Aller au contenu

vins9

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par vins9

  1. vins9
    Merci pour tous ces renseignements.
  2. vins9
    Je n'ai plus de pub pour le moment,je vous remercie pour le temps que vous avez passé à m'aider et souhaite longue vie au forum de Zébulon.Merci
  3. vins9
    Dans le 3 eme scan, il me met impossible de trouver blenoa.exe d'ou pas de scan et aucun log.Désolé aurais je loupé quelque chose?!
  4. vins9
    2eme étape 1er partie info.txt logfile of random's system information tool 1.06 2009-09-10 21:25:48 ======Uninstall list====== Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845} ATK0100 ACPI UTILITY-->C:\Windows\ATK0100\XPunin.exe avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" DiskAid 3.0-->"C:\Program Files\DigiDNA\DiskAid\unins000.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule-->"C:\Program Files\eMule\Uninstall.exe" Garmin BaseCamp-->MsiExec.exe /X{7C167621-D4BC-4FFF-B520-E26EB88860B5} Garmin City Navigator Europe NT 2009 Update-->MsiExec.exe /X{1240A058-8BCE-4A3B-BF82-6E5B801D71BA} Garmin Communicator Plugin-->MsiExec.exe /X{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1} Garmin MapSource-->MsiExec.exe /X{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497} Garmin POI Loader-->MsiExec.exe /X{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7} Garmin TOPO France v2-->MsiExec.exe /X{4F763864-DDEA-46CA-AA1E-63A9C2453E83} Garmin Training Center-->MsiExec.exe /X{53C239F5-7E23-493D-8FB6-F8EEEA5C2154} Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD} Garmin WebUpdater-->MsiExec.exe /X{E0783143-EAE2-4047-A8D6-E155523C594C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} HijackThis 2.0.2-->"C:\Users\Vins\Desktop\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56} KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} Logitech Harmony Remote Software 7-->C:\Program Files\InstallShield Installation Information\{5C6F884D-680C-448B-B4C9-22296EE1B206}\setup.exe -runfromtemp -l0x040c -removeonly Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C} Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21} Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3} Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Motorola SM56 Data Fax Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly Planificateur route Belux Vélo/Piéton-->MsiExec.exe /X{0CCD509A-0BC3-46E4-8905-11543F0F70A0} QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Remote Control USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8471021C-F529-43DE-84DF-3612E10F58C4}\setup.exe" -l0x9 -removeonly Safari-->MsiExec.exe /I{C3AE9DA1-2E44-4F11-803E-20977F0FE6B9} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Topomap Belux -->MsiExec.exe /X{82D054AB-3034-41FE-980E-53026803D22A} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462} Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504} USB2.0 350K WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe -runfromtemp -l0x040c -removeonly VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Videora iPod Converter 4.08-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_6b094708\grmnusb.inf Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} WinSCP 4.1.8-->"C:\Program Files\WinSCP\unins000.exe" YouTube Downloader App 1.03-->C:\Program Files\Regensoft\Downloader App\uninstaller.exe ======Security center information====== AV: avast! antivirus 4.8.1296 [VPS 090114-0] AS: Spybot - Search and Destroy AS: Lavasoft Ad-Watch Live! AS: Windows Defender AS: avast! antivirus 4.8.1296 [VPS 090114-0] ======System event log====== Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12981 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104550.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12976 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104549.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12974 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104549.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12967 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104548.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12966 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104548.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: PC-de-Vins Event Code: 513 Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. . Record Number: 123 Source Name: Microsoft-Windows-CAPI2 Time Written: 20090114222729.000000-000 Event Type: Erreur User: Computer Name: PC-de-Vins Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 57 Source Name: Microsoft-Windows-WMI Time Written: 20090114220949.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 56 Source Name: Microsoft-Windows-WMI Time Written: 20090114220949.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 1008 Message: Le service Windows Search tente de supprimer l’ancien catalogue. Record Number: 26 Source Name: Microsoft-Windows-Search Time Written: 20090114220551.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B2-11 Event Code: 1036 Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système. Record Number: 13 Source Name: Microsoft-Windows-SpoolerSpoolss Time Written: 20090114215652.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: 26L2233B2-11 Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : 26L2233B2-11$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x258 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215511.526654-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4902 Message: La table de stratégie d’audit par utilisateur a été créée. Nombre d’éléments : 0 ID de la stratégie : 0xcd9ff Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215457.346163-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-0-0 Nom du compte : - Domaine du compte : - ID d’ouverture de session : 0x0 Type d’ouverture de session : 0 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x4 Nom du processus : Informations sur le réseau : Nom de la station de travail : - Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : - Package d’authentification : - Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215454.350943-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4608 Message: Windows démarre. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215454.350943-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4647 Message: Fermeture de session initiée par l’utilisateur : Sujet : ID de sécurité : S-1-5-21-2152478756-3922319563-605102323-500 Nom du compte : Administrator Domaine du compte : 26L2233B2-11 ID d’ouverture de session : 0x8496a Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20061102130954.400000-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\Common Files\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\VistaCodecPack\QT\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "CLASSPATH"=.;C:\Program Files\VistaCodecPack\QT\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\VistaCodecPack\QT\QTSystem\QTJava.zip -----------------EOF----------------- 2 eme partie Logfile of random's system information tool 1.06 (written by random/random) Run by Vins at 2010-03-23 20:43:52 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 60 GB (53%) free of 114 GB Total RAM: 2047 MB (25% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:44:22, on 23/03/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AirPort\APAgent.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Program Files\Garmin\gStart.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vins\AppData\Local\Temp\hijackthis-2.0.2.75917.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\wuauclt.exe C:\Windows\System32\mobsync.exe C:\Users\Vins\Desktop\RSIT.exe C:\Users\Vins\Desktop\HiJackThis\Vins.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 9142 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Advanced System Optimizer Scheduler.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "QuickTime Task"=C:\Program Files\VistaCodecPack\QT\QTTask.exe [2009-11-10 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-02-15 141608] "AirPort Base Station Agent"=C:\Program Files\AirPort\APAgent.exe [2009-05-27 753664] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2010-02-17 177472] "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-01-27 1312848] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-10 90191] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-10 7766016] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-10 81920] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672] "MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2008-11-04 2087424] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032] "gStart"=C:\Program Files\Garmin\gStart.exe [2008-08-13 1891416] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] C:\Users\Vins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Logitech . Enregistrement du produit.lnk - C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a7ffe12-2d7e-11df-a572-0018f3fc3121}] shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a7ffe17-2d7e-11df-a572-0018f3fc3121}] shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-03-23 19:02:55 ----D---- C:\Users\Vins\AppData\Roaming\Malwarebytes 2010-03-23 19:02:46 ----D---- C:\ProgramData\Malwarebytes 2010-03-23 19:02:45 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-19 15:12:03 ----D---- C:\Program Files\FreeTime 2010-03-18 11:03:29 ----D---- C:\Users\Vins\AppData\Roaming\Backup Manager 2010-03-18 10:57:12 ----D---- C:\Windows\Repair 2010-03-18 10:57:11 ----D---- C:\Users\Vins\AppData\Roaming\Systweak 2010-03-18 10:56:50 ----D---- C:\Program Files\Advanced System Optimizer 3 2010-03-14 11:13:56 ----D---- C:\Program Files\7-Zip 2010-03-13 10:00:40 ----D---- C:\Users\Vins\AppData\Roaming\Vodafone 2010-03-13 10:00:37 ----D---- C:\ProgramData\InstallShield 2010-03-13 09:59:35 ----ASH---- C:\Users\Vins\AppData\Roaming\desktop.ini 2010-03-13 09:59:17 ----D---- C:\ProgramData\Vodafone 2010-03-13 09:59:04 ----D---- C:\Program Files\Vodafone 2010-03-12 03:22:00 ----D---- C:\Program Files\Windows Portable Devices 2010-03-12 03:05:30 ----A---- C:\Windows\system32\UIRibbonRes.dll 2010-03-12 03:05:30 ----A---- C:\Windows\system32\UIAnimation.dll 2010-03-12 03:05:29 ----A---- C:\Windows\system32\UIRibbon.dll 2010-03-12 03:04:59 ----A---- C:\Windows\system32\WMPhoto.dll 2010-03-12 03:04:59 ----A---- C:\Windows\system32\cdd.dll 2010-03-12 03:04:57 ----A---- C:\Windows\system32\XpsRasterService.dll 2010-03-12 03:04:57 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2010-03-12 03:04:57 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-03-12 03:04:57 ----A---- C:\Windows\system32\d3d10warp.dll 2010-03-12 03:04:56 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-03-12 03:04:56 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-03-12 03:04:56 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-03-12 03:04:56 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-03-12 03:04:56 ----A---- C:\Windows\system32\dxdiagn.dll 2010-03-12 03:04:56 ----A---- C:\Windows\system32\dxdiag.exe 2010-03-12 03:04:56 ----A---- C:\Windows\system32\d2d1.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\xpsservices.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\XpsPrint.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\OpcServices.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\FntCache.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\DWrite.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\d3d11.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\d3d10level9.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\d3d10core.dll 2010-03-12 03:04:55 ----A---- C:\Windows\system32\d3d10_1core.dll 2010-03-12 03:04:54 ----A---- C:\Windows\system32\dxgi.dll 2010-03-12 03:04:53 ----A---- C:\Windows\system32\d3d10_1.dll 2010-03-12 03:04:53 ----A---- C:\Windows\system32\d3d10.dll 2010-03-12 03:04:14 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2010-03-12 03:04:13 ----A---- C:\Windows\system32\wpdbusenum.dll 2010-03-12 03:04:13 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2010-03-12 03:04:02 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2010-03-12 03:03:58 ----A---- C:\Windows\system32\WpdMtpUS.dll 2010-03-12 03:03:58 ----A---- C:\Windows\system32\WpdConns.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\wpdshext.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\WpdMtp.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\wpd_ci.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-03-12 03:03:56 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-03-12 03:03:55 ----A---- C:\Windows\system32\WPDSp.dll 2010-03-12 03:03:55 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2010-03-12 03:03:55 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-03-12 03:02:52 ----A---- C:\Windows\system32\oleaccrc.dll 2010-03-12 03:02:51 ----A---- C:\Windows\system32\UIAutomationCore.dll 2010-03-12 03:02:51 ----A---- C:\Windows\system32\oleacc.dll 2010-03-11 12:29:35 ----D---- C:\ProgramData\Adobe 2010-03-11 12:28:25 ----D---- C:\Program Files\Common Files\Adobe 2010-03-11 12:28:18 ----D---- C:\Program Files\Adobe 2010-03-11 04:30:29 ----A---- C:\Windows\system32\gameux.dll 2010-03-11 04:30:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-03-11 04:30:28 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-03-10 12:43:42 ----D---- C:\Program Files\Google 2010-03-10 12:25:41 ----D---- C:\Program Files\uTorrent 2010-03-10 12:24:33 ----D---- C:\Users\Vins\AppData\Roaming\uTorrent 2010-03-10 11:36:56 ----D---- C:\ProgramData\eMule 2010-03-10 11:36:29 ----D---- C:\Program Files\eMule 2010-03-10 11:22:12 ----D---- C:\Windows\system32\eu-ES 2010-03-10 11:22:12 ----D---- C:\Windows\system32\ca-ES 2010-03-10 11:22:05 ----D---- C:\Windows\system32\vi-VN 2010-03-10 11:06:27 ----D---- C:\Windows\system32\EventProviders 2010-03-10 11:04:14 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-03-10 11:04:11 ----A---- C:\Windows\system32\SLsvc.exe 2010-03-10 11:04:11 ----A---- C:\Windows\system32\SLCExt.dll 2010-03-10 11:04:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-03-10 11:04:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2010-03-10 11:04:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-03-10 11:04:05 ----A---- C:\Windows\system32\mssrch.dll 2010-03-10 11:04:02 ----A---- C:\Windows\system32\tquery.dll 2010-03-10 11:04:00 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-03-10 11:03:59 ----A---- C:\Windows\system32\scavenge.dll 2010-03-10 11:03:58 ----A---- C:\Windows\system32\msi.dll 2010-03-10 11:03:57 ----A---- C:\Windows\system32\imapi2fs.dll 2010-03-10 11:03:56 ----A---- C:\Windows\system32\WscEapPr.dll 2010-03-10 11:03:56 ----A---- C:\Windows\system32\wcnwiz2.dll 2010-03-10 11:03:56 ----A---- C:\Windows\system32\sysmain.dll 2010-03-10 11:03:54 ----A---- C:\Windows\system32\icardagt.exe 2010-03-10 11:03:53 ----A---- C:\Windows\system32\EhStorShell.dll 2010-03-10 11:03:53 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-03-10 11:03:52 ----A---- C:\Windows\system32\spreview.exe 2010-03-10 11:03:52 ----A---- C:\Windows\system32\spinstall.exe 2010-03-10 11:03:51 ----A---- C:\Windows\system32\drmv2clt.dll 2010-03-10 11:03:50 ----A---- C:\Windows\system32\spwizui.dll 2010-03-10 11:03:50 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2010-03-10 11:03:49 ----A---- C:\Windows\system32\shell32.dll 2010-03-10 11:03:48 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-03-10 11:03:48 ----A---- C:\Windows\system32\p2psvc.dll 2010-03-10 11:03:47 ----A---- C:\Windows\system32\mssvp.dll 2010-03-10 11:03:46 ----A---- C:\Windows\system32\mssphtb.dll 2010-03-10 11:03:46 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2010-03-10 11:03:46 ----A---- C:\Windows\system32\mscoree.dll 2010-03-10 11:03:45 ----A---- C:\Windows\system32\mssph.dll 2010-03-10 11:03:45 ----A---- C:\Windows\system32\imapi2.dll 2010-03-10 11:03:44 ----A---- C:\Windows\system32\sdohlp.dll 2010-03-10 11:03:44 ----A---- C:\Windows\system32\esent.dll 2010-03-10 11:03:43 ----A---- C:\Windows\system32\sperror.dll 2010-03-10 11:03:43 ----A---- C:\Windows\system32\korwbrkr.dll 2010-03-10 11:03:43 ----A---- C:\Windows\system32\IMJP10K.DLL 2010-03-10 11:03:43 ----A---- C:\Windows\system32\DevicePairing.dll 2010-03-10 11:03:42 ----A---- C:\Windows\system32\wevtsvc.dll 2010-03-10 11:03:42 ----A---- C:\Windows\system32\SLC.dll 2010-03-10 11:03:42 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-03-10 11:03:42 ----A---- C:\Windows\system32\IasMigReader.exe 2010-03-10 11:03:41 ----A---- C:\Windows\system32\msshsq.dll 2010-03-10 11:03:40 ----A---- C:\Windows\system32\msjet40.dll 2010-03-10 11:03:39 ----A---- C:\Windows\system32\MPSSVC.dll 2010-03-10 11:03:38 ----A---- C:\Windows\system32\Query.dll 2010-03-10 11:03:38 ----A---- C:\Windows\system32\qmgr.dll 2010-03-10 11:03:37 ----A---- C:\Windows\system32\msexch40.dll 2010-03-10 11:03:36 ----A---- C:\Windows\system32\P2PGraph.dll 2010-03-10 11:03:36 ----A---- C:\Windows\system32\ole32.dll 2010-03-10 11:03:36 ----A---- C:\Windows\system32\diagperf.dll 2010-03-10 11:03:35 ----A---- C:\Windows\system32\winload.exe 2010-03-10 11:03:35 ----A---- C:\Windows\system32\srchadmin.dll 2010-03-10 11:03:35 ----A---- C:\Windows\system32\ntdll.dll 2010-03-10 11:03:35 ----A---- C:\Windows\system32\mblctr.exe 2010-03-10 11:03:34 ----A---- C:\Windows\system32\uDWM.dll 2010-03-10 11:03:34 ----A---- C:\Windows\system32\mmc.exe 2010-03-10 11:03:34 ----A---- C:\Windows\system32\EncDec.dll 2010-03-10 11:03:34 ----A---- C:\Windows\system32\dfsr.exe 2010-03-10 11:03:33 ----A---- C:\Windows\system32\riched20.dll 2010-03-10 11:03:33 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-03-10 11:03:32 ----A---- C:\Windows\system32\RacEngn.dll 2010-03-10 11:03:32 ----A---- C:\Windows\system32\fdBth.dll 2010-03-10 11:03:31 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-03-10 11:03:31 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-03-10 11:03:31 ----A---- C:\Windows\system32\milcore.dll 2010-03-10 11:03:31 ----A---- C:\Windows\system32\kernel32.dll 2010-03-10 11:03:30 ----A---- C:\Windows\system32\spoolss.dll 2010-03-10 11:03:30 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-03-10 11:03:30 ----A---- C:\Windows\system32\CertEnroll.dll 2010-03-10 11:03:29 ----A---- C:\Windows\system32\schedsvc.dll 2010-03-10 11:03:29 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-03-10 11:03:28 ----A---- C:\Windows\system32\msvcp60.dll 2010-03-10 11:03:28 ----A---- C:\Windows\system32\msjtes40.dll 2010-03-10 11:03:28 ----A---- C:\Windows\system32\infocardapi.dll 2010-03-10 11:03:28 ----A---- C:\Windows\system32\gpedit.dll 2010-03-10 11:03:28 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-03-10 11:03:27 ----A---- C:\Windows\system32\WinSAT.exe 2010-03-10 11:03:27 ----A---- C:\Windows\system32\es.dll 2010-03-10 11:03:26 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-03-10 11:03:26 ----A---- C:\Windows\system32\Magnify.exe 2010-03-10 11:03:26 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-03-10 11:03:25 ----A---- C:\Windows\system32\mstext40.dll 2010-03-10 11:03:25 ----A---- C:\Windows\system32\advapi32.dll 2010-03-10 11:03:24 ----A---- C:\Windows\system32\WebClnt.dll 2010-03-10 11:03:23 ----A---- C:\Windows\system32\slwmi.dll 2010-03-10 11:03:23 ----A---- C:\Windows\system32\msxbde40.dll 2010-03-10 11:03:23 ----A---- C:\Windows\system32\msexcl40.dll 2010-03-10 11:03:23 ----A---- C:\Windows\system32\comsvcs.dll 2010-03-10 11:03:22 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2010-03-10 11:03:22 ----A---- C:\Windows\system32\vssapi.dll 2010-03-10 11:03:22 ----A---- C:\Windows\system32\authui.dll 2010-03-10 11:03:21 ----A---- C:\Windows\system32\NetProjW.dll 2010-03-10 11:03:21 ----A---- C:\Windows\system32\msrepl40.dll 2010-03-10 11:03:20 ----A---- C:\Windows\system32\PresentationHost.exe 2010-03-10 11:03:19 ----A---- C:\Windows\system32\propsys.dll 2010-03-10 11:03:19 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-03-10 11:03:19 ----A---- C:\Windows\system32\newdev.dll 2010-03-10 11:03:19 ----A---- C:\Windows\system32\iasrecst.dll 2010-03-10 11:03:19 ----A---- C:\Windows\system32\gpsvc.dll 2010-03-10 11:03:19 ----A---- C:\Windows\system32\eudcedit.exe 2010-03-10 11:03:18 ----A---- C:\Windows\system32\setupapi.dll 2010-03-10 11:03:18 ----A---- C:\Windows\system32\rpcss.dll 2010-03-10 11:03:18 ----A---- C:\Windows\system32\crypt32.dll 2010-03-10 11:03:18 ----A---- C:\Windows\explorer.exe 2010-03-10 11:03:17 ----A---- C:\Windows\system32\mspbde40.dll 2010-03-10 11:03:17 ----A---- C:\Windows\system32\msltus40.dll 2010-03-10 11:03:17 ----A---- C:\Windows\system32\davclnt.dll 2010-03-10 11:03:17 ----A---- C:\Windows\system32\d3d9.dll 2010-03-10 11:03:16 ----A---- C:\Windows\system32\shlwapi.dll 2010-03-10 11:03:16 ----A---- C:\Windows\system32\msrd3x40.dll 2010-03-10 11:03:16 ----A---- C:\Windows\system32\mfc42.dll 2010-03-10 11:03:16 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-03-10 11:03:16 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-03-10 11:03:15 ----A---- C:\Windows\system32\wevtapi.dll 2010-03-10 11:03:15 ----A---- C:\Windows\system32\msdtctm.dll 2010-03-10 11:03:15 ----A---- C:\Windows\system32\browseui.dll 2010-03-10 11:03:14 ----A---- C:\Windows\system32\photowiz.dll 2010-03-10 11:03:14 ----A---- C:\Windows\system32\nlhtml.dll 2010-03-10 11:03:13 ----A---- C:\Windows\system32\user32.dll 2010-03-10 11:03:12 ----A---- C:\Windows\system32\samsrv.dll 2010-03-10 11:03:12 ----A---- C:\Windows\system32\ci.dll 2010-03-10 11:03:11 ----A---- C:\Windows\system32\win32spl.dll 2010-03-10 11:03:11 ----A---- C:\Windows\system32\WcnNetsh.dll 2010-03-10 11:03:11 ----A---- C:\Windows\system32\SLCommDlg.dll 2010-03-10 11:03:11 ----A---- C:\Windows\system32\oleaut32.dll 2010-03-10 11:03:10 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-03-10 11:03:09 ----A---- C:\Windows\system32\netshell.dll 2010-03-10 11:03:09 ----A---- C:\Windows\system32\compcln.exe 2010-03-10 11:03:08 ----A---- C:\Windows\system32\mswstr10.dll 2010-03-10 11:03:08 ----A---- C:\Windows\system32\apds.dll 2010-03-10 11:03:07 ----A---- C:\Windows\system32\xmlfilter.dll 2010-03-10 11:03:07 ----A---- C:\Windows\system32\msctf.dll 2010-03-10 11:03:07 ----A---- C:\Windows\system32\emdmgmt.dll 2010-03-10 11:03:07 ----A---- C:\Windows\system32\audiosrv.dll 2010-03-10 11:03:06 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-03-10 11:03:06 ----A---- C:\Windows\system32\msvcrt.dll 2010-03-10 11:03:06 ----A---- C:\Windows\system32\gdi32.dll 2010-03-10 11:03:05 ----A---- C:\Windows\system32\VSSVC.exe 2010-03-10 11:03:05 ----A---- C:\Windows\system32\mfc42u.dll 2010-03-10 11:03:05 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-03-10 11:03:04 ----A---- C:\Windows\system32\SLUI.exe 2010-03-10 11:03:04 ----A---- C:\Windows\system32\eapphost.dll 2010-03-10 11:03:03 ----A---- C:\Windows\system32\sqlsrv32.dll 2010-03-10 11:03:03 ----A---- C:\Windows\system32\msrd2x40.dll 2010-03-10 11:03:02 ----A---- C:\Windows\system32\odbc32.dll 2010-03-10 11:03:01 ----A---- C:\Windows\system32\winresume.exe 2010-03-10 11:03:01 ----A---- C:\Windows\system32\propdefs.dll 2010-03-10 11:03:00 ----A---- C:\Windows\system32\shdocvw.dll 2010-03-10 11:02:59 ----A---- C:\Windows\system32\wevtutil.exe 2010-03-10 11:02:59 ----A---- C:\Windows\system32\dbgeng.dll 2010-03-10 11:02:57 ----A---- C:\Windows\system32\mssitlb.dll 2010-03-10 11:02:54 ----A---- C:\Windows\system32\WsmSvc.dll 2010-03-10 11:02:54 ----A---- C:\Windows\system32\swprv.dll 2010-03-10 11:02:54 ----A---- C:\Windows\system32\mmcndmgr.dll 2010-03-10 11:02:53 ----A---- C:\Windows\system32\usp10.dll 2010-03-10 11:02:51 ----A---- C:\Windows\system32\vds.exe 2010-03-10 11:02:49 ----A---- C:\Windows\system32\netlogon.dll 2010-03-10 11:02:49 ----A---- C:\Windows\system32\msscb.dll 2010-03-10 11:02:49 ----A---- C:\Windows\system32\msctfp.dll 2010-03-10 11:02:49 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-03-10 11:02:49 ----A---- C:\Windows\system32\drvinst.exe 2010-03-10 11:02:49 ----A---- C:\Windows\system32\devmgr.dll 2010-03-10 11:02:48 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2010-03-10 11:02:48 ----A---- C:\Windows\system32\BFE.DLL 2010-03-10 11:02:48 ----A---- C:\Windows\system32\adsldpc.dll 2010-03-10 11:02:46 ----A---- C:\Windows\system32\wcnwiz.dll 2010-03-10 11:02:46 ----A---- C:\Windows\system32\evr.dll 2010-03-10 11:02:45 ----A---- C:\Windows\system32\Wldap32.dll 2010-03-10 11:02:44 ----A---- C:\Windows\system32\WMVSDECD.DLL 2010-03-10 11:02:43 ----A---- C:\Windows\system32\services.exe 2010-03-10 11:02:42 ----A---- C:\Windows\system32\wercon.exe 2010-03-10 11:02:42 ----A---- C:\Windows\system32\wcncsvc.dll 2010-03-10 11:02:42 ----A---- C:\Windows\system32\mimefilt.dll 2010-03-10 11:02:42 ----A---- C:\Windows\system32\comdlg32.dll 2010-03-10 11:02:42 ----A---- C:\Windows\system32\adtschema.dll 2010-03-10 11:02:41 ----A---- C:\Windows\system32\msjter40.dll 2010-03-10 11:02:41 ----A---- C:\Windows\system32\msdtcprx.dll 2010-03-10 11:02:41 ----A---- C:\Windows\system32\ipsmsnap.dll 2010-03-10 11:02:41 ----A---- C:\Windows\system32\certcli.dll 2010-03-10 11:02:40 ----A---- C:\Windows\system32\taskeng.exe 2010-03-10 11:02:40 ----A---- C:\Windows\system32\rtffilt.dll 2010-03-10 11:02:40 ----A---- C:\Windows\system32\reg.exe 2010-03-10 11:02:40 ----A---- C:\Windows\system32\mswdat10.dll 2010-03-10 11:02:39 ----A---- C:\Windows\system32\umpnpmgr.dll 2010-03-10 11:02:39 ----A---- C:\Windows\system32\dnsapi.dll 2010-03-10 11:02:39 ----A---- C:\Windows\system32\certutil.exe 2010-03-10 11:02:38 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-03-10 11:02:38 ----A---- C:\Windows\system32\w32time.dll 2010-03-10 11:02:37 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-03-10 11:02:37 ----A---- C:\Windows\system32\bcrypt.dll 2010-03-10 11:02:36 ----A---- C:\Windows\system32\msshooks.dll 2010-03-10 11:02:36 ----A---- C:\Windows\system32\msscntrs.dll 2010-03-10 11:02:36 ----A---- C:\Windows\system32\bthserv.dll 2010-03-10 11:02:35 ----A---- C:\Windows\system32\rsaenh.dll 2010-03-10 11:02:35 ----A---- C:\Windows\system32\msihnd.dll 2010-03-10 11:02:34 ----A---- C:\Windows\system32\TsWpfWrp.exe 2010-03-10 11:02:34 ----A---- C:\Windows\system32\msstrc.dll 2010-03-10 11:02:34 ----A---- C:\Windows\system32\MMDevAPI.dll 2010-03-10 11:02:32 ----A---- C:\Windows\system32\netapi32.dll 2010-03-10 11:02:32 ----A---- C:\Windows\system32\inetpp.dll 2010-03-10 11:02:32 ----A---- C:\Windows\system32\inetcomm.dll 2010-03-10 11:02:32 ----A---- C:\Windows\system32\dfshim.dll 2010-03-10 11:02:31 ----A---- C:\Windows\system32\mtxclu.dll 2010-03-10 11:02:31 ----A---- C:\Windows\system32\mscories.dll 2010-03-10 11:02:31 ----A---- C:\Windows\system32\hidserv.dll 2010-03-10 11:02:31 ----A---- C:\Windows\system32\fundisc.dll 2010-03-10 11:02:31 ----A---- C:\Windows\system32\cryptsvc.dll 2010-03-10 11:02:30 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-03-10 11:02:30 ----A---- C:\Windows\system32\profsvc.dll 2010-03-10 11:02:30 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-03-10 11:02:29 ----A---- C:\Windows\system32\termsrv.dll 2010-03-10 11:02:28 ----A---- C:\Windows\system32\imapi.dll 2010-03-10 11:02:27 ----A---- C:\Windows\system32\wdc.dll 2010-03-10 11:02:27 ----A---- C:\Windows\system32\shsvcs.dll 2010-03-10 11:02:27 ----A---- C:\Windows\system32\msiexec.exe 2010-03-10 11:02:27 ----A---- C:\Windows\system32\chsbrkr.dll 2010-03-10 11:02:26 ----A---- C:\Windows\system32\rasmans.dll 2010-03-10 11:02:26 ----A---- C:\Windows\system32\pnidui.dll 2010-03-10 11:02:26 ----A---- C:\Windows\system32\icardres.dll 2010-03-10 11:02:26 ----A---- C:\Windows\system32\iassdo.dll 2010-03-10 11:02:25 ----A---- C:\Windows\system32\wersvc.dll 2010-03-10 11:02:25 ----A---- C:\Windows\system32\spoolsv.exe 2010-03-10 11:02:25 ----A---- C:\Windows\system32\scrrun.dll 2010-03-10 11:02:25 ----A---- C:\Windows\system32\PSHED.DLL 2010-03-10 11:02:25 ----A---- C:\Windows\system32\autofmt.exe 2010-03-10 11:02:24 ----A---- C:\Windows\system32\slmgr.vbs 2010-03-10 11:02:24 ----A---- C:\Windows\system32\pdh.dll 2010-03-10 11:02:24 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-03-10 11:02:24 ----A---- C:\Windows\system32\CertEnrollUI.dll 2010-03-10 11:02:24 ----A---- C:\Windows\system32\azroles.dll 2010-03-10 11:02:23 ----A---- C:\Windows\system32\wmpmde.dll 2010-03-10 11:02:23 ----A---- C:\Windows\system32\pidgenx.dll 2010-03-10 11:02:22 ----A---- C:\Windows\system32\winlogon.exe 2010-03-10 11:02:22 ----A---- C:\Windows\system32\SyncCenter.dll 2010-03-10 11:02:20 ----A---- C:\Windows\system32\SLUINotify.dll 2010-03-10 11:02:20 ----A---- C:\Windows\system32\msjetoledb40.dll 2010-03-10 11:02:20 ----A---- C:\Windows\system32\comuid.dll 2010-03-10 11:02:19 ----A---- C:\Windows\system32\certmgr.dll 2010-03-10 11:02:18 ----A---- C:\Windows\system32\sethc.exe 2010-03-10 11:02:18 ----A---- C:\Windows\system32\ncrypt.dll 2010-03-10 11:02:18 ----A---- C:\Windows\system32\kd1394.dll 2010-03-10 11:02:17 ----A---- C:\Windows\system32\untfs.dll 2010-03-10 11:02:17 ----A---- C:\Windows\system32\spp.dll 2010-03-10 11:02:17 ----A---- C:\Windows\system32\scrobj.dll 2010-03-10 11:02:17 ----A---- C:\Windows\system32\iassam.dll 2010-03-10 11:02:16 ----A---- C:\Windows\system32\wisptis.exe 2010-03-10 11:02:16 ----A---- C:\Windows\system32\rtutils.dll 2010-03-10 11:02:15 ----A---- C:\Windows\system32\taskcomp.dll 2010-03-10 11:02:15 ----A---- C:\Windows\system32\dwm.exe 2010-03-10 11:02:14 ----A---- C:\Windows\system32\autochk.exe 2010-03-10 11:02:13 ----A---- C:\Windows\system32\printui.dll 2010-03-10 11:02:13 ----A---- C:\Windows\system32\iasnap.dll 2010-03-10 11:02:13 ----A---- C:\Windows\system32\autoconv.exe 2010-03-10 11:02:12 ----A---- C:\Windows\system32\winsrv.dll 2010-03-10 11:02:11 ----A---- C:\Windows\system32\cscript.exe 2010-03-10 11:02:10 ----A---- C:\Windows\system32\onex.dll 2010-03-10 11:02:10 ----A---- C:\Windows\system32\kdcom.dll 2010-03-10 11:02:10 ----A---- C:\Windows\system32\basecsp.dll 2010-03-10 11:02:09 ----A---- C:\Windows\system32\wow32.dll 2010-03-10 11:02:09 ----A---- C:\Windows\system32\userenv.dll 2010-03-10 11:02:09 ----A---- C:\Windows\system32\audiodg.exe 2010-03-10 11:02:08 ----A---- C:\Windows\system32\osk.exe 2010-03-10 11:02:08 ----A---- C:\Windows\system32\mswsock.dll 2010-03-10 11:02:07 ----A---- C:\Windows\system32\spcmsg.dll 2010-03-10 11:02:07 ----A---- C:\Windows\system32\kdusb.dll 2010-03-10 11:02:06 ----A---- C:\Windows\system32\winmm.dll 2010-03-10 11:02:06 ----A---- C:\Windows\system32\RelMon.dll 2010-03-10 11:02:05 ----A---- C:\Windows\system32\WinSCard.dll 2010-03-10 11:02:05 ----A---- C:\Windows\system32\rdpencom.dll 2010-03-10 11:02:04 ----A---- C:\Windows\system32\msftedit.dll 2010-03-10 11:02:00 ----A---- C:\Windows\system32\WerFaultSecure.exe 2010-03-10 11:01:59 ----A---- C:\Windows\system32\offfilt.dll 2010-03-10 11:01:59 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-03-10 11:01:55 ----A---- C:\Windows\system32\wsepno.dll 2010-03-10 11:01:55 ----A---- C:\Windows\system32\WerFault.exe 2010-03-10 11:01:55 ----A---- C:\Windows\system32\Utilman.exe 2010-03-10 11:01:55 ----A---- C:\Windows\system32\stobject.dll 2010-03-10 11:01:54 ----A---- C:\Windows\system32\mfplat.dll 2010-03-10 11:01:54 ----A---- C:\Windows\system32\diskraid.exe 2010-03-10 11:01:54 ----A---- C:\Windows\system32\apphelp.dll 2010-03-10 11:01:53 ----A---- C:\Windows\system32\SndVol.exe 2010-03-10 11:01:53 ----A---- C:\Windows\system32\mscms.dll 2010-03-10 11:01:53 ----A---- C:\Windows\system32\mcmde.dll 2010-03-10 11:01:52 ----A---- C:\Windows\system32\wiaservc.dll 2010-03-10 11:01:52 ----A---- C:\Windows\system32\sysclass.dll 2010-03-10 11:01:52 ----A---- C:\Windows\system32\prnntfy.dll 2010-03-10 11:01:52 ----A---- C:\Windows\system32\msnetobj.dll 2010-03-10 11:01:52 ----A---- C:\Windows\system32\adsmsext.dll 2010-03-10 11:01:51 ----A---- C:\Windows\system32\wscript.exe 2010-03-10 11:01:51 ----A---- C:\Windows\system32\ulib.dll 2010-03-10 11:01:51 ----A---- C:\Windows\system32\odbccp32.dll 2010-03-10 11:01:51 ----A---- C:\Windows\system32\iasdatastore.dll 2010-03-10 11:01:50 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2010-03-10 11:01:50 ----A---- C:\Windows\system32\dsound.dll 2010-03-10 11:01:50 ----A---- C:\Windows\system32\cryptui.dll 2010-03-10 11:01:49 ----A---- C:\Windows\system32\wscntfy.dll 2010-03-10 11:01:49 ----A---- C:\Windows\system32\rastapi.dll 2010-03-10 11:01:49 ----A---- C:\Windows\system32\pnpsetup.dll 2010-03-10 11:01:49 ----A---- C:\Windows\system32\fdProxy.dll 2010-03-10 11:01:48 ----A---- C:\Windows\system32\ipsecsnp.dll 2010-03-10 11:01:48 ----A---- C:\Windows\system32\brcpl.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\wscsvc.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\wlangpui.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\vdsdyn.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\iashlpr.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\gpapi.dll 2010-03-10 11:01:47 ----A---- C:\Windows\system32\diskpart.exe 2010-03-10 11:01:46 ----A---- C:\Windows\system32\WMVENCOD.DLL 2010-03-10 11:01:46 ----A---- C:\Windows\system32\rasapi32.dll 2010-03-10 11:01:46 ----A---- C:\Windows\system32\ntprint.dll 2010-03-10 11:01:46 ----A---- C:\Windows\system32\logman.exe 2010-03-10 11:01:45 ----A---- C:\Windows\system32\zipfldr.dll 2010-03-10 11:01:45 ----A---- C:\Windows\system32\wusa.exe 2010-03-10 11:01:45 ----A---- C:\Windows\system32\regsvc.dll 2010-03-10 11:01:45 ----A---- C:\Windows\system32\mscorier.dll 2010-03-10 11:01:45 ----A---- C:\Windows\system32\iasrad.dll 2010-03-10 11:01:45 ----A---- C:\Windows\system32\findstr.exe 2010-03-10 11:01:44 ----A---- C:\Windows\system32\wshext.dll 2010-03-10 11:01:44 ----A---- C:\Windows\system32\wpccpl.dll 2010-03-10 11:01:44 ----A---- C:\Windows\system32\netcenter.dll 2010-03-10 11:01:43 ----A---- C:\Windows\system32\rasdlg.dll 2010-03-10 11:01:42 ----A---- C:\Windows\system32\wsnmp32.dll 2010-03-10 11:01:42 ----A---- C:\Windows\system32\wer.dll 2010-03-10 11:01:42 ----A---- C:\Windows\system32\themecpl.dll 2010-03-10 11:01:42 ----A---- C:\Windows\system32\iassvcs.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\uxsms.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\srvsvc.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\scansetting.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\ntmarta.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\mssprxy.dll 2010-03-10 11:01:41 ----A---- C:\Windows\system32\iasads.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\slcc.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\powrprof.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\networkmap.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\msutb.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\mstsc.exe 2010-03-10 11:01:40 ----A---- C:\Windows\system32\mstlsapi.dll 2010-03-10 11:01:40 ----A---- C:\Windows\system32\iasacct.dll 2010-03-10 11:01:39 ----A---- C:\Windows\system32\powercpl.dll 2010-03-10 11:01:39 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-03-10 11:01:39 ----A---- C:\Windows\system32\newdev.exe 2010-03-10 11:01:39 ----A---- C:\Windows\system32\connect.dll 2010-03-10 11:01:39 ----A---- C:\Windows\system32\authz.dll 2010-03-10 11:01:38 ----A---- C:\Windows\system32\systemcpl.dll 2010-03-10 11:01:38 ----A---- C:\Windows\system32\sud.dll 2010-03-10 11:01:38 ----A---- C:\Windows\system32\pcaui.dll 2010-03-10 11:01:38 ----A---- C:\Windows\system32\dot3svc.dll 2010-03-10 11:01:37 ----A---- C:\Windows\system32\themeui.dll 2010-03-10 11:01:37 ----A---- C:\Windows\system32\samlib.dll 2010-03-10 11:01:37 ----A---- C:\Windows\system32\mmci.dll 2010-03-10 11:01:37 ----A---- C:\Windows\system32\accessibilitycpl.dll 2010-03-10 11:01:36 ----A---- C:\Windows\system32\wlanpref.dll 2010-03-10 11:01:36 ----A---- C:\Windows\system32\usercpl.dll 2010-03-10 11:01:36 ----A---- C:\Windows\system32\qdvd.dll 2010-03-10 11:01:36 ----A---- C:\Windows\system32\autoplay.dll 2010-03-10 11:01:35 ----A---- C:\Windows\system32\rpchttp.dll 2010-03-10 11:01:35 ----A---- C:\Windows\system32\regapi.dll 2010-03-10 11:01:35 ----A---- C:\Windows\system32\msinfo32.exe 2010-03-10 11:01:34 ----A---- C:\Windows\system32\wpcao.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\vdsutil.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\tapisrv.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\scksp.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\scesrv.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\psisdecd.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\oleprn.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\mpr.dll 2010-03-10 11:01:34 ----A---- C:\Windows\system32\feclient.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\wscisvif.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\rekeywiz.exe 2010-03-10 11:01:33 ----A---- C:\Windows\system32\imm32.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\iaspolcy.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\Faultrep.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\dot3msm.dll 2010-03-10 11:01:33 ----A---- C:\Windows\system32\DeviceEject.exe 2010-03-10 11:01:33 ----A---- C:\Windows\system32\AudioSes.dll 2010-03-10 11:01:32 ----A---- C:\Windows\system32\sdclt.exe 2010-03-10 11:01:32 ----A---- C:\Windows\system32\qedit.dll 2010-03-10 11:01:32 ----A---- C:\Windows\system32\pnpui.dll 2010-03-10 11:01:32 ----A---- C:\Windows\system32\perfdisk.dll 2010-03-10 11:01:32 ----A---- C:\Windows\system32\ncryptui.dll 2010-03-10 11:01:32 ----A---- C:\Windows\system32\hdwwiz.exe 2010-03-10 11:01:32 ----A---- C:\Windows\system32\dpapimig.exe 2010-03-10 11:01:32 ----A---- C:\Windows\system32\certreq.exe 2010-03-10 11:01:31 ----A---- C:\Windows\system32\TSTheme.exe 2010-03-10 11:01:31 ----A---- C:\Windows\system32\spwinsat.dll 2010-03-10 11:01:31 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2010-03-10 11:01:31 ----A---- C:\Windows\system32\scecli.dll 2010-03-10 11:01:31 ----A---- C:\Windows\system32\rasplap.dll 2010-03-10 11:01:31 ----A---- C:\Windows\system32\rasgcw.dll 2010-03-10 11:01:31 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-03-10 11:01:30 ----A---- C:\Windows\system32\whealogr.dll 2010-03-10 11:01:30 ----A---- C:\Windows\system32\tcpmon.dll 2010-03-10 11:01:30 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-03-10 11:01:30 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-03-10 11:01:30 ----A---- C:\Windows\system32\fdWSD.dll 2010-03-10 11:01:30 ----A---- C:\Windows\system32\cmmon32.exe 2010-03-10 11:01:29 ----A---- C:\Windows\system32\srcore.dll 2010-03-10 11:01:29 ----A---- C:\Windows\system32\SCardSvr.dll 2010-03-10 11:01:29 ----A---- C:\Windows\system32\conime.exe 2010-03-10 11:01:29 ----A---- C:\Windows\system32\cmdial32.dll 2010-03-10 11:01:27 ----A---- C:\Windows\system32\wiaaut.dll 2010-03-10 11:01:27 ----A---- C:\Windows\system32\SnippingTool.exe 2010-03-10 11:01:27 ----A---- C:\Windows\system32\raschap.dll 2010-03-10 11:01:27 ----A---- C:\Windows\system32\MSVidCtl.dll 2010-03-10 11:01:27 ----A---- C:\Windows\system32\fontext.dll 2010-03-10 11:01:26 ----A---- C:\Windows\system32\WMVXENCD.DLL 2010-03-10 11:01:26 ----A---- C:\Windows\system32\wlanui.dll 2010-03-10 11:01:26 ----A---- C:\Windows\system32\rasppp.dll 2010-03-10 11:01:26 ----A---- C:\Windows\system32\PnPutil.exe 2010-03-10 11:01:26 ----A---- C:\Windows\system32\dsprop.dll 2010-03-10 11:01:25 ----A---- C:\Windows\system32\shwebsvc.dll 2010-03-10 11:01:25 ----A---- C:\Windows\system32\oobefldr.dll 2010-03-10 11:01:25 ----A---- C:\Windows\system32\dimsroam.dll 2010-03-10 11:01:24 ----A---- C:\Windows\system32\shsetup.dll 2010-03-10 11:01:24 ----A---- C:\Windows\system32\rasmontr.dll 2010-03-10 11:01:24 ----A---- C:\Windows\system32\mscandui.dll 2010-03-10 11:01:24 ----A---- C:\Windows\system32\modemui.dll 2010-03-10 11:01:24 ----A---- C:\Windows\system32\chtbrkr.dll 2010-03-10 11:01:23 ----A---- C:\Windows\system32\wmdrmsdk.dll 2010-03-10 11:01:23 ----A---- C:\Windows\system32\dataclen.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\WSDMon.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\wlgpclnt.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\smss.exe 2010-03-10 11:01:22 ----A---- C:\Windows\system32\rdpwsx.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\netplwiz.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\credui.dll 2010-03-10 11:01:22 ----A---- C:\Windows\system32\blackbox.dll 2010-03-10 11:01:21 ----A---- C:\Windows\system32\wmpeffects.dll 2010-03-10 11:01:21 ----A---- C:\Windows\system32\certprop.dll 2010-03-10 11:01:20 ----A---- C:\Windows\system32\networkexplorer.dll 2010-03-10 11:01:19 ----A---- C:\Windows\system32\ifmon.dll 2010-03-10 11:01:18 ----A---- C:\Windows\system32\wpcsvc.dll 2010-03-10 11:01:18 ----A---- C:\Windows\system32\msscp.dll 2010-03-10 11:01:18 ----A---- C:\Windows\system32\logagent.exe 2010-03-10 11:01:18 ----A---- C:\Windows\system32\cipher.exe 2010-03-10 11:01:17 ----A---- C:\Windows\system32\InkEd.dll 2010-03-10 11:01:16 ----A---- C:\Windows\system32\wscapi.dll 2010-03-10 11:01:16 ----A---- C:\Windows\system32\msimtf.dll 2010-03-10 11:01:16 ----A---- C:\Windows\system32\gpresult.exe 2010-03-10 11:01:15 ----A---- C:\Windows\system32\thawbrkr.dll 2010-03-10 11:01:15 ----A---- C:\Windows\system32\softkbd.dll 2010-03-10 11:01:15 ----A---- C:\Windows\system32\sendmail.dll 2010-03-10 11:01:14 ----A---- C:\Windows\system32\msctfui.dll 2010-03-10 11:01:14 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2010-03-10 11:01:13 ----A---- C:\Windows\system32\olepro32.dll 2010-03-10 11:01:13 ----A---- C:\Windows\system32\dmsynth.dll 2010-03-10 11:01:12 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\wshbth.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\version.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\SLLUA.exe 2010-03-10 11:01:11 ----A---- C:\Windows\system32\puiapi.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\msisip.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\mprapi.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\input.dll 2010-03-10 11:01:11 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-03-10 11:01:10 ----A---- C:\Windows\system32\fc.exe 2010-03-10 11:01:07 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2010-03-10 11:01:07 ----A---- C:\Windows\system32\fdSSDP.dll 2010-03-10 11:01:07 ----A---- C:\Windows\system32\dmusic.dll 2010-03-10 11:01:06 ----A---- C:\Windows\system32\msjint40.dll 2010-03-10 11:01:06 ----A---- C:\Windows\system32\l2nacp.dll 2010-03-10 11:01:06 ----A---- C:\Windows\system32\eapp3hst.dll 2010-03-10 11:01:06 ----A---- C:\Windows\system32\cscapi.dll 2010-03-10 11:01:05 ----A---- C:\Windows\system32\wsdchngr.dll 2010-03-10 11:01:05 ----A---- C:\Windows\system32\SMBHelperClass.dll 2010-03-10 11:01:05 ----A---- C:\Windows\system32\ftp.exe 2010-03-10 11:01:05 ----A---- C:\Windows\system32\cscdll.dll 2010-03-10 11:01:04 ----A---- C:\Windows\system32\Storprop.dll 2010-03-10 11:01:04 ----A---- C:\Windows\system32\rasdial.exe 2010-03-10 11:01:04 ----A---- C:\Windows\system32\rasdiag.dll 2010-03-10 11:01:04 ----A---- C:\Windows\system32\fdWCN.dll 2010-03-10 11:01:04 ----A---- C:\Windows\system32\dot3cfg.dll 2010-03-10 11:01:04 ----A---- C:\Windows\system32\bthudtask.exe 2010-03-10 11:01:04 ----A---- C:\Windows\system32\bthci.dll 2010-03-10 11:01:03 ----A---- C:\Windows\system32\tscupgrd.exe 2010-03-10 11:01:03 ----A---- C:\Windows\system32\slcinst.dll 2010-03-10 11:01:03 ----A---- C:\Windows\system32\nslookup.exe 2010-03-10 11:01:03 ----A---- C:\Windows\system32\networkitemfactory.dll 2010-03-10 11:01:03 ----A---- C:\Windows\system32\ipconfig.exe 2010-03-10 11:01:03 ----A---- C:\Windows\system32\eappcfg.dll 2010-03-10 11:01:03 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2010-03-10 11:01:02 ----A---- C:\Windows\system32\ocsetup.exe 2010-03-10 11:01:02 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-03-10 11:01:02 ----A---- C:\Windows\system32\eappgnui.dll 2010-03-10 11:01:01 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-03-10 11:01:01 ----A---- C:\Windows\system32\mmcico.dll 2010-03-10 11:01:01 ----A---- C:\Windows\system32\hbaapi.dll 2010-03-10 11:01:01 ----A---- C:\Windows\system32\fdeploy.dll 2010-03-10 11:01:00 ----A---- C:\Windows\system32\gpupdate.exe 2010-03-10 11:00:59 ----A---- C:\Windows\system32\cbsra.exe 2010-03-10 11:00:58 ----A---- C:\Windows\system32\NcdProp.dll 2010-03-10 11:00:58 ----A---- C:\Windows\system32\iscsilog.dll 2010-03-10 11:00:58 ----A---- C:\Windows\system32\csrstub.exe 2010-03-10 11:00:58 ----A---- C:\Windows\system32\bitsigd.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\winrnr.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\vdmdbg.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\slwga.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\odbcconf.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\midimap.dll 2010-03-10 11:00:56 ----A---- C:\Windows\system32\inetppui.dll 2010-03-10 11:00:52 ----A---- C:\Windows\system32\msimsg.dll 2010-03-10 11:00:52 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-03-10 11:00:28 ----A---- C:\Windows\system32\SmiEngine.dll 2010-03-10 11:00:25 ----A---- C:\Windows\system32\wdscore.dll 2010-03-10 11:00:25 ----A---- C:\Windows\system32\PkgMgr.exe 2010-03-10 11:00:12 ----A---- C:\Windows\system32\drvstore.dll 2010-03-10 01:55:44 ----A---- C:\Windows\system32\nshhttp.dll 2010-03-10 01:55:42 ----A---- C:\Windows\system32\httpapi.dll 2010-03-10 01:55:12 ----D---- C:\Program Files\MSXML 4.0 2010-03-09 12:02:24 ----D---- C:\Users\Vins\AppData\Roaming\Nero 2010-03-09 11:41:05 ----D---- C:\Program Files\Nero 2010-03-09 11:39:06 ----D---- C:\ProgramData\Nero 2010-03-09 11:39:02 ----D---- C:\Program Files\Common Files\Nero 2010-03-09 11:33:46 ----D---- C:\Users\Vins\AppData\Roaming\Real 2010-03-09 11:00:44 ----D---- C:\Program Files\Microsoft 2010-03-09 11:00:20 ----D---- C:\Program Files\Windows Live SkyDrive 2010-03-09 10:59:57 ----D---- C:\Program Files\Windows Live 2010-03-09 10:57:42 ----D---- C:\Program Files\Common Files\Windows Live 2010-03-09 03:20:27 ----D---- C:\ProgramData\Office Genuine Advantage 2010-03-09 02:00:31 ----D---- C:\Users\Vins\AppData\Roaming\Mozilla 2010-03-09 01:59:36 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-03-09 01:59:36 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-03-09 01:56:57 ----D---- C:\Program Files\CCleaner 2010-03-09 01:56:55 ----D---- C:\Program Files\Common Files\Remote Control Software Common 2010-03-09 01:53:08 ----D---- C:\Program Files\Common Files\Remote Control USB Driver 2010-03-09 01:48:04 ----D---- C:\ProgramData\Logitech 2010-03-09 01:47:57 ----D---- C:\Users\Vins\AppData\Roaming\Leadertech 2010-03-09 01:45:43 ----D---- C:\ProgramData\Logishrd 2010-03-09 01:45:41 ----D---- C:\Program Files\Logitech 2010-03-09 01:44:49 ----D---- C:\Program Files\Common Files\LogiShrd 2010-03-09 01:44:34 ----D---- C:\Users\Vins\AppData\Roaming\Logitech 2010-03-09 01:44:34 ----D---- C:\Users\Vins\AppData\Roaming\Logishrd 2010-03-09 00:40:53 ----D---- C:\Program Files\Garmin GPS Plugin 2010-03-09 00:34:21 ----D---- C:\ProgramData\GARMIN 2010-03-09 00:27:10 ----D---- C:\Users\Vins\AppData\Roaming\GARMIN 2010-03-08 23:44:27 ----A---- C:\Windows\system32\winhttp.dll 2010-03-08 23:32:08 ----A---- C:\Windows\system32\browserchoice.exe 2010-03-08 23:31:51 ----A---- C:\Windows\system32\kerberos.dll 2010-03-08 23:31:50 ----A---- C:\Windows\system32\schannel.dll 2010-03-08 23:31:43 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-03-08 23:31:43 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-03-08 11:17:50 ----A---- C:\Windows\system32\jscript.dll 2010-03-08 11:14:10 ----A---- C:\Windows\system32\imagesp1.dll 2010-03-08 11:14:05 ----A---- C:\Windows\system32\sstpsvc.dll 2010-03-08 11:14:03 ----A---- C:\Windows\system32\winrscmd.dll 2010-03-08 11:13:54 ----A---- C:\Windows\system32\xpssvcs.dll 2010-03-08 11:13:51 ----A---- C:\Windows\system32\spwizimg.dll 2010-03-08 11:13:51 ----A---- C:\Windows\bfsvc.exe 2010-03-08 11:13:50 ----A---- C:\Windows\system32\lpremove.exe 2010-03-08 11:13:47 ----A---- C:\Windows\system32\recdisc.exe 2010-03-08 11:13:46 ----A---- C:\Windows\system32\CompMgmtLauncher.exe 2010-03-08 11:13:43 ----A---- C:\Windows\system32\msvbvm60.dll 2010-03-08 11:13:40 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL 2010-03-08 11:13:39 ----A---- C:\Windows\system32\xolehlp.dll 2010-03-08 11:13:37 ----A---- C:\Windows\system32\SSShim.dll 2010-03-08 11:13:36 ----A---- C:\Windows\system32\nlmgp.dll 2010-03-08 11:13:36 ----A---- C:\Windows\system32\DfsShlEx.dll 2010-03-08 11:13:35 ----A---- C:\Windows\system32\clusapi.dll 2010-03-08 11:13:33 ----A---- C:\Windows\system32\winrsmgr.dll 2010-03-08 11:13:32 ----A---- C:\Windows\system32\vdsbas.dll 2010-03-08 11:13:31 ----A---- C:\Windows\system32\comctl32.dll 2010-03-08 11:13:30 ----A---- C:\Windows\system32\XPSSHHDR.dll 2010-03-08 11:13:30 ----A---- C:\Windows\system32\sbe.dll 2010-03-08 11:13:30 ----A---- C:\Windows\system32\msdtckrm.dll 2010-03-08 11:13:29 ----A---- C:\Windows\system32\wecutil.exe 2010-03-08 11:13:29 ----A---- C:\Windows\system32\sdengin2.dll 2010-03-08 11:13:28 ----A---- C:\Windows\system32\gacinstall.dll 2010-03-08 11:13:28 ----A---- C:\Windows\system32\cmipnpinstall.dll 2010-03-08 11:13:28 ----A---- C:\Windows\system32\cmicryptinstall.dll 2010-03-08 11:13:27 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll 2010-03-08 11:13:26 ----A---- C:\Windows\system32\FirewallAPI.dll 2010-03-08 11:13:25 ----A---- C:\Windows\system32\wecsvc.dll 2010-03-08 11:13:25 ----A---- C:\Windows\system32\sqlceqp30.dll 2010-03-08 11:13:25 ----A---- C:\Windows\system32\lsm.exe 2010-03-08 11:13:24 ----A---- C:\Windows\system32\thumbcache.dll 2010-03-08 11:13:18 ----A---- C:\Windows\system32\authfwcfg.dll 2010-03-08 11:13:16 ----A---- C:\Windows\system32\dmvdsitf.dll 2010-03-08 11:13:15 ----A---- C:\Windows\system32\wevtfwd.dll 2010-03-08 11:13:15 ----A---- C:\Windows\system32\uexfat.dll 2010-03-08 11:13:14 ----A---- C:\Windows\system32\sqlcese30.dll 2010-03-08 11:13:14 ----A---- C:\Windows\system32\DfrgNtfs.exe 2010-03-08 11:13:10 ----A---- C:\Windows\system32\mssha.dll 2010-03-08 11:13:10 ----A---- C:\Windows\system32\dfrgui.exe 2010-03-08 11:13:09 ----A---- C:\Windows\system32\WsmAuto.dll 2010-03-08 11:13:09 ----A---- C:\Windows\system32\nlasvc.dll 2010-03-08 11:13:08 ----A---- C:\Windows\system32\wmdrmdev.dll 2010-03-08 11:13:07 ----A---- C:\Windows\system32\WsmWmiPl.dll 2010-03-08 11:13:07 ----A---- C:\Windows\system32\ddraw.dll 2010-03-08 11:13:06 ----A---- C:\Windows\system32\QAGENT.DLL 2010-03-08 11:13:06 ----A---- C:\Windows\system32\objsel.dll 2010-03-08 11:13:06 ----A---- C:\Windows\system32\dbghelp.dll 2010-03-08 11:13:05 ----A---- C:\Windows\system32\icm32.dll 2010-03-08 11:13:04 ----A---- C:\Windows\system32\wmdrmnet.dll 2010-03-08 11:13:04 ----A---- C:\Windows\system32\iprtrmgr.dll 2010-03-08 11:13:03 ----A---- C:\Windows\system32\taskschd.dll 2010-03-08 11:13:03 ----A---- C:\Windows\system32\bcdedit.exe 2010-03-08 11:13:02 ----A---- C:\Windows\system32\AudioEng.dll 2010-03-08 11:13:01 ----A---- C:\Windows\system32\winsta.dll 2010-03-08 11:13:01 ----A---- C:\Windows\system32\netprofm.dll 2010-03-08 11:13:01 ----A---- C:\Windows\system32\netcfgx.dll 2010-03-08 11:13:00 ----A---- C:\Windows\system32\lpksetup.exe 2010-03-08 11:13:00 ----A---- C:\Windows\system32\cdosys.dll 2010-03-08 11:12:59 ----A---- C:\Windows\system32\msdtcuiu.dll 2010-03-08 11:12:58 ----A---- C:\Windows\system32\mprddm.dll 2010-03-08 11:12:57 ----A---- C:\Windows\system32\eapsvc.dll 2010-03-08 11:12:57 ----A---- C:\Windows\system32\bcdsrv.dll 2010-03-08 11:12:57 ----A---- C:\Windows\system32\AUDIOKSE.dll 2010-03-08 11:12:56 ----A---- C:\Windows\system32\msidcrl30.dll 2010-03-08 11:12:55 ----A---- C:\Windows\system32\WMVDECOD.DLL 2010-03-08 11:12:55 ----A---- C:\Windows\system32\pla.dll 2010-03-08 11:12:54 ----A---- C:\Windows\system32\dot3gpui.dll 2010-03-08 11:12:53 ----A---- C:\Windows\system32\cryptnet.dll 2010-03-08 11:12:53 ----A---- C:\Windows\system32\comsnap.dll 2010-03-08 11:12:52 ----A---- C:\Windows\system32\synceng.dll 2010-03-08 11:12:51 ----A---- C:\Windows\system32\cmifw.dll 2010-03-08 11:12:50 ----A---- C:\Windows\system32\msconfig.exe 2010-03-08 11:12:49 ----A---- C:\Windows\system32\tdh.dll 2010-03-08 11:12:48 ----A---- C:\Windows\system32\uxtheme.dll 2010-03-08 11:12:48 ----A---- C:\Windows\system32\SessEnv.dll 2010-03-08 11:12:48 ----A---- C:\Windows\system32\dot3api.dll 2010-03-08 11:12:48 ----A---- C:\Windows\system32\dmdskmgr.dll 2010-03-08 11:12:48 ----A---- C:\Windows\system32\cmd.exe 2010-03-08 11:12:48 ----A---- C:\Windows\system32\AuthFWSnapin.dll 2010-03-08 11:12:47 ----A---- C:\Windows\system32\WUDFx.dll 2010-03-08 11:12:47 ----A---- C:\Windows\system32\wlancfg.dll 2010-03-08 11:12:47 ----A---- C:\Windows\system32\loadperf.dll 2010-03-08 11:12:46 ----A---- C:\Windows\system32\rdpdd.dll 2010-03-08 11:12:46 ----A---- C:\Windows\system32\msdtcVSp1res.dll 2010-03-08 11:12:46 ----A---- C:\Windows\system32\localsec.dll 2010-03-08 11:12:46 ----A---- C:\Windows\system32\comres.dll 2010-03-08 11:12:45 ----A---- C:\Windows\system32\wsqmcons.exe 2010-03-08 11:12:45 ----A---- C:\Windows\system32\WMADMOD.DLL 2010-03-08 11:12:45 ----A---- C:\Windows\system32\WinSATAPI.dll 2010-03-08 11:12:45 ----A---- C:\Windows\system32\rstrui.exe 2010-03-08 11:12:45 ----A---- C:\Windows\system32\hnetcfg.dll 2010-03-08 11:12:44 ----A---- C:\Windows\system32\RDPENCDD.dll 2010-03-08 11:12:44 ----A---- C:\Windows\system32\profprov.dll 2010-03-08 11:12:44 ----A---- C:\Windows\system32\NAPMONTR.DLL 2010-03-08 11:12:44 ----A---- C:\Windows\system32\filemgmt.dll 2010-03-08 11:12:43 ----A---- C:\Windows\system32\wsecedit.dll 2010-03-08 11:12:43 ----A---- C:\Windows\system32\tracerpt.exe 2010-03-08 11:12:43 ----A---- C:\Windows\system32\MuiUnattend.exe 2010-03-08 11:12:42 ----A---- C:\Windows\system32\wininit.exe 2010-03-08 11:12:42 ----A---- C:\Windows\system32\dwmredir.dll 2010-03-08 11:12:41 ----A---- C:\Windows\system32\QSHVHOST.DLL 2010-03-08 11:12:41 ----A---- C:\Windows\system32\mcbuilder.exe 2010-03-08 11:12:41 ----A---- C:\Windows\system32\iashost.exe 2010-03-08 11:12:41 ----A---- C:\Windows\system32\azroleui.dll 2010-03-08 11:12:41 ----A---- C:\Windows\HelpPane.exe 2010-03-08 11:12:40 ----A---- C:\Windows\system32\srrstr.dll 2010-03-08 11:12:40 ----A---- C:\Windows\system32\spwizeng.dll 2010-03-08 11:12:40 ----A---- C:\Windows\system32\lltdsvc.dll 2010-03-08 11:12:39 ----A---- C:\Windows\system32\wecapi.dll 2010-03-08 11:12:39 ----A---- C:\Windows\system32\unbcl.dll 2010-03-08 11:12:39 ----A---- C:\Windows\system32\shrink.dll 2010-03-08 11:12:39 ----A---- C:\Windows\system32\msra.exe 2010-03-08 11:12:38 ----A---- C:\Windows\system32\WMPEncEn.dll 2010-03-08 11:12:37 ----A---- C:\Windows\system32\msdri.dll 2010-03-08 11:12:36 ----A---- C:\Windows\system32\ntvdm.exe 2010-03-08 11:12:36 ----A---- C:\Windows\system32\framedynos.dll 2010-03-08 11:12:35 ----A---- C:\Windows\system32\vsstrace.dll 2010-03-08 11:12:35 ----A---- C:\Windows\system32\ntlanman.dll 2010-03-08 11:12:33 ----A---- C:\Windows\system32\WlanMM.dll 2010-03-08 11:12:33 ----A---- C:\Windows\system32\netman.dll 2010-03-08 11:12:33 ----A---- C:\Windows\system32\KMSVC.DLL 2010-03-08 11:12:33 ----A---- C:\Windows\system32\framedyn.dll 2010-03-08 11:12:33 ----A---- C:\Windows\system32\dssenh.dll 2010-03-08 11:12:33 ----A---- C:\Windows\system32\adsnt.dll 2010-03-08 11:12:32 ----A---- C:\Windows\system32\WUDFHost.exe 2010-03-08 11:12:32 ----A---- C:\Windows\system32\WsmProv.dll 2010-03-08 11:12:32 ----A---- C:\Windows\system32\WLanConn.dll 2010-03-08 11:12:32 ----A---- C:\Windows\system32\sxs.dll 2010-03-08 11:12:32 ----A---- C:\Windows\system32\ncsi.dll 2010-03-08 11:12:32 ----A---- C:\Windows\system32\IPBusEnum.dll 2010-03-08 11:12:31 ----A---- C:\Windows\system32\VAN.dll 2010-03-08 11:12:31 ----A---- C:\Windows\system32\umb.dll 2010-03-08 11:12:31 ----A---- C:\Windows\system32\catsrvut.dll 2010-03-08 11:12:30 ----A---- C:\Windows\system32\puiobj.dll 2010-03-08 11:12:28 ----A---- C:\Windows\system32\netid.dll 2010-03-08 11:12:28 ----A---- C:\Windows\system32\dps.dll 2010-03-08 11:12:27 ----A---- C:\Windows\system32\MdSched.exe 2010-03-08 11:12:26 ----A---- C:\Windows\system32\ws2_32.dll 2010-03-08 11:12:26 ----A---- C:\Windows\system32\spbcd.dll 2010-03-08 11:12:26 ----A---- C:\Windows\system32\setbcdlocale.dll 2010-03-08 11:12:26 ----A---- C:\Windows\system32\ntdsapi.dll 2010-03-08 11:12:25 ----A---- C:\Windows\system32\winrs.exe 2010-03-08 11:12:25 ----A---- C:\Windows\system32\odbcjt32.dll 2010-03-08 11:12:25 ----A---- C:\Windows\system32\NAPSTAT.EXE 2010-03-08 11:12:23 ----A---- C:\Windows\system32\schtasks.exe 2010-03-08 11:12:23 ----A---- C:\Windows\system32\netdiagfx.dll 2010-03-08 11:12:23 ----A---- C:\Windows\system32\dmdlgs.dll 2010-03-08 11:12:23 ----A---- C:\Windows\system32\dhcpsapi.dll 2010-03-08 11:12:23 ----A---- C:\Windows\system32\catsrv.dll 2010-03-08 11:12:23 ----A---- C:\Windows\system32\activeds.dll 2010-03-08 11:12:22 ----A---- C:\Windows\system32\wvc.dll 2010-03-08 11:12:22 ----A---- C:\Windows\system32\winrm.vbs 2010-03-08 11:12:22 ----A---- C:\Windows\system32\TSpkg.dll 2010-03-08 11:12:22 ----A---- C:\Windows\system32\qwave.dll 2010-03-08 11:12:22 ----A---- C:\Windows\system32\FirewallControlPanel.exe 2010-03-08 11:12:22 ----A---- C:\Windows\system32\dfrgfat.exe 2010-03-08 11:12:21 ----A---- C:\Windows\system32\netcorehc.dll 2010-03-08 11:12:21 ----A---- C:\Windows\system32\NAPHLPR.DLL 2010-03-08 11:12:21 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL 2010-03-08 11:12:21 ----A---- C:\Windows\system32\msacm32.dll 2010-03-08 11:12:20 ----A---- C:\Windows\system32\adsldp.dll 2010-03-08 11:12:19 ----A---- C:\Windows\system32\QUTIL.DLL 2010-03-08 11:12:19 ----A---- C:\Windows\system32\ntshrui.dll 2010-03-08 11:12:19 ----A---- C:\Windows\system32\msdt.dll 2010-03-08 11:12:19 ----A---- C:\Windows\system32\els.dll 2010-03-08 11:12:19 ----A---- C:\Windows\system32\clbcatq.dll 2010-03-08 11:12:18 ----A---- C:\Windows\system32\sdrsvc.dll 2010-03-08 11:12:18 ----A---- C:\Windows\system32\net1.exe 2010-03-08 11:12:18 ----A---- C:\Windows\system32\ipnathlp.dll 2010-03-08 11:12:17 ----A---- C:\Windows\system32\upnphost.dll 2010-03-08 11:12:17 ----A---- C:\Windows\system32\nci.dll 2010-03-08 11:12:17 ----A---- C:\Windows\system32\mprmsg.dll 2010-03-08 11:12:17 ----A---- C:\Windows\system32\Defrag.exe 2010-03-08 11:12:12 ----A---- C:\Windows\system32\rasman.dll 2010-03-08 11:12:12 ----A---- C:\Windows\system32\P2P.dll 2010-03-08 11:12:12 ----A---- C:\Windows\system32\CompatUI.dll 2010-03-08 11:12:12 ----A---- C:\Windows\system32\ActiveContentWizard.dll 2010-03-08 11:12:11 ----A---- C:\Windows\system32\rascfg.dll 2010-03-08 11:12:11 ----A---- C:\Windows\system32\MSAC3ENC.DLL 2010-03-08 11:12:11 ----A---- C:\Windows\system32\loghours.dll 2010-03-08 11:12:11 ----A---- C:\Windows\system32\fde.dll 2010-03-08 11:12:10 ----A---- C:\Windows\system32\Wpc.dll 2010-03-08 11:12:10 ----A---- C:\Windows\system32\setupcl.exe 2010-03-08 11:12:10 ----A---- C:\Windows\system32\mprdim.dll 2010-03-08 11:12:10 ----A---- C:\Windows\system32\MigAutoPlay.exe 2010-03-08 11:12:10 ----A---- C:\Windows\system32\DFDWiz.exe 2010-03-08 11:12:09 ----A---- C:\Windows\system32\rtm.dll 2010-03-08 11:12:08 ----A---- C:\Windows\system32\NAPCRYPT.DLL 2010-03-08 11:12:08 ----A---- C:\Windows\system32\ifsutil.dll 2010-03-08 11:12:07 ----A---- C:\Windows\system32\wdi.dll 2010-03-08 11:12:07 ----A---- C:\Windows\system32\actxprxy.dll 2010-03-08 11:12:06 ----A---- C:\Windows\system32\usbmon.dll 2010-03-08 11:12:06 ----A---- C:\Windows\system32\mswmdm.dll 2010-03-08 11:12:06 ----A---- C:\Windows\system32\imagehlp.dll 2010-03-08 11:12:06 ----A---- C:\Windows\system32\BOOTVID.DLL 2010-03-08 11:12:05 ----A---- C:\Windows\system32\wlandlg.dll 2010-03-08 11:12:05 ----A---- C:\Windows\system32\vssadmin.exe 2010-03-08 11:12:05 ----A---- C:\Windows\system32\uudf.dll 2010-03-08 11:12:05 ----A---- C:\Windows\system32\mycomput.dll 2010-03-08 11:12:03 ----A---- C:\Windows\system32\mspaint.exe 2010-03-08 11:12:02 ----A---- C:\Windows\system32\mstask.dll 2010-03-08 11:12:01 ----A---- C:\Windows\system32\termmgr.dll 2010-03-08 11:12:01 ----A---- C:\Windows\system32\ssdpsrv.dll 2010-03-08 11:12:01 ----A---- C:\Windows\system32\mtxoci.dll 2010-03-08 11:12:01 ----A---- C:\Windows\system32\duser.dll 2010-03-08 11:12:00 ----A---- C:\Windows\system32\Robocopy.exe 2010-03-08 11:12:00 ----A---- C:\Windows\system32\cic.dll 2010-03-08 11:12:00 ----A---- C:\Windows\system32\AzSqlExt.dll 2010-03-08 11:11:58 ----A---- C:\Windows\system32\WUDFPlatform.dll 2010-03-08 11:11:58 ----A---- C:\Windows\system32\verifier.exe 2010-03-08 11:11:58 ----A---- C:\Windows\system32\sdshext.dll 2010-03-08 11:11:58 ----A---- C:\Windows\system32\msdtclog.dll 2010-03-08 11:11:58 ----A---- C:\Windows\system32\msdt.exe 2010-03-08 11:11:57 ----A---- C:\Windows\system32\d3d8.dll 2010-03-08 11:11:56 ----A---- C:\Windows\system32\wintrust.dll 2010-03-08 11:11:56 ----A---- C:\Windows\system32\vdsldr.exe 2010-03-08 11:11:56 ----A---- C:\Windows\system32\oledlg.dll 2010-03-08 11:11:56 ----A---- C:\Windows\system32\mmcbase.dll 2010-03-08 11:11:56 ----A---- C:\Windows\system32\clfsw32.dll 2010-03-08 11:11:55 ----A---- C:\Windows\system32\rasqec.dll 2010-03-08 11:11:55 ----A---- C:\Windows\system32\ncobjapi.dll 2010-03-08 11:11:55 ----A---- C:\Windows\system32\msaatext.dll 2010-03-08 11:11:55 ----A---- C:\Windows\system32\mlang.dll 2010-03-08 11:11:55 ----A---- C:\Windows\system32\icfupgd.dll 2010-03-08 11:11:54 ----A---- C:\Windows\system32\wtsapi32.dll 2010-03-08 11:11:54 ----A---- C:\Windows\system32\unlodctr.exe 2010-03-08 11:11:54 ----A---- C:\Windows\system32\syssetup.dll 2010-03-08 11:11:54 ----A---- C:\Windows\system32\lodctr.exe 2010-03-08 11:11:53 ----A---- C:\Windows\system32\cabinet.dll 2010-03-08 11:11:52 ----A---- C:\Windows\system32\WSManHTTPConfig.exe 2010-03-08 11:11:52 ----A---- C:\Windows\system32\unattend.dll 2010-03-08 11:11:52 ----A---- C:\Windows\system32\trkwks.dll 2010-03-08 11:11:52 ----A---- C:\Windows\system32\Mcx2Svc.dll 2010-03-08 11:11:52 ----A---- C:\Windows\system32\lnkstub.exe 2010-03-08 11:11:51 ----A---- C:\Windows\system32\wermgr.exe 2010-03-08 11:11:51 ----A---- C:\Windows\system32\ogldrv.dll 2010-03-08 11:11:51 ----A---- C:\Windows\system32\dfdts.dll 2010-03-08 11:11:51 ----A---- C:\Windows\system32\cabview.dll 2010-03-08 11:11:50 ----A---- C:\Windows\system32\p2pcollab.dll 2010-03-08 11:11:49 ----A---- C:\Windows\system32\sdspres.dll 2010-03-08 11:11:49 ----A---- C:\Windows\system32\dispdiag.exe 2010-03-08 11:11:49 ----A---- C:\Windows\system32\DHCPQEC.DLL 2010-03-08 11:11:49 ----A---- C:\Windows\system32\basesrv.dll 2010-03-08 11:11:48 ----A---- C:\Windows\system32\mmcss.dll 2010-03-08 11:11:48 ----A---- C:\Windows\system32\dsquery.dll 2010-03-08 11:11:47 ----A---- C:\Windows\system32\verifier.dll 2010-03-08 11:11:47 ----A---- C:\Windows\system32\RstrtMgr.dll 2010-03-08 11:11:47 ----A---- C:\Windows\system32\efsadu.dll 2010-03-08 11:11:46 ----A---- C:\Windows\system32\wercplsupport.dll 2010-03-08 11:11:45 ----A---- C:\Windows\system32\setupugc.exe 2010-03-08 11:11:45 ----A---- C:\Windows\system32\msoeacct.dll 2010-03-08 11:11:45 ----A---- C:\Windows\system32\icacls.exe 2010-03-08 11:11:44 ----A---- C:\Windows\system32\xactsrv.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\wiascanprofiles.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\QSVRMGMT.DLL 2010-03-08 11:11:44 ----A---- C:\Windows\system32\pnrpnsp.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\PNPXAssocPrx.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\p2pnetsh.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\msrdc.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\msdmo.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\iscsiexe.dll 2010-03-08 11:11:44 ----A---- C:\Windows\system32\consent.exe 2010-03-08 11:11:43 ----A---- C:\Windows\system32\systeminfo.exe 2010-03-08 11:11:43 ----A---- C:\Windows\system32\pcadm.dll 2010-03-08 11:11:43 ----A---- C:\Windows\system32\netcfg.exe 2010-03-08 11:11:43 ----A---- C:\Windows\system32\eappprxy.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\xwizards.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\resutils.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\DWWIN.EXE 2010-03-08 11:11:42 ----A---- C:\Windows\system32\dssec.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\dot3ui.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\dfrgifc.exe 2010-03-08 11:11:42 ----A---- C:\Windows\system32\dbnetlib.dll 2010-03-08 11:11:42 ----A---- C:\Windows\system32\cmdl32.exe 2010-03-08 11:11:42 ----A---- C:\Windows\system32\alg.exe 2010-03-08 11:11:41 ----A---- C:\Windows\system32\netprof.dll 2010-03-08 11:11:41 ----A---- C:\Windows\system32\MFWMAAEC.DLL 2010-03-08 11:11:41 ----A---- C:\Windows\system32\btpanui.dll 2010-03-08 11:11:41 ----A---- C:\Windows\regedit.exe 2010-03-08 11:11:40 ----A---- C:\Windows\system32\txflog.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\tbssvc.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\taskkill.exe 2010-03-08 11:11:40 ----A---- C:\Windows\system32\msieftp.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\dxva2.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\dwmapi.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\bcdprov.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\apircl.dll 2010-03-08 11:11:40 ----A---- C:\Windows\system32\ActionQueue.dll 2010-03-08 11:11:39 ----A---- C:\Windows\system32\syncui.dll 2010-03-08 11:11:39 ----A---- C:\Windows\system32\svchost.exe 2010-03-08 11:11:39 ----A---- C:\Windows\system32\RASMM.dll 2010-03-08 11:11:39 ----A---- C:\Windows\system32\provthrd.dll 2010-03-08 11:11:39 ----A---- C:\Windows\system32\EAPQEC.DLL 2010-03-08 11:11:39 ----A---- C:\Windows\system32\dmocx.dll 2010-03-08 11:11:38 ----A---- C:\Windows\system32\WMASF.DLL 2010-03-08 11:11:38 ----A---- C:\Windows\system32\raserver.exe 2010-03-08 11:11:38 ----A---- C:\Windows\system32\aclui.dll 2010-03-08 11:11:37 ----A---- C:\Windows\system32\xcopy.exe 2010-03-08 11:11:37 ----A---- C:\Windows\system32\upnp.dll 2010-03-08 11:11:37 ----A---- C:\Windows\system32\UIHub.dll 2010-03-08 11:11:37 ----A---- C:\Windows\system32\taskmgr.exe 2010-03-08 11:11:37 ----A---- C:\Windows\system32\QCLIPROV.DLL 2010-03-08 11:11:37 ----A---- C:\Windows\system32\ias.dll 2010-03-08 11:11:37 ----A---- C:\Windows\system32\dnscacheugc.exe 2010-03-08 11:11:37 ----A---- C:\Windows\system32\brcplsdw.dll 2010-03-08 11:11:37 ----A---- C:\Windows\system32\audiodev.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\wlanext.exe 2010-03-08 11:11:36 ----A---- C:\Windows\system32\perfts.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\NapiNSP.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\msoert2.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\mountvol.exe 2010-03-08 11:11:36 ----A---- C:\Windows\system32\mmcshext.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\icsfiltr.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\cmstp.exe 2010-03-08 11:11:36 ----A---- C:\Windows\system32\browser.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll 2010-03-08 11:11:36 ----A---- C:\Windows\system32\appinfo.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\SoundRecorder.exe 2010-03-08 11:11:35 ----A---- C:\Windows\system32\qcap.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\qasf.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\PING.EXE 2010-03-08 11:11:35 ----A---- C:\Windows\system32\inetmib1.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\dskquoui.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\cewmdm.dll 2010-03-08 11:11:35 ----A---- C:\Windows\system32\bitsadmin.exe 2010-03-08 11:11:34 ----A---- C:\Windows\system32\WUDFSvc.dll 2010-03-08 11:11:34 ----A---- C:\Windows\system32\wmpsrcwp.dll 2010-03-08 11:11:34 ----A---- C:\Windows\system32\SysFxUI.dll 2010-03-08 11:11:34 ----A---- C:\Windows\system32\SecEdit.exe 2010-03-08 11:11:34 ----A---- C:\Windows\system32\mtstocom.exe 2010-03-08 11:11:34 ----A---- C:\Windows\system32\dsuiext.dll 2010-03-08 11:11:34 ----A---- C:\Windows\system32\auditpol.exe 2010-03-08 11:11:33 ----A---- C:\Windows\system32\xwtpw32.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\WMVSENCD.DLL 2010-03-08 11:11:33 ----A---- C:\Windows\system32\sppnp.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\shimgvw.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\Sens.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\seclogon.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\sbeio.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\ndfapi.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\msdadiag.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\makecab.exe 2010-03-08 11:11:33 ----A---- C:\Windows\system32\lsmproxy.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\dot3gpclnt.dll 2010-03-08 11:11:33 ----A---- C:\Windows\system32\batt.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\wzcdlg.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\wscmisetup.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\WMSPDMOE.DLL 2010-03-08 11:11:32 ----A---- C:\Windows\system32\wiashext.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\wiadefui.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\userinit.exe 2010-03-08 11:11:32 ----A---- C:\Windows\system32\shacct.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\p2phost.exe 2010-03-08 11:11:32 ----A---- C:\Windows\system32\napipsec.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\msorcl32.dll 2010-03-08 11:11:32 ----A---- C:\Windows\system32\apss.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\wpdwcn.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\winrshost.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\tasklist.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\TapiMigPlugin.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\sxstrace.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\prntvpt.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\perfmon.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\notepad.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\MP4SDECD.DLL 2010-03-08 11:11:31 ----A---- C:\Windows\system32\ktmutil.exe 2010-03-08 11:11:31 ----A---- C:\Windows\system32\keymgr.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\HelpPaneProxy.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\fmifs.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\csrsrv.dll 2010-03-08 11:11:31 ----A---- C:\Windows\system32\colorui.dll 2010-03-08 11:11:31 ----A---- C:\Windows\notepad.exe 2010-03-08 11:11:30 ----A---- C:\Windows\system32\d3dim700.dll 2010-03-08 11:11:27 ----A---- C:\Windows\system32\netiougc.exe 2010-03-08 11:11:26 ----A---- C:\Windows\system32\wscproxystub.dll 2010-03-08 11:11:26 ----A---- C:\Windows\system32\winethc.dll 2010-03-08 11:11:26 ----A---- C:\Windows\system32\txfw32.dll 2010-03-08 11:11:26 ----A---- C:\Windows\system32\takeown.exe 2010-03-08 11:11:26 ----A---- C:\Windows\system32\pcasvc.dll 2010-03-08 11:11:26 ----A---- C:\Windows\system32\nshipsec.dll 2010-03-08 11:11:26 ----A---- C:\Windows\system32\driverquery.exe 2010-03-08 11:11:26 ----A---- C:\Windows\system32\cryptdll.dll 2010-03-08 11:11:25 ----A---- C:\Windows\system32\wmiprop.dll 2010-03-08 11:11:25 ----A---- C:\Windows\system32\shrpubw.exe 2010-03-08 11:11:25 ----A---- C:\Windows\system32\pots.dll 2010-03-08 11:11:25 ----A---- C:\Windows\system32\fsutil.exe 2010-03-08 11:11:25 ----A---- C:\Windows\system32\findnetprinters.dll 2010-03-08 11:11:25 ----A---- C:\Windows\system32\dnshc.dll 2010-03-08 11:11:25 ----A---- C:\Windows\system32\capisp.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\WLanHC.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\TMM.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\shgina.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\sfc_os.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\runonce.exe 2010-03-08 11:11:24 ----A---- C:\Windows\system32\rshx32.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\RpcPing.exe 2010-03-08 11:11:24 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL 2010-03-08 11:11:24 ----A---- C:\Windows\system32\perfnet.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\olecli32.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\nsisvc.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\luainstall.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\ktmw32.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\fdPHost.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\d3dim.dll 2010-03-08 11:11:24 ----A---- C:\Windows\system32\compstui.dll 2010-03-08 11:11:23 ----A---- C:\Windows\system32\WMADMOE.DLL 2010-03-08 11:11:23 ----A---- C:\Windows\system32\wiaacmgr.exe 2010-03-08 11:11:23 ----A---- C:\Windows\system32\UI0Detect.exe 2010-03-08 11:11:23 ----A---- C:\Windows\system32\mdminst.dll 2010-03-08 11:11:23 ----A---- C:\Windows\system32\getmac.exe 2010-03-08 11:11:23 ----A---- C:\Windows\system32\dsauth.dll 2010-03-08 11:11:23 ----A---- C:\Windows\system32\dimsjob.dll 2010-03-08 11:11:23 ----A---- C:\Windows\system32\cmlua.dll 2010-03-08 11:11:22 ----A---- C:\Windows\system32\wmpshell.dll 2010-03-08 11:11:22 ----A---- C:\Windows\system32\w32tm.exe 2010-03-08 11:11:22 ----A---- C:\Windows\system32\srdelayed.exe 2010-03-08 11:11:22 ----A---- C:\Windows\system32\net.exe 2010-03-08 11:11:22 ----A---- C:\Windows\system32\MPG4DECD.DLL 2010-03-08 11:11:22 ----A---- C:\Windows\system32\MP43DECD.DLL 2010-03-08 11:11:22 ----A---- C:\Windows\system32\ACW.exe 2010-03-08 11:11:21 ----A---- C:\Windows\system32\sfc.exe 2010-03-08 11:11:21 ----A---- C:\Windows\system32\sdchange.exe 2010-03-08 11:11:21 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\pnpts.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\migisol.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\dispci.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\dinput8.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\diantz.exe 2010-03-08 11:11:21 ----A---- C:\Windows\system32\comrepl.dll 2010-03-08 11:11:21 ----A---- C:\Windows\system32\cmutil.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\wmidx.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\vdmredir.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\remotepg.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\pdhui.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\nlaapi.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\fwcfg.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\expand.exe 2010-03-08 11:11:20 ----A---- C:\Windows\system32\EncDump.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\colbact.dll 2010-03-08 11:11:20 ----A---- C:\Windows\system32\cfgbkend.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\wmvdspa.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\utildll.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\TpmInit.exe 2010-03-08 11:11:19 ----A---- C:\Windows\system32\sti_ci.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\McxDriv.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\hlink.dll 2010-03-08 11:11:19 ----A---- C:\Windows\system32\bridgeunattend.exe 2010-03-08 11:11:19 ----A---- C:\Windows\system32\bootcfg.exe 2010-03-08 11:11:19 ----A---- C:\Windows\system32\amstream.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\WsmCl.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\wfapigp.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\waitfor.exe 2010-03-08 11:11:18 ----A---- C:\Windows\system32\vds_ps.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\tabcal.exe 2010-03-08 11:11:18 ----A---- C:\Windows\system32\shutdown.exe 2010-03-08 11:11:18 ----A---- C:\Windows\system32\rdrleakdiag.exe 2010-03-08 11:11:18 ----A---- C:\Windows\system32\qdv.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\osblprov.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\iscsium.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\esentutl.exe 2010-03-08 11:11:18 ----A---- C:\Windows\system32\dpnet.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\cmcfg32.dll 2010-03-08 11:11:18 ----A---- C:\Windows\system32\cacls.exe 2010-03-08 11:11:17 ----A---- C:\Windows\system32\wpnpinst.exe 2010-03-08 11:11:17 ----A---- C:\Windows\system32\wmpcm.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\werdiagcontroller.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\rasauto.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\olethk32.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\olesvr32.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\msdtc.exe 2010-03-08 11:11:17 ----A---- C:\Windows\system32\mfvdsp.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\iscsiwmi.dll 2010-03-08 11:11:17 ----A---- C:\Windows\system32\DpiScaling.exe 2010-03-08 11:11:17 ----A---- C:\Windows\system32\COLORCNV.DLL 2010-03-08 11:11:16 ----A---- C:\Windows\system32\wavemsp.dll 2010-03-08 11:11:16 ----A---- C:\Windows\system32\ufat.dll 2010-03-08 11:11:16 ----A---- C:\Windows\system32\ucsvc.exe 2010-03-08 11:11:16 ----A---- C:\Windows\system32\sxproxy.dll 2010-03-08 11:11:16 ----A---- C:\Windows\system32\rgb9rast.dll 2010-03-08 11:11:16 ----A---- C:\Windows\system32\odbctrac.dll 2010-03-08 11:11:16 ----A---- C:\Windows\system32\convert.exe 2010-03-08 11:11:16 ----A---- C:\Windows\system32\at.exe 2010-03-08 11:11:15 ----A---- C:\Windows\system32\xmlprovi.dll 2010-03-08 11:11:15 ----A---- C:\Windows\system32\TimeDateMUICallback.dll 2010-03-08 11:11:15 ----A---- C:\Windows\system32\RegCtrl.dll 2010-03-08 11:11:15 ----A---- C:\Windows\system32\prevhost.exe 2010-03-08 11:11:15 ----A---- C:\Windows\system32\netbtugc.exe 2010-03-08 11:11:15 ----A---- C:\Windows\system32\mobsync.exe 2010-03-08 11:11:15 ----A---- C:\Windows\system32\itss.dll 2010-03-08 11:11:15 ----A---- C:\Windows\system32\iscsied.dll 2010-03-08 11:11:15 ----A---- C:\Windows\system32\AuthFWGP.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\unattendedjoin.exe 2010-03-08 11:11:14 ----A---- C:\Windows\system32\tbs.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\srclient.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\setupcln.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\GuidedHelp.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\dskquota.dll 2010-03-08 11:11:14 ----A---- C:\Windows\system32\AtBroker.exe 2010-03-08 11:11:13 ----A---- C:\Windows\system32\winnsi.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\regini.exe 2010-03-08 11:11:13 ----A---- C:\Windows\system32\napdsnap.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\mydocs.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\l2gpstore.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\fphc.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\dsdmo.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\dmime.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\cmpbk32.dll 2010-03-08 11:11:13 ----A---- C:\Windows\system32\amxread.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\wpclsp.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\WINSRPC.DLL 2010-03-08 11:11:12 ----A---- C:\Windows\system32\vss_ps.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\VIDRESZR.DLL 2010-03-08 11:11:12 ----A---- C:\Windows\system32\usbui.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\upnpcont.exe 2010-03-08 11:11:12 ----A---- C:\Windows\system32\srwmi.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\RacAgent.exe 2010-03-08 11:11:12 ----A---- C:\Windows\system32\odbccu32.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\odbccr32.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\nsi.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\nbtstat.exe 2010-03-08 11:11:12 ----A---- C:\Windows\system32\mtxlegih.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\mtxdm.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\msident.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\msdart.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\dot3dlg.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\devenum.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\cmstplua.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\avrt.dll 2010-03-08 11:11:12 ----A---- C:\Windows\system32\apilogen.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\wsock32.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\wiarpc.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\WavDest.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\vfwwdm32.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\syskey.exe 2010-03-08 11:11:11 ----A---- C:\Windows\system32\rasphone.exe 2010-03-08 11:11:11 ----A---- C:\Windows\system32\odbcbcp.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\ndfetw.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\mfcsubs.dll 2010-03-08 11:11:11 ----A---- C:\Windows\system32\graftabl.com 2010-03-08 11:11:11 ----A---- C:\Windows\system32\extrac32.exe 2010-03-08 11:11:10 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe 2010-03-08 11:11:10 ----A---- C:\Windows\system32\wiadss.dll 2010-03-08 11:11:10 ----A---- C:\Windows\system32\TabbtnEx.dll 2010-03-08 11:11:10 ----A---- C:\Windows\system32\procinst.dll 2010-03-08 11:11:10 ----A---- C:\Windows\system32\MP3DMOD.DLL 2010-03-08 11:11:10 ----A---- C:\Windows\system32\eventcls.dll 2010-03-08 11:11:10 ----A---- C:\Windows\system32\d3dxof.dll 2010-03-08 11:11:10 ----A---- C:\Windows\system32\csrss.exe 2010-03-08 11:11:09 ----A---- C:\Windows\system32\WlanMmHC.dll 2010-03-08 11:11:09 ----A---- C:\Windows\system32\Tabbtn.dll 2010-03-08 11:11:09 ----A---- C:\Windows\system32\psbase.dll 2010-03-08 11:11:09 ----A---- C:\Windows\system32\dmscript.dll 2010-03-08 11:11:09 ----A---- C:\Windows\system32\dmloader.dll 2010-03-08 11:11:09 ----A---- C:\Windows\system32\CertEnrollCtrl.exe 2010-03-08 11:11:09 ----A---- C:\Windows\fveupdate.exe 2010-03-08 11:11:08 ----A---- C:\Windows\system32\wshcon.dll 2010-03-08 11:11:08 ----A---- C:\Windows\system32\PlaySndSrv.dll 2010-03-08 11:11:08 ----A---- C:\Windows\system32\Netplwiz.exe 2010-03-08 11:11:08 ----A---- C:\Windows\system32\icsunattend.exe 2010-03-08 11:11:08 ----A---- C:\Windows\system32\credssp.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\WsmRes.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\WSHTCPIP.DLL 2010-03-08 11:11:07 ----A---- C:\Windows\system32\wship6.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\sxsstore.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\setupSNK.exe 2010-03-08 11:11:07 ----A---- C:\Windows\system32\localui.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\lltdapi.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\HotStartUserAgent.dll 2010-03-08 11:11:07 ----A---- C:\Windows\system32\ComputerDefaults.exe 2010-03-08 11:11:06 ----A---- C:\Windows\system32\tcpmon.ini 2010-03-08 11:11:06 ----A---- C:\Windows\system32\spopk.dll 2010-03-08 11:11:06 ----A---- C:\Windows\system32\serialui.dll 2010-03-08 11:11:06 ----A---- C:\Windows\system32\sbunattend.exe 2010-03-08 11:11:06 ----A---- C:\Windows\system32\OptionalFeatures.exe 2010-03-08 11:11:06 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll 2010-03-08 11:11:06 ----A---- C:\Windows\system32\icaapi.dll 2010-03-08 11:11:06 ----A---- C:\Windows\system32\dmutil.dll 2010-03-08 11:11:05 ----A---- C:\Windows\system32\usbperf.dll 2010-03-08 11:11:05 ----A---- C:\Windows\system32\cofiredm.dll 2010-03-08 11:11:04 ----A---- C:\Windows\system32\rasctrs.dll 2010-03-08 11:11:04 ----A---- C:\Windows\system32\msobjs.dll 2010-03-08 11:11:03 ----A---- C:\Windows\system32\nlsbres.dll 2010-03-08 11:11:03 ----A---- C:\Windows\system32\LogonUI.exe 2010-03-08 11:11:03 ----A---- C:\Windows\system32\iprtprio.dll 2010-03-08 11:11:03 ----A---- C:\Windows\system32\InfDefaultInstall.exe 2010-03-08 11:11:03 ----A---- C:\Windows\system32\hnetmon.dll 2010-03-08 11:11:03 ----A---- C:\Windows\system32\esentprf.dll 2010-03-08 11:11:02 ----A---- C:\Windows\system32\osbaseln.dll 2010-03-08 11:11:02 ----A---- C:\Windows\system32\cfgmgr32.dll 2010-03-08 11:11:01 ----A---- C:\Windows\system32\msmmsp.dll 2010-03-08 11:10:56 ----A---- C:\Windows\system32\winusb.dll 2010-03-08 11:10:56 ----A---- C:\Windows\system32\rdpcfgex.dll 2010-03-08 11:10:56 ----A---- C:\Windows\system32\dispex.dll 2010-03-08 11:10:55 ----A---- C:\Windows\system32\HPZLLLHN.DLL 2010-03-08 11:10:54 ----A---- C:\Windows\system32\Nlsdl.dll 2010-03-08 11:10:53 ----A---- C:\Windows\system32\riched32.dll 2010-03-08 11:10:53 ----A---- C:\Windows\system32\msidle.dll 2010-03-08 11:10:53 ----A---- C:\Windows\system32\idndl.dll 2010-03-08 11:10:51 ----A---- C:\Windows\system32\KBDKOR.DLL 2010-03-08 11:10:51 ----A---- C:\Windows\system32\KBDJPN.DLL 2010-03-08 11:10:50 ----A---- C:\Windows\system32\vga256.dll 2010-03-08 11:10:50 ----A---- C:\Windows\system32\tsddd.dll 2010-03-08 11:10:50 ----A---- C:\Windows\system32\framebuf.dll 2010-03-08 11:10:49 ----A---- C:\Windows\system32\vga64k.dll 2010-03-08 11:10:49 ----A---- C:\Windows\system32\vga.dll 2010-03-08 11:10:49 ----A---- C:\Windows\system32\bootstr.dll 2010-03-08 11:10:48 ----A---- C:\Windows\system32\spwizres.dll 2010-03-08 11:10:48 ----A---- C:\Windows\system32\dmdskres2.dll 2010-03-08 11:10:47 ----A---- C:\Windows\system32\gatherWiredInfo.vbs 2010-03-08 11:10:45 ----A---- C:\Windows\system32\fsmgmt.msc 2010-03-08 11:10:41 ----A---- C:\Windows\system32\perfmon.msc 2010-03-08 11:10:09 ----A---- C:\Windows\system32\xmllite.dll 2010-03-08 11:10:08 ----A---- C:\Windows\system32\wbemcomn.dll 2010-03-08 11:09:59 ----A---- C:\Windows\system32\sqmapi.dll 2010-03-08 11:09:58 ----A---- C:\Windows\system32\SmiInstaller.dll 2010-03-08 11:09:08 ----A---- C:\Windows\system32\mspatcha.dll 2010-03-08 11:09:08 ----A---- C:\Windows\system32\msdelta.dll 2010-03-08 11:09:08 ----A---- C:\Windows\system32\dpx.dll 2010-03-08 10:34:08 ----A---- C:\Windows\system32\occache.dll 2010-03-08 10:34:07 ----A---- C:\Windows\system32\msfeeds.dll 2010-03-08 10:34:07 ----A---- C:\Windows\system32\jsproxy.dll 2010-03-08 10:34:07 ----A---- C:\Windows\system32\iepeers.dll 2010-03-08 10:34:06 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-03-08 10:34:06 ----A---- C:\Windows\system32\ieui.dll 2010-03-08 10:34:06 ----A---- C:\Windows\system32\iesetup.dll 2010-03-08 10:34:05 ----A---- C:\Windows\system32\wininet.dll 2010-03-08 10:34:05 ----A---- C:\Windows\system32\msfeedssync.exe 2010-03-08 10:34:05 ----A---- C:\Windows\system32\iernonce.dll 2010-03-08 10:34:02 ----A---- C:\Windows\system32\ie4uinit.exe 2010-03-08 10:33:58 ----A---- C:\Windows\system32\ieUnatt.exe 2010-03-08 10:33:58 ----A---- C:\Windows\system32\iesysprep.dll 2010-03-08 10:33:58 ----A---- C:\Windows\system32\iertutil.dll 2010-03-08 10:33:58 ----A---- C:\Windows\system32\iedkcs32.dll 2010-03-08 10:33:57 ----A---- C:\Windows\system32\urlmon.dll 2010-03-08 10:33:55 ----A---- C:\Windows\system32\mshtml.dll 2010-03-08 10:33:55 ----A---- C:\Windows\system32\ieframe.dll 2010-03-08 10:32:13 ----A---- C:\Windows\system32\mshtmled.dll 2010-03-08 10:32:13 ----A---- C:\Windows\system32\icardie.dll 2010-03-08 10:32:12 ----A---- C:\Windows\system32\msls31.dll 2010-03-08 10:32:12 ----A---- C:\Windows\system32\mshtmler.dll 2010-03-08 10:32:12 ----A---- C:\Windows\system32\corpol.dll 2010-03-08 10:32:12 ----A---- C:\Windows\system32\admparse.dll 2010-03-08 10:32:11 ----A---- C:\Windows\system32\imgutil.dll 2010-03-08 10:32:11 ----A---- C:\Windows\system32\ieakeng.dll 2010-03-08 10:32:11 ----A---- C:\Windows\system32\dxtrans.dll 2010-03-08 10:32:11 ----A---- C:\Windows\system32\dxtmsft.dll 2010-03-08 10:32:10 ----A---- C:\Windows\system32\msrating.dll 2010-03-08 10:32:10 ----A---- C:\Windows\system32\licmgr10.dll 2010-03-08 10:32:10 ----A---- C:\Windows\system32\inseng.dll 2010-03-08 10:32:10 ----A---- C:\Windows\system32\ieaksie.dll 2010-03-08 10:32:09 ----A---- C:\Windows\system32\WinFXDocObj.exe 2010-03-08 10:32:09 ----A---- C:\Windows\system32\wextract.exe 2010-03-08 10:32:09 ----A---- C:\Windows\system32\webcheck.dll 2010-03-08 10:32:09 ----A---- C:\Windows\system32\mstime.dll 2010-03-08 10:32:09 ----A---- C:\Windows\system32\ieakui.dll 2010-03-08 10:32:08 ----A---- C:\Windows\system32\pngfilt.dll 2010-03-08 10:32:08 ----A---- C:\Windows\system32\ieapfltr.dll 2010-03-08 10:32:08 ----A---- C:\Windows\system32\advpack.dll 2010-03-08 10:32:07 ----A---- C:\Windows\system32\vbscript.dll 2010-03-08 10:32:07 ----A---- C:\Windows\system32\url.dll 2010-03-08 10:32:05 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2010-03-08 10:32:05 ----A---- C:\Windows\system32\SetDepNx.exe 2010-03-08 10:32:05 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2010-03-08 10:32:05 ----A---- C:\Windows\system32\mshta.exe 2010-03-08 10:32:05 ----A---- C:\Windows\system32\iexpress.exe 2010-03-08 10:32:04 ----A---- C:\Windows\system32\PDMSetup.exe 2010-03-08 10:23:39 ----D---- C:\ProgramData\TERMINAL Studio 2010-03-08 10:20:10 ----D---- C:\Program Files\DIFX 2010-03-08 10:20:03 ----D---- C:\Program Files\Garmin 2010-03-08 10:17:55 ----D---- C:\Users\Vins\AppData\Roaming\Macromedia 2010-03-08 10:17:55 ----D---- C:\Users\Vins\AppData\Roaming\Adobe 2010-03-08 10:17:52 ----D---- C:\Windows\system32\Macromed 2010-03-08 10:12:15 ----D---- C:\Program Files\Safari 2010-03-08 10:11:25 ----D---- C:\Program Files\AirPort 2010-03-08 09:52:35 ----D---- C:\Users\Vins\AppData\Roaming\skypePM 2010-03-08 09:51:43 ----D---- C:\Users\Vins\AppData\Roaming\Skype 2010-03-08 09:47:27 ----D---- C:\Program Files\Common Files\Skype 2010-03-08 09:47:12 ----RD---- C:\Program Files\Skype 2010-03-08 09:46:32 ----D---- C:\ProgramData\Skype 2010-03-08 09:42:05 ----A---- C:\Windows\system32\printcom.dll 2010-03-08 08:43:34 ----D---- C:\Users\Vins\AppData\Roaming\Apple Computer 2010-03-08 08:42:30 ----A---- C:\Windows\system32\GEARAspi.dll 2010-03-08 08:42:28 ----DC---- C:\Windows\system32\DRVSTORE 2010-03-08 08:41:38 ----D---- C:\Program Files\iPod 2010-03-08 08:41:33 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2010-03-08 08:41:33 ----D---- C:\Program Files\iTunes 2010-03-08 04:55:04 ----A---- C:\Windows\system32\t2embed.dll 2010-03-08 04:55:04 ----A---- C:\Windows\system32\lpk.dll 2010-03-08 04:55:04 ----A---- C:\Windows\system32\fontsub.dll 2010-03-08 04:55:04 ----A---- C:\Windows\system32\dciman32.dll 2010-03-08 04:55:04 ----A---- C:\Windows\system32\atmlib.dll 2010-03-08 04:55:04 ----A---- C:\Windows\system32\atmfd.dll 2010-03-08 04:51:13 ----A---- C:\Windows\system32\winipsec.dll 2010-03-08 04:51:13 ----A---- C:\Windows\system32\polstore.dll 2010-03-08 04:45:36 ----A---- C:\Windows\system32\netevent.dll 2010-03-08 04:45:35 ----A---- C:\Windows\system32\TCPSVCS.EXE 2010-03-08 04:45:35 ----A---- C:\Windows\system32\ROUTE.EXE 2010-03-08 04:45:35 ----A---- C:\Windows\system32\NETSTAT.EXE 2010-03-08 04:45:35 ----A---- C:\Windows\system32\netiohlp.dll 2010-03-08 04:45:35 ----A---- C:\Windows\system32\MRINFO.EXE 2010-03-08 04:45:35 ----A---- C:\Windows\system32\HOSTNAME.EXE 2010-03-08 04:45:35 ----A---- C:\Windows\system32\finger.exe 2010-03-08 04:45:35 ----A---- C:\Windows\system32\ARP.EXE 2010-03-08 04:42:05 ----A---- C:\Windows\system32\L2SecHC.dll 2010-03-08 04:42:03 ----A---- C:\Windows\system32\wlansvc.dll 2010-03-08 04:42:03 ----A---- C:\Windows\system32\wlansec.dll 2010-03-08 04:42:03 ----A---- C:\Windows\system32\wlanmsm.dll 2010-03-08 04:42:03 ----A---- C:\Windows\system32\wlanhlp.dll 2010-03-08 04:42:03 ----A---- C:\Windows\system32\wlanapi.dll 2010-03-08 04:42:00 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs 2010-03-08 04:40:56 ----A---- C:\Windows\system32\msxml6.dll 2010-03-08 04:40:56 ----A---- C:\Windows\system32\msxml3.dll 2010-03-08 04:40:55 ----A---- C:\Windows\system32\msxml3r.dll 2010-03-08 04:40:54 ----A---- C:\Windows\system32\msxml6r.dll 2010-03-08 04:39:46 ----A---- C:\Windows\system32\wdigest.dll 2010-03-08 04:39:46 ----A---- C:\Windows\system32\secur32.dll 2010-03-08 04:39:46 ----A---- C:\Windows\system32\msv1_0.dll 2010-03-08 04:39:45 ----A---- C:\Windows\system32\lsass.exe 2010-03-08 04:39:45 ----A---- C:\Windows\system32\lsasrv.dll 2010-03-08 04:37:41 ----A---- C:\Windows\system32\mfps.dll 2010-03-08 04:37:41 ----A---- C:\Windows\system32\mf.dll 2010-03-08 04:37:40 ----A---- C:\Windows\system32\rrinstaller.exe 2010-03-08 04:37:40 ----A---- C:\Windows\system32\mfpmp.exe 2010-03-08 04:37:40 ----A---- C:\Windows\system32\mferror.dll 2010-03-08 04:37:39 ----A---- C:\Windows\system32\WMVCORE.DLL 2010-03-08 04:32:26 ----A---- C:\Windows\system32\atl.dll 2010-03-08 04:24:32 ----A---- C:\Windows\system32\wkssvc.dll 2010-03-08 04:23:31 ----A---- C:\Windows\system32\tsgqec.dll 2010-03-08 04:23:31 ----A---- C:\Windows\system32\mstscax.dll 2010-03-08 04:23:31 ----A---- C:\Windows\system32\aaclient.dll 2010-03-08 04:11:40 ----A---- C:\Windows\system32\tzres.dll 2010-03-08 04:10:39 ----A---- C:\Windows\system32\localspl.dll 2010-03-08 04:06:27 ----A---- C:\Windows\system32\hcrstco.dll 2010-03-08 04:06:27 ----A---- C:\Windows\system32\hccoin.dll 2010-03-08 04:02:08 ----A---- C:\Windows\system32\NlsLexicons0045.dll 2010-03-08 04:02:07 ----A---- C:\Windows\system32\NlsLexicons0047.dll 2010-03-08 04:02:07 ----A---- C:\Windows\system32\NlsLexicons0046.dll 2010-03-08 04:02:06 ----A---- C:\Windows\system32\NlsLexicons0049.dll 2010-03-08 04:02:06 ----A---- C:\Windows\system32\NlsLexicons0039.dll 2010-03-08 04:02:06 ----A---- C:\Windows\system32\NlsLexicons0020.dll 2010-03-08 04:02:05 ----A---- C:\Windows\system32\NlsLexicons0021.dll 2010-03-08 04:02:04 ----A---- C:\Windows\system32\NlsLexicons0026.dll 2010-03-08 04:02:04 ----A---- C:\Windows\system32\NlsLexicons0024.dll 2010-03-08 04:02:04 ----A---- C:\Windows\system32\NlsLexicons0022.dll 2010-03-08 04:02:03 ----A---- C:\Windows\system32\NlsLexicons0027.dll 2010-03-08 04:02:01 ----A---- C:\Windows\system32\NlsLexicons0013.dll 2010-03-08 04:02:01 ----A---- C:\Windows\system32\NlsLexicons0011.dll 2010-03-08 04:02:01 ----A---- C:\Windows\system32\NlsLexicons0010.dll 2010-03-08 04:02:00 ----A---- C:\Windows\system32\NlsLexicons0018.dll 2010-03-08 04:01:59 ----A---- C:\Windows\system32\NlsLexicons0019.dll 2010-03-08 04:01:58 ----A---- C:\Windows\system32\NlsLexicons0002.dll 2010-03-08 04:01:58 ----A---- C:\Windows\system32\NlsLexicons0001.dll 2010-03-08 04:01:57 ----A---- C:\Windows\system32\NlsLexicons0003.dll 2010-03-08 04:01:55 ----A---- C:\Windows\system32\NlsLexicons004a.dll 2010-03-08 04:01:54 ----A---- C:\Windows\system32\NlsLexicons004c.dll 2010-03-08 04:01:54 ----A---- C:\Windows\system32\NlsLexicons004b.dll 2010-03-08 04:01:52 ----A---- C:\Windows\system32\NlsLexicons004e.dll 2010-03-08 04:01:52 ----A---- C:\Windows\system32\NlsLexicons003e.dll 2010-03-08 04:01:51 ----A---- C:\Windows\system32\NlsLexicons002a.dll 2010-03-08 04:01:51 ----A---- C:\Windows\system32\NlsLexicons001a.dll 2010-03-08 04:01:49 ----A---- C:\Windows\system32\NlsLexicons001b.dll 2010-03-08 04:01:48 ----A---- C:\Windows\system32\NlsLexicons001d.dll 2010-03-08 04:01:48 ----A---- C:\Windows\system32\NlsLexicons000c.dll 2010-03-08 04:01:48 ----A---- C:\Windows\system32\NlsLexicons000a.dll 2010-03-08 04:01:47 ----A---- C:\Windows\system32\NlsLexicons000d.dll 2010-03-08 04:01:46 ----A---- C:\Windows\system32\NlsLexicons0416.dll 2010-03-08 04:01:46 ----A---- C:\Windows\system32\NlsLexicons0414.dll 2010-03-08 04:01:46 ----A---- C:\Windows\system32\NlsLexicons000f.dll 2010-03-08 04:01:44 ----A---- C:\Windows\system32\NlsLexicons0816.dll 2010-03-08 04:01:43 ----A---- C:\Windows\system32\NlsModels0011.dll 2010-03-08 04:01:43 ----A---- C:\Windows\system32\NlsLexicons081a.dll 2010-03-08 04:01:42 ----A---- C:\Windows\system32\NlsData0045.dll 2010-03-08 04:01:41 ----A---- C:\Windows\system32\NlsData0047.dll 2010-03-08 04:01:41 ----A---- C:\Windows\system32\NlsData0046.dll 2010-03-08 04:01:40 ----A---- C:\Windows\system32\NlsData0049.dll 2010-03-08 04:01:40 ----A---- C:\Windows\system32\NlsData0039.dll 2010-03-08 04:01:39 ----A---- C:\Windows\system32\NlsData0022.dll 2010-03-08 04:01:39 ----A---- C:\Windows\system32\NlsData0021.dll 2010-03-08 04:01:39 ----A---- C:\Windows\system32\NlsData0020.dll 2010-03-08 04:01:38 ----A---- C:\Windows\system32\NlsData0027.dll 2010-03-08 04:01:38 ----A---- C:\Windows\system32\NlsData0026.dll 2010-03-08 04:01:38 ----A---- C:\Windows\system32\NlsData0024.dll 2010-03-08 04:01:37 ----A---- C:\Windows\system32\NlsData0010.dll 2010-03-08 04:01:36 ----A---- C:\Windows\system32\NlsData0011.dll 2010-03-08 04:01:35 ----A---- C:\Windows\system32\NlsData0018.dll 2010-03-08 04:01:35 ----A---- C:\Windows\system32\NlsData0013.dll 2010-03-08 04:01:35 ----A---- C:\Windows\system32\NlsData0000.dll 2010-03-08 04:01:34 ----A---- C:\Windows\system32\NlsData0019.dll 2010-03-08 04:01:34 ----A---- C:\Windows\system32\NlsData0001.dll 2010-03-08 04:01:33 ----A---- C:\Windows\system32\NlsData0007.dll 2010-03-08 04:01:33 ----A---- C:\Windows\system32\NlsData0003.dll 2010-03-08 04:01:33 ----A---- C:\Windows\system32\NlsData0002.dll 2010-03-08 04:01:32 ----A---- C:\Windows\system32\NlsData0009.dll 2010-03-08 04:01:31 ----A---- C:\Windows\system32\NlsData004a.dll 2010-03-08 04:01:30 ----A---- C:\Windows\system32\NlsData004b.dll 2010-03-08 04:01:29 ----A---- C:\Windows\system32\NlsData004c.dll 2010-03-08 04:01:28 ----A---- C:\Windows\system32\NlsData004e.dll 2010-03-08 04:01:28 ----A---- C:\Windows\system32\NlsData003e.dll 2010-03-08 04:01:28 ----A---- C:\Windows\system32\NlsData002a.dll 2010-03-08 04:01:28 ----A---- C:\Windows\system32\NlsData001a.dll 2010-03-08 04:01:27 ----A---- C:\Windows\system32\NlsData001d.dll 2010-03-08 04:01:27 ----A---- C:\Windows\system32\NlsData001b.dll 2010-03-08 04:01:26 ----A---- C:\Windows\system32\NlsData000d.dll 2010-03-08 04:01:26 ----A---- C:\Windows\system32\NlsData000c.dll 2010-03-08 04:01:26 ----A---- C:\Windows\system32\NlsData000a.dll 2010-03-08 04:01:25 ----A---- C:\Windows\system32\NlsData0416.dll 2010-03-08 04:01:25 ----A---- C:\Windows\system32\NlsData0414.dll 2010-03-08 04:01:25 ----A---- C:\Windows\system32\NlsData000f.dll 2010-03-08 04:01:24 ----A---- C:\Windows\system32\NlsData081a.dll 2010-03-08 04:01:24 ----A---- C:\Windows\system32\NlsData0816.dll 2010-03-08 04:01:23 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll 2010-03-08 04:01:23 ----A---- C:\Windows\system32\NlsData0c1a.dll 2010-03-08 03:58:12 ----A---- C:\Windows\system32\kbd106n.dll 2010-03-08 03:45:31 ----A---- C:\Windows\system32\wshrm.dll 2010-03-08 03:44:38 ----A---- C:\Windows\system32\wmpdxm.dll 2010-03-08 03:43:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-03-08 03:43:34 ----A---- C:\Windows\system32\msdrm.dll 2010-03-08 03:43:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-03-08 03:43:33 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-03-08 03:43:33 ----A---- C:\Windows\system32\secproc_isv.dll 2010-03-08 03:43:33 ----A---- C:\Windows\system32\secproc.dll 2010-03-08 03:43:33 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-03-08 03:43:33 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-03-08 03:43:33 ----A---- C:\Windows\system32\RMActivate.exe 2010-03-08 03:18:44 ----A---- C:\Windows\system32\netfxperf.dll 2010-03-08 03:01:58 ----A---- C:\Windows\system32\INETRES.dll 2010-03-08 03:01:41 ----A---- C:\Windows\system32\msasn1.dll 2010-03-08 03:00:57 ----A---- C:\Windows\system32\rpcrt4.dll 2010-03-08 03:00:10 ----A---- C:\Windows\system32\rastls.dll 2010-03-08 02:59:51 ----A---- C:\Windows\system32\WSDApi.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\msvidc32.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\msvfw32.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\msrle32.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\mciavi32.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\avifil32.dll 2010-03-08 02:58:36 ----A---- C:\Windows\system32\avicap32.dll 2010-03-08 02:58:35 ----A---- C:\Windows\system32\tsbyuv.dll 2010-03-08 02:58:35 ----A---- C:\Windows\system32\quartz.dll 2010-03-08 02:58:35 ----A---- C:\Windows\system32\msyuv.dll 2010-03-08 02:58:35 ----A---- C:\Windows\system32\iyuv_32.dll 2010-03-08 02:57:50 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2010-03-08 02:57:17 ----A---- C:\Windows\system32\unregmp2.exe 2010-03-08 02:57:16 ----A---- C:\Windows\system32\wmploc.DLL 2010-03-08 02:57:16 ----A---- C:\Windows\system32\wmp.dll 2010-03-08 02:57:15 ----A---- C:\Windows\system32\spwmp.dll 2010-03-08 02:57:15 ----A---- C:\Windows\system32\dxmasf.dll 2010-03-08 02:06:13 ----D---- C:\Program Files\Bonjour 2010-03-08 02:04:28 ----D---- C:\ProgramData\Apple Computer 2010-03-08 02:03:30 ----D---- C:\Program Files\Apple Software Update 2010-03-08 01:54:36 ----N---- C:\Windows\system32\MpSigStub.exe 2010-03-08 01:54:08 ----D---- C:\ProgramData\Apple 2010-03-08 01:54:08 ----D---- C:\Program Files\Common Files\Apple 2010-03-08 01:47:02 ----D---- C:\ProgramData\NVIDIA 2010-03-08 01:42:36 ----D---- C:\ProgramData\MumboJumbo 2010-03-08 01:41:32 ----D---- C:\Users\Vins\AppData\Roaming\Elaborate Bytes 2010-03-08 01:19:18 ----D---- C:\Program Files\The Rise of Atlantis 2010-03-08 01:19:18 ----D---- C:\Program Files\BFG 2010-03-08 01:17:55 ----D---- C:\Users\Vins\AppData\Roaming\GameHouse 2010-03-08 01:17:34 ----D---- C:\Program Files\GameHouse 2010-03-08 01:09:14 ----A---- C:\Windows\system32\msonpmon.dll 2010-03-08 01:05:02 ----D---- C:\Program Files\Microsoft Works 2010-03-08 01:00:43 ----D---- C:\Program Files\Microsoft Visual Studio 2010-03-08 01:00:42 ----D---- C:\Program Files\Common Files\DESIGNER 2010-03-08 00:57:47 ----D---- C:\Windows\PCHEALTH 2010-03-08 00:57:47 ----D---- C:\Program Files\Microsoft.NET 2010-03-08 00:51:22 ----D---- C:\Program Files\Microsoft Visual Studio 8 2010-03-08 00:49:46 ----D---- C:\Program Files\Microsoft Office 2010-03-08 00:49:45 ----D---- C:\ProgramData\Microsoft Help 2010-03-08 00:40:44 ----D---- C:\Program Files\Mozilla Firefox 2010-03-08 00:40:43 ----D---- C:\Program Files\VistaCodecPack 2010-03-08 00:38:02 ----A---- C:\Windows\system32\BisonRem.dll 2010-03-08 00:38:02 ----A---- C:\Windows\M2000Twn.ini 2010-03-08 00:38:01 ----D---- C:\Windows\Options 2010-03-08 00:38:01 ----D---- C:\Windows\BisonCam 2010-03-08 00:38:00 ----HD---- C:\Program Files\InstallShield Installation Information 2010-03-08 00:37:08 ----D---- C:\Users\Vins\AppData\Roaming\InstallShield 2010-03-08 00:33:46 ----D---- C:\Program Files\SlySoft 2010-03-08 00:33:34 ----A---- C:\Windows\system32\wucltux.dll 2010-03-08 00:33:33 ----A---- C:\Windows\system32\wups2.dll 2010-03-08 00:33:33 ----A---- C:\Windows\system32\wuaueng.dll 2010-03-08 00:33:33 ----A---- C:\Windows\system32\wuauclt.exe 2010-03-08 00:32:25 ----A---- C:\Windows\system32\wudriver.dll 2010-03-08 00:32:24 ----A---- C:\Windows\system32\wups.dll 2010-03-08 00:32:24 ----A---- C:\Windows\system32\wuapi.dll 2010-03-08 00:31:22 ----A---- C:\Windows\system32\wuwebv.dll 2010-03-08 00:31:22 ----A---- C:\Windows\system32\wuapp.exe 2010-03-08 00:29:50 ----D---- C:\Program Files\Elaborate Bytes 2010-03-08 00:27:23 ----D---- C:\Program Files\WinRAR 2010-03-08 00:20:25 ----SHD---- C:\Windows\Installer 2010-03-08 00:20:14 ----A---- C:\Windows\system32\aswBoot.exe 2010-03-08 00:19:35 ----D---- C:\ProgramData\Alwil Software 2010-03-08 00:19:35 ----D---- C:\Program Files\Alwil Software 2010-03-08 00:08:03 ----A---- C:\Windows\system32\NVUNINST.EXE 2010-03-08 00:07:58 ----D---- C:\Program Files\Common Files\InstallShield 2010-03-08 00:04:42 ----D---- C:\Users\Vins\AppData\Roaming\Identities 2010-03-08 00:04:29 ----SD---- C:\Users\Vins\AppData\Roaming\Microsoft 2010-03-08 00:04:29 ----D---- C:\Users\Vins\AppData\Roaming\Media Center Programs 2010-03-08 00:02:01 ----SHD---- C:\Program Files\Fichiers communs 2010-03-08 00:02:00 ----SHD---- C:\ProgramData\Modèles 2010-03-08 00:02:00 ----SHD---- C:\ProgramData\Menu Démarrer 2010-03-08 00:02:00 ----SHD---- C:\ProgramData\Favoris 2010-03-08 00:02:00 ----SHD---- C:\ProgramData\Bureau 2010-03-07 23:52:58 ----D---- C:\Windows\SoftwareDistribution 2010-03-07 23:51:09 ----D---- C:\Windows\system32\catroot2 2010-03-07 23:50:45 ----D---- C:\Windows\Debug 2010-03-07 23:43:31 ----D---- C:\Windows\Prefetch 2010-03-07 23:42:32 ----D---- C:\Windows\Panther ======List of files/folders modified in the last 1 months====== 2010-03-23 20:44:24 ----D---- C:\Windows\Temp 2010-03-23 20:09:07 ----D---- C:\Windows\system32\catroot 2010-03-23 20:09:01 ----D---- C:\Windows\winsxs 2010-03-23 19:02:48 ----D---- C:\Windows\system32\drivers 2010-03-23 19:02:46 ----HD---- C:\ProgramData 2010-03-23 19:02:45 ----RD---- C:\Program Files 2010-03-23 18:51:19 ----D---- C:\Windows 2010-03-23 18:51:13 ----SHD---- C:\System Volume Information 2010-03-21 13:49:30 ----D---- C:\Windows\System32 2010-03-21 13:49:30 ----D---- C:\Windows\inf 2010-03-21 13:49:30 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-03-20 02:23:01 ----D---- C:\Windows\Tasks 2010-03-19 15:51:03 ----D---- C:\Windows\system32\Tasks 2010-03-18 14:43:08 ----HD---- C:\Config.Msi 2010-03-18 14:41:39 ----D---- C:\Garmin 2010-03-18 12:21:40 ----D---- C:\Windows\system32\WDI 2010-03-13 11:34:15 ----D---- C:\Windows\system32\LogFiles 2010-03-13 10:03:24 ----D---- C:\Windows\system32\NDF 2010-03-13 10:02:51 ----D---- C:\Windows\ModemLogs 2010-03-13 09:59:12 ----SD---- C:\Windows\Downloaded Program Files 2010-03-12 03:41:56 ----D---- C:\Windows\rescache 2010-03-12 03:36:10 ----D---- C:\Windows\Microsoft.NET 2010-03-12 03:36:03 ----RSD---- C:\Windows\assembly 2010-03-12 03:22:01 ----D---- C:\Windows\system32\fr-FR 2010-03-12 03:22:00 ----D---- C:\Windows\system32\wbem 2010-03-12 03:21:58 ----D---- C:\Windows\system32\zh-TW 2010-03-12 03:21:58 ----D---- C:\Windows\system32\zh-HK 2010-03-12 03:21:58 ----D---- C:\Windows\system32\zh-CN 2010-03-12 03:21:58 ----D---- C:\Windows\system32\uk-UA 2010-03-12 03:21:58 ----D---- C:\Windows\system32\tr-TR 2010-03-12 03:21:58 ----D---- C:\Windows\system32\th-TH 2010-03-12 03:21:58 ----D---- C:\Windows\system32\sv-SE 2010-03-12 03:21:58 ----D---- C:\Windows\system32\sr-Latn-CS 2010-03-12 03:21:58 ----D---- C:\Windows\system32\sl-SI 2010-03-12 03:21:58 ----D---- C:\Windows\system32\sk-SK 2010-03-12 03:21:58 ----D---- C:\Windows\system32\ru-RU 2010-03-12 03:21:58 ----D---- C:\Windows\system32\ro-RO 2010-03-12 03:21:58 ----D---- C:\Windows\system32\pt-PT 2010-03-12 03:21:58 ----D---- C:\Windows\system32\pt-BR 2010-03-12 03:21:58 ----D---- C:\Windows\system32\pl-PL 2010-03-12 03:21:58 ----D---- C:\Windows\system32\nl-NL 2010-03-12 03:21:58 ----D---- C:\Windows\system32\nb-NO 2010-03-12 03:21:58 ----D---- C:\Windows\system32\lv-LV 2010-03-12 03:21:58 ----D---- C:\Windows\system32\lt-LT 2010-03-12 03:21:58 ----D---- C:\Windows\system32\ko-KR 2010-03-12 03:21:58 ----D---- C:\Windows\system32\ja-JP 2010-03-12 03:21:58 ----D---- C:\Windows\system32\it-IT 2010-03-12 03:21:58 ----D---- C:\Windows\system32\hu-HU 2010-03-12 03:21:58 ----D---- C:\Windows\system32\hr-HR 2010-03-12 03:21:58 ----D---- C:\Windows\system32\he-IL 2010-03-12 03:21:58 ----D---- C:\Windows\system32\fi-FI 2010-03-12 03:21:58 ----D---- C:\Windows\system32\et-EE 2010-03-12 03:21:58 ----D---- C:\Windows\system32\es-ES 2010-03-12 03:21:58 ----D---- C:\Windows\system32\en-US 2010-03-12 03:21:58 ----D---- C:\Windows\system32\el-GR 2010-03-12 03:21:58 ----D---- C:\Windows\system32\de-DE 2010-03-12 03:21:58 ----D---- C:\Windows\system32\da-DK 2010-03-12 03:21:58 ----D---- C:\Windows\system32\cs-CZ 2010-03-12 03:21:58 ----D---- C:\Windows\system32\bg-BG 2010-03-12 03:21:58 ----D---- C:\Windows\system32\ar-SA 2010-03-12 03:21:57 ----D---- C:\Windows\AppPatch 2010-03-11 12:28:25 ----D---- C:\Program Files\Common Files 2010-03-10 11:29:46 ----SHD---- C:\Boot 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Sidebar 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Media Player 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Mail 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Journal 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Collaboration 2010-03-10 11:22:55 ----D---- C:\Program Files\Windows Calendar 2010-03-10 11:22:55 ----D---- C:\Program Files\Movie Maker 2010-03-10 11:22:55 ----D---- C:\Program Files\Internet Explorer 2010-03-10 11:22:54 ----D---- C:\Windows\servicing 2010-03-10 11:22:54 ----D---- C:\Windows\ehome 2010-03-10 11:22:54 ----D---- C:\Program Files\Windows Photo Gallery 2010-03-10 11:22:54 ----D---- C:\Program Files\Windows Defender 2010-03-10 11:22:54 ----D---- C:\Program Files\Common Files\System 2010-03-10 11:22:46 ----D---- C:\Windows\system32\XPSViewer 2010-03-10 11:22:46 ----D---- C:\Windows\system32\oobe 2010-03-10 11:22:46 ----D---- C:\Windows\system32\migration 2010-03-10 11:22:46 ----D---- C:\Windows\system32\fr 2010-03-10 11:22:46 ----D---- C:\Windows\IME 2010-03-10 11:22:44 ----D---- C:\Windows\system32\AdvancedInstallers 2010-03-10 11:22:43 ----D---- C:\Windows\system32\SLUI 2010-03-10 11:22:43 ----D---- C:\Windows\system32\setup 2010-03-10 11:22:42 ----D---- C:\Windows\system32\manifeststore 2010-03-10 11:22:41 ----D---- C:\Windows\system32\migwiz 2010-03-10 11:22:28 ----RSD---- C:\Windows\Fonts 2010-03-10 11:22:05 ----D---- C:\Windows\system32\Boot 2010-03-10 03:16:00 ----D---- C:\Windows\PolicyDefinitions 2010-03-10 02:41:14 ----D---- C:\Windows\Logs 2010-03-09 11:00:27 ----D---- C:\Program Files\Common Files\microsoft shared 2010-03-09 10:57:17 ----SD---- C:\ProgramData\Microsoft 2010-03-09 10:46:12 ----ASH---- C:\Program Files\desktop.ini 2010-03-09 10:36:07 ----D---- C:\Windows\MSAgent 2010-03-09 10:36:06 ----D---- C:\Windows\system32\com 2010-03-09 10:36:06 ----D---- C:\Windows\L2Schemas 2010-03-09 10:36:06 ----D---- C:\Windows\DigitalLocker 2010-03-09 10:36:05 ----D---- C:\Windows\system32\sysprep 2010-03-09 10:36:03 ----D---- C:\Windows\system32\ias 2010-03-09 10:35:18 ----D---- C:\Windows\Boot 2010-03-09 10:22:24 ----A---- C:\Windows\system32\ifxcardm.dll 2010-03-09 10:22:20 ----A---- C:\Windows\system32\axaltocm.dll 2010-03-09 00:43:28 ----A---- C:\Windows\win.ini 2010-03-08 08:58:32 ----D---- C:\Windows\system32\ras 2010-03-08 08:58:32 ----D---- C:\Windows\system32\icsxml 2010-03-08 01:03:14 ----D---- C:\Program Files\MSBuild 2010-03-08 01:00:33 ----D---- C:\Windows\ShellNew 2010-03-08 00:38:02 ----RSD---- C:\Windows\Media 2010-03-08 00:38:02 ----D---- C:\Windows\system 2010-03-08 00:38:01 ----D---- C:\Windows\twain_32 2010-03-08 00:10:53 ----D---- C:\Windows\Help 2010-03-08 00:09:07 ----D---- C:\Windows\system32\restore 2010-03-08 00:05:02 ----SHD---- C:\$Recycle.Bin 2010-03-08 00:04:28 ----RD---- C:\Users 2010-03-08 00:02:01 ----D---- C:\Program Files\Windows NT 2010-03-07 23:42:19 ----RAS---- C:\BOOTSECT.BAK 2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-03-09 23376] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-03-09 162640] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-03-09 46672] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-03-09 19024] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-03-09 51792] R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2006-06-09 19200] R3 Cam5603D;USB2.0 350K WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2006-11-28 847536] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 4608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-11-10 35984] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-11-10 37392] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680] R3 NETw3v32;Pilote de carte Intel® PRO/sans fil 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-19 2225664] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-10 4445120] R3 RTL8023xp;Pilote Realtek 10/100 NIC Family NDIS x86; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560] R3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-17 101504] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-04 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-02-15 545576] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-10 135664] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-01-29 292944] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF-----------------
  5. vins9
    Tout d'abord mille merci de votre intervention.J'ai effectué le premier scan et il a détecté 3 malwares que j'ai supprimé comme vous me l'avez expliqué. Voici le scan.Le reste suivra encore merci de votre aide Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3905 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 23/03/2010 20:31:11 mbam-log-2010-03-23 (20-31-11).txt Type de recherche: Examen complet (C:\|D:\|F:\|) Eléments examinés: 300613 Temps écoulé: 1 hour(s), 23 minute(s), 23 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  6. vins9
  7. vins9
    J'ai également effectué un scan avec spybot mais sans succes.
  8. vins9
    Bonjour à toutes la communauté, J'expose mon problème,j'ai depuis quelques jours de nombreuses fenêtres avec de la pub qui s'ouvre.J'ai dés lors fait un scan antivirus avec avast,rien ensuite utilisé windows defender qui m'a trouvé un trojan mais je ne connais plus le nom et a été supprimé.J'ai également effectué un nettoyage avec ccleaner.Mais toujours ce problème de spam.Merci de m'aider vous êtes le dernier rempart avant formatage.Merci mille fois voici le log hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:00:09, on 22/03/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18882) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AirPort\APAgent.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\rundll32.exe C:\Program Files\Garmin\gStart.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10e.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vins\AppData\Local\Temp\hijackthis-2.0.2.75917.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Vins\Desktop\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WEK9EMDHI9] C:\Windows\Blenoa.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Common Files\LogiShrd\eReg\SetPoint\eReg.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 9016 bytes
  9. vins9
    Ma corbeille est vide,je ne comprend pas !! Merci de votre aide
  10. vins9
    J'ai réussi à avoir le rapport avast.Le voici Rapport avast! * Ce fichier est généré automatiquement * * Tâche utilisée 'Interface utilisateur simplifiée' * Débuté le jeudi 10 septembre 2009 21:43:15 * VPS : 090910-0, 10/09/2009 * C:\$Recycle.Bin\S-1-5-21-587364949-1981486266-1907484075-1000\trz5C6A.tmp\Disk.cab [E] Le fichier est une bombe de décompression ("Decompression Bomb") (42110) C:\$Recycle.Bin\S-1-5-21-587364949-1981486266-1907484075-1000\trz5C6A.tmp\Install.exe [L] Win32:Kapucen-B [Wrm] (0) Durant le transfert du fichier vers la zone de quarantaine, l'erreur suivante s'est produite : Le fichier est une bombe de décompression ("Decompression Bomb") C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE\BIOSLOCK.PIF [E] L'archive est protégée par mot de passe. (42056) C:\DRIVERS\MCDBF\SOURCE1\OTHER.EXE\BIOSLOCK.EXE [E] L'archive est protégée par mot de passe. (42056) C:\DRIVERS\OTHER.EXE\BIOSLOCK.PIF [E] L'archive est protégée par mot de passe. (42056) C:\DRIVERS\OTHER.EXE\BIOSLOCK.EXE [E] L'archive est protégée par mot de passe. (42056) C:\Program Files\eMule\Temp\012.part\DISK.CAB [E] Le fichier est une bombe de décompression ("Decompression Bomb") (42110) C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP1\A0000170.EXE\BIOSLOCK.PIF [E] L'archive est protégée par mot de passe. (42056) C:\System Volume Information\_restore{B3BF5352-B406-412E-936E-A9436F19C528}\RP1\A0000170.EXE\BIOSLOCK.EXE [E] L'archive est protégée par mot de passe. (42056) C:\Users\Vins\Downloads\AnyDVD HD v6.5.2.2_ResourceRG_FreeRyde\Cleaners\AnyDVD Cleaner v6.exe\AutoPlay\autorun.cdd\_detect.dat [E] L'archive est protégée par mot de passe. (42056) C:\Users\Vins\Downloads\AnyDVD HD v6.5.2.2_ResourceRG_FreeRyde\Cleaners\AnyDVD Cleaner v6.exe\AutoPlay\autorun.cdd\_proj.dat [E] L'archive est protégée par mot de passe. (42056) C:\Users\Vins\Downloads\AnyDVD HD v6.5.2.2_ResourceRG_FreeRyde\Cleaners\AnyDVD Cleaner v6.exe\AutoPlay\autorun.cdd\_fonts.dat [E] L'archive est protégée par mot de passe. (42056) C:\Users\Vins\Music\iTunes\Mobile Applications\TomTom_Europe-v1.0-byBeYoIP.ipa\Payload\WEurope.app\Western_Europe\cline.dat [E] Le fichier est une bombe de décompression ("Decompression Bomb") (42110) F:\Iphone\Jeu Iphone\TomTom Europe v1.0 by BeYoIP\TomTom_Europe-v1.0-byBeYoIP.ipa\Payload\WEurope.app\Western_Europe\cline.dat [E] Le fichier est une bombe de décompression ("Decompression Bomb") (42110) G:\ [E] Le chemin d'accès spécifié est introuvable (3) H:\ [E] Le chemin d'accès spécifié est introuvable (3) Fichiers infectés : 1 Total des fichiers : 567773 Total des dossiers : 28718 Taille totale : 394,2 GB * * Tâche terminée : vendredi 11 septembre 2009 00:07:58 * Programme était en exécution 2 heure(s), 24 minute(s), 43 seconde(s) *
  11. vins9
    Désolé de répondre si tardivement ,j'étais absent.Je te remercie d'avance pour ton intérêt pour mon log. Je ne sais pas comment te fournir le rapport avast.par contre Je poste le txt reçu de rsit: Logfile of random's system information tool 1.06 (written by random/random) Run by Vins at 2009-09-10 21:25:32 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 System drive C: has 32 GB (28%) free of 114 GB Total RAM: 2047 MB (46% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:25:42, on 10/09/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\ATK0100\HControl.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Garmin\gStart.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Windows\ATK0100\ATKOSD.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Windows\system32\taskeng.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vins\Desktop\HiJackThis.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Windows\System32\mobsync.exe C:\Users\Vins\Desktop\RSIT.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Vins\Desktop\Vins.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [HControl] C:\Windows\ATK0100\HControl.exe O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://belgacom.extrafilm.be/ImageUploader5.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{BD66D101-7BDD-4885-815F-0653B716D3B0}: NameServer = 195.238.2.21,195.238.2.22 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Service Google Update (gupdate1ca302b38345080) (gupdate1ca302b38345080) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- End of file - 10944 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Ad-Aware Update (Weekly).job C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\User_Feed_Synchronization-{8C96A29B-B13C-447B-A871-2499C3B88FEF}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-08 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-10 90191] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-10 7766016] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-10 81920] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-10-10 69632] "HControl"=C:\Windows\ATK0100\HControl.exe [2006-12-15 217088] "ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072] "Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-06-29 520024] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552] "SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368] "QuickTime Task"=C:\Program Files\VistaCodecPack\QT\QTTask.exe [2009-05-26 413696] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-05-30 292136] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-07-16 25604904] "gStart"=C:\Garmin\gStart.exe [2008-08-13 1891416] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk] C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2006-05-24 49152] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18487c2e-efe3-11dd-ae30-0018f3fc3121}] shell\AutoRun\command - E:\setupSNK.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c18ae929-924b-11de-8d15-0018f3fc3121}] shell\AutoRun\command - E:\start.exe ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-09-10 21:25:32 ----D---- C:\rsit 2009-09-09 20:43:35 ----A---- C:\Windows\system32\jscript.dll 2009-09-09 20:43:25 ----A---- C:\Windows\system32\netiohlp.dll 2009-09-09 20:43:24 ----A---- C:\Windows\system32\TCPSVCS.EXE 2009-09-09 20:43:24 ----A---- C:\Windows\system32\NETSTAT.EXE 2009-09-09 20:43:24 ----A---- C:\Windows\system32\MRINFO.EXE 2009-09-09 20:43:24 ----A---- C:\Windows\system32\HOSTNAME.EXE 2009-09-09 20:43:24 ----A---- C:\Windows\system32\finger.exe 2009-09-09 20:43:24 ----A---- C:\Windows\system32\ARP.EXE 2009-09-09 20:43:23 ----A---- C:\Windows\system32\ROUTE.EXE 2009-09-09 20:43:23 ----A---- C:\Windows\system32\netevent.dll 2009-09-09 20:41:53 ----A---- C:\Windows\system32\wlansec.dll 2009-09-09 20:41:53 ----A---- C:\Windows\system32\wlanmsm.dll 2009-09-09 20:41:53 ----A---- C:\Windows\system32\L2SecHC.dll 2009-09-09 20:41:52 ----A---- C:\Windows\system32\wlansvc.dll 2009-09-09 20:41:52 ----A---- C:\Windows\system32\wlanapi.dll 2009-09-09 20:41:46 ----A---- C:\Windows\system32\WMVCORE.DLL 2009-09-09 20:41:45 ----A---- C:\Windows\system32\mf.dll 2009-09-08 18:27:51 ----A---- C:\Windows\ntbtlog.txt 2009-09-08 18:17:39 ----D---- C:\Windows\BDOSCAN8 2009-09-08 04:20:33 ----D---- C:\ProgramData\Google Updater 2009-09-08 04:20:05 ----D---- C:\Program Files\Google 2009-09-03 11:01:19 ----D---- C:\Program Files\Alcohol Soft 2009-09-03 02:15:11 ----A---- C:\Windows\system32\Apphlpdm.dll 2009-09-03 02:15:10 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2009-09-02 00:33:47 ----D---- C:\ProgramData\DAEMON Tools Lite 2009-09-02 00:33:42 ----D---- C:\Program Files\DAEMON Tools Toolbar 2009-09-02 00:33:35 ----D---- C:\Program Files\DAEMON Tools Lite 2009-09-02 00:23:50 ----D---- C:\Users\Vins\AppData\Roaming\DAEMON Tools Lite 2009-09-01 17:20:27 ----D---- C:\ProgramData\GARMIN 2009-09-01 17:18:39 ----D---- C:\Garmin 2009-09-01 17:08:32 ----D---- C:\Users\Vins\AppData\Roaming\GARMIN 2009-09-01 16:36:19 ----D---- C:\Program Files\Garmin GPS Plugin 2009-09-01 16:36:03 ----D---- C:\Program Files\DIFX 2009-09-01 16:35:10 ----D---- C:\Program Files\Garmin 2009-08-28 20:36:01 ----D---- C:\Program Files\Common Files\Skype 2009-08-26 16:17:32 ----A---- C:\Windows\system32\tzres.dll 2009-08-19 18:39:06 ----A---- C:\Windows\system32\kerberos.dll 2009-08-19 18:39:05 ----A---- C:\Windows\system32\wdigest.dll 2009-08-19 18:39:05 ----A---- C:\Windows\system32\msv1_0.dll 2009-08-19 18:39:03 ----A---- C:\Windows\system32\schannel.dll 2009-08-19 18:39:02 ----A---- C:\Windows\system32\lsasrv.dll 2009-08-19 18:38:59 ----A---- C:\Windows\system32\secur32.dll 2009-08-19 18:38:59 ----A---- C:\Windows\system32\lsass.exe 2009-08-12 15:19:20 ----A---- C:\Windows\system32\atl.dll 2009-08-12 15:19:15 ----A---- C:\Windows\system32\wkssvc.dll 2009-08-12 15:19:12 ----A---- C:\Windows\system32\mstscax.dll 2009-08-12 15:19:09 ----A---- C:\Windows\system32\avifil32.dll 2009-08-12 15:19:00 ----A---- C:\Windows\system32\wmp.dll 2009-08-12 15:18:58 ----A---- C:\Windows\system32\wmpdxm.dll 2009-08-12 15:18:57 ----A---- C:\Windows\system32\dxmasf.dll 2009-08-12 15:18:55 ----A---- C:\Windows\system32\wmploc.DLL 2009-08-12 15:18:55 ----A---- C:\Windows\system32\spwmp.dll ======List of files/folders modified in the last 1 months====== 2009-09-10 21:25:38 ----D---- C:\Windows\Temp 2009-09-10 21:19:29 ----D---- C:\Users\Vins\AppData\Roaming\Skype 2009-09-10 17:09:17 ----SHD---- C:\System Volume Information 2009-09-10 16:07:02 ----D---- C:\Users\Vins\AppData\Roaming\skypePM 2009-09-10 13:55:11 ----D---- C:\Windows\Tasks 2009-09-10 11:16:48 ----D---- C:\Windows\System32 2009-09-10 11:16:48 ----D---- C:\Windows\inf 2009-09-10 11:16:48 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-09-10 11:16:31 ----AD---- C:\Windows 2009-09-09 22:14:22 ----D---- C:\Windows\rescache 2009-09-09 22:13:42 ----D---- C:\Windows\Prefetch 2009-09-09 22:07:18 ----D---- C:\Windows\winsxs 2009-09-09 21:55:50 ----D---- C:\Program Files\Microsoft Silverlight 2009-09-09 21:54:16 ----D---- C:\Windows\system32\fr-FR 2009-09-09 21:54:16 ----D---- C:\Windows\system32\drivers 2009-09-09 20:55:19 ----D---- C:\Windows\Debug 2009-09-09 20:55:16 ----D---- C:\Windows\system32\catroot 2009-09-09 20:55:08 ----D---- C:\Program Files\Windows Mail 2009-09-09 20:55:02 ----SHD---- C:\Windows\Installer 2009-09-09 20:54:31 ----D---- C:\ProgramData\Microsoft Help 2009-09-09 20:53:14 ----D---- C:\Windows\ehome 2009-09-09 20:41:14 ----D---- C:\Windows\system32\catroot2 2009-09-08 18:20:17 ----SD---- C:\Windows\Downloaded Program Files 2009-09-08 11:56:31 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-09-08 04:32:53 ----D---- C:\Windows\system32\Tasks 2009-09-08 04:32:04 ----D---- C:\Program Files\PhoenixRC 2009-09-08 04:24:48 ----RD---- C:\Program Files 2009-09-08 04:24:48 ----HD---- C:\Program Files\InstallShield Installation Information 2009-09-08 04:24:48 ----A---- C:\Windows\permis.ini 2009-09-08 04:20:33 ----HD---- C:\ProgramData 2009-09-07 13:46:48 ----D---- C:\Users\Vins\AppData\Roaming\uTorrent 2009-09-03 10:36:26 ----D---- C:\Windows\AppPatch 2009-09-01 17:33:51 ----SD---- C:\Users\Vins\AppData\Roaming\Microsoft 2009-08-28 23:38:20 ----A---- C:\Windows\system32\mrt.exe 2009-08-28 20:36:23 ----RD---- C:\Program Files\Skype 2009-08-28 20:36:01 ----D---- C:\Program Files\Common Files 2009-08-28 20:35:58 ----D---- C:\ProgramData\Skype 2009-08-26 16:16:41 ----D---- C:\Windows\system32\zh-TW 2009-08-26 16:16:41 ----D---- C:\Windows\system32\zh-HK 2009-08-26 16:16:41 ----D---- C:\Windows\system32\tr-TR 2009-08-26 16:16:41 ----D---- C:\Windows\system32\sv-SE 2009-08-26 16:16:41 ----D---- C:\Windows\system32\pt-BR 2009-08-26 16:16:41 ----D---- C:\Windows\system32\nl-NL 2009-08-26 16:16:41 ----D---- C:\Windows\system32\nb-NO 2009-08-26 16:16:41 ----D---- C:\Windows\system32\ko-KR 2009-08-26 16:16:41 ----D---- C:\Windows\system32\it-IT 2009-08-26 16:16:41 ----D---- C:\Windows\system32\he-IL 2009-08-26 16:16:41 ----D---- C:\Windows\system32\fi-FI 2009-08-26 16:16:41 ----D---- C:\Windows\system32\es-ES 2009-08-26 16:16:41 ----D---- C:\Windows\system32\el-GR 2009-08-26 16:16:41 ----D---- C:\Windows\system32\de-DE 2009-08-26 16:16:41 ----D---- C:\Windows\system32\da-DK 2009-08-26 16:16:41 ----D---- C:\Windows\system32\ar-SA 2009-08-26 16:16:40 ----D---- C:\Windows\system32\en-US 2009-08-26 16:16:09 ----D---- C:\Program Files\Internet Explorer 2009-08-17 18:10:20 ----A---- C:\Windows\system32\aswBoot.exe 2009-08-13 10:09:40 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-08-13 03:17:18 ----D---- C:\Program Files\Windows Media Player ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-08-17 23152] R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-08-17 51376] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560] R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-08-17 53328] R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-12-31 24872] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-14 37376] R2 SBKUPNT;SBKUPNT; \??\C:\Windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2006-11-10 307712] R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-12-31 103360] R3 Cam5603D;USB2.0 350K WebCam; C:\Windows\System32\Drivers\BisonCam.sys [2006-11-28 847536] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2005-04-12 4608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-09-26 35472] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-09-26 37392] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680] R3 NETw3v32;Pilote de carte réseau Intel® PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-10 4445120] R3 RTL8023xp;Pilote Realtek 10/100 NIC Family NDIS x86; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 axn7lu5x;axn7lu5x; C:\Windows\system32\drivers\axn7lu5x.sys [] S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528] S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160] S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904] S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2009-05-29 17408] S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992] S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-05-29 39424] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-01 1029456] R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate1ca302b38345080;Service Google Update (gupdate1ca302b38345080); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-08 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-08 194032] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-11-07 121360] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- Voilà le 2eme txt info.txt logfile of random's system information tool 1.06 2009-09-10 21:25:48 ======Uninstall list====== Ad-Aware-->"C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE Ad-Aware-->C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Apple Mobile Device Support-->MsiExec.exe /I{659B48CD-0608-4ED5-94C0-0B6C87114F10} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft Software Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{497A1721-088F-41EF-8876-B43C9DA5528B}\Setup.exe" -l0x40c Assistant de connexion Windows Live ID-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845} ATK0100 ACPI UTILITY-->C:\Windows\ATK0100\XPunin.exe avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe" Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" DiskAid 3.0-->"C:\Program Files\DigiDNA\DiskAid\unins000.exe" DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN eMule-->"C:\Program Files\eMule\Uninstall.exe" Garmin BaseCamp-->MsiExec.exe /X{7C167621-D4BC-4FFF-B520-E26EB88860B5} Garmin City Navigator Europe NT 2009 Update-->MsiExec.exe /X{1240A058-8BCE-4A3B-BF82-6E5B801D71BA} Garmin Communicator Plugin-->MsiExec.exe /X{B3C9A441-C34D-40F3-9D3B-00EDDDAC74F1} Garmin MapSource-->MsiExec.exe /X{EA6EB7D0-C920-4434-B43D-0DDD0AF8F497} Garmin POI Loader-->MsiExec.exe /X{D9DA2DF6-8CB6-4E3C-A29E-FAECFBA3E9A7} Garmin TOPO France v2-->MsiExec.exe /X{4F763864-DDEA-46CA-AA1E-63A9C2453E83} Garmin Training Center-->MsiExec.exe /X{53C239F5-7E23-493D-8FB6-F8EEEA5C2154} Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD} Garmin WebUpdater-->MsiExec.exe /X{E0783143-EAE2-4047-A8D6-E155523C594C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466} HijackThis 2.0.2-->"C:\Users\Vins\Desktop\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D} iTunes-->MsiExec.exe /I{CC5702D7-86E2-45A8-99D7-E8B976ADCC56} KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} Logitech Harmony Remote Software 7-->C:\Program Files\InstallShield Installation Information\{5C6F884D-680C-448B-B4C9-22296EE1B206}\setup.exe -runfromtemp -l0x040c -removeonly Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8} Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C} Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21} Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3} Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Motorola SM56 Data Fax Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A" neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PHOTOfunSTUDIO -viewer--->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x040c -z"Uninstall" -removeonly Planificateur route Belux Vélo/Piéton-->MsiExec.exe /X{0CCD509A-0BC3-46E4-8905-11543F0F70A0} QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Remote Control USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8471021C-F529-43DE-84DF-3612E10F58C4}\setup.exe" -l0x9 -removeonly Safari-->MsiExec.exe /I{C3AE9DA1-2E44-4F11-803E-20977F0FE6B9} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004} Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Topomap Belux -->MsiExec.exe /X{82D054AB-3034-41FE-980E-53026803D22A} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462} Update for Outlook 2007 Junk Email Filter (kb973514)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504} USB2.0 350K WebCam-->C:\Program Files\InstallShield Installation Information\{4A57592C-FF92-4083-97A9-92783BD5AFB4}\setup.exe -runfromtemp -l0x040c -removeonly VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Videora iPod Converter 4.08-->C:\Program Files\Red Kawa\Video Converter App\uninstaller.exe Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" VLC media player 0.9.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_6b094708\grmnusb.inf Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} WinSCP 4.1.8-->"C:\Program Files\WinSCP\unins000.exe" YouTube Downloader App 1.03-->C:\Program Files\Regensoft\Downloader App\uninstaller.exe ======Security center information====== AV: avast! antivirus 4.8.1296 [VPS 090114-0] AS: Spybot - Search and Destroy AS: Lavasoft Ad-Watch Live! AS: Windows Defender AS: avast! antivirus 4.8.1296 [VPS 090114-0] ======System event log====== Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12981 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104550.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12976 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104549.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12974 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104549.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12967 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104548.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 4374 Message: Windows Servicing a déterminé que ce package KB936330(Service Pack) n’est pas applicable à ce système. Record Number: 12966 Source Name: Microsoft-Windows-Servicing Time Written: 20090115104548.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: PC-de-Vins Event Code: 513 Message: Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. . Record Number: 123 Source Name: Microsoft-Windows-CAPI2 Time Written: 20090114222729.000000-000 Event Type: Erreur User: Computer Name: PC-de-Vins Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 57 Source Name: Microsoft-Windows-WMI Time Written: 20090114220949.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 56 Source Name: Microsoft-Windows-WMI Time Written: 20090114220949.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: PC-de-Vins Event Code: 1008 Message: Le service Windows Search tente de supprimer l’ancien catalogue. Record Number: 26 Source Name: Microsoft-Windows-Search Time Written: 20090114220551.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B2-11 Event Code: 1036 Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système. Record Number: 13 Source Name: Microsoft-Windows-SpoolerSpoolss Time Written: 20090114215652.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: 26L2233B2-11 Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : 26L2233B2-11$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x258 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215511.526654-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4902 Message: La table de stratégie d’audit par utilisateur a été créée. Nombre d’éléments : 0 ID de la stratégie : 0xcd9ff Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215457.346163-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-0-0 Nom du compte : - Domaine du compte : - ID d’ouverture de session : 0x0 Type d’ouverture de session : 0 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x4 Nom du processus : Informations sur le réseau : Nom de la station de travail : - Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : - Package d’authentification : - Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215454.350943-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4608 Message: Windows démarre. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090114215454.350943-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-11 Event Code: 4647 Message: Fermeture de session initiée par l’utilisateur : Sujet : ID de sécurité : S-1-5-21-2152478756-3922319563-605102323-500 Nom du compte : Administrator Domaine du compte : 26L2233B2-11 ID d’ouverture de session : 0x8496a Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20061102130954.400000-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\Common Files\ArcSoft\Bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\VistaCodecPack\QT\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=0f06 "NUMBER_OF_PROCESSORS"=2 "CLASSPATH"=.;C:\Program Files\VistaCodecPack\QT\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\VistaCodecPack\QT\QTSystem\QTJava.zip -----------------EOF-----------------
  12. vins9
    Bonjour à tous, Je suis nouveau sur le forum.J'ai été infecté par le ver Win32:Kapucen-B [Wrm] et souhaiterais connaître la marche à suivre afin d'éradiquer cette infection.Mon anti virus avast,ne me permet pas de le supprimer,renommer,déplacer.Je remercie d'avance mille fois les personnes qui pourront m'aider.Je dépose un log hyjackthis. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:08:55, on 10/09/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\ATK0100\HControl.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Garmin\gStart.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe C:\Windows\ATK0100\ATKOSD.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Garmin\MapInstall.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Vins\Desktop\HiJackThis.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Service Google Update (gupdate1ca302b38345080) (gupdate1ca302b38345080) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- End of file - 3860 bytes
×
×
  • Créer...