34 15360 c:\windows\winsxs\x86_microsoft-windows-i..oexistencemigration_31bf3856ad364e35_6.0.6002.18005_none_13ce8bde797c36f2\TUNMP.SYS + 2008-01-21 02:35 . 2008-01-21 02:35 12288 c:\windows\winsxs\x86_microsoft-windows-i..httptracingbinaries_31bf3856ad364e35_6.0.6002.18005_none_3172619518138603\iisetw.dll + 2006-11-02 08:38 . 2006-11-02 09:46 58368 c:\windows\winsxs\x86_microsoft-windows-i..hinese-imepadapplet_31bf3856ad364e35_6.0.6002.18005_none_fd148db3f8a0d120\IMTCDIC.dll + 2006-11-02 08:55 . 2006-11-02 09:46 22016 c:\windows\winsxs\x86_microsoft-windows-hid-user_31bf3856ad364e35_6.0.6002.18005_none_d897c17984907383\hid.dll + 2008-01-21 02:33 . 2008-01-21 02:33 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll + 2008-01-21 02:33 . 2008-01-21 02:33 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\fontsub.dll + 2006-11-02 08:38 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\dciman32.dll + 2009-08-15 05:25 . 2009-04-11 06:28 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\atmlib.dll + 2006-11-02 08:32 . 2006-11-02 09:44 20480 c:\windows\winsxs\x86_microsoft-windows-f..temcompareutilities_31bf3856ad364e35_6.0.6002.18005_none_02b21d8f327e1d66\comp.exe + 2008-01-21 02:33 . 2008-01-21 02:33 56320 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6002.18005_none_22622b2203060735\wermgr.exe + 2008-01-21 02:33 . 2008-01-21 02:33 30208 c:\windows\winsxs\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_6.0.6002.18005_none_22622b2203060735\werdiagcontroller.dll + 2008-01-21 02:33 . 2008-01-21 02:33 62976 c:\windows\winsxs\x86_microsoft-windows-errorreportingconsole_31bf3856ad364e35_6.0.6002.18005_none_57f8aa83200752e7\wercplsupport.dll + 2008-01-21 02:34 . 2008-01-21 02:34 57344 c:\windows\winsxs\x86_microsoft-windows-e..otocol-host-service_31bf3856ad364e35_6.0.6002.18005_none_8c3560ecfb3fdb56\eapsvc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 41472 c:\windows\winsxs\x86_microsoft-windows-e..-protocol-host-peer_31bf3856ad364e35_6.0.6002.18005_none_65ff0438c08bf3b7\eappprxy.dll + 2008-01-21 02:34 . 2008-01-21 02:34 12198 c:\windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6002.18005_none_6d5787d470a61746\gatherWiredInfo.vbs + 2008-01-21 02:34 . 2008-01-21 02:34 45568 c:\windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6002.18005_none_6d5787d470a61746\dot3dlg.dll + 2008-01-21 02:34 . 2008-01-21 02:34 45056 c:\windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6002.18005_none_6d5787d470a61746\dot3api.dll + 2008-01-21 02:34 . 2008-01-21 02:34 25088 c:\windows\winsxs\x86_microsoft-windows-dns-client_31bf3856ad364e35_6.0.6002.18005_none_e3cdf5e97f7b2eb7\dnscacheugc.exe + 2006-11-02 09:03 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d8thk.dll + 2006-11-02 08:56 . 2006-11-02 09:46 10240 c:\windows\winsxs\x86_microsoft-windows-dhcp-client-dll_31bf3856ad364e35_6.0.6002.18005_none_d945a2ac2bb19ac6\dhcpcmonitor.dll + 2008-01-21 02:34 . 2008-01-21 02:34 81920 c:\windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.0.6002.18005_none_8f8f0d20ba53c683\dwmredir.dll + 2008-01-21 02:33 . 2008-01-21 02:33 39936 c:\windows\winsxs\x86_microsoft-windows-d..opwindowmanager-api_31bf3856ad364e35_6.0.6002.18005_none_e1fa5d993d1f2640\dwmapi.dll + 2006-11-02 08:55 . 2006-11-02 09:46 22528 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18005_none_6770865eab1bf87f\msyuv.dll + 2006-11-02 08:55 . 2006-11-02 09:46 49664 c:\windows\winsxs\x86_microsoft-windows-d..olorspaceconverters_31bf3856ad364e35_6.0.6002.18005_none_6770865eab1bf87f\iyuv_32.dll + 2006-11-02 08:38 . 2006-11-02 09:46 11776 c:\windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6002.18005_none_3c77bb369c52cd10\padrs804.dll + 2006-11-02 08:38 . 2006-11-02 09:46 11264 c:\windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.0.6002.18005_none_3c77bb369c52cd10\padrs404.dll + 2008-01-21 02:34 . 2008-01-21 02:34 14336 c:\windows\winsxs\x86_microsoft-windows-d..-japanese-utilities_31bf3856ad364e35_6.0.6002.18005_none_ef1cb7f16f3c7508\IMJPDADM.EXE + 2008-01-21 02:34 . 2008-01-21 02:34 35328 c:\windows\winsxs\x86_microsoft-windows-d..-japanese-migration_31bf3856ad364e35_6.0.6002.18005_none_1051bfce8308a832\imjpmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 17408 c:\windows\winsxs\x86_microsoft-windows-coreusermodepnp_31bf3856ad364e35_6.0.6002.18005_none_78ed24422a0dc451\cfgmgr32.dll + 2008-01-21 02:33 . 2008-01-21 02:33 12800 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.0.6002.18005_none_273dbf533b731283\fs_rec.sys + 2008-01-21 02:34 . 2008-01-21 02:34 17408 c:\windows\winsxs\x86_microsoft-windows-convert_31bf3856ad364e35_6.0.6002.18005_none_9ec0c3c7a573ff4b\convert.exe + 2006-11-02 08:31 . 2006-11-02 09:46 31232 c:\windows\winsxs\x86_microsoft-windows-convert_31bf3856ad364e35_6.0.6002.18005_none_9ec0c3c7a573ff4b\cnvfat.dll + 2008-01-21 02:34 . 2008-01-21 02:34 38912 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6002.18005_none_4ede66c2b66f93f3\xolehlp.dll + 2006-11-02 08:43 . 2006-11-02 09:46 41984 c:\windows\winsxs\x86_microsoft-windows-certutil_31bf3856ad364e35_6.0.6002.18005_none_b77080f9307e5e18\certenc.dll + 2006-11-02 08:45 . 2006-11-02 09:46 14848 c:\windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6002.18005_none_1948307cbc8d5ac3\netrap.dll + 2008-01-21 02:34 . 2008-01-21 02:34 52736 c:\windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6002.18005_none_1948307cbc8d5ac3\expand.exe + 2008-01-21 02:34 . 2008-01-21 02:34 46592 c:\windows\winsxs\x86_microsoft-windows-b..environment-windows_31bf3856ad364e35_6.0.6002.18005_none_6b24103689ec6965\setbcdlocale.dll + 2008-01-21 02:34 . 2008-01-21 02:34 28160 c:\windows\winsxs\x86_microsoft-windows-azman_31bf3856ad364e35_6.0.6002.18005_none_58429241afdb27e5\AzSqlExt.dll + 2006-11-02 12:33 . 2006-11-02 12:33 20992 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dswave.dll + 2008-01-21 02:33 . 2008-01-21 02:33 84480 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmscript.dll + 2008-01-21 02:33 . 2008-01-21 02:33 38400 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll + 2006-11-02 12:33 . 2006-11-02 12:33 62976 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmcompos.dll + 2006-11-02 12:33 . 2006-11-02 12:33 30208 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmband.dll + 2006-11-02 08:39 . 2006-11-02 09:45 14336 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\pcaui.exe + 2006-11-02 08:39 . 2006-11-02 09:46 38912 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\acppage.dll + 2008-01-21 02:34 . 2008-01-21 02:34 13824 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_7cc3af8dde4f2233\apilogen.dll + 2008-01-21 02:34 . 2008-01-21 02:34 24064 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_7cc3af8dde4f2233\amxread.dll + 2006-11-02 08:29 . 2006-11-02 09:45 20992 c:\windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_d6fc7cca49dba20f\sdbinst.exe + 2006-11-02 08:29 . 2006-11-02 09:46 24576 c:\windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_d6fc7cca49dba20f\aelupsvc.dll + 2008-01-21 02:32 . 2008-01-21 02:32 52792 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\volmgr.sys + 2008-01-21 02:32 . 2008-01-21 02:32 56888 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\VIAAGP.SYS + 2008-01-21 02:32 . 2008-01-21 02:32 60984 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\ULIAGPKX.SYS + 2008-01-21 02:32 . 2008-01-21 02:32 15288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\swenum.sys + 2008-01-21 02:32 . 2008-01-21 02:32 22632 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\streamci.dll + 2008-01-21 02:32 . 2008-01-21 02:32 55864 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\SISAGP.SYS + 2008-01-21 02:32 . 2008-01-21 02:32 31288 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\mssmbios.sys + 2008-01-21 02:32 . 2008-01-21 02:32 16440 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\msisadrv.sys + 2008-01-21 02:32 . 2008-01-21 02:32 49720 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys + 2008-01-21 02:32 . 2008-01-21 02:32 57400 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AMDAGP.SYS + 2008-01-21 02:32 . 2008-01-21 02:32 56376 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys + 2008-01-21 02:32 . 2008-01-21 02:32 35384 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbdclass.sys + 2008-01-21 02:32 . 2008-01-21 02:32 54784 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\i8042prt.sys + 2008-01-21 02:32 . 2008-01-21 02:32 25472 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6002.18005_none_225b12d31d3f7b27\hidparse.sys + 2008-01-21 02:32 . 2008-01-21 02:32 21504 c:\windows\winsxs\x86_input.inf_31bf3856ad364e35_6.0.6002.18005_none_225b12d31d3f7b27\hidir.sys + 2008-01-21 02:32 . 2008-01-21 02:32 13568 c:\windows\winsxs\x86_brmfcsto.inf_31bf3856ad364e35_6.0.6002.18005_none_25dcd6df44d8819b\BrFiltLo.sys + 2008-01-21 02:32 . 2008-01-21 02:32 11264 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\wmiacpi.sys + 2008-01-21 02:32 . 2008-01-21 02:32 20792 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\compbatt.sys + 2008-01-21 02:32 . 2008-01-21 02:32 28216 c:\windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\battc.sys + 2008-01-21 02:32 . 2008-01-21 02:32 53376 c:\windows\winsxs\x86_1394.inf_31bf3856ad364e35_6.0.6002.18005_none_fd1acfab0309bd5e\1394bus.sys + 2009-08-17 17:20 . 2009-08-17 19:56 72118 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2008-01-21 01:58 . 2009-08-25 14:44 36874 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:02 . 2009-08-25 14:44 80278 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-08-17 22:41 . 2009-06-02 09:17 75776 c:\windows\System32\SmitfraudFix\WS2Fix.exe + 2009-08-17 22:41 . 2008-10-01 13:51 87552 c:\windows\System32\SmitfraudFix\VACFix.exe + 2009-08-17 22:41 . 2008-03-02 21:38 77312 c:\windows\System32\SmitfraudFix\UIFix.exe + 2009-08-17 22:41 . 2006-12-01 04:20 79360 c:\windows\System32\SmitfraudFix\swxcacls.exe + 2009-08-17 22:41 . 2006-01-09 08:36 40960 c:\windows\System32\SmitfraudFix\swsc.exe + 2009-08-17 22:41 . 2006-09-19 20:13 20480 c:\windows\System32\SmitfraudFix\SmiUpdate.exe + 2009-08-17 22:41 . 2006-03-07 20:45 16384 c:\windows\System32\SmitfraudFix\restart.exe + 2009-08-17 22:41 . 2008-09-03 09:39 24576 c:\windows\System32\SmitfraudFix\Reboot.exe + 2009-08-17 22:41 . 2003-06-05 19:13 53248 c:\windows\System32\SmitfraudFix\Process.exe + 2009-08-17 22:41 . 2008-09-20 10:45 80384 c:\windows\System32\SmitfraudFix\o4Patch.exe + 2009-08-17 22:41 . 2008-05-18 19:40 82944 c:\windows\System32\SmitfraudFix\IEDFix.exe + 2009-08-17 22:41 . 2008-11-29 16:58 82944 c:\windows\System32\SmitfraudFix\IEDFix.C.exe + 2009-08-17 22:41 . 2008-12-15 21:44 77824 c:\windows\System32\SmitfraudFix\HostsChk.exe + 2009-08-17 22:41 . 2008-07-22 10:27 82432 c:\windows\System32\SmitfraudFix\GenericRenosFix.exe + 2009-08-17 22:41 . 2004-07-31 16:50 51200 c:\windows\System32\SmitfraudFix\dumphive.exe + 2009-08-17 22:41 . 2008-12-11 23:57 78336 c:\windows\System32\SmitfraudFix\Agent.OMZ.Fix.exe + 2009-08-17 22:41 . 2008-08-18 10:19 82432 c:\windows\System32\SmitfraudFix\404Fix.exe - 2009-06-08 16:24 . 2009-08-17 18:10 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-06-08 16:24 . 2009-08-25 14:42 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-06-08 16:24 . 2009-08-25 14:42 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-06-08 16:24 . 2009-08-17 18:10 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-06-08 16:24 . 2009-08-17 18:10 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-06-08 16:24 . 2009-08-25 14:42 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-01-21 02:32 . 2008-01-21 02:32 5632 c:\windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6002.18005_none_6252d21f1747740d\drmkaud.sys + 2008-01-21 02:32 . 2008-01-21 02:32 5888 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\usbd.sys + 2008-01-21 02:32 . 2008-01-21 02:32 8704 c:\windows\winsxs\x86_usbport.inf_31bf3856ad364e35_6.0.6002.18005_none_bfadd87f00af6ca2\hccoin.dll + 2008-01-21 02:32 . 2008-01-21 02:32 9216 c:\windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\serscan.sys + 2008-01-21 02:34 . 2008-01-21 02:34 6656 c:\windows\winsxs\x86_microsoft-windows-x..rtificateenrollment_31bf3856ad364e35_6.0.6002.18005_none_f5822ffe8bc8ab63\CertEnrollCtrl.exe + 2006-11-02 07:15 . 2006-11-02 07:15 2048 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WmiApRes.dll + 2006-11-02 07:14 . 2006-11-02 07:14 6144 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WinMgmtR.dll + 2008-01-21 02:34 . 2008-01-21 02:34 1536 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmCl.dll + 2006-11-02 08:58 . 2006-11-02 09:45 9728 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\TCPSVCS.EXE + 2006-11-02 08:58 . 2006-11-02 09:45 8704 c:\windows\winsxs\x86_microsoft-windows-tcpip-utility_31bf3856ad364e35_6.0.6002.18005_none_34b26cb64bffedff\HOSTNAME.EXE + 2006-11-02 08:58 . 2006-11-02 09:39 3072 c:\windows\winsxs\x86_microsoft-windows-t..-platform-libraries_31bf3856ad364e35_6.0.6002.18005_none_ec5c63f1986ff65e\icmp.dll + 2006-11-02 08:45 . 2006-11-02 09:46 9728 c:\windows\winsxs\x86_microsoft-windows-smbserver_31bf3856ad364e35_6.0.6002.18005_none_fae06204e7fd48dd\sscore.dll + 2008-01-21 02:33 . 2008-01-21 02:33 9728 c:\windows\winsxs\x86_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.0.6002.18005_none_1c2bd6beaf3aa18d\wscproxystub.dll + 2008-01-21 02:34 . 2008-01-21 02:34 8192 c:\windows\winsxs\x86_microsoft-windows-riched32_31bf3856ad364e35_6.0.6002.18005_none_9eec2ce27fbd701c\riched32.dll + 2006-11-02 08:35 . 2006-11-02 09:45 7680 c:\windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\plasrv.exe + 2006-11-02 07:10 . 2006-11-02 07:10 8960 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WOWEXEC.EXE + 2006-11-02 07:10 . 2006-11-02 07:10 2864 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WOWDEB.EXE + 2006-11-02 07:10 . 2006-11-02 07:10 2112 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSPOOL.EXE + 2006-11-02 07:10 . 2006-11-02 07:10 2864 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSOCK.DLL + 2006-11-02 07:10 . 2006-11-02 07:10 5120 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINNLS.DLL + 2006-11-02 08:35 . 2006-11-02 08:35 6656 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\win.com + 2006-11-02 07:10 . 2006-11-02 07:10 9216 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WIFEMAN.DLL + 2006-11-02 07:10 . 2006-11-02 07:10 2176 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\vga.drv + 2006-11-02 06:25 . 2006-09-18 21:43 9008 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\ver.dll + 2006-11-02 07:10 . 2006-11-02 07:10 4048 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\TIMER.DRV + 2006-11-02 07:10 . 2006-11-02 07:10 3360 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\system.drv + 2006-11-02 07:10 . 2006-11-02 07:10 1744 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\sound.drv + 2006-11-02 07:10 . 2006-11-02 07:10 5120 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\SHELL.DLL + 2006-11-02 07:10 . 2006-11-02 07:10 2842 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\redir.exe + 2006-11-02 07:09 . 2006-11-02 07:09 7052 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\nlsfunc.exe + 2006-11-02 07:10 . 2006-11-02 07:10 2032 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\mouse.drv + 2006-11-02 06:25 . 2006-09-18 21:43 9936 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\lzexpand.dll + 2006-11-02 07:10 . 2006-11-02 07:10 2000 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\keyboard.drv + 2006-11-02 07:09 . 2006-11-02 07:09 4768 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\HIMEM.SYS + 2006-11-02 07:09 . 2006-11-02 07:09 8424 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\exe2bin.exe + 2006-11-02 07:09 . 2006-11-02 07:09 9029 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\ANSI.SYS + 2006-11-02 07:38 . 2006-11-02 07:38 2048 c:\windows\winsxs\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.0.6002.18005_none_09d569e703376473\bridgeres.dll + 2006-11-02 07:43 . 2006-09-19 11:41 9560 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\office_48.bin + 2006-11-02 07:43 . 2006-09-19 11:41 4280 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\office_32.bin + 2006-11-02 07:43 . 2006-09-19 11:41 2456 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\office_24.bin + 2006-11-02 07:43 . 2006-09-19 11:41 9560 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\house_48.bin + 2006-11-02 07:43 . 2006-09-19 11:41 4280 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\house_32.bin + 2006-11-02 07:43 . 2006-09-19 11:41 2456 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\house_24.bin + 2006-11-02 07:43 . 2006-09-19 11:41 9560 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\bench_48.bin + 2006-11-02 07:43 . 2006-09-19 11:41 4280 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\bench_32.bin + 2006-11-02 07:43 . 2006-09-19 11:41 2456 c:\windows\winsxs\x86_microsoft-windows-netshell_31bf3856ad364e35_6.0.6002.18005_none_d76ee3df0b2c9479\bench_24.bin + 2006-11-02 08:22 . 2006-11-02 08:22 4096 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons002a.dll + 2006-11-02 08:26 . 2006-11-02 09:41 2048 c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18005_none_8a59754e93f83a6b\msxml6r.dll + 2006-11-02 08:26 . 2006-11-02 09:41 2048 c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18005_none_8a59b9a693f7ed88\msxml3r.dll + 2006-11-02 12:34 . 2006-11-02 12:34 9216 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\migres.dll + 2009-08-17 21:58 . 2009-06-15 12:51 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe + 2009-08-17 21:58 . 2009-06-15 12:48 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe + 2008-01-21 02:33 . 2008-01-21 02:33 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe + 2009-08-17 21:58 . 2009-06-15 13:03 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe + 2009-08-17 21:58 . 2009-06-15 12:57 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe + 2009-08-17 21:58 . 2009-06-15 12:59 7680 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe + 2009-08-17 21:58 . 2009-06-15 13:10 7680 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe + 2008-01-21 02:35 . 2008-01-21 02:35 9216 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\w3ctrlps.dll + 2006-11-02 12:35 . 2006-11-02 12:35 8192 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisrstap.dll + 2006-11-02 12:35 . 2006-11-02 12:35 7680 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\rpcref.dll + 2006-11-02 12:35 . 2006-11-02 12:35 9728 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\infoctrs.dll + 2006-11-02 06:58 . 2006-11-02 06:58 2048 c:\windows\winsxs\x86_microsoft-windows-i..rnational-timezones_31bf3856ad364e35_6.0.6002.18005_none_1732cf8206b3dc2f\tzres.dll + 2006-11-02 12:35 . 2006-11-02 12:35 2048 c:\windows\winsxs\x86_microsoft-windows-dfsr-core-clientonly_31bf3856ad364e35_6.0.6002.18005_none_b86505b69725e0c7\dfsrres.dll + 2006-11-02 09:16 . 2006-11-02 09:44 5120 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.0.6002.18005_none_273dbf533b731283\wmi.dll + 2006-11-02 07:21 . 2006-11-02 09:41 2048 c:\windows\winsxs\x86_microsoft-windows-basic-misc-tools_31bf3856ad364e35_6.0.6002.18005_none_1948307cbc8d5ac3\netmsg.dll + 2006-11-02 08:39 . 2006-11-02 09:45 7680 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\pcalua.exe + 2006-11-02 08:39 . 2006-11-02 09:45 8192 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\pcaelv.exe + 2006-11-02 07:11 . 2006-11-02 07:11 2048 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\acprgwiz.dll + 2006-11-02 07:11 . 2006-11-02 07:11 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6002.18005_none_0e0db135ef6e3719\AcRes.dll + 2008-01-21 02:32 . 2008-01-21 02:32 6656 c:\windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6002.18005_none_9939e6e4d61ab7ca\kbd106.dll + 2008-01-21 02:32 . 2008-01-21 02:32 5248 c:\windows\winsxs\x86_brmfcsto.inf_31bf3856ad364e35_6.0.6002.18005_none_25dcd6df44d8819b\BrFiltUp.sys + 2009-08-15 17:26 . 2009-08-25 14:11 2696 c:\windows\System32\WDI\ERCQueuedResolutions.dat + 2009-08-15 07:09 . 2009-08-25 14:44 6986 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-844170768-4260775691-1047339817-1001_UserData.bin + 2009-08-14 19:52 . 2009-08-22 06:26 3602 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-844170768-4260775691-1047339817-1000_UserData.bin + 2009-08-17 22:41 . 2008-05-27 21:17 3584 c:\windows\System32\SmitfraudFix\Policies.exe + 2009-08-17 22:41 . 2007-08-21 06:00 1536 c:\windows\System32\SmitfraudFix\exit.exe + 2009-08-17 22:41 . 2001-08-28 12:00 4224 c:\windows\System32\SmitfraudFix\beep_XP_original.sys + 2009-08-17 22:41 . 2008-08-07 14:27 4080 c:\windows\System32\SmitfraudFix\beep_2K_original.sys + 2008-01-21 02:35 . 2008-01-21 02:35 688128 c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6002.18005_none_83a8694719af9b52\System.Speech.dll + 2008-01-21 02:32 . 2008-01-21 02:32 151552 c:\windows\winsxs\x86_wpdmtp.inf_31bf3856ad364e35_6.0.6002.18005_none_2185beaf83d2688d\WpdMtp.dll + 2008-01-21 02:32 . 2008-01-21 02:32 338944 c:\windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6002.18005_none_6252d21f1747740d\SysFxUI.dll + 2008-01-21 02:32 . 2008-01-21 02:32 130048 c:\windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6002.18005_none_6252d21f1747740d\drmk.sys + 2006-11-02 12:33 . 2006-11-02 12:33 653928 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MsMpRes.dll + 2008-01-21 02:33 . 2008-01-21 02:33 215096 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MsMpCom.dll + 2008-01-21 02:33 . 2008-01-21 02:33 272952 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpSvc.dll + 2008-01-21 02:33 . 2008-01-21 02:33 134200 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpSigDwn.dll + 2008-01-21 02:33 . 2008-01-21 02:33 671288 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpRtMon.dll + 2008-01-21 02:33 . 2008-01-21 02:33 319544 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpCmdRun.exe + 2008-01-21 02:32 . 2008-01-21 02:32 312888 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpClient.dll + 2008-01-21 02:32 . 2008-01-21 02:32 207872 c:\windows\winsxs\x86_ntprint.inf_31bf3856ad364e35_6.0.6002.18005_none_3cec160db7d4ac84\I386\PCLXL.DLL + 2008-01-21 02:34 . 2008-01-21 02:34 403968 c:\windows\winsxs\x86_networking-mpssvc-svc_31bf3856ad364e35_6.0.6002.18005_none_9bffb484c4fe88e5\FirewallAPI.dll + 2008-01-21 02:33 . 2008-01-21 02:33 372224 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\WMIMigrationPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 204800 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\framedynos.dll + 2008-01-21 02:33 . 2008-01-21 02:33 202240 c:\windows\winsxs\x86_microsoft-windows-wmi-core_31bf3856ad364e35_6.0.6002.18005_none_bb3f7c211cba6b3f\framedyn.dll + 2008-01-21 02:33 . 2008-01-21 02:33 357888 c:\windows\winsxs\x86_microsoft-windows-wmi-core-wbemcomn-dll_31bf3856ad364e35_6.0.6002.18005_none_0566a709205437e7\wbemcomn.dll + 2008-01-21 02:32 . 2008-01-21 02:32 302592 c:\windows\winsxs\x86_microsoft-windows-wlansvc_31bf3856ad364e35_6.0.6002.18005_none_9e2fbb5f0207ec84\wlansec.dll + 2009-08-16 08:23 . 2008-06-16 22:22 864256 c:\windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_fr-fr_4538a9dc2994090c\infocard.resources.dll + 2006-11-02 08:48 . 2006-11-02 09:45 516096 c:\windows\winsxs\x86_microsoft-windows-wab-app_31bf3856ad364e35_6.0.6002.18005_none_4494d68cd4b469ae\wab.exe + 2006-11-02 12:33 . 2006-11-02 12:33 198144 c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\sti.dll + 2008-01-21 02:34 . 2008-01-21 02:34 175616 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmWmiPl.dll + 2008-01-21 02:34 . 2008-01-21 02:34 123904 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WsmAuto.dll + 2008-01-21 02:34 . 2008-01-21 02:34 188928 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\WSManMigrationPlugin.dll + 2008-01-21 02:34 . 2008-01-21 02:34 195122 c:\windows\winsxs\x86_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.0.6002.18005_none_cc50ee6baa2997a1\winrm.vbs + 2008-01-21 02:33 . 2008-01-21 02:33 143872 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\modemmigplugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 205312 c:\windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.0.6002.18005_none_f6ed1a9a1bcc8805\mdminst.dll + 2009-08-15 05:25 . 2009-04-11 06:28 136192 c:\windows\winsxs\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.0.6002.18005_none_31d980c8c2ca01c9\aaclient.dll + 2008-01-21 02:32 . 2008-01-21 02:32 276992 c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18005_none_cc7c00e534312d1f\InkDiv.dll + 2008-01-21 02:35 . 2008-01-21 02:35 318464 c:\windows\winsxs\x86_microsoft-windows-systemrestore-main_31bf3856ad364e35_6.0.6002.18005_none_48cb48f3b060c975\rstrui.exe + 2008-01-21 02:33 . 2008-01-21 02:33 402432 c:\windows\winsxs\x86_microsoft-windows-speechengine_31bf3856ad364e35_6.0.6002.18005_none_f0a9964297040c1c\srloc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 416768 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\win32ui.dll + 2008-01-21 02:34 . 2008-01-21 02:34 266752 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\W32UIRes.dll + 2008-01-21 02:34 . 2008-01-21 02:34 195640 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\Setup.exe + 2008-01-21 02:34 . 2008-01-21 02:34 121856 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\diagnostic.dll + 2008-01-21 02:34 . 2008-01-21 02:34 167424 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\ActionQueue.dll + 2009-08-16 14:01 . 2009-04-11 06:28 182784 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\xmllite.dll + 2009-08-16 14:01 . 2009-04-11 06:28 218624 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll + 2009-08-16 14:01 . 2009-04-11 06:28 744448 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wbemcore.dll + 2009-08-16 14:01 . 2009-04-11 06:28 357888 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wbemcomn.dll + 2009-08-16 14:01 . 2009-04-11 06:28 116736 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\smipi.dll + 2009-08-16 14:01 . 2009-04-11 06:28 139264 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\SmiInstaller.dll + 2009-08-16 14:01 . 2009-04-11 06:28 705536 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\smiengine.dll + 2009-08-16 14:01 . 2009-04-11 06:28 126464 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\rescinst.dll + 2009-08-16 14:01 . 2009-04-11 06:28 265728 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\repdrvfs.dll + 2009-08-16 14:01 . 2009-04-11 06:27 119296 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe + 2009-08-16 14:01 . 2009-04-11 06:27 130560 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\PkgMgr.exe + 2009-08-16 14:01 . 2009-04-11 06:28 146432 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\OEMHelpIns.dll + 2009-08-16 14:01 . 2009-04-11 06:28 305152 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\msdelta.dll + 2009-08-16 14:01 . 2009-04-11 06:28 102400 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\mofinstall.dll + 2009-08-16 14:01 . 2009-04-11 06:28 189440 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\mofd.dll + 2009-08-16 14:01 . 2009-04-11 06:28 222720 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\locdrv.dll + 2009-08-16 14:01 . 2009-04-11 06:28 100352 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\helpcins.dll + 2009-08-16 14:01 . 2009-04-11 06:28 614912 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\fastprox.dll + 2009-08-16 14:01 . 2009-04-11 06:28 265728 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\esscli.dll + 2009-08-16 14:01 . 2009-04-11 06:28 247808 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\drvstore.dll + 2009-08-16 14:01 . 2009-04-11 06:28 100352 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll + 2009-08-16 14:01 . 2009-04-11 06:28 258048 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\dpx.dll + 2009-08-16 14:01 . 2009-04-11 06:28 243712 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CntrtextInstaller.dll + 2009-08-16 14:01 . 2009-04-11 06:28 271360 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cmitrust.dll + 2009-08-16 14:01 . 2009-04-11 06:28 119808 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cmiadapter.dll + 2009-08-16 14:01 . 2009-04-11 06:28 535040 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll + 2009-08-16 14:01 . 2009-04-11 06:28 199168 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\apss.dll + 2009-08-16 14:01 . 2009-04-11 06:28 222208 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\apircl.dll + 2009-08-17 21:58 . 2009-06-15 15:00 270848 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6002.22152_none_2452506b6bad8187\schannel.dll + 2009-08-17 21:58 . 2009-06-15 14:53 270848 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6002.18051_none_23c7b3565290c866\schannel.dll + 2009-08-17 21:58 . 2009-06-15 15:25 270848 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.22450_none_2269ddef6e88f9b5\schannel.dll + 2009-08-17 21:58 . 2009-06-15 15:24 270848 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.18272_none_21cc9ffa5579c754\schannel.dll + 2009-08-17 21:58 . 2009-06-15 15:08 272384 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.21067_none_207fa79f71646c31\schannel.dll + 2009-08-17 21:58 . 2009-06-15 15:28 272384 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.16870_none_1fe460c0585503b5\schannel.dll + 2009-08-17 21:58 . 2009-06-15 14:59 217600 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.22152_none_7eeef23078f56dde\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 14:53 218624 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6002.18051_none_7e64551b5fd8b4bd\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 15:24 213504 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.22450_none_7d067fb47bd0e60c\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 15:22 213504 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6001.18272_none_7c6941bf62c1b3ab\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 15:06 216576 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.21067_none_7b1c49647eac5888\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 15:25 216576 c:\windows\winsxs\x86_microsoft-windows-security-ntlm_31bf3856ad364e35_6.0.6000.16870_none_7a810285659cf00c\msv1_0.dll + 2009-08-17 21:58 . 2009-06-15 14:58 500736 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6002.22152_none_e912e288c7383abe\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 14:52 499712 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6002.18051_none_e8884573ae1b819d\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 15:22 500736 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6001.22450_none_e72a700cca13b2ec\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 15:21 499712 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6001.18272_none_e68d3217b104808b\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 15:04 496640 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6000.21067_none_e54039bcccef2568\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 15:23 494592 c:\windows\winsxs\x86_microsoft-windows-security-kerberos_31bf3856ad364e35_6.0.6000.16870_none_e4a4f2ddb3dfbcec\kerberos.dll + 2009-08-17 21:58 . 2009-06-15 15:00 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.22152_none_3d095074931fbe8f\wdigest.dll + 2009-08-17 21:58 . 2009-06-15 14:54 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6002.18051_none_3c7eb35f7a03056e\wdigest.dll + 2009-08-17 21:58 . 2009-06-15 15:26 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.22450_none_3b20ddf895fb36bd\wdigest.dll + 2009-08-17 21:58 . 2009-06-15 15:24 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6001.18272_none_3a83a0037cec045c\wdigest.dll + 2009-08-17 21:58 . 2009-06-15 15:09 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.21067_none_3936a7a898d6a939\wdigest.dll + 2009-08-17 21:58 . 2009-06-15 15:29 175104 c:\windows\winsxs\x86_microsoft-windows-security-digest_31bf3856ad364e35_6.0.6000.16870_none_389b60c97fc740bd\wdigest.dll + 2008-01-21 02:32 . 2008-01-21 02:32 104960 c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6002.18005_none_26f5355863ea5f18\sdrsvc.dll + 2008-01-21 02:32 . 2008-01-21 02:32 730624 c:\windows\winsxs\x86_microsoft-windows-safedocs-main_31bf3856ad364e35_6.0.6002.18005_none_26f5355863ea5f18\sdengin2.dll + 2008-01-21 02:34 . 2008-01-21 02:34 116736 c:\windows\winsxs\x86_microsoft-windows-rasbase-rassstp_31bf3856ad364e35_6.0.6002.18005_none_9bbd28fee50e4840\sstpsvc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 456704 c:\windows\winsxs\x86_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.0.6002.18005_none_9df537379e15bb5c\wvc.dll + 2008-01-21 02:34 . 2008-01-21 02:34 120320 c:\windows\winsxs\x86_microsoft-windows-performancetoolsgui_31bf3856ad364e35_6.0.6002.18005_none_9df537379e15bb5c\perfmon.exe + 2008-01-21 02:35 . 2008-01-21 02:35 202240 c:\windows\winsxs\x86_microsoft-windows-peertopeerbase_31bf3856ad364e35_6.0.6002.18005_none_6dc3b4192328b522\P2P.dll + 2008-01-21 02:34 . 2008-01-21 02:34 109056 c:\windows\winsxs\x86_microsoft-windows-packagemanager_31bf3856ad364e35_6.0.6002.18005_none_eec33d27f06610f3\SSShim.dll + 2008-01-21 02:35 . 2008-01-21 02:35 163840 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollabFile.dll + 2008-01-21 02:34 . 2008-01-21 02:34 337408 c:\windows\winsxs\x86_microsoft-windows-p..ncetoolscommandline_31bf3856ad364e35_6.0.6002.18005_none_630ef3dcfbf6e9a4\tracerpt.exe + 2008-01-21 02:34 . 2008-01-21 02:34 300032 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6002.18005_none_d83fb8abf30e1638\puiobj.dll + 2008-01-21 02:34 . 2008-01-21 02:34 276480 c:\windows\winsxs\x86_microsoft-windows-p..installerandprintui_31bf3856ad364e35_6.0.6002.18005_none_d83fb8abf30e1638\compstui.dll + 2006-11-02 06:25 . 2006-09-18 21:43 256192 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\winhelp.exe + 2008-01-21 02:34 . 2008-01-21 02:34 520704 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\ntvdm.exe + 2006-11-02 06:25 . 2006-09-18 21:43 108464 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\netapi.dll + 2006-11-02 06:25 . 2006-09-18 21:43 221600 c:\windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\lanman.drv + 2008-01-21 02:33 . 2008-01-21 02:33 129024 c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndismigplugin.dll + 2008-01-21 02:34 . 2008-01-21 02:34 172544 c:\windows\winsxs\x86_microsoft-windows-n..essprotection-agent_31bf3856ad364e35_6.0.6002.18005_none_0883ae29eaa2c24f\QAGENT.DLL + 2008-01-21 02:34 . 2008-01-21 02:34 272896 c:\windows\winsxs\x86_microsoft-windows-n..-domain-clients-svc_31bf3856ad364e35_6.0.6002.18005_none_45f9f0dde92709b8\polstore.dll + 2008-01-21 02:35 . 2008-01-21 02:35 122880 c:\windows\winsxs\x86_microsoft-windows-msmq-installer_31bf3856ad364e35_6.0.6002.18005_none_7cfd1e3efd565efd\mqmigplugin.dll + 2006-11-02 06:52 . 2006-11-02 09:40 145920 c:\windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.0.6002.18005_none_c92df35a758f4008\msaudite.dll + 2008-01-21 02:33 . 2008-01-21 02:33 258560 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\mighost.exe + 2008-01-21 02:33 . 2008-01-21 02:33 479232 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\docagent.dll + 2008-01-21 02:33 . 2008-01-21 02:33 248832 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\csiagent.dll + 2008-01-21 02:33 . 2008-01-21 02:33 159232 c:\windows\winsxs\x86_microsoft-windows-migrationengine_31bf3856ad364e35_6.0.6002.18005_none_5a9350bed861c820\cmi2migxml.dll + 2008-01-21 02:34 . 2008-01-21 02:34 205824 c:\windows\winsxs\x86_microsoft-windows-mail-core_31bf3856ad364e35_6.0.6002.18005_none_eb13e63d87485b7f\msoeacct.dll + 2008-01-21 02:32 . 2008-01-21 02:32 397312 c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6002.18005_none_f343a6944cd6fe47\WinMail.exe + 2008-01-21 02:34 . 2008-01-21 02:34 241664 c:\windows\winsxs\x86_microsoft-windows-m..o-multi-dimensional_31bf3856ad364e35_6.0.6002.18005_none_209263eba313e2b7\msadomd.dll + 2008-01-21 02:33 . 2008-01-21 02:33 253952 c:\windows\winsxs\x86_microsoft-windows-m..ac-ado-ddl-security_31bf3856ad364e35_6.0.6002.18005_none_b41a0fe83d844f87\msadox.dll + 2008-01-21 02:34 . 2008-01-21 02:34 127488 c:\windows\winsxs\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6002.18005_none_115ec41c72c40a06\mmcshext.dll + 2008-01-21 02:34 . 2008-01-21 02:34 301056 c:\windows\winsxs\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6002.18005_none_115ec41c72c40a06\mmcbase.dll + 2008-01-21 02:34 . 2008-01-21 02:34 171520 c:\windows\winsxs\x86_microsoft-windows-m..-management-console_31bf3856ad364e35_6.0.6002.18005_none_115ec41c72c40a06\cic.dll + 2008-01-21 02:33 . 2008-01-21 02:33 372224 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\WMIMigrationPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 201216 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\StorMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 115200 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\RasMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 135680 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\NlbMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 129024 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\ndismigplugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 153600 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\msctfmig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 122880 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\mqmigplugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 143872 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\ModemMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 209408 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\iismig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 284672 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\drmmgrtn.dll + 2008-01-21 02:33 . 2008-01-21 02:33 122880 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\DhcpSrvMigPlugin.dll + 2008-01-21 02:33 . 2008-01-21 02:33 120832 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\CntrtextMig.dll + 2008-01-21 02:33 . 2008-01-21 02:33 150016 c:\windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\adfsmig.dll + 2009-08-17 21:58 . 2009-06-15 21:17 439880 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\ksecdd.sys + 2009-08-17 21:58 . 2009-06-15 23:15 439864 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\ksecdd.sys + 2009-08-17 21:58 . 2009-06-15 18:40 439880 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\ksecdd.sys + 2009-08-17 21:58 . 2009-06-15 18:20 439896 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\ksecdd.sys + 2009-08-17 21:58 . 2009-06-15 23:20 408136 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\ksecdd.sys + 2009-08-17 21:58 . 2009-06-15 18:12 408136 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\ksecdd.sys + 2008-01-21 02:33 . 2008-01-21 02:33 798208 c:\windows\winsxs\x86_microsoft-windows-imageanalysis_31bf3856ad364e35_6.0.6002.18005_none_4a4790c62744fde7\dbghelp.dll + 2008-01-21 02:35 . 2008-01-21 02:35 202240 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisutil.dll + 2008-01-21 02:35 . 2008-01-21 02:35 228864 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iissetup.exe + 2008-01-21 02:35 . 2008-01-21 02:35 153600 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisRtl.dll + 2008-01-21 02:35 . 2008-01-21 02:35 193024 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iisres.dll + 2008-01-21 02:35 . 2008-01-21 02:35 209408 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\iismig.dll + 2008-01-21 02:35 . 2008-01-21 02:35 182784 c:\windows\winsxs\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.0.6002.18005_none_12d4ebd0b1f42298\aspnetca.exe + 2008-01-21 02:35 . 2008-01-21 02:35 268288 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\metadata.dll + 2008-01-21 02:35 . 2008-01-21 02:35 226816 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\infocomm.dll + 2008-01-21 02:35 . 2008-01-21 02:35 991744 c:\windows\winsxs\x86_microsoft-windows-iis-metabase_31bf3856ad364e35_6.0.6002.18005_none_3b1d70e11f14ecf2\iiscfg.dll + 2008-01-21 02:34 . 2008-01-21 02:34 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.18005_none_668de5abab40d495\ieui.dll + 2008-01-21 02:34 . 2008-01-21 02:34 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6002.18005_none_498f236589a5fb8f\sqmapi.dll + 2006-11-02 07:27 . 2006-11-02 09:39 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6002.18005_none_b01d9ad903e7b4d8\ieakui.dll + 2008-01-21 02:34 . 2008-01-21 02:34 215040 c:\windows\winsxs\x86_microsoft-windows-icm-base_31bf3856ad364e35_6.0.6002.18005_none_24b3636086850491\icm32.dll + 2008-01-21 02:35 . 2008-01-21 02:35 140288 c:\windows\winsxs\x86_microsoft-windows-i..httptracingbinaries_31bf3856ad364e35_6.0.6002.18005_none_3172619518138603\iisfreb.dll + 2008-01-21 02:34 . 2008-01-21 02:34 123392 c:\windows\winsxs\x86_microsoft-windows-f..temutilitylibraries_31bf3856ad364e35_6.0.6002.18005_none_eb81d0e3eccf24e4\ifsutil.dll + 2008-01-21 02:34 . 2008-01-21 02:34 142848 c:\windows\winsxs\x86_microsoft-windows-dot3svc_31bf3856ad364e35_6.0.6002.18005_none_6d5787d470a61746\dot3ui.dll + 2008-01-21 02:33 . 2008-01-21 02:33 153088 c:\windows\winsxs\x86_microsoft-windows-coreos_31bf3856ad364e35_6.0.6002.18005_none_273dbf533b731283\imagehlp.dll + 2008-01-21 02:34 . 2008-01-21 02:34 229888 c:\windows\winsxs\x86_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_6.0.6002.18005_none_4d0199377378c581\mycomput.dll + 2008-01-21 02:34 . 2008-01-21 02:34 487936 c:\windows\winsxs\x86_microsoft-windows-c..fe-catsrvut-comsvcs_31bf3856ad364e35_6.0.6002.18005_none_74adde399cffc649\catsrvut.dll + 2008-01-21 02:34 . 2008-01-21 02:34 317440 c:\windows\winsxs\x86_microsoft-windows-authorizationmanagerui_31bf3856ad364e35_6.0.6002.18005_none_23c56fa8fcc74482\azroleui.dll + 2006-11-02 09:03 . 2006-11-02 09:46 185856 c:\windows\winsxs\x86_microsoft-windows-audio-volumecontrol_31bf3856ad364e35_6.0.6002.18005_none_c813ea73049bcaf0\SndVolSSO.dll + 2008-01-21 02:33 . 2008-01-21 02:33 173568 c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsdmo.dll + 2006-11-02 12:33 . 2006-11-02 12:33 105472 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmstyle.dll + 2008-01-21 02:33 . 2008-01-21 02:33 178688 c:\windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmime.dll + 2008-01-21 02:34 . 2008-01-21 02:34 169984 c:\windows\winsxs\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.0.6002.18005_none_788b3d32e1c18b26\EncDump.dll + 2008-01-21 02:34 . 2008-01-21 02:34 274944 c:\windows\winsxs\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.0.6002.18005_none_788b3d32e1c18b26\AUDIOKSE.dll + 2008-01-21 02:34 . 2008-01-21 02:34 397312 c:\windows\winsxs\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.0.6002.18005_none_788b3d32e1c18b26\AudioEng.dll + 2008-01-21 02:34 . 2008-01-21 02:34 282624 c:\windows\winsxs\x86_microsoft-windows-a..on-experience-tools_31bf3856ad364e35_6.0.6002.18005_none_96b5a00fa593defd\CompatUI.dll + 2008-01-21 02:34 . 2008-01-21 02:34 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6002.18005_none_0e11b25def6a9c75\AcXtrnal.dll + 2006-11-02 08:29 . 2006-11-02 09:46 111104 c:\windows\winsxs\x86_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.0.6002.18005_none_d6fc7cca49dba20f\shimeng.dll + 2008-01-21 02:32 . 2008-01-21 02:32 109112 c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\NV_AGP.SYS + 2009-08-16 08:23 . 2008-06-16 22:22 864256 c:\windows\winsxs\x86_infocard.resources_b77a5c561934e089_6.0.6002.18005_fr-fr_bcd9f9bbb57370b8\infocard.resources.dll + 2008-01-21 02:34 . 2008-01-21 02:34 616448 c:\windows\winsxs\x86_ds-ui-ext_31bf3856ad364e35_6.0.6002.18005_none_7238a4a9fcb67295\dsuiext.dll + 2008-01-21 02:35 . 2008-01-21 02:35 688128 c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6002.18005_none_0bd8244b7da9c221\System.Speech.dll + 2009-08-15 17:24 . 2009-08-23 10:58 235754 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-08-17 22:41 . 2007-09-05 22:22 289144 c:\windows\System32\SmitfraudFix\VCCLSID.exe + 2009-08-17 22:41 . 2006-09-14 22:34 167936 c:\windows\System32\SmitfraudFix\unzip.exe + 2009-08-17 22:41 . 2006-08-29 17:43 135168 c:\windows\System32\SmitfraudFix\swreg.exe + 2009-08-17 22:41 . 2006-04-27 15:49 288417 c:\windows\System32\SmitfraudFix\SrchSTS.exe + 2009-08-17 22:41 . 2009-04-04 21:52 180224 c:\windows\System32\SmitfraudFix\ProxyDisable.exe + 2006-11-02 10:33 . 2009-08-25 14:17 587178 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-08-17 16:47 587178 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-08-25 14:17 101250 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-08-17 16:47 101250 c:\windows\System32\perfc009.dat + 2009-08-22 10:06 . 2009-08-25 14:40 713280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2008-01-21 02:32 . 2008-01-21 02:32 1312256 c:\windows\winsxs\x86_wdmaudio.inf_31bf3856ad364e35_6.0.6002.18005_none_6252d21f1747740d\WMALFXGFXDSP.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1008184 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MSASCui.exe + 2008-01-21 02:32 . 2008-01-21 02:32 2730536 c:\windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411\MpEngine.dll + 2006-11-02 07:28 . 2006-11-02 07:28 1098752 c:\windows\winsxs\x86_microsoft-windows-wab-core_31bf3856ad364e35_6.0.6002.18005_none_570ee68146eaef3c\wab32res.dll + 2006-11-02 12:34 . 2006-11-02 12:34 2073600 c:\windows\winsxs\x86_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.0.6002.18005_none_d2fbc584d9efb14a\TouchX.dll + 2006-11-02 07:01 . 2006-11-02 09:43 2928640 c:\windows\winsxs\x86_microsoft-windows-setup-component_31bf3856ad364e35_6.0.6002.18005_none_3417f75aaa6413e3\W32UIImg.dll + 2009-08-16 14:01 . 2009-04-11 06:28 1835520 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll + 2009-08-16 14:01 . 2009-04-11 06:28 2032640 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cmiv2.dll + 2009-08-16 14:01 . 2009-04-11 06:28 1744384 c:\windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\apds.dll + 2006-11-02 12:34 . 2006-11-02 12:34 8384512 c:\windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6002.18005_none_0816f786fb93afde\PurblePlace2.dll + 2006-11-02 12:34 . 2006-11-02 12:34 4305408 c:\windows\winsxs\x86_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.0.6002.18005_none_a44c9668365113ed\MineSweeper.dll + 2006-11-02 12:34 . 2006-11-02 12:34 1486848 c:\windows\winsxs\x86_microsoft-windows-p..topeeradhocmeetings_31bf3856ad364e35_6.0.6002.18005_none_ac334ecffd43e504\WinCollabRes.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1502208 c:\windows\winsxs\x86_microsoft-windows-p..rastructureconsumer_31bf3856ad364e35_6.0.6002.18005_none_b5c807ab2d93d829\pla.dll + 2006-11-02 08:21 . 2006-11-02 08:21 5071872 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsModels0011.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6917120 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0c1a.dll + 2006-11-02 08:22 . 2006-11-02 08:22 7042560 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons081a.dll + 2006-11-02 08:22 . 2006-11-02 08:22 5031936 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0816.dll + 2006-11-02 08:22 . 2006-11-02 08:22 5090816 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0416.dll + 2006-11-02 08:22 . 2006-11-02 08:22 4616192 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0414.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1972736 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons004e.dll + 2006-11-02 08:22 . 2006-11-02 08:22 4093440 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons004c.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1702912 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons004b.dll + 2006-11-02 08:22 . 2006-11-02 08:22 3419136 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons004a.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1558016 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0049.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1411072 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0047.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1808896 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0046.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1793536 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0045.dll + 2006-11-02 08:22 . 2006-11-02 08:22 4045824 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons003e.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1782272 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0039.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6224896 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0027.dll + 2006-11-02 08:22 . 2006-11-02 08:22 5791232 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0026.dll + 2006-11-02 08:22 . 2006-11-02 08:22 7964672 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0024.dll + 2006-11-02 08:22 . 2006-11-02 08:22 5499904 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0022.dll + 2006-11-02 08:22 . 2006-11-02 08:22 2136064 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0021.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1236992 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0020.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6346240 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons001d.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6585856 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons001b.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6014976 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons001a.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6781440 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0019.dll + 2006-11-02 08:22 . 2006-11-02 08:22 3331072 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0018.dll + 2006-11-02 08:21 . 2006-11-02 08:21 4981248 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0013.dll + 2006-11-02 08:22 . 2006-11-02 08:22 2466816 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0011.dll + 2006-11-02 08:22 . 2006-11-02 08:22 4175872 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0010.dll + 2006-11-02 08:22 . 2006-11-02 08:22 5654528 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons000f.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1722368 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons000d.dll + 2006-11-02 08:22 . 2006-11-02 08:22 6237696 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons000c.dll + 2006-11-02 08:22 . 2006-11-02 08:22 9892864 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons000a.dll + 2006-11-02 08:22 . 2006-11-02 08:22 1452544 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0003.dll + 2006-11-02 08:22 . 2006-11-02 08:22 4164096 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0002.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0c1a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData081a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4495360 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0816.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4495360 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0416.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4495360 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0414.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData004e.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData004c.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData004b.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData004a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0049.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0047.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0046.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0045.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1801216 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData003e.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0039.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1801216 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData002a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1966592 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0027.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0026.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0024.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1801216 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0022.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1801216 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0021.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3104768 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0020.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4495360 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData001d.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData001b.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData001a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4497408 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0019.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0018.dll + 2008-01-21 02:33 . 2008-01-21 02:33 3466752 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0013.dll + 2008-01-21 02:33 . 2008-01-21 02:33 2657280 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0011.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4495360 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0010.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData000f.dll + 2008-01-21 02:33 . 2008-01-21 02:33 2342912 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData000d.dll + 2008-01-21 02:33 . 2008-01-21 02:33 2643456 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData000c.dll + 2008-01-21 02:33 . 2008-01-21 02:33 9847296 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData000a.dll + 2008-01-21 02:33 . 2008-01-21 02:33 4875776 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0009.dll + 2008-01-21 02:33 . 2008-01-21 02:33 2243072 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0007.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0003.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1965056 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0002.dll + 2008-01-21 02:33 . 2008-01-21 02:33 2599936 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0001.dll + 2008-01-21 02:33 . 2008-01-21 02:33 1523712 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsData0000.dll + 2006-11-02 12:33 . 2006-11-02 12:33 2836992 c:\windows\winsxs\x86_microsoft-windows-mail-core-dll_31bf3856ad364e35_6.0.6002.18005_none_5a6a3a92226bedf8\MSOERES.dll + 2009-08-17 21:58 . 2009-06-15 14:58 1259008 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsasrv.dll + 2009-08-17 21:58 . 2009-06-15 14:52 1259008 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsasrv.dll + 2009-08-17 21:58 . 2009-06-15 15:25 1257984 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsasrv.dll + 2009-08-17 21:58 . 2009-06-15 15:23 1256448 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsasrv.dll + 2009-08-17 21:58 . 2009-06-15 15:04 1235456 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsasrv.dll + 2009-08-17 21:58 . 2009-06-15 15:23 1233920 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsasrv.dll + 2008-01-21 02:34 . 2008-01-21 02:34 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6002.18005_none_fd7d8f6368e05785\ieapfltr.dat + 2008-01-21 02:33 . 2008-01-21 02:33 4240384 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6002.18005_none_43ebc81abe5eccc7\GameUXLegacyGDFs.dll + 2009-08-17 22:41 . 2009-06-26 06:49 2191110 c:\windows\System32\SmitfraudFix\SmitfraudFix.cmd + 2006-11-02 10:22 . 2009-08-20 14:34 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2006-11-02 10:22 . 2009-08-16 13:28 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2006-11-02 12:34 . 2006-11-02 12:34 28665856 c:\windows\winsxs\x86_microsoft-windows-s..oxgames-purbleplace_31bf3856ad364e35_6.0.6002.18005_none_0816f786fb93afde\PurblePlace.dll + 2006-11-02 08:21 . 2006-11-02 08:21 11722752 c:\windows\winsxs\x86_microsoft-windows-naturallanguage6_31bf3856ad364e35_6.0.6002.18005_none_9fc64d4627dda079\NlsLexicons0001.dll + 2006-11-02 07:33 . 2006-11-02 07:33 19991040 c:\windows\winsxs\x86_microsoft-windows-i..hinese-imepadapplet_31bf3856ad364e35_6.0.6002.18005_none_fd148db3f8a0d120\MSHWCHTR.dll + 2008-06-06 14:44 . 2009-08-17 21:57 91526957 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2009-08-19 11:12 . 2009-08-20 12:37 139000882 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-14 39408] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-23 468264] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-06 210216] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-08-14 122368] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] c:\users\Niki'\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] c:\users\Super Banane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"="" "FirewallOverride"="" "UpdatesDisableNotify"="0x00000000" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{820A4860-61F8-4441-89E8-99CEB3304847}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{B3EA1276-4107-4451-A77C-0C8D4CADFAE7}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{07DE1E13-5DA2-48D3-AB9E-7148AC9700BC}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{CD33CDF5-72EA-41CE-82A3-8DBD290D4BD2}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play "{614776E6-BD14-48CE-BC36-9E3B6CE94717}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [15/08/2009 09:42 114768] R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [15/08/2009 09:42 20560] R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [15/08/2009 09:41 51792] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21/01/2008 04:33 21504] R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [25/10/2008 08:30 365952] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25/10/2008 07:20 193840] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [09/05/2008 21:17 43040] S2 Norton Internet Security;Norton Internet Security;"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1 --> c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.orange.fr/ IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-25 16:42 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\nvvsvc.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\windows\System32\wlanext.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\windows\System32\drivers\XAudio.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\System32\rundll32.exe c:\program files\Alwil Software\Avast4\ashDisp.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\Hewlett-Packard\Shared\HpqToaster.exe c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Completion time: 2009-08-25 16:49 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-25 14:49 ComboFix2.txt 2009-08-17 21:57 ComboFix3.txt 2009-08-17 19:00 Pre-Run: 186 707 165 184 octets libres Post-Run: 186 684 526 592 octets libres 1009 --- E O F --- 2009-08-25 08:59