csamy

Bonjour, OTL logfile created on: 11/08/2010 11:58:02 - Run 1 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Kami\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 271,78 Gb Free Space | 58,36% Space Free | Partition Type: NTFS Drive D: | 74,53 Gb Total Space | 6,64 Gb Free Space | 8,90% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: QUADCORE Current User Name: Kami Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/08/11 11:56:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kami\Desktop\OTL.exe PRC - [2010/08/07 13:29:09 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/07/23 00:02:16 | 000,945,720 | ---- | M] (Google Inc.) -- C:\Users\Kami\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010/07/06 18:14:56 | 000,716,024 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\explorer.exe PRC - [2009/06/17 13:44:11 | 000,085,160 | ---- | M] (Elaborate Bytes AG) -- C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2009/05/06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe ========== Modules (SafeList) ========== MOD - [2010/08/11 11:56:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kami\Desktop\OTL.exe MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA) SRV:64bit: - [2010/05/06 11:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe -- (LBTServ) SRV:64bit: - [2010/03/25 23:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010/01/09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService) SRV:64bit: - [2009/07/14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc) SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2010/08/07 13:29:09 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/07/09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010/07/06 18:14:56 | 000,716,024 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010/07/04 20:14:35 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2010/07/04 19:59:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2010/07/03 15:38:51 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state) SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel® SRV - [2009/05/06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha20x22k.sys -- (ha20x22k) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL) DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL) DRV:64bit: - [2010/06/30 21:23:16 | 000,061,952 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:64bit: - [2010/05/05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k) DRV:64bit: - [2010/05/05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia) DRV:64bit: - [2010/05/05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:64bit: - [2010/05/05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:64bit: - [2010/05/05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv) DRV:64bit: - [2010/05/05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV:64bit: - [2010/05/05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k) DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS) DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS) DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS) DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT) DRV:64bit: - [2010/03/18 11:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2010/03/18 11:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009/12/19 09:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009/11/24 15:29:16 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/11/23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2009/11/23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2009/09/16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV:64bit: - [2009/09/11 12:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore) DRV:64bit: - [2009/09/11 12:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid) DRV:64bit: - [2009/09/11 12:48:58 | 000,036,872 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo) DRV:64bit: - [2009/09/11 12:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter) DRV:64bit: - [2009/09/11 12:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum) DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus) DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt) DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap) DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID) DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC) DRV:64bit: - [2009/06/18 12:54:10 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\92CD.tmp -- (MEMSWEEP2) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6B C9 A0 89 0D 1D CB 01 [binary data] IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3526516833-356156847-142327782-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: ([2010/06/30 19:32:39 | 000,000,861 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activation.guitar-pro.com O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found. O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation) O4 - HKLM..\Run: [HKLM] C:\dir\install\Document\Program file\svchost.exe (WINDOWS) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3526516833-356156847-142327782-1001..\Run: [HKCU] C:\dir\install\Document\Program file\svchost.exe (WINDOWS) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\dir\install\Document\Program file\svchost.exe (WINDOWS) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-3526516833-356156847-142327782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Policies = C:\dir\install\Document\Program file\svchost.exe (WINDOWS) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package) O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/08/11 11:56:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Kami\Desktop\OTL.exe [2010/08/10 21:36:48 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010/08/10 21:36:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010/08/10 21:36:47 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010/08/10 21:36:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010/08/10 21:36:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010/08/10 21:36:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010/08/10 21:35:36 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010/08/10 21:35:36 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010/08/10 21:35:36 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010/08/10 21:35:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010/08/10 21:35:29 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010/08/10 21:35:28 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010/08/10 13:51:14 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\2K Games [2010/08/09 18:20:31 | 000,000,000 | ---D | C] -- C:\dir [2010/08/09 11:41:26 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Malwarebytes [2010/08/09 11:36:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010/08/09 11:36:09 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010/08/09 11:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010/08/09 11:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/08/08 18:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SWAT 4 [2010/08/06 01:18:58 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\vlc [2010/08/01 19:58:41 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\avidemux [2010/07/31 12:55:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC [2010/07/30 13:43:34 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Need for Speed World [2010/07/30 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\Electronic_Arts_Inc [2010/07/30 13:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Need For Speed World [2010/07/30 13:37:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Need For Speed World [2010/07/29 13:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010/07/29 13:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010/07/29 13:02:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2010/07/29 13:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2010/07/29 13:02:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2010/07/28 13:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2010/07/28 13:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2010/07/27 23:47:07 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\LogiShrd [2010/07/27 23:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd [2010/07/27 23:46:58 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Leadertech [2010/07/27 23:46:47 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2010/07/27 23:46:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd [2010/07/27 23:46:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2010/07/27 23:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd [2010/07/27 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Logitech [2010/07/27 23:45:48 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Logishrd [2010/07/27 12:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010/07/26 19:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xpadder [2010/07/26 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner [2010/07/26 13:13:50 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2010/07/26 13:13:50 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll [2010/07/26 13:13:50 | 000,074,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys [2010/07/26 13:13:50 | 000,061,952 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys [2010/07/26 13:13:50 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\MotioninJoy [2010/07/26 13:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MotioninJoy [2010/07/23 13:43:50 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\mIRC [2010/07/22 17:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VLC [2010/07/21 20:01:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010/07/21 20:01:55 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010/07/21 20:01:55 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010/07/21 20:01:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010/07/21 20:01:54 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2010/07/21 20:01:54 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2010/07/21 20:01:54 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2010/07/21 20:01:54 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2010/07/21 20:01:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2010/07/21 20:01:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2010/07/21 20:01:53 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2010/07/21 20:01:53 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2010/07/21 20:01:53 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2010/07/21 20:01:53 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2010/07/21 20:01:53 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2010/07/21 20:01:53 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2010/07/21 20:01:35 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010/07/21 20:01:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2010/07/21 19:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Left4Dead2 [2010/07/21 12:46:29 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\BlackBean [2010/07/20 15:36:44 | 000,000,000 | ---D | C] -- C:\Users\Kami\Documents\EA SPORTS FIFA Online [2010/07/20 15:28:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup [2010/07/20 14:25:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SBK X [2010/07/20 10:24:10 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010/07/20 10:24:10 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2010/07/20 10:24:10 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010/07/20 10:24:10 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010/07/20 10:24:09 | 019,114,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2010/07/20 10:24:09 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010/07/20 10:24:09 | 000,382,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2010/07/20 10:24:09 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010/07/20 10:24:07 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2010/07/20 10:24:07 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2010/07/20 10:24:07 | 003,089,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2010/07/20 10:24:07 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010/07/20 10:24:07 | 002,761,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2010/07/20 10:24:07 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010/07/20 10:24:06 | 014,513,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2010/07/20 10:24:06 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010/07/20 10:24:06 | 006,116,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2010/07/20 10:24:06 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010/07/20 10:24:06 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010/07/20 10:24:06 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1922.dll [2010/07/20 10:24:06 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2010/07/19 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\Unity [2010/07/19 17:34:15 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\Unity [2010/07/19 13:51:05 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Roaming\IObit [2010/07/19 11:34:26 | 000,000,000 | ---D | C] -- C:\Users\Kami\Nouveau dossier [2010/07/19 11:30:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mkv2vob [2010/07/19 11:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2010/07/19 11:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010/07/19 11:21:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010/07/19 11:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/07/19 11:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2010/07/19 11:20:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2010/07/19 11:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2010/07/19 11:19:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2010/07/19 11:19:54 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010/07/18 17:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010/07/18 17:51:28 | 000,000,000 | ---D | C] -- C:\Windows\A7E07C2B2220441587E3784D5814BC93.TMP [2010/07/18 17:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\505games [2010/07/16 10:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GT-8FxFloorBoard [2010/07/14 20:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2010/07/13 19:06:47 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010/07/13 11:01:03 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\TVersity [2010/07/12 22:55:34 | 000,000,000 | ---D | C] -- C:\Users\Kami\AppData\Local\MigWiz [2010/05/05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/08/11 11:57:06 | 003,407,872 | ---- | M] () -- C:\Users\Kami\NTUSER.DAT [2010/08/11 11:56:32 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Kami\Desktop\OTL.exe [2010/08/11 11:56:27 | 000,019,490 | -H-- | M] () -- C:\Users\Kami\AppData\Roaming\logs.dat [2010/08/11 11:42:03 | 000,013,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/08/11 11:42:03 | 000,013,648 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/08/11 11:34:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/08/11 11:34:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/08/11 11:34:36 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys [2010/08/11 00:19:06 | 000,060,752 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx [2010/08/11 00:19:06 | 000,060,752 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx [2010/08/11 00:19:06 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx [2010/08/11 00:19:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat [2010/08/11 00:18:56 | 003,484,403 | -H-- | M] () -- C:\Users\Kami\AppData\Local\IconCache.db [2010/08/10 23:24:02 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3526516833-356156847-142327782-1001UA.job [2010/08/10 21:43:38 | 000,435,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010/08/10 17:24:03 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3526516833-356156847-142327782-1001Core.job [2010/08/10 17:21:21 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010/08/10 17:21:18 | 000,219,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010/08/09 11:36:13 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/08/08 18:54:23 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2010/08/07 13:29:09 | 002,373,712 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2010/08/07 13:29:09 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010/08/04 01:28:22 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm [2010/08/04 01:28:22 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm [2010/07/31 12:58:31 | 000,153,480 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2010/07/31 12:55:25 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2010/07/29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010/07/28 13:23:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010/07/28 13:23:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010/07/27 23:46:47 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys [2010/07/27 12:00:20 | 000,000,967 | ---- | M] () -- C:\Users\Kami\Desktop\CCleaner.lnk [2010/07/26 19:27:10 | 000,000,951 | ---- | M] () -- C:\Users\Kami\Desktop\Xpadder.lnk [2010/07/26 13:20:26 | 000,000,543 | ---- | M] () -- C:\Windows\NGO.cer [2010/07/26 13:15:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010/07/26 13:15:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf [2010/07/23 21:12:25 | 001,660,386 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010/07/23 21:12:25 | 000,744,568 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2010/07/23 21:12:25 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010/07/23 21:12:25 | 000,148,086 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2010/07/23 21:12:25 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010/07/20 17:23:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010/07/19 14:06:30 | 000,122,944 | ---- | M] () -- C:\Users\Kami\AppData\Local\GDIPFONTCACHEV1.DAT [2010/07/19 14:03:20 | 000,001,136 | ---- | M] () -- C:\Users\Kami\Desktop\Auslogics Registry Defrag.lnk [2010/07/19 10:44:01 | 000,000,387 | ---- | M] () -- C:\Windows\win.ini [7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/08/09 11:36:13 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/08/08 18:54:23 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2010/07/31 12:58:31 | 000,153,480 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010/07/31 12:55:25 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2010/07/28 13:23:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010/07/28 13:23:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010/07/26 19:27:10 | 000,000,951 | ---- | C] () -- C:\Users\Kami\Desktop\Xpadder.lnk [2010/07/26 13:20:26 | 000,000,543 | ---- | C] () -- C:\Windows\NGO.cer [2010/07/26 13:15:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010/07/26 13:15:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf [2010/07/19 14:03:20 | 000,001,136 | ---- | C] () -- C:\Users\Kami\Desktop\Auslogics Registry Defrag.lnk [2010/07/14 20:32:11 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/07/09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010/07/07 15:56:22 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010/07/04 19:59:33 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010/07/04 19:59:33 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010/07/04 19:50:04 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI [2010/06/11 20:04:52 | 001,638,172 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/05/30 09:24:48 | 000,000,303 | ---- | C] () -- C:\Windows\game.ini [2010/05/29 20:55:36 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIFRN.DLL [2010/05/05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini [2010/05/05 20:37:50 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [2010/05/05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll [2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/07/06 13:47:08 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini ========== LOP Check ========== [2010/07/11 17:11:45 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\.minecraft [2010/07/22 21:25:51 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Auslogics [2010/06/20 16:03:43 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Autodesk [2010/08/01 20:00:52 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\avidemux [2010/07/26 14:20:38 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Bioshock [2010/06/02 21:49:28 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\bizarre creations [2010/07/21 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\BlackBean [2010/06/30 19:41:20 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Guitar Pro 6 [2010/07/19 13:51:05 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\IObit [2010/07/27 23:46:58 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Leadertech [2010/07/07 15:57:48 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\MAGIX [2010/06/03 18:42:29 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\mkvtoolnix [2010/07/26 13:13:50 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\MotioninJoy [2010/08/10 18:43:49 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Mumble [2010/07/30 13:43:34 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Need for Speed World [2010/05/29 21:07:09 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Notepad++ [2010/06/04 20:26:04 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\TP [2010/08/09 16:09:42 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Tunngle [2010/07/19 17:45:34 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\Unity [2010/08/11 00:15:00 | 000,000,000 | ---D | M] -- C:\Users\Kami\AppData\Roaming\uTorrent [2010/07/25 17:25:02 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:07BF512B @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CF778051 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:587EB586 < End of report >

Arg, désolé, j'avais pas fait attention. Voici donc le nouveau log : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4412 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/08/2010 18:46:47 mbam-log-2010-08-10 (18-46-47).txt Type d'examen: Examen rapide Elément(s) analysé(s): 129626 Temps écoulé: 3 minute(s), 33 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{l7w3r7w4-uu4v-78fg-sf13-5k850liur2fl} (Generic.Bot.H) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Agent) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\dir\install\Document\Program file\svchost.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\Users\Kami\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Users\Kami\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully. Et quand je refais un examen les malwares sont toujours présents !

Bonjour à tous, je viens de faire une analyse MBAM pour voir l'état de l'ordinateur de mon frère, et elle a détecté plusieurs menaces qui, malgré plusieurs tentatives de suppression puis de redémarrage, ne sont pas éradiquées et réapparaissent à la prochaine analyse. Je précise que mon OS est Windows 7 64 bit Ecran de MBAM : Easy-Upload.Net :: Fichiers :: quarantine.2010810131021.jpg Voici mon dernier log MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4412 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10/08/2010 13:16:35 mbam-log-2010-08-10 (13-16-35).txt Type d'examen: Examen rapide Elément(s) analysé(s): 129791 Temps écoulé: 2 minute(s), 21 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 4 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{l7w3r7w4-uu4v-78fg-sf13-5k850liur2fl} (Generic.Bot.H) -> No action taken. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Agent) -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\dir\install\Document\Program file\svchost.exe (Generic.Bot.H) -> No action taken. C:\Users\Kami\AppData\Roaming\logs.dat (Bifrose.Trace) -> No action taken. C:\Users\Kami\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> No action taken. C:\Users\Kami\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> No action taken. Merci d'avance

Il roule du tonnerre ! Merci pour votre aide !

Non j'ai pas utilisé de logiciels avant ComboFix. J'ai supprimé le dossier, il était vide !

Quand je C/C "C:\Windows\system32\drivers\rxugevdl.sys" dans VirusTotal il me dit que j'ai pas ce fichier. Peut-être qu'il a été supprimé ?

Voici le log de ComboFix : ComboFix 10-07-24.03 - Samy 25/07/2010 19:40:11.1.1 - x86 Microsoft® Windows Vista™ Professionnel 6.0.6002.2.1252.33.1036.18.3071.2093 [GMT 2:00] Lancé depuis: c:\users\Samy\Desktop\csamy.exe SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Fonts\NfoViewer.ttf c:\windows\system32\Agent.OMZ.Fix.exe c:\windows\system32\IEDFix.C.exe c:\windows\system32\NlsData0010.dll c:\windows\system32\o4Patch.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe . ((((((((((((((((((((((((((((( Fichiers créés du 2010-06-25 au 2010-07-25 )))))))))))))))))))))))))))))))))))) . 2010-07-25 17:46 . 2010-07-25 17:46 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-07-25 12:53 . 2010-07-25 12:54 -------- d-----w- C:\rsit 2010-07-25 11:38 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-25 11:38 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-25 10:54 . 2010-07-25 17:32 -------- d-----w- C:\glfrontier 2010-07-24 09:11 . 2010-07-24 19:35 -------- d-----w- c:\users\Samy\Frontier 2010-07-24 09:08 . 2010-07-24 09:08 -------- d---a-w- C:\.Trash-1000 2010-07-23 12:45 . 2010-07-23 12:45 -------- d-----w- c:\users\Samy\AppData\Roaming\Malwarebytes 2010-07-23 12:45 . 2010-07-23 12:45 -------- d-----w- c:\programdata\Malwarebytes 2010-07-23 12:45 . 2010-07-25 11:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-23 12:33 . 2010-07-23 12:37 -------- d-----w- c:\users\Samy\AppData\Roaming\vlc 2010-07-23 12:32 . 2010-07-23 12:32 -------- d-----w- c:\program files\VideoLAN 2010-07-23 12:13 . 2010-07-23 12:13 -------- d-----w- c:\program files\NFO viewer 2010-07-23 11:05 . 2010-07-23 11:05 -------- d-----w- c:\program files\iPod 2010-07-23 11:05 . 2010-07-23 11:07 -------- d-----w- c:\program files\iTunes 2010-07-23 11:03 . 2010-07-23 11:03 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe 2010-07-22 16:09 . 2010-07-22 16:09 388096 ----a-r- c:\users\Samy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-07-22 14:12 . 2010-07-23 12:54 -------- d-----w- c:\users\Samy\AppData\Local\inseuayqb 2010-07-22 12:37 . 2010-07-22 12:37 -------- d-----w- c:\program files\Trend Micro 2010-07-22 10:00 . 2010-07-22 10:00 -------- d-----w- c:\users\Samy\AppData\Roaming\ScummVM 2010-07-22 10:00 . 2010-07-22 10:06 -------- d-----w- c:\program files\ScummVM 2010-07-22 08:55 . 2010-07-22 08:55 -------- d-----w- c:\users\Samy\MONKEY 2010-07-22 08:23 . 2010-07-22 08:23 -------- d--h--w- c:\windows\PIF 2010-07-21 17:43 . 2010-07-21 17:43 -------- d-----w- c:\program files\MSECache 2010-07-17 10:04 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll 2010-07-17 10:04 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll 2010-07-17 10:04 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll 2010-07-17 10:03 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll 2010-07-17 09:53 . 2010-07-17 09:53 -------- d-----w- C:\found.000 2010-07-14 08:25 . 2010-07-14 08:25 36864 ----a-w- c:\programdata\Temp\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\PostBuild.exe 2010-07-13 11:45 . 2010-07-13 11:45 -------- d-----w- c:\users\Samy\AppData\Roaming\PeerNetworking 2010-07-10 09:22 . 2010-07-10 09:24 -------- d-----w- c:\users\Samy\AppData\Roaming\.minecraft 2010-07-08 13:15 . 2010-07-08 13:26 -------- d-----w- c:\users\Samy\AppData\Roaming\SumatraPDF 2010-07-08 13:15 . 2010-07-08 13:15 -------- d-----w- c:\program files\SumatraPDF 2010-07-07 09:33 . 2010-07-07 09:33 -------- d-----w- c:\users\Samy\AppData\Local\DOSBox 2010-07-07 09:33 . 2010-07-24 09:16 -------- d-----w- c:\program files\DOSBox-0.74 2010-07-05 08:38 . 2010-07-05 08:38 -------- d--h--w- c:\programdata\CanonBJ 2010-07-05 08:38 . 2006-11-02 09:46 70144 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNBPP3.DLL 2010-07-04 05:57 . 2010-07-04 05:57 -------- d-----w- c:\program files\Google 2010-07-03 12:20 . 2010-07-03 12:20 -------- d-----w- c:\users\Samy\AppData\Roaming\NVIDIA 2010-07-03 11:50 . 2010-07-03 11:50 -------- d-----w- c:\program files\Common Files\Steam 2010-07-03 10:26 . 2010-07-03 10:26 -------- d-----w- c:\program files\Microsoft Games 2010-07-03 09:58 . 2010-07-03 09:58 -------- d-----w- c:\users\Samy\AppData\Roaming\Auslogics 2010-07-03 09:58 . 2010-07-03 09:58 -------- d-----w- c:\program files\Auslogics Disk Defrag 2010-07-03 09:40 . 2010-07-03 09:40 7168 ----a-w- c:\windows\system32\drivers\ute4ndez.sys 2010-07-03 09:36 . 2010-07-03 09:48 -------- d-----w- c:\programdata\Kaspersky Lab 2010-07-03 09:34 . 2010-07-03 09:35 -------- d-----w- c:\program files\CCleaner 2010-07-03 09:04 . 2010-07-22 11:48 35 ----a-w- c:\users\Samy\AppData\Roaming\SetValue.bat 2010-07-03 08:22 . 2010-07-03 08:22 -------- d-----w- c:\program files\MSXML 4.0 2010-07-03 05:38 . 2010-07-14 08:29 -------- d-----w- c:\users\Samy\AppData\Roaming\CyberLink 2010-07-03 05:35 . 2006-03-09 22:00 3584 ----a-w- c:\windows\system32\eswiaml.dll 2010-07-03 05:35 . 2006-12-27 22:00 66048 ----a-w- c:\windows\system32\escwian.dll 2010-07-03 05:35 . 2006-10-12 22:00 61952 ----a-w- c:\windows\system32\escwiad.dll 2010-07-03 05:35 . 2006-10-12 22:00 44544 ----a-w- c:\windows\system32\escwiab.dll 2010-07-03 05:35 . 2002-09-03 22:00 90112 ----a-w- c:\windows\system32\epcomdd.dll 2010-07-03 05:35 . 2002-08-08 22:00 184320 ----a-w- c:\windows\system32\ESDTR.dll 2010-07-03 05:35 . 2002-01-30 22:00 126976 ----a-w- c:\windows\system32\Esint23.dll 2010-07-03 05:35 . 2001-05-20 22:00 77824 ----a-w- c:\windows\system32\Esintpl.dll 2010-07-03 05:35 . 2000-10-10 22:00 53248 ----a-w- c:\windows\system32\ESICM.dll 2010-07-03 05:35 . 2010-07-03 05:35 -------- d-----w- c:\users\Samy\AppData\Roaming\InstallShield 2010-07-03 05:17 . 2010-07-03 06:30 -------- d-----w- c:\users\Samy\AppData\Local\TVEnhance 2010-07-03 05:17 . 2008-10-22 23:22 95232 ----a-w- c:\windows\system32\oCLWatson.exe 2010-07-03 05:17 . 2008-10-22 23:22 82432 ----a-w- c:\windows\system32\msxml4r.dll 2010-07-03 05:17 . 2008-10-22 23:22 44544 ----a-w- c:\windows\system32\msxml4a.dll 2010-07-03 05:15 . 2010-07-03 05:38 -------- d-----w- c:\users\Samy\AppData\Roaming\PowerCinema 2010-07-03 05:12 . 2010-07-14 08:29 -------- d-----w- c:\program files\CyberLink 2010-07-03 05:12 . 2010-07-14 08:29 -------- d-----w- c:\programdata\CyberLink 2010-07-02 16:36 . 2010-07-02 16:36 -------- d-----w- c:\users\Samy\AppData\Local\Apple Computer 2010-07-02 14:49 . 2010-07-25 12:47 -------- d-----w- c:\program files\Daggerfall 2010-07-02 13:38 . 2010-07-02 13:38 -------- d-----w- c:\users\Samy\AppData\Local\Oblivion 2010-07-02 13:14 . 2010-07-02 13:14 -------- d-----w- c:\program files\7-Zip 2010-07-02 12:50 . 2010-07-02 12:50 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-07-02 12:50 . 2010-07-02 12:51 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-07-02 12:50 . 2010-07-02 13:25 -------- d-----w- c:\users\Samy\AppData\Roaming\DAEMON Tools Lite 2010-07-02 12:50 . 2010-07-02 12:50 -------- d-----w- c:\programdata\DAEMON Tools Lite 2010-07-02 12:18 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-07-02 11:29 . 2010-07-02 11:29 -------- d-----w- c:\windows\system32\ca-ES 2010-07-02 11:29 . 2010-07-02 11:29 -------- d-----w- c:\windows\system32\eu-ES 2010-07-02 11:29 . 2010-07-02 11:29 -------- d-----w- c:\windows\system32\vi-VN 2010-07-02 11:25 . 2010-07-02 11:25 -------- d-----w- c:\windows\system32\SPReview 2010-07-02 11:05 . 2009-04-10 21:28 928768 ----a-w- c:\windows\system32\scavenge.dll 2010-07-02 11:05 . 2009-04-10 21:27 57856 ----a-w- c:\windows\system32\compcln.exe 2010-07-02 11:03 . 2009-04-10 21:28 454144 ----a-w- c:\windows\system32\IasMigPlugin.dll 2010-07-02 11:02 . 2009-04-10 21:28 968192 ----a-w- c:\windows\system32\wcnwiz2.dll 2010-07-02 10:55 . 2010-07-02 10:55 -------- d-----w- c:\windows\system32\EventProviders 2010-07-02 10:24 . 2010-07-02 10:24 -------- d-----w- c:\windows\system32\Macromed 2010-07-02 10:12 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2010-07-02 10:11 . 2010-07-02 10:11 -------- d-----w- c:\program files\SystemRequirementsLab 2010-07-02 10:11 . 2010-07-02 10:11 85504 ----a-w- c:\users\Samy\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll 2010-07-02 10:11 . 2010-07-02 10:11 -------- d-----w- c:\users\Samy\AppData\Roaming\SystemRequirementsLab 2010-07-02 10:04 . 2010-07-02 10:04 -------- d-----w- c:\program files\Microsoft.NET 2010-07-02 10:02 . 2010-07-02 10:02 -------- d-----w- c:\windows\Sun 2010-07-02 10:02 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-07-02 10:02 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-07-02 10:02 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-07-02 10:00 . 2010-07-02 10:00 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-07-02 10:00 . 2010-07-21 14:59 -------- d-----w- c:\program files\Java 2010-07-02 09:59 . 2010-07-02 09:59 -------- d-----w- c:\program files\Common Files\Java 2010-07-02 09:38 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-07-02 09:38 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2010-07-02 09:38 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2010-07-02 09:38 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2010-07-02 09:38 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2010-07-02 09:35 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll 2010-07-02 09:35 . 2010-05-01 14:13 2037248 ----a-w- c:\windows\system32\win32k.sys 2010-07-02 09:34 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll 2010-07-02 09:34 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll 2010-07-02 09:33 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-07-02 09:33 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-07-02 09:33 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll 2010-07-02 08:27 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe 2010-07-02 08:27 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll 2010-07-02 08:27 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll 2010-07-02 08:25 . 2008-01-18 21:42 94776 ----a-w- c:\windows\system32\MigAutoPlay.exe 2010-07-02 08:24 . 2008-01-18 21:33 33280 ----a-w- c:\windows\system32\appinfo.dll 2010-07-02 08:23 . 2008-01-18 21:37 9728 ----a-w- c:\windows\system32\wscproxystub.dll 2010-07-02 08:22 . 2008-01-18 21:36 43008 ----a-w- c:\windows\system32\TimeDateMUICallback.dll 2010-07-02 08:08 . 2010-07-02 16:09 -------- d-----w- c:\users\Samy\Tracing 2010-07-02 08:06 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-07-02 08:06 . 2010-07-02 08:06 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-07-02 08:05 . 2010-07-02 08:05 -------- d-----w- c:\program files\Microsoft 2010-07-02 08:04 . 2010-07-02 08:04 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-07-02 08:04 . 2010-07-14 08:30 -------- d-----w- c:\program files\Windows Live 2010-07-02 08:03 . 2010-07-02 08:03 -------- d-----w- c:\windows\PCHEALTH 2010-07-02 08:03 . 2010-07-02 08:03 0 ----a-w- c:\windows\nsreg.dat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-25 13:21 . 2010-07-14 16:58 34805 ----a-w- c:\programdata\nvModes.dat 2010-07-22 11:48 . 2010-07-03 09:04 691 ----a-w- c:\users\Samy\AppData\Roaming\GetValue.vbs 2010-07-16 16:44 . 2006-11-02 15:47 678804 ----a-w- c:\windows\system32\perfh00C.dat 2010-07-16 16:44 . 2006-11-02 15:47 126420 ----a-w- c:\windows\system32\perfc00C.dat 2010-07-14 08:06 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2010-07-02 11:29 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2010-07-02 11:29 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-07-02 11:28 . 2010-07-02 11:28 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2010-07-02 08:52 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2010-07-02 08:52 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2010-07-01 20:51 . 2010-07-01 20:51 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll 2010-07-01 18:30 . 2010-07-01 18:30 2560 ----a-w- c:\windows\AppPatch\AcRes.dll 2010-07-01 17:55 . 2010-07-01 17:55 87552 ----a-w- c:\windows\system32\wudriver.dll 2010-07-01 17:55 . 2010-07-01 17:55 575704 ----a-w- c:\windows\system32\wuapi.dll 2010-07-01 17:55 . 2010-07-01 17:55 35552 ----a-w- c:\windows\system32\wups.dll 2010-07-01 17:53 . 2010-07-01 17:53 -------- d-sh--we c:\programdata\Modèles 2010-07-01 17:53 . 2010-07-01 17:53 -------- d-sh--we c:\programdata\Menu Démarrer 2010-06-02 02:55 . 2010-07-02 17:16 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2010-06-02 02:55 . 2010-07-02 17:16 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2010-06-02 02:55 . 2010-07-02 17:16 239960 ----a-w- c:\windows\system32\xactengine3_7.dll 2010-05-26 09:41 . 2010-07-02 17:16 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2010-05-26 09:41 . 2010-07-02 17:16 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2010-05-26 09:41 . 2010-07-02 17:16 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2010-05-26 09:41 . 2010-07-02 17:16 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2010-05-26 09:41 . 2010-07-02 17:16 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-05-18 14:35 . 2010-05-18 14:35 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2010-05-18 14:35 . 2010-05-18 14:35 197920 ----a-w- c:\windows\system32\dnssdX.dll 2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-05-04 05:59 . 2010-07-02 10:35 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-04 05:55 . 2010-07-02 10:35 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-05-04 05:55 . 2010-07-02 10:35 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-05-04 04:31 . 2010-07-02 10:35 133632 ----a-w- c:\windows\system32\ieUnatt.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-07-21 13:53 141608 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-03-18 20:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2009-04-14 05:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):fc,ab,85,ac,da,19,cb,01 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2310995930-1425342795-4147184605-1000] "EnableNotificationsRef"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136] R3 ute4ndez;AVZ Kernel Driver;c:\windows\system32\Drivers\ute4ndez.sys [2010-07-03 7168] R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-07-02 691696] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc . Contenu du dossier 'Tâches planifiées' 2010-07-25 c:\windows\Tasks\User_Feed_Synchronization-{DE1CEB4B-3101-4BE1-9CD0-48BD42BF8EE1}.job - c:\windows\system32\msfeedssync.exe [2010-07-02 04:30] . . ------- Examen supplémentaire ------- . uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: {287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F} = 89.2.0.1,89.2.0.2 FF - ProfilePath - c:\users\Samy\AppData\Roaming\Mozilla\Firefox\Profiles\lbeiup23.default\ FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-25 19:46 Windows 6.0.6002 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . Heure de fin: 2010-07-25 19:49:18 ComboFix-quarantined-files.txt 2010-07-25 17:49 Avant-CF: 28 216 922 112 octets libres Après-CF: 28 187 185 152 octets libres - - End Of File - - 85C7FB5301B1E012401E6793FA2E8D28

LOG DE MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4345 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18928 25/07/2010 14:47:48 mbam-log-2010-07-25 (14-47-48).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 268801 Temps écoulé: 1 heure(s), 6 minute(s), 53 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 3 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\EWABQAF7KL (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\VO3N0SLJ2I (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files\Daggerfall\EyeOfArgonia.exe (Spyware.Banker) -> Quarantined and deleted successfully. C:\Windows\System32\sshnas21.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. LOG.TXT Logfile of random's system information tool 1.08 (written by random/random) Run by Samy at 2010-07-25 14:53:55 Microsoft® Windows Vista™ Professionnel Service Pack 2 System drive C: has 27 GB (53%) free of 51 GB Total RAM: 3071 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:53:58, on 25/07/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Samy\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Samy.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O17 - HKLM\System\CCS\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 17710 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{DE1CEB4B-3101-4BE1-9CD0-48BD42BF8EE1}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-02 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] C:\Windows\SOUNDMAN.EXE [2009-04-14 604704] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-07-25 14:53:55 ----D---- C:\rsit 2010-07-25 14:48:50 ----A---- C:\Windows\system32\drivers\rxugevdl.sys 2010-07-25 13:38:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-07-25 13:38:30 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-07-25 12:54:19 ----D---- C:\glfrontier 2010-07-25 12:45:37 ----ASH---- C:\hiberfil.sys 2010-07-24 11:10:06 ----A---- C:\Windows\ntbtlog.txt 2010-07-24 11:10:01 ----ASH---- C:\pagefile.sys 2010-07-24 11:08:17 ----AD---- C:\.Trash-1000 2010-07-23 14:45:32 ----D---- C:\Users\Samy\AppData\Roaming\Malwarebytes 2010-07-23 14:45:21 ----D---- C:\ProgramData\Malwarebytes 2010-07-23 14:45:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-23 14:33:08 ----D---- C:\Users\Samy\AppData\Roaming\vlc 2010-07-23 14:32:23 ----D---- C:\Program Files\VideoLAN 2010-07-23 14:13:57 ----D---- C:\Program Files\NFO viewer 2010-07-23 13:05:15 ----D---- C:\Program Files\iPod 2010-07-23 13:05:09 ----D---- C:\Program Files\iTunes 2010-07-22 14:37:39 ----D---- C:\Program Files\Trend Micro 2010-07-22 13:47:56 ----A---- C:\Windows\system32\SrchSTS.exe 2010-07-22 13:47:56 ----A---- C:\Windows\system32\Process.exe 2010-07-22 13:47:56 ----A---- C:\Windows\system32\o4Patch.exe 2010-07-22 13:47:56 ----A---- C:\Windows\system32\IEDFix.C.exe 2010-07-22 13:47:56 ----A---- C:\Windows\system32\Agent.OMZ.Fix.exe 2010-07-22 12:00:22 ----D---- C:\Users\Samy\AppData\Roaming\ScummVM 2010-07-22 12:00:17 ----D---- C:\Program Files\ScummVM 2010-07-22 10:23:08 ----HD---- C:\Windows\PIF 2010-07-21 19:45:34 ----D---- C:\Program Files\Microsoft Office 2010-07-21 19:43:33 ----D---- C:\Program Files\MSECache 2010-07-17 12:04:04 ----A---- C:\Windows\system32\d3dx10_40.dll 2010-07-17 12:04:04 ----A---- C:\Windows\system32\D3DCompiler_40.dll 2010-07-17 12:04:03 ----A---- C:\Windows\system32\D3DX9_40.dll 2010-07-17 12:03:58 ----A---- C:\Windows\system32\D3DCompiler_36.dll 2010-07-17 11:53:44 ----SHD---- C:\found.000 2010-07-13 13:45:22 ----D---- C:\Users\Samy\AppData\Roaming\PeerNetworking 2010-07-10 11:22:26 ----D---- C:\Users\Samy\AppData\Roaming\.minecraft 2010-07-08 15:15:14 ----D---- C:\Users\Samy\AppData\Roaming\SumatraPDF 2010-07-08 15:15:07 ----D---- C:\Program Files\SumatraPDF 2010-07-07 11:33:24 ----D---- C:\Program Files\DOSBox-0.74 2010-07-06 20:53:50 ----RASH---- C:\MSDOS.SYS 2010-07-06 20:53:50 ----RASH---- C:\IO.SYS 2010-07-05 10:38:44 ----HD---- C:\ProgramData\CanonBJ 2010-07-04 07:57:02 ----D---- C:\Program Files\Google 2010-07-03 14:20:19 ----D---- C:\Users\Samy\AppData\Roaming\NVIDIA 2010-07-03 13:50:13 ----D---- C:\Program Files\Common Files\Steam 2010-07-03 12:26:00 ----D---- C:\Program Files\Microsoft Games 2010-07-03 11:58:24 ----D---- C:\Users\Samy\AppData\Roaming\Auslogics 2010-07-03 11:58:20 ----D---- C:\Program Files\Auslogics Disk Defrag 2010-07-03 11:40:30 ----A---- C:\Windows\system32\drivers\ute4ndez.sys 2010-07-03 11:36:55 ----D---- C:\ProgramData\Kaspersky Lab 2010-07-03 11:34:57 ----D---- C:\Program Files\CCleaner 2010-07-03 11:04:34 ----A---- C:\Users\Samy\AppData\Roaming\SetValue.bat 2010-07-03 11:04:33 ----A---- C:\Users\Samy\AppData\Roaming\GetValue.vbs 2010-07-03 11:03:29 ----A---- C:\Windows\system32\tmp.txt 2010-07-03 10:22:54 ----D---- C:\Program Files\MSXML 4.0 2010-07-03 07:38:21 ----D---- C:\Users\Samy\AppData\Roaming\CyberLink 2010-07-03 07:35:36 ----A---- C:\Windows\system32\eswiaml.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\Esintpl.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\Esint23.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\ESICM.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\ESDTR.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\escwian.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\escwiad.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\escwiab.dll 2010-07-03 07:35:35 ----A---- C:\Windows\system32\epcomdd.dll 2010-07-03 07:35:26 ----D---- C:\Users\Samy\AppData\Roaming\InstallShield 2010-07-03 07:17:11 ----A---- C:\Windows\system32\oCLWatson.exe 2010-07-03 07:17:11 ----A---- C:\Windows\system32\msxml4r.dll 2010-07-03 07:17:11 ----A---- C:\Windows\system32\msxml4a.dll 2010-07-03 07:17:11 ----A---- C:\Windows\system32\CLWatson.ini 2010-07-03 07:15:57 ----D---- C:\Users\Samy\AppData\Roaming\PowerCinema 2010-07-03 07:12:21 ----D---- C:\Program Files\CyberLink 2010-07-03 07:12:18 ----D---- C:\ProgramData\CyberLink 2010-07-03 07:11:36 ----D---- C:\ProgramData\Temp 2010-07-02 19:16:28 ----A---- C:\Windows\system32\XAudio2_7.dll 2010-07-02 19:16:28 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2010-07-02 19:16:27 ----A---- C:\Windows\system32\xactengine3_7.dll 2010-07-02 19:16:27 ----A---- C:\Windows\system32\d3dx11_43.dll 2010-07-02 19:16:27 ----A---- C:\Windows\system32\d3dcsx_43.dll 2010-07-02 19:16:27 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2010-07-02 19:16:26 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-07-02 19:16:26 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-07-02 19:16:26 ----A---- C:\Windows\system32\D3DX9_43.dll 2010-07-02 19:16:26 ----A---- C:\Windows\system32\d3dx10_43.dll 2010-07-02 19:16:25 ----A---- C:\Windows\system32\XAudio2_5.dll 2010-07-02 19:16:25 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-07-02 19:16:25 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-07-02 19:16:24 ----A---- C:\Windows\system32\xactengine3_5.dll 2010-07-02 19:16:24 ----A---- C:\Windows\system32\d3dcsx_42.dll 2010-07-02 19:16:24 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2010-07-02 19:16:23 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-07-02 19:16:23 ----A---- C:\Windows\system32\d3dx11_42.dll 2010-07-02 19:16:23 ----A---- C:\Windows\system32\d3dx10_42.dll 2010-07-02 19:16:22 ----A---- C:\Windows\system32\D3DX9_41.dll 2010-07-02 19:16:22 ----A---- C:\Windows\system32\d3dx10_41.dll 2010-07-02 19:16:22 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2010-07-02 19:16:21 ----A---- C:\Windows\system32\XAudio2_4.dll 2010-07-02 19:16:21 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2010-07-02 19:16:21 ----A---- C:\Windows\system32\xactengine3_4.dll 2010-07-02 19:16:21 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2010-07-02 19:16:20 ----A---- C:\Windows\system32\XAudio2_3.dll 2010-07-02 19:16:20 ----A---- C:\Windows\system32\XAPOFX1_2.dll 2010-07-02 19:16:19 ----A---- C:\Windows\system32\XAudio2_2.dll 2010-07-02 19:16:19 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2010-07-02 19:16:19 ----A---- C:\Windows\system32\xactengine3_3.dll 2010-07-02 19:16:19 ----A---- C:\Windows\system32\xactengine3_2.dll 2010-07-02 19:16:19 ----A---- C:\Windows\system32\X3DAudio1_5.dll 2010-07-02 19:16:18 ----A---- C:\Windows\system32\XAudio2_1.dll 2010-07-02 19:16:18 ----A---- C:\Windows\system32\XAPOFX1_0.dll 2010-07-02 19:16:18 ----A---- C:\Windows\system32\D3DX9_39.dll 2010-07-02 19:16:18 ----A---- C:\Windows\system32\d3dx10_39.dll 2010-07-02 19:16:18 ----A---- C:\Windows\system32\D3DCompiler_39.dll 2010-07-02 19:16:17 ----A---- C:\Windows\system32\xactengine3_1.dll 2010-07-02 19:16:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll 2010-07-02 19:16:17 ----A---- C:\Windows\system32\d3dx10_38.dll 2010-07-02 19:16:17 ----A---- C:\Windows\system32\D3DCompiler_38.dll 2010-07-02 19:16:16 ----A---- C:\Windows\system32\XAudio2_0.dll 2010-07-02 19:16:16 ----A---- C:\Windows\system32\xactengine3_0.dll 2010-07-02 19:16:16 ----A---- C:\Windows\system32\X3DAudio1_3.dll 2010-07-02 19:16:16 ----A---- C:\Windows\system32\D3DX9_38.dll 2010-07-02 19:16:16 ----A---- C:\Windows\system32\D3DCompiler_37.dll 2010-07-02 19:16:15 ----A---- C:\Windows\system32\xactengine2_10.dll 2010-07-02 19:16:15 ----A---- C:\Windows\system32\D3DX9_37.dll 2010-07-02 19:16:15 ----A---- C:\Windows\system32\d3dx10_37.dll 2010-07-02 19:16:14 ----A---- C:\Windows\system32\xactengine2_9.dll 2010-07-02 19:16:14 ----A---- C:\Windows\system32\d3dx9_36.dll 2010-07-02 19:16:14 ----A---- C:\Windows\system32\d3dx10_36.dll 2010-07-02 19:16:14 ----A---- C:\Windows\system32\d3dx10_35.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\xactengine2_8.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\X3DAudio1_2.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\d3dx9_35.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\d3dx9_34.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\d3dx10_34.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\D3DCompiler_35.dll 2010-07-02 19:16:13 ----A---- C:\Windows\system32\D3DCompiler_34.dll 2010-07-02 19:16:12 ----A---- C:\Windows\system32\xinput1_3.dll 2010-07-02 19:16:12 ----A---- C:\Windows\system32\xactengine2_7.dll 2010-07-02 19:16:12 ----A---- C:\Windows\system32\d3dx9_33.dll 2010-07-02 19:16:12 ----A---- C:\Windows\system32\d3dx10_33.dll 2010-07-02 19:16:12 ----A---- C:\Windows\system32\D3DCompiler_33.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\xactengine2_6.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\xactengine2_5.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\xactengine2_4.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\x3daudio1_1.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\d3dx9_31.dll 2010-07-02 19:16:11 ----A---- C:\Windows\system32\d3dx10.dll 2010-07-02 19:16:10 ----A---- C:\Windows\system32\xinput1_2.dll 2010-07-02 19:16:10 ----A---- C:\Windows\system32\xinput1_1.dll 2010-07-02 19:16:10 ----A---- C:\Windows\system32\xactengine2_3.dll 2010-07-02 19:16:10 ----A---- C:\Windows\system32\xactengine2_2.dll 2010-07-02 19:16:10 ----A---- C:\Windows\system32\xactengine2_1.dll 2010-07-02 19:16:08 ----A---- C:\Windows\system32\xactengine2_0.dll 2010-07-02 19:16:08 ----A---- C:\Windows\system32\x3daudio1_0.dll 2010-07-02 19:16:08 ----A---- C:\Windows\system32\d3dx9_30.dll 2010-07-02 19:16:07 ----A---- C:\Windows\system32\d3dx9_29.dll 2010-07-02 19:16:07 ----A---- C:\Windows\system32\d3dx9_28.dll 2010-07-02 19:16:07 ----A---- C:\Windows\system32\d3dx9_27.dll 2010-07-02 19:16:07 ----A---- C:\Windows\system32\d3dx9_26.dll 2010-07-02 19:16:06 ----A---- C:\Windows\system32\d3dx9_25.dll 2010-07-02 19:16:06 ----A---- C:\Windows\system32\d3dx9_24.dll 2010-07-02 19:15:15 ----D---- C:\Windows\system32\directx 2010-07-02 18:08:07 ----D---- C:\Windows\Minidump 2010-07-02 16:49:42 ----D---- C:\Program Files\Daggerfall 2010-07-02 15:44:20 ----A---- C:\Windows\BlendSettings.ini 2010-07-02 15:14:36 ----D---- C:\Program Files\7-Zip 2010-07-02 14:50:50 ----A---- C:\Windows\system32\drivers\sptd.sys 2010-07-02 14:50:45 ----D---- C:\Program Files\DAEMON Tools Lite 2010-07-02 14:50:29 ----D---- C:\Users\Samy\AppData\Roaming\DAEMON Tools Lite 2010-07-02 14:50:26 ----D---- C:\ProgramData\DAEMON Tools Lite 2010-07-02 14:18:39 ----A---- C:\Windows\system32\jscript.dll 2010-07-02 14:18:12 ----A---- C:\Windows\system32\vbscript.dll 2010-07-02 13:29:25 ----D---- C:\Windows\system32\eu-ES 2010-07-02 13:29:25 ----D---- C:\Windows\system32\ca-ES 2010-07-02 13:29:24 ----D---- C:\Windows\system32\vi-VN 2010-07-02 13:25:17 ----D---- C:\Windows\system32\SPReview 2010-07-02 13:05:29 ----A---- C:\Windows\system32\scavenge.dll 2010-07-02 13:05:19 ----A---- C:\Windows\system32\compcln.exe 2010-07-02 13:04:37 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-07-02 13:04:36 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-07-02 13:04:36 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-07-02 13:04:36 ----A---- C:\Windows\system32\sdohlp.dll 2010-07-02 13:04:36 ----A---- C:\Windows\system32\sdclt.exe 2010-07-02 13:04:35 ----A---- C:\Windows\system32\rtffilt.dll 2010-07-02 13:04:35 ----A---- C:\Windows\system32\rsaenh.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\samlib.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\rwinsta.exe 2010-07-02 13:04:34 ----A---- C:\Windows\system32\rtutils.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\rpcss.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\rpchttp.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\riched20.dll 2010-07-02 13:04:34 ----A---- C:\Windows\system32\drivers\RNDISMP.sys 2010-07-02 13:04:34 ----A---- C:\Windows\system32\drivers\rmcast.sys 2010-07-02 13:04:33 ----A---- C:\Windows\system32\scrrun.dll 2010-07-02 13:04:33 ----A---- C:\Windows\system32\SCardSvr.dll 2010-07-02 13:04:33 ----A---- C:\Windows\system32\scansetting.dll 2010-07-02 13:04:33 ----A---- C:\Windows\system32\samsrv.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\scrptadm.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\scrobj.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\scksp.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\schedsvc.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\scesrv.dll 2010-07-02 13:04:32 ----A---- C:\Windows\system32\scecli.dll 2010-07-02 13:04:30 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-07-02 13:04:30 ----A---- C:\Windows\system32\pdh.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\PnPutil.exe 2010-07-02 13:04:29 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-07-02 13:04:29 ----A---- C:\Windows\system32\pnpui.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\pnpsetup.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\pnidui.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\perfdisk.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\pcaui.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\p2psvc.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\P2PGraph.dll 2010-07-02 13:04:29 ----A---- C:\Windows\system32\drivers\pciidex.sys 2010-07-02 13:04:29 ----A---- C:\Windows\system32\drivers\pciide.sys 2010-07-02 13:04:29 ----A---- C:\Windows\system32\drivers\pci.sys 2010-07-02 13:04:29 ----A---- C:\Windows\system32\drivers\partmgr.sys 2010-07-02 13:04:29 ----A---- C:\Windows\system32\drivers\pacer.sys 2010-07-02 13:04:28 ----A---- C:\Windows\system32\powercpl.dll 2010-07-02 13:04:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-07-02 13:04:28 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-07-02 13:04:28 ----A---- C:\Windows\system32\pidgenx.dll 2010-07-02 13:04:28 ----A---- C:\Windows\system32\photowiz.dll 2010-07-02 13:04:28 ----A---- C:\Windows\system32\drivers\portcls.sys 2010-07-02 13:04:27 ----A---- C:\Windows\system32\pmcsnap.dll 2010-07-02 13:04:27 ----A---- C:\Windows\system32\PkgMgr.exe 2010-07-02 13:04:27 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-07-02 13:04:27 ----A---- C:\Windows\system32\ntdll.dll 2010-07-02 13:04:27 ----A---- C:\Windows\system32\nslookup.exe 2010-07-02 13:04:27 ----A---- C:\Windows\system32\drivers\ntfs.sys 2010-07-02 13:04:27 ----A---- C:\Windows\system32\drivers\npfs.sys 2010-07-02 13:04:26 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\osk.exe 2010-07-02 13:04:25 ----A---- C:\Windows\system32\oobefldr.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\onex.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\olepro32.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\oleprn.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\oleaut32.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\ole32.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\offfilt.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\odbccp32.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\odbcconf.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\odbc32.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\nlhtml.dll 2010-07-02 13:04:25 ----A---- C:\Windows\system32\drivers\ohci1394.sys 2010-07-02 13:04:24 ----A---- C:\Windows\system32\rasgcw.dll 2010-07-02 13:04:24 ----A---- C:\Windows\system32\rasdlg.dll 2010-07-02 13:04:24 ----A---- C:\Windows\system32\ocsetup.exe 2010-07-02 13:04:24 ----A---- C:\Windows\system32\ntprint.dll 2010-07-02 13:04:24 ----A---- C:\Windows\system32\ntmarta.dll 2010-07-02 13:04:24 ----A---- C:\Windows\system32\drivers\nwifi.sys 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rastapi.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasppp.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasplap.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasmontr.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasmans.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasdial.exe 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasdiag.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\raschap.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\rasapi32.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\RacEngn.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\query.exe 2010-07-02 13:04:23 ----A---- C:\Windows\system32\Query.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\qprocess.exe 2010-07-02 13:04:23 ----A---- C:\Windows\system32\qmgr.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\qedit.dll 2010-07-02 13:04:23 ----A---- C:\Windows\system32\drivers\rassstp.sys 2010-07-02 13:04:23 ----A---- C:\Windows\system32\drivers\raspppoe.sys 2010-07-02 13:04:22 ----A---- C:\Windows\system32\reset.exe 2010-07-02 13:04:22 ----A---- C:\Windows\system32\RelMon.dll 2010-07-02 13:04:22 ----A---- C:\Windows\system32\rekeywiz.exe 2010-07-02 13:04:22 ----A---- C:\Windows\system32\regsvc.dll 2010-07-02 13:04:22 ----A---- C:\Windows\system32\rdpendp.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\regapi.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\reg.exe 2010-07-02 13:04:21 ----A---- C:\Windows\system32\rdpwsx.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\rdpencom.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\rdpclip.exe 2010-07-02 13:04:21 ----A---- C:\Windows\system32\prnntfy.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\printui.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\PrintBrmUi.exe 2010-07-02 13:04:21 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-07-02 13:04:21 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-07-02 13:04:21 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2010-07-02 13:04:21 ----A---- C:\Windows\system32\drivers\rdpdr.sys 2010-07-02 13:04:21 ----A---- C:\Windows\system32\drivers\rdbss.sys 2010-07-02 13:04:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-07-02 13:04:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-07-02 13:04:20 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-07-02 13:04:20 ----A---- C:\Windows\system32\powrprof.dll 2010-07-02 13:04:19 ----A---- C:\Windows\system32\qdvd.dll 2010-07-02 13:04:19 ----A---- C:\Windows\system32\qappsrv.exe 2010-07-02 13:04:19 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-07-02 13:04:19 ----A---- C:\Windows\system32\puiapi.dll 2010-07-02 13:04:19 ----A---- C:\Windows\system32\propsys.dll 2010-07-02 13:04:19 ----A---- C:\Windows\system32\propdefs.dll 2010-07-02 13:04:19 ----A---- C:\Windows\system32\profsvc.dll 2010-07-02 13:04:18 ----A---- C:\Windows\system32\psisdecd.dll 2010-07-02 13:04:18 ----A---- C:\Windows\system32\PSHED.DLL 2010-07-02 13:04:17 ----A---- C:\Windows\system32\sendmail.dll 2010-07-02 13:04:16 ----A---- C:\Windows\system32\shlwapi.dll 2010-07-02 13:04:16 ----A---- C:\Windows\system32\shell32.dll 2010-07-02 13:04:16 ----A---- C:\Windows\system32\shdocvw.dll 2010-07-02 13:04:16 ----A---- C:\Windows\system32\sethc.exe 2010-07-02 13:04:16 ----A---- C:\Windows\system32\services.exe 2010-07-02 13:04:15 ----A---- C:\Windows\system32\shadow.exe 2010-07-02 13:04:15 ----A---- C:\Windows\system32\setupapi.dll 2010-07-02 13:04:09 ----A---- C:\Windows\system32\eapphost.dll 2010-07-02 13:04:09 ----A---- C:\Windows\system32\eappgnui.dll 2010-07-02 13:04:09 ----A---- C:\Windows\system32\eappcfg.dll 2010-07-02 13:04:09 ----A---- C:\Windows\system32\drivers\ecache.sys 2010-07-02 13:04:08 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-07-02 13:04:08 ----A---- C:\Windows\system32\eapp3hst.dll 2010-07-02 13:04:08 ----A---- C:\Windows\system32\dsprop.dll 2010-07-02 13:04:08 ----A---- C:\Windows\system32\dsound.dll 2010-07-02 13:04:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-07-02 13:04:08 ----A---- C:\Windows\system32\drivers\Dumpata.sys 2010-07-02 13:04:07 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-07-02 13:04:07 ----A---- C:\Windows\system32\evr.dll 2010-07-02 13:04:07 ----A---- C:\Windows\system32\eudcedit.exe 2010-07-02 13:04:07 ----A---- C:\Windows\system32\esent.dll 2010-07-02 13:04:07 ----A---- C:\Windows\system32\dwm.exe 2010-07-02 13:04:07 ----A---- C:\Windows\system32\drivers\exfat.sys 2010-07-02 13:04:07 ----A---- C:\Windows\system32\drivers\dxg.sys 2010-07-02 13:04:07 ----A---- C:\Windows\explorer.exe 2010-07-02 13:04:06 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-07-02 13:04:06 ----A---- C:\Windows\system32\EncDec.dll 2010-07-02 13:04:06 ----A---- C:\Windows\system32\emdmgmt.dll 2010-07-02 13:04:06 ----A---- C:\Windows\system32\EhStorShell.dll 2010-07-02 13:04:06 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-07-02 13:04:06 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-07-02 13:04:05 ----A---- C:\Windows\system32\es.dll 2010-07-02 13:04:05 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2010-07-02 13:04:05 ----A---- C:\Windows\system32\drivers\disk.sys 2010-07-02 13:04:05 ----A---- C:\Windows\system32\diskraid.exe 2010-07-02 13:04:05 ----A---- C:\Windows\system32\diskpart.exe 2010-07-02 13:04:05 ----A---- C:\Windows\system32\dimsroam.dll 2010-07-02 13:04:05 ----A---- C:\Windows\system32\diagperf.dll 2010-07-02 13:04:05 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-07-02 13:04:04 ----A---- C:\Windows\system32\drivers\dfsc.sys 2010-07-02 13:04:04 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-07-02 13:04:04 ----A---- C:\Windows\system32\dfsr.exe 2010-07-02 13:04:04 ----A---- C:\Windows\system32\devmgr.dll 2010-07-02 13:04:03 ----A---- C:\Windows\system32\drvstore.dll 2010-07-02 13:04:03 ----A---- C:\Windows\system32\dpapimig.exe 2010-07-02 13:04:03 ----A---- C:\Windows\system32\dot3svc.dll 2010-07-02 13:04:03 ----A---- C:\Windows\system32\dot3msm.dll 2010-07-02 13:04:03 ----A---- C:\Windows\system32\dot3cfg.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\hbaapi.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\drvinst.exe 2010-07-02 13:04:02 ----A---- C:\Windows\system32\drmv2clt.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\dnsapi.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\dmusic.dll 2010-07-02 13:04:02 ----A---- C:\Windows\system32\dmsynth.dll 2010-07-02 13:04:01 ----A---- C:\Windows\system32\gpscript.dll 2010-07-02 13:04:01 ----A---- C:\Windows\system32\gpresult.exe 2010-07-02 13:04:01 ----A---- C:\Windows\system32\gpprnext.dll 2010-07-02 13:04:00 ----A---- C:\Windows\system32\gpupdate.exe 2010-07-02 13:04:00 ----A---- C:\Windows\system32\gpsvc.dll 2010-07-02 13:04:00 ----A---- C:\Windows\system32\gpscript.exe 2010-07-02 13:03:59 ----A---- C:\Windows\system32\iasnap.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\IasMigReader.exe 2010-07-02 13:03:59 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\iashlpr.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\iasdatastore.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\iasads.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\iasacct.dll 2010-07-02 13:03:59 ----A---- C:\Windows\system32\drivers\hidclass.sys 2010-07-02 13:03:58 ----A---- C:\Windows\system32\hidserv.dll 2010-07-02 13:03:58 ----A---- C:\Windows\system32\hdwwiz.exe 2010-07-02 13:03:58 ----A---- C:\Windows\system32\fontext.dll 2010-07-02 13:03:58 ----A---- C:\Windows\system32\findstr.exe 2010-07-02 13:03:58 ----A---- C:\Windows\system32\fdWCN.dll 2010-07-02 13:03:58 ----A---- C:\Windows\system32\fc.exe 2010-07-02 13:03:58 ----A---- C:\Windows\system32\Faultrep.dll 2010-07-02 13:03:58 ----A---- C:\Windows\system32\drivers\hidusb.sys 2010-07-02 13:03:58 ----A---- C:\Windows\system32\drivers\fltMgr.sys 2010-07-02 13:03:58 ----A---- C:\Windows\system32\drivers\fastfat.sys 2010-07-02 13:03:57 ----A---- C:\Windows\system32\gpedit.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\gpapi.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\gdi32.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fundisc.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\feclient.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdWSD.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdSSDP.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdProxy.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdeploy.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-07-02 13:03:57 ----A---- C:\Windows\system32\fdBth.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-07-02 13:03:56 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\ftp.exe 2010-07-02 13:03:56 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2010-07-02 13:03:56 ----A---- C:\Windows\system32\drivers\ataport.sys 2010-07-02 13:03:56 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\autochk.exe 2010-07-02 13:03:56 ----A---- C:\Windows\system32\authz.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\authui.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\audiosrv.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\AudioSes.dll 2010-07-02 13:03:56 ----A---- C:\Windows\system32\audiodg.exe 2010-07-02 13:03:55 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-07-02 13:03:55 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-07-02 13:03:55 ----A---- C:\Windows\system32\autoplay.dll 2010-07-02 13:03:55 ----A---- C:\Windows\system32\autofmt.exe 2010-07-02 13:03:55 ----A---- C:\Windows\system32\autoconv.exe 2010-07-02 13:03:54 ----A---- C:\Windows\system32\drivers\atapi.sys 2010-07-02 13:03:54 ----A---- C:\Windows\system32\brcplsiw.dll 2010-07-02 13:03:54 ----A---- C:\Windows\system32\brcpl.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\drivers\bridge.sys 2010-07-02 13:03:53 ----A---- C:\Windows\system32\drivers\acpi.sys 2010-07-02 13:03:53 ----A---- C:\Windows\system32\bthci.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\browseui.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\blackbox.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\bitsigd.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\BFE.DLL 2010-07-02 13:03:53 ----A---- C:\Windows\system32\bcrypt.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\basecsp.dll 2010-07-02 13:03:53 ----A---- C:\Windows\system32\azroles.dll 2010-07-02 13:03:52 ----A---- C:\Windows\system32\accessibilitycpl.dll 2010-07-02 13:03:51 ----A---- C:\Windows\system32\apphelp.dll 2010-07-02 13:03:51 ----A---- C:\Windows\system32\apds.dll 2010-07-02 13:03:50 ----A---- C:\Windows\system32\drivers\afd.sys 2010-07-02 13:03:50 ----A---- C:\Windows\system32\appmgmts.dll 2010-07-02 13:03:50 ----A---- C:\Windows\system32\adsmsext.dll 2010-07-02 13:03:50 ----A---- C:\Windows\system32\adsldpc.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\drivers\crashdmp.sys 2010-07-02 13:03:49 ----A---- C:\Windows\system32\crypt32.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\credui.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\connect.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\conime.exe 2010-07-02 13:03:49 ----A---- C:\Windows\system32\comuid.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\comsvcs.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\advapi32.dll 2010-07-02 13:03:49 ----A---- C:\Windows\system32\adtschema.dll 2010-07-02 13:03:48 ----A---- C:\Windows\system32\cmdial32.dll 2010-07-02 13:03:47 ----A---- C:\Windows\system32\dbgeng.dll 2010-07-02 13:03:47 ----A---- C:\Windows\system32\comdlg32.dll 2010-07-02 13:03:47 ----A---- C:\Windows\system32\cmmon32.exe 2010-07-02 13:03:46 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2010-07-02 13:03:46 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\DevicePairing.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\DeviceEject.exe 2010-07-02 13:03:46 ----A---- C:\Windows\system32\davclnt.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\dataclen.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\d3d9.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\cscobj.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\CscMig.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\cscdll.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\cscapi.dll 2010-07-02 13:03:46 ----A---- C:\Windows\system32\cryptui.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\drivers\csc.sys 2010-07-02 13:03:45 ----A---- C:\Windows\system32\drivers\cdrom.sys 2010-07-02 13:03:45 ----A---- C:\Windows\system32\csrstub.exe 2010-07-02 13:03:45 ----A---- C:\Windows\system32\cscui.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\cscsvc.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\cscript.exe 2010-07-02 13:03:45 ----A---- C:\Windows\system32\cryptsvc.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\certmgr.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\CertEnrollUI.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\CertEnroll.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\certcli.dll 2010-07-02 13:03:45 ----A---- C:\Windows\system32\cdd.dll 2010-07-02 13:03:44 ----A---- C:\Windows\system32\cbsra.exe 2010-07-02 13:03:44 ----A---- C:\Windows\system32\bthudtask.exe 2010-07-02 13:03:44 ----A---- C:\Windows\system32\bthserv.dll 2010-07-02 13:03:43 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2010-07-02 13:03:43 ----A---- C:\Windows\system32\cipher.exe 2010-07-02 13:03:43 ----A---- C:\Windows\system32\ci.dll 2010-07-02 13:03:43 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2010-07-02 13:03:43 ----A---- C:\Windows\system32\chtbrkr.dll 2010-07-02 13:03:43 ----A---- C:\Windows\system32\chsbrkr.dll 2010-07-02 13:03:42 ----A---- C:\Windows\system32\clfs.sys 2010-07-02 13:03:42 ----A---- C:\Windows\system32\certreq.exe 2010-07-02 13:03:42 ----A---- C:\Windows\system32\certprop.dll 2010-07-02 13:03:41 ----A---- C:\Windows\system32\chgusr.exe 2010-07-02 13:03:41 ----A---- C:\Windows\system32\chgport.exe 2010-07-02 13:03:41 ----A---- C:\Windows\system32\chglogon.exe 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msihnd.dll 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msiexec.exe 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msftedit.dll 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msexcl40.dll 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msexch40.dll 2010-07-02 13:03:40 ----A---- C:\Windows\system32\msdtctm.dll 2010-07-02 13:03:40 ----A---- C:\Windows\system32\change.exe 2010-07-02 13:03:40 ----A---- C:\Windows\system32\certutil.exe 2010-07-02 13:03:39 ----A---- C:\Windows\system32\msi.dll 2010-07-02 13:03:38 ----A---- C:\Windows\system32\msdtcprx.dll 2010-07-02 13:03:38 ----A---- C:\Windows\system32\msctfui.dll 2010-07-02 13:03:38 ----A---- C:\Windows\system32\msctfp.dll 2010-07-02 13:03:38 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2010-07-02 13:03:38 ----A---- C:\Windows\system32\msctf.dll 2010-07-02 13:03:37 ----A---- C:\Windows\system32\msimsg.dll 2010-07-02 13:03:37 ----A---- C:\Windows\system32\MPSSVC.dll 2010-07-02 13:03:37 ----A---- C:\Windows\system32\mprapi.dll 2010-07-02 13:03:37 ----A---- C:\Windows\system32\mpr.dll 2010-07-02 13:03:36 ----A---- C:\Windows\system32\mscandui.dll 2010-07-02 13:03:36 ----A---- C:\Windows\system32\modemui.dll 2010-07-02 13:03:36 ----A---- C:\Windows\system32\MMDevAPI.dll 2010-07-02 13:03:35 ----A---- C:\Windows\system32\mscories.dll 2010-07-02 13:03:35 ----A---- C:\Windows\system32\mscorier.dll 2010-07-02 13:03:35 ----A---- C:\Windows\system32\mscms.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\NetProjW.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\netplwiz.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\netcenter.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\netapi32.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\ncryptui.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\ncrypt.dll 2010-07-02 13:03:34 ----A---- C:\Windows\system32\drivers\netio.sys 2010-07-02 13:03:34 ----A---- C:\Windows\system32\drivers\netbt.sys 2010-07-02 13:03:34 ----A---- C:\Windows\system32\drivers\ndiswan.sys 2010-07-02 13:03:34 ----A---- C:\Windows\system32\drivers\ndis.sys 2010-07-02 13:03:34 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2010-07-02 13:03:33 ----A---- C:\Windows\system32\netlogon.dll 2010-07-02 13:03:33 ----A---- C:\Windows\system32\NcdProp.dll 2010-07-02 13:03:33 ----A---- C:\Windows\system32\mtxclu.dll 2010-07-02 13:03:33 ----A---- C:\Windows\system32\drivers\mup.sys 2010-07-02 13:03:32 ----A---- C:\Windows\system32\newdev.exe 2010-07-02 13:03:32 ----A---- C:\Windows\system32\netshell.dll 2010-07-02 13:03:32 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\newdev.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\networkmap.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\networkitemfactory.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\networkexplorer.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\msscntrs.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\msscb.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\msrepl40.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\msnetobj.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\msltus40.dll 2010-07-02 13:03:31 ----A---- C:\Windows\system32\drivers\msrpc.sys 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msrd3x40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msrd2x40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\mspbde40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msjtes40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msjter40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msjint40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msjetoledb40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msjet40.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msisip.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msinfo32.exe 2010-07-02 13:03:30 ----A---- C:\Windows\system32\msimtf.dll 2010-07-02 13:03:30 ----A---- C:\Windows\system32\drivers\msiscsi.sys 2010-07-02 13:03:29 ----A---- C:\Windows\system32\msxbde40.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\mswstr10.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\mswsock.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\mswdat10.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\msvcrt.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\msvcp60.dll 2010-07-02 13:03:29 ----A---- C:\Windows\system32\msutb.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\MSVidCtl.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mstsc.exe 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mssrch.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mssprxy.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mssphtb.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mssph.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\mssitlb.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\msshsq.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\msshooks.dll 2010-07-02 13:03:26 ----A---- C:\Windows\system32\msscp.dll 2010-07-02 13:03:25 ----A---- C:\Windows\system32\mstlsapi.dll 2010-07-02 13:03:25 ----A---- C:\Windows\system32\mstext40.dll 2010-07-02 13:03:25 ----A---- C:\Windows\system32\mssvp.dll 2010-07-02 13:03:25 ----A---- C:\Windows\system32\msstrc.dll 2010-07-02 13:03:25 ----A---- C:\Windows\system32\InkEd.dll 2010-07-02 13:03:24 ----A---- C:\Windows\system32\infocardapi.dll 2010-07-02 13:03:24 ----A---- C:\Windows\system32\inetppui.dll 2010-07-02 13:03:24 ----A---- C:\Windows\system32\inetpp.dll 2010-07-02 13:03:23 ----A---- C:\Windows\system32\iscsilog.dll 2010-07-02 13:03:23 ----A---- C:\Windows\system32\ipsmsnap.dll 2010-07-02 13:03:23 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-07-02 13:03:23 ----A---- C:\Windows\system32\imm32.dll 2010-07-02 13:03:22 ----A---- C:\Windows\system32\ipsecsnp.dll 2010-07-02 13:03:22 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2010-07-02 13:03:22 ----A---- C:\Windows\system32\ipconfig.exe 2010-07-02 13:03:22 ----A---- C:\Windows\system32\input.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\ifmon.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\icardres.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\icardagt.exe 2010-07-02 13:03:21 ----A---- C:\Windows\system32\iassvcs.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\iassdo.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\iassam.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\iasrad.dll 2010-07-02 13:03:21 ----A---- C:\Windows\system32\iaspolcy.dll 2010-07-02 13:03:20 ----A---- C:\Windows\system32\IMJP10K.DLL 2010-07-02 13:03:20 ----A---- C:\Windows\system32\iasrecst.dll 2010-07-02 13:03:19 ----A---- C:\Windows\system32\imapi2fs.dll 2010-07-02 13:03:19 ----A---- C:\Windows\system32\imapi2.dll 2010-07-02 13:03:19 ----A---- C:\Windows\system32\imapi.dll 2010-07-02 13:03:19 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-07-02 13:03:18 ----A---- C:\Windows\system32\mfplat.dll 2010-07-02 13:03:17 ----A---- C:\Windows\system32\mfc42u.dll 2010-07-02 13:03:17 ----A---- C:\Windows\system32\mfc42.dll 2010-07-02 13:03:16 ----A---- C:\Windows\system32\mimefilt.dll 2010-07-02 13:03:16 ----A---- C:\Windows\system32\milcore.dll 2010-07-02 13:03:14 ----A---- C:\Windows\system32\mmcico.dll 2010-07-02 13:03:14 ----A---- C:\Windows\system32\mmci.dll 2010-07-02 13:03:14 ----A---- C:\Windows\system32\midimap.dll 2010-07-02 13:03:13 ----A---- C:\Windows\system32\mmcndmgr.dll 2010-07-02 13:03:13 ----A---- C:\Windows\system32\mmc.exe 2010-07-02 13:03:10 ----A---- C:\Windows\system32\drivers\ks.sys 2010-07-02 13:03:09 ----A---- C:\Windows\system32\l2nacp.dll 2010-07-02 13:03:09 ----A---- C:\Windows\system32\korwbrkr.dll 2010-07-02 13:03:09 ----A---- C:\Windows\system32\kd1394.dll 2010-07-02 13:03:09 ----A---- C:\Windows\system32\drivers\kbdhid.sys 2010-07-02 13:03:08 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2010-07-02 13:03:08 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2010-07-02 13:03:08 ----A---- C:\Windows\system32\mblctr.exe 2010-07-02 13:03:08 ----A---- C:\Windows\system32\kernel32.dll 2010-07-02 13:03:08 ----A---- C:\Windows\system32\kdusb.dll 2010-07-02 13:03:08 ----A---- C:\Windows\system32\kdcom.dll 2010-07-02 13:03:07 ----A---- C:\Windows\system32\logman.exe 2010-07-02 13:03:07 ----A---- C:\Windows\system32\logagent.exe 2010-07-02 13:03:06 ----A---- C:\Windows\system32\Magnify.exe 2010-07-02 13:03:06 ----A---- C:\Windows\system32\logoff.exe 2010-07-02 13:03:05 ----A---- C:\Windows\system32\WebClnt.dll 2010-07-02 13:03:05 ----A---- C:\Windows\system32\shsetup.dll 2010-07-02 13:03:04 ----A---- C:\Windows\system32\wercon.exe 2010-07-02 13:03:04 ----A---- C:\Windows\system32\wer.dll 2010-07-02 13:03:04 ----A---- C:\Windows\system32\wdscore.dll 2010-07-02 13:03:04 ----A---- C:\Windows\system32\wdc.dll 2010-07-02 13:03:03 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-07-02 13:03:03 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-07-02 13:03:03 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2010-07-02 13:03:03 ----A---- C:\Windows\system32\whealogr.dll 2010-07-02 13:03:03 ----A---- C:\Windows\system32\wevtutil.exe 2010-07-02 13:03:03 ----A---- C:\Windows\system32\wevtsvc.dll 2010-07-02 13:03:02 ----A---- C:\Windows\system32\win32spl.dll 2010-07-02 13:03:02 ----A---- C:\Windows\system32\wiaaut.dll 2010-07-02 13:03:02 ----A---- C:\Windows\system32\WFS.exe 2010-07-02 13:03:02 ----A---- C:\Windows\system32\wevtapi.dll 2010-07-02 13:03:02 ----A---- C:\Windows\system32\wersvc.dll 2010-07-02 13:03:02 ----A---- C:\Windows\system32\WerFaultSecure.exe 2010-07-02 13:03:02 ----A---- C:\Windows\system32\WerFault.exe 2010-07-02 13:03:01 ----A---- C:\Windows\system32\wiaservc.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\version.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\vdsutil.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\vdsdyn.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\vds.exe 2010-07-02 13:03:01 ----A---- C:\Windows\system32\vdmdbg.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\uxsms.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\Utilman.exe 2010-07-02 13:03:01 ----A---- C:\Windows\system32\user32.dll 2010-07-02 13:03:01 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS 2010-07-02 13:03:01 ----A---- C:\Windows\system32\drivers\usbport.sys 2010-07-02 13:03:01 ----A---- C:\Windows\system32\drivers\usbohci.sys 2010-07-02 13:03:00 ----A---- C:\Windows\system32\usp10.dll 2010-07-02 13:03:00 ----A---- C:\Windows\system32\userenv.dll 2010-07-02 13:03:00 ----A---- C:\Windows\system32\usercpl.dll 2010-07-02 13:02:59 ----A---- C:\Windows\system32\wcnwiz2.dll 2010-07-02 13:02:59 ----A---- C:\Windows\system32\wcnwiz.dll 2010-07-02 13:02:59 ----A---- C:\Windows\system32\WcnNetsh.dll 2010-07-02 13:02:59 ----A---- C:\Windows\system32\wcncsvc.dll 2010-07-02 13:02:59 ----A---- C:\Windows\system32\wbengine.exe 2010-07-02 13:02:59 ----A---- C:\Windows\system32\drivers\watchdog.sys 2010-07-02 13:02:58 ----A---- C:\Windows\system32\w32time.dll 2010-07-02 13:02:58 ----A---- C:\Windows\system32\VSSVC.exe 2010-07-02 13:02:58 ----A---- C:\Windows\system32\vssapi.dll 2010-07-02 13:02:58 ----A---- C:\Windows\system32\drivers\volsnap.sys 2010-07-02 13:02:58 ----A---- C:\Windows\system32\drivers\volmgrx.sys 2010-07-02 13:02:57 ----A---- C:\Windows\system32\WSDMon.dll 2010-07-02 13:02:57 ----A---- C:\Windows\system32\wsdchngr.dll 2010-07-02 13:02:57 ----A---- C:\Windows\system32\wscript.exe 2010-07-02 13:02:57 ----A---- C:\Windows\system32\wscntfy.dll 2010-07-02 13:02:57 ----A---- C:\Windows\system32\wscisvif.dll 2010-07-02 13:02:57 ----A---- C:\Windows\system32\WscEapPr.dll 2010-07-02 13:02:57 ----A---- C:\Windows\system32\wscapi.dll 2010-07-02 13:02:56 ----A---- C:\Windows\system32\wusa.exe 2010-07-02 13:02:56 ----A---- C:\Windows\system32\wscsvc.dll 2010-07-02 13:02:56 ----A---- C:\Windows\system32\wow32.dll 2010-07-02 13:02:56 ----A---- C:\Windows\system32\WMVXENCD.DLL 2010-07-02 13:02:56 ----A---- C:\Windows\system32\WMVSDECD.DLL 2010-07-02 13:02:56 ----A---- C:\Windows\system32\WMVENCOD.DLL 2010-07-02 13:02:55 ----A---- C:\Windows\system32\xmlfilter.dll 2010-07-02 13:02:54 ----A---- C:\Windows\system32\wshext.dll 2010-07-02 13:02:54 ----A---- C:\Windows\system32\wshbth.dll 2010-07-02 13:02:54 ----A---- C:\Windows\system32\wsepno.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\wsnmp32.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\Wldap32.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\wlanui.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\wlanpref.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\wlangpui.dll 2010-07-02 13:02:53 ----A---- C:\Windows\system32\wisptis.exe 2010-07-02 13:02:52 ----A---- C:\Windows\system32\wlgpclnt.dll 2010-07-02 13:02:52 ----A---- C:\Windows\system32\WinSCard.dll 2010-07-02 13:02:52 ----A---- C:\Windows\system32\WinSAT.exe 2010-07-02 13:02:52 ----A---- C:\Windows\system32\winrnr.dll 2010-07-02 13:02:52 ----A---- C:\Windows\system32\winresume.exe 2010-07-02 13:02:52 ----A---- C:\Windows\system32\winload.exe 2010-07-02 13:02:51 ----A---- C:\Windows\system32\winmm.dll 2010-07-02 13:02:51 ----A---- C:\Windows\system32\winlogon.exe 2010-07-02 13:02:50 ----A---- C:\Windows\system32\WMPhoto.dll 2010-07-02 13:02:50 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-07-02 13:02:50 ----A---- C:\Windows\system32\winsrv.dll 2010-07-02 13:02:49 ----A---- C:\Windows\system32\wmpmde.dll 2010-07-02 13:02:49 ----A---- C:\Windows\system32\wmpeffects.dll 2010-07-02 13:02:48 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-07-02 13:02:48 ----A---- C:\Windows\system32\wmdrmsdk.dll 2010-07-02 13:02:48 ----A---- C:\Windows\system32\Storprop.dll 2010-07-02 13:02:48 ----A---- C:\Windows\system32\stobject.dll 2010-07-02 13:02:48 ----A---- C:\Windows\system32\drivers\stream.sys 2010-07-02 13:02:48 ----A---- C:\Windows\system32\drivers\Storport.sys 2010-07-02 13:02:47 ----A---- C:\Windows\system32\sud.dll 2010-07-02 13:02:47 ----A---- C:\Windows\system32\srvsvc.dll 2010-07-02 13:02:47 ----A---- C:\Windows\system32\srcore.dll 2010-07-02 13:02:47 ----A---- C:\Windows\system32\srchadmin.dll 2010-07-02 13:02:45 ----A---- C:\Windows\system32\sysmain.dll 2010-07-02 13:02:45 ----A---- C:\Windows\system32\sysclass.dll 2010-07-02 13:02:45 ----A---- C:\Windows\system32\SyncCenter.dll 2010-07-02 13:02:45 ----A---- C:\Windows\system32\swprv.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\smss.exe 2010-07-02 13:02:44 ----A---- C:\Windows\system32\SmiEngine.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\SMBHelperClass.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\slwmi.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\slcc.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\SLC.dll 2010-07-02 13:02:44 ----A---- C:\Windows\system32\drivers\smb.sys 2010-07-02 13:02:43 ----A---- C:\Windows\system32\slwga.dll 2010-07-02 13:02:43 ----A---- C:\Windows\system32\SLUINotify.dll 2010-07-02 13:02:43 ----A---- C:\Windows\system32\SLUI.exe 2010-07-02 13:02:43 ----A---- C:\Windows\system32\SLsvc.exe 2010-07-02 13:02:43 ----A---- C:\Windows\system32\slmgr.vbs 2010-07-02 13:02:43 ----A---- C:\Windows\system32\SLLUA.exe 2010-07-02 13:02:43 ----A---- C:\Windows\system32\slcinst.dll 2010-07-02 13:02:43 ----A---- C:\Windows\system32\SLCExt.dll 2010-07-02 13:02:43 ----A---- C:\Windows\system32\shwebsvc.dll 2010-07-02 13:02:43 ----A---- C:\Windows\system32\shsvcs.dll 2010-07-02 13:02:42 ----A---- C:\Windows\system32\spp.dll 2010-07-02 13:02:42 ----A---- C:\Windows\system32\spoolsv.exe 2010-07-02 13:02:42 ----A---- C:\Windows\system32\spoolss.dll 2010-07-02 13:02:42 ----A---- C:\Windows\system32\spinstall.exe 2010-07-02 13:02:42 ----A---- C:\Windows\system32\spcmsg.dll 2010-07-02 13:02:42 ----A---- C:\Windows\system32\SLCommDlg.dll 2010-07-02 13:02:41 ----A---- C:\Windows\system32\sqlsrv32.dll 2010-07-02 13:02:41 ----A---- C:\Windows\system32\spwizui.dll 2010-07-02 13:02:41 ----A---- C:\Windows\system32\spwinsat.dll 2010-07-02 13:02:41 ----A---- C:\Windows\system32\spreview.exe 2010-07-02 13:02:41 ----A---- C:\Windows\system32\sperror.dll 2010-07-02 13:02:40 ----A---- C:\Windows\system32\drivers\spsys.sys 2010-07-02 13:02:39 ----A---- C:\Windows\system32\TSTheme.exe 2010-07-02 13:02:39 ----A---- C:\Windows\system32\softkbd.dll 2010-07-02 13:02:39 ----A---- C:\Windows\system32\SnippingTool.exe 2010-07-02 13:02:39 ----A---- C:\Windows\system32\SndVol.exe 2010-07-02 13:02:38 ----A---- C:\Windows\system32\TsWpfWrp.exe 2010-07-02 13:02:38 ----A---- C:\Windows\system32\tskill.exe 2010-07-02 13:02:38 ----A---- C:\Windows\system32\tsdiscon.exe 2010-07-02 13:02:38 ----A---- C:\Windows\system32\tscupgrd.exe 2010-07-02 13:02:38 ----A---- C:\Windows\system32\drivers\udfs.sys 2010-07-02 13:02:37 ----A---- C:\Windows\system32\zipfldr.dll 2010-07-02 13:02:37 ----A---- C:\Windows\system32\untfs.dll 2010-07-02 13:02:37 ----A---- C:\Windows\system32\drivers\USBCAMD.sys 2010-07-02 13:02:37 ----A---- C:\Windows\system32\drivers\usb8023.sys 2010-07-02 13:02:36 ----A---- C:\Windows\system32\drivers\usbhub.sys 2010-07-02 13:02:36 ----A---- C:\Windows\system32\drivers\usbehci.sys 2010-07-02 13:02:36 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys 2010-07-02 13:02:35 ----A---- C:\Windows\system32\uDWM.dll 2010-07-02 13:02:34 ----A---- C:\Windows\system32\umrdp.dll 2010-07-02 13:02:34 ----A---- C:\Windows\system32\ulib.dll 2010-07-02 13:02:33 ----A---- C:\Windows\system32\umpnpmgr.dll 2010-07-02 13:02:32 ----A---- C:\Windows\system32\systemcpl.dll 2010-07-02 13:02:28 ----A---- C:\Windows\system32\tscon.exe 2010-07-02 13:02:28 ----A---- C:\Windows\system32\tscfgwmi.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\tquery.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\termsrv.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\tcpmon.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\taskeng.exe 2010-07-02 13:02:27 ----A---- C:\Windows\system32\taskcomp.dll 2010-07-02 13:02:27 ----A---- C:\Windows\system32\tapisrv.dll 2010-07-02 13:02:26 ----A---- C:\Windows\system32\themeui.dll 2010-07-02 13:02:26 ----A---- C:\Windows\system32\themecpl.dll 2010-07-02 13:02:26 ----A---- C:\Windows\system32\thawbrkr.dll 2010-07-02 13:02:26 ----A---- C:\Windows\system32\drivers\termdd.sys 2010-07-02 13:02:26 ----A---- C:\Windows\system32\drivers\tdx.sys 2010-07-02 12:55:35 ----D---- C:\Windows\system32\EventProviders 2010-07-02 12:35:59 ----A---- C:\Windows\system32\occache.dll 2010-07-02 12:35:59 ----A---- C:\Windows\system32\mstime.dll 2010-07-02 12:35:59 ----A---- C:\Windows\system32\jsproxy.dll 2010-07-02 12:35:59 ----A---- C:\Windows\system32\iepeers.dll 2010-07-02 12:35:58 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-07-02 12:35:58 ----A---- C:\Windows\system32\msfeeds.dll 2010-07-02 12:35:58 ----A---- C:\Windows\system32\ieui.dll 2010-07-02 12:35:57 ----A---- C:\Windows\system32\wininet.dll 2010-07-02 12:35:57 ----A---- C:\Windows\system32\iesetup.dll 2010-07-02 12:35:57 ----A---- C:\Windows\system32\iernonce.dll 2010-07-02 12:35:57 ----A---- C:\Windows\system32\iedkcs32.dll 2010-07-02 12:35:56 ----A---- C:\Windows\system32\msfeedssync.exe 2010-07-02 12:35:56 ----A---- C:\Windows\system32\ieUnatt.exe 2010-07-02 12:35:56 ----A---- C:\Windows\system32\iesysprep.dll 2010-07-02 12:35:56 ----A---- C:\Windows\system32\iertutil.dll 2010-07-02 12:35:56 ----A---- C:\Windows\system32\ie4uinit.exe 2010-07-02 12:35:55 ----A---- C:\Windows\system32\urlmon.dll 2010-07-02 12:35:53 ----A---- C:\Windows\system32\ieframe.dll 2010-07-02 12:35:52 ----A---- C:\Windows\system32\mshtml.dll 2010-07-02 12:34:21 ----A---- C:\Windows\system32\mshtmled.dll 2010-07-02 12:34:20 ----A---- C:\Windows\system32\msls31.dll 2010-07-02 12:34:20 ----A---- C:\Windows\system32\mshtmler.dll 2010-07-02 12:34:20 ----A---- C:\Windows\system32\icardie.dll 2010-07-02 12:34:20 ----A---- C:\Windows\system32\corpol.dll 2010-07-02 12:34:20 ----A---- C:\Windows\system32\admparse.dll 2010-07-02 12:34:19 ----A---- C:\Windows\system32\imgutil.dll 2010-07-02 12:34:19 ----A---- C:\Windows\system32\ieakeng.dll 2010-07-02 12:34:19 ----A---- C:\Windows\system32\dxtrans.dll 2010-07-02 12:34:19 ----A---- C:\Windows\system32\dxtmsft.dll 2010-07-02 12:34:18 ----A---- C:\Windows\system32\msrating.dll 2010-07-02 12:34:18 ----A---- C:\Windows\system32\licmgr10.dll 2010-07-02 12:34:18 ----A---- C:\Windows\system32\inseng.dll 2010-07-02 12:34:18 ----A---- C:\Windows\system32\ieaksie.dll 2010-07-02 12:34:17 ----A---- C:\Windows\system32\WinFXDocObj.exe 2010-07-02 12:34:17 ----A---- C:\Windows\system32\wextract.exe 2010-07-02 12:34:17 ----A---- C:\Windows\system32\webcheck.dll 2010-07-02 12:34:17 ----A---- C:\Windows\system32\ieakui.dll 2010-07-02 12:34:16 ----A---- C:\Windows\system32\pngfilt.dll 2010-07-02 12:34:16 ----A---- C:\Windows\system32\advpack.dll 2010-07-02 12:34:15 ----A---- C:\Windows\system32\url.dll 2010-07-02 12:34:15 ----A---- C:\Windows\system32\ieapfltr.dll 2010-07-02 12:34:13 ----A---- C:\Windows\system32\mshta.exe 2010-07-02 12:34:13 ----A---- C:\Windows\system32\iexpress.exe 2010-07-02 12:34:12 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2010-07-02 12:34:12 ----A---- C:\Windows\system32\SetDepNx.exe 2010-07-02 12:34:12 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2010-07-02 12:34:12 ----A---- C:\Windows\system32\PDMSetup.exe 2010-07-02 12:33:38 ----D---- C:\Windows\system32\WindowsPowerShell 2010-07-02 12:32:50 ----A---- C:\Windows\system32\winrsmgr.dll 2010-07-02 12:32:39 ----A---- C:\Windows\system32\wsmprovhost.exe 2010-07-02 12:32:39 ----A---- C:\Windows\system32\winrshost.exe 2010-07-02 12:32:39 ----A---- C:\Windows\system32\winrs.exe 2010-07-02 12:32:38 ----A---- C:\Windows\system32\wsmplpxy.dll 2010-07-02 12:32:38 ----A---- C:\Windows\system32\winrssrv.dll 2010-07-02 12:32:36 ----A---- C:\Windows\system32\WsmRes.dll 2010-07-02 12:32:36 ----A---- C:\Windows\system32\wevtfwd.dll 2010-07-02 12:32:36 ----A---- C:\Windows\system32\wecutil.exe 2010-07-02 12:32:36 ----A---- C:\Windows\system32\wecsvc.dll 2010-07-02 12:32:36 ----A---- C:\Windows\system32\wecapi.dll 2010-07-02 12:32:35 ----A---- C:\Windows\system32\pwrshplugin.dll 2010-07-02 12:32:28 ----A---- C:\Windows\system32\winrm.vbs 2010-07-02 12:32:26 ----A---- C:\Windows\system32\WsmWmiPl.dll 2010-07-02 12:32:26 ----A---- C:\Windows\system32\WsmSvc.dll 2010-07-02 12:32:26 ----A---- C:\Windows\system32\WsmAuto.dll 2010-07-02 12:32:26 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll 2010-07-02 12:32:26 ----A---- C:\Windows\system32\WSManHTTPConfig.exe 2010-07-02 12:32:26 ----A---- C:\Windows\system32\winrscmd.dll 2010-07-02 12:24:47 ----D---- C:\Windows\system32\Macromed 2010-07-02 12:11:32 ----D---- C:\Program Files\SystemRequirementsLab 2010-07-02 12:11:20 ----D---- C:\Users\Samy\AppData\Roaming\SystemRequirementsLab 2010-07-02 12:04:23 ----D---- C:\Program Files\Microsoft.NET 2010-07-02 12:02:56 ----D---- C:\Windows\Sun 2010-07-02 12:02:33 ----A---- C:\Windows\system32\gameux.dll 2010-07-02 12:02:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-07-02 12:02:32 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-07-02 12:00:50 ----A---- C:\Windows\system32\deployJava1.dll 2010-07-02 12:00:29 ----A---- C:\Windows\system32\javaws.exe 2010-07-02 12:00:29 ----A---- C:\Windows\system32\javaw.exe 2010-07-02 12:00:28 ----A---- C:\Windows\system32\java.exe 2010-07-02 12:00:24 ----D---- C:\Program Files\Java 2010-07-02 11:59:25 ----D---- C:\ProgramData\Sun 2010-07-02 11:59:23 ----D---- C:\Program Files\Common Files\Java 2010-07-02 11:38:21 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2010-07-02 11:38:21 ----A---- C:\Windows\system32\PresentationHost.exe 2010-07-02 11:38:21 ----A---- C:\Windows\system32\netfxperf.dll 2010-07-02 11:38:21 ----A---- C:\Windows\system32\mscoree.dll 2010-07-02 11:38:21 ----A---- C:\Windows\system32\dfshim.dll 2010-07-02 11:35:25 ----A---- C:\Windows\system32\asycfilt.dll 2010-07-02 11:35:22 ----A---- C:\Windows\system32\win32k.sys 2010-07-02 11:34:14 ----A---- C:\Windows\system32\winhttp.dll 2010-07-02 11:34:01 ----A---- C:\Windows\system32\inetcomm.dll 2010-07-02 11:33:58 ----A---- C:\Windows\system32\atmlib.dll 2010-07-02 11:33:58 ----A---- C:\Windows\system32\atmfd.dll 2010-07-02 11:33:54 ----A---- C:\Windows\system32\tzres.dll 2010-07-02 10:27:56 ----A---- C:\Windows\system32\recdisc.exe 2010-07-02 10:27:52 ----A---- C:\Windows\system32\sdspres.dll 2010-07-02 10:27:21 ----A---- C:\Windows\system32\sxproxy.dll 2010-07-02 10:26:50 ----A---- C:\Windows\system32\mssha.dll 2010-07-02 10:26:50 ----A---- C:\Windows\system32\msra.exe 2010-07-02 10:26:49 ----A---- C:\Windows\system32\mstask.dll 2010-07-02 10:26:49 ----A---- C:\Windows\system32\msrdc.dll 2010-07-02 10:26:49 ----A---- C:\Windows\system32\drivers\mstee.sys 2010-07-02 10:26:49 ----A---- C:\Windows\system32\drivers\mssmbios.sys 2010-07-02 10:26:48 ----A---- C:\Windows\system32\MuiUnattend.exe 2010-07-02 10:26:48 ----A---- C:\Windows\system32\mtxoci.dll 2010-07-02 10:26:48 ----A---- C:\Windows\system32\mtxlegih.dll 2010-07-02 10:26:48 ----A---- C:\Windows\system32\mtxdm.dll 2010-07-02 10:26:48 ----A---- C:\Windows\system32\mtstocom.exe 2010-07-02 10:26:48 ----A---- C:\Windows\system32\drivers\mspqm.sys 2010-07-02 10:26:48 ----A---- C:\Windows\system32\drivers\mspclock.sys 2010-07-02 10:26:47 ----A---- C:\Windows\system32\NAPMONTR.DLL 2010-07-02 10:26:47 ----A---- C:\Windows\system32\napipsec.dll 2010-07-02 10:26:47 ----A---- C:\Windows\system32\NapiNSP.dll 2010-07-02 10:26:47 ----A---- C:\Windows\system32\NAPHLPR.DLL 2010-07-02 10:26:47 ----A---- C:\Windows\system32\napdsnap.dll 2010-07-02 10:26:47 ----A---- C:\Windows\system32\NAPCRYPT.DLL 2010-07-02 10:26:47 ----A---- C:\Windows\system32\mydocs.dll 2010-07-02 10:26:47 ----A---- C:\Windows\system32\mycomput.dll 2010-07-02 10:26:46 ----A---- C:\Windows\system32\msvbvm60.dll 2010-07-02 10:26:45 ----A---- C:\Windows\system32\mswmdm.dll 2010-07-02 10:26:45 ----A---- C:\Windows\system32\msdtcuiu.dll 2010-07-02 10:26:45 ----A---- C:\Windows\system32\drivers\msfs.sys 2010-07-02 10:26:44 ----A---- C:\Windows\system32\msdtcVSp1res.dll 2010-07-02 10:26:43 ----A---- C:\Windows\system32\msg.exe 2010-07-02 10:26:42 ----A---- C:\Windows\system32\msdelta.dll 2010-07-02 10:26:42 ----A---- C:\Windows\system32\msdart.dll 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdtclog.dll 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdtckrm.dll 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdtc.exe 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdt.exe 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdt.dll 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdmo.dll 2010-07-02 10:26:41 ----A---- C:\Windows\system32\msdadiag.dll 2010-07-02 10:26:40 ----A---- C:\Windows\system32\msmmsp.dll 2010-07-02 10:26:40 ----A---- C:\Windows\system32\drivers\mskssrv.sys 2010-07-02 10:26:39 ----A---- C:\Windows\system32\mspatcha.dll 2010-07-02 10:26:39 ----A---- C:\Windows\system32\msorcl32.dll 2010-07-02 10:26:39 ----A---- C:\Windows\system32\msoert2.dll 2010-07-02 10:26:39 ----A---- C:\Windows\system32\msoeacct.dll 2010-07-02 10:26:38 ----A---- C:\Windows\system32\mspaint.exe 2010-07-02 10:26:38 ----A---- C:\Windows\system32\msobjs.dll 2010-07-02 10:26:38 ----A---- C:\Windows\system32\msidle.dll 2010-07-02 10:26:38 ----A---- C:\Windows\system32\msident.dll 2010-07-02 10:26:37 ----A---- C:\Windows\system32\msieftp.dll 2010-07-02 10:26:37 ----A---- C:\Windows\system32\msidcrl30.dll 2010-07-02 10:26:34 ----A---- C:\Windows\system32\drivers\msisadrv.sys 2010-07-02 10:26:31 ----A---- C:\Windows\system32\notepad.exe 2010-07-02 10:26:31 ----A---- C:\Windows\system32\Nlsdl.dll 2010-07-02 10:26:31 ----A---- C:\Windows\notepad.exe 2010-07-02 10:26:27 ----A---- C:\Windows\system32\nlmgp.dll 2010-07-02 10:26:26 ----A---- C:\Windows\system32\nlsbres.dll 2010-07-02 10:26:24 ----A---- C:\Windows\system32\odbcbcp.dll 2010-07-02 10:26:24 ----A---- C:\Windows\system32\objsel.dll 2010-07-02 10:26:23 ----A---- C:\Windows\system32\nvd3dum.dll 2010-07-02 10:26:22 ----A---- C:\Windows\system32\odbctrac.dll 2010-07-02 10:26:22 ----A---- C:\Windows\system32\odbcjt32.dll 2010-07-02 10:26:22 ----A---- C:\Windows\system32\odbccu32.dll 2010-07-02 10:26:22 ----A---- C:\Windows\system32\odbccr32.dll 2010-07-02 10:26:22 ----A---- C:\Windows\system32\ntdsapi.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\ntvdm.exe 2010-07-02 10:26:21 ----A---- C:\Windows\system32\ntshrui.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\ntlanman.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\nsisvc.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\nsi.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\nshipsec.dll 2010-07-02 10:26:21 ----A---- C:\Windows\system32\drivers\null.sys 2010-07-02 10:26:21 ----A---- C:\Windows\system32\drivers\nsiproxy.sys 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netiougc.exe 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netid.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netdiagfx.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netcorehc.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netcfgx.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netcfg.exe 2010-07-02 10:26:20 ----A---- C:\Windows\system32\netbtugc.exe 2010-07-02 10:26:20 ----A---- C:\Windows\system32\ncsi.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\ncobjapi.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\nci.dll 2010-07-02 10:26:20 ----A---- C:\Windows\system32\drivers\netbios.sys 2010-07-02 10:26:19 ----A---- C:\Windows\system32\net1.exe 2010-07-02 10:26:19 ----A---- C:\Windows\system32\net.exe 2010-07-02 10:26:19 ----A---- C:\Windows\system32\ndfetw.dll 2010-07-02 10:26:19 ----A---- C:\Windows\system32\nbtstat.exe 2010-07-02 10:26:19 ----A---- C:\Windows\system32\NAPSTAT.EXE 2010-07-02 10:26:19 ----A---- C:\Windows\system32\drivers\ndproxy.sys 2010-07-02 10:26:19 ----A---- C:\Windows\system32\drivers\ndisuio.sys 2010-07-02 10:26:18 ----A---- C:\Windows\system32\nlasvc.dll 2010-07-02 10:26:18 ----A---- C:\Windows\system32\nlaapi.dll 2010-07-02 10:26:18 ----A---- C:\Windows\system32\ndfapi.dll 2010-07-02 10:26:18 ----A---- C:\Windows\system32\drivers\ndistapi.sys 2010-07-02 10:26:17 ----A---- C:\Windows\system32\netprof.dll 2010-07-02 10:26:17 ----A---- C:\Windows\system32\Netplwiz.exe 2010-07-02 10:26:17 ----A---- C:\Windows\system32\netman.dll 2010-07-02 10:26:16 ----A---- C:\Windows\system32\netprofm.dll 2010-07-02 10:26:16 ----A---- C:\Windows\system32\makecab.exe 2010-07-02 10:26:16 ----A---- C:\Windows\system32\lsmproxy.dll 2010-07-02 10:26:16 ----A---- C:\Windows\system32\lsm.exe 2010-07-02 10:26:16 ----A---- C:\Windows\system32\drivers\luafv.sys 2010-07-02 10:26:15 ----A---- C:\Windows\system32\luainstall.dll 2010-07-02 10:26:15 ----A---- C:\Windows\system32\lpremove.exe 2010-07-02 10:26:15 ----A---- C:\Windows\system32\lpksetup.exe 2010-07-02 10:26:15 ----A---- C:\Windows\system32\LogonUI.exe 2010-07-02 10:26:15 ----A---- C:\Windows\system32\loghours.dll 2010-07-02 10:26:15 ----A---- C:\Windows\system32\lodctr.exe 2010-07-02 10:26:15 ----A---- C:\Windows\system32\localui.dll 2010-07-02 10:26:15 ----A---- C:\Windows\system32\localsec.dll 2010-07-02 10:26:14 ----A---- C:\Windows\system32\MFWMAAEC.DLL 2010-07-02 10:26:14 ----A---- C:\Windows\system32\mfvdsp.dll 2010-07-02 10:26:14 ----A---- C:\Windows\system32\mfcsubs.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\MdSched.exe 2010-07-02 10:26:13 ----A---- C:\Windows\system32\mdminst.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\McxDriv.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\mcbuilder.exe 2010-07-02 10:26:13 ----A---- C:\Windows\system32\itss.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\iscsiwmi.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\iscsied.dll 2010-07-02 10:26:13 ----A---- C:\Windows\system32\drivers\mcd.sys 2010-07-02 10:26:13 ----A---- C:\Windows\system32\drivers\irsir.sys 2010-07-02 10:26:13 ----A---- C:\Windows\system32\drivers\irenum.sys 2010-07-02 10:26:13 ----A---- C:\Windows\system32\drivers\irda.sys 2010-07-02 10:26:12 ----A---- C:\Windows\system32\l2gpstore.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\ktmw32.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\ktmutil.exe 2010-07-02 10:26:12 ----A---- C:\Windows\system32\iscsium.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\iscsiexe.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\iprtrmgr.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\iprtprio.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\ipnathlp.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\IPBusEnum.dll 2010-07-02 10:26:12 ----A---- C:\Windows\system32\drivers\ipnat.sys 2010-07-02 10:26:12 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys 2010-07-02 10:26:11 ----A---- C:\Windows\system32\loadperf.dll 2010-07-02 10:26:11 ----A---- C:\Windows\system32\lnkstub.exe 2010-07-02 10:26:11 ----A---- C:\Windows\system32\lltdsvc.dll 2010-07-02 10:26:11 ----A---- C:\Windows\system32\lltdapi.dll 2010-07-02 10:26:11 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll 2010-07-02 10:26:11 ----A---- C:\Windows\system32\KMSVC.DLL 2010-07-02 10:26:11 ----A---- C:\Windows\system32\keymgr.dll 2010-07-02 10:26:11 ----A---- C:\Windows\system32\drivers\lltdio.sys 2010-07-02 10:26:11 ----A---- C:\Windows\system32\drivers\kbdclass.sys 2010-07-02 10:26:10 ----A---- C:\Windows\system32\mprmsg.dll 2010-07-02 10:26:10 ----A---- C:\Windows\system32\mprdim.dll 2010-07-02 10:26:10 ----A---- C:\Windows\system32\mprddm.dll 2010-07-02 10:26:10 ----A---- C:\Windows\system32\KBDKOR.DLL 2010-07-02 10:26:10 ----A---- C:\Windows\system32\KBDJPN.DLL 2010-07-02 10:26:10 ----A---- C:\Windows\system32\drivers\mpsdrv.sys 2010-07-02 10:26:09 ----A---- C:\Windows\system32\mountvol.exe 2010-07-02 10:26:09 ----A---- C:\Windows\system32\drivers\mountmgr.sys 2010-07-02 10:26:09 ----A---- C:\Windows\system32\drivers\mouhid.sys 2010-07-02 10:26:09 ----A---- C:\Windows\system32\drivers\mouclass.sys 2010-07-02 10:26:09 ----A---- C:\Windows\system32\drivers\monitor.sys 2010-07-02 10:26:07 ----A---- C:\Windows\system32\MPG4DECD.DLL 2010-07-02 10:26:07 ----A---- C:\Windows\system32\MP4SDECD.DLL 2010-07-02 10:26:07 ----A---- C:\Windows\system32\MP43DECD.DLL 2010-07-02 10:26:07 ----A---- C:\Windows\system32\MP3DMOD.DLL 2010-07-02 10:26:06 ----A---- C:\Windows\system32\msconfig.exe 2010-07-02 10:26:04 ----A---- C:\Windows\system32\msacm32.dll 2010-07-02 10:26:04 ----A---- C:\Windows\system32\msaatext.dll 2010-07-02 10:26:01 ----A---- C:\Windows\system32\mmcbase.dll 2010-07-02 10:26:00 ----A---- C:\Windows\system32\mobsync.exe 2010-07-02 10:26:00 ----A---- C:\Windows\system32\mmcss.dll 2010-07-02 10:26:00 ----A---- C:\Windows\system32\mmcshext.dll 2010-07-02 10:26:00 ----A---- C:\Windows\system32\mlang.dll 2010-07-02 10:26:00 ----A---- C:\Windows\system32\drivers\modem.sys 2010-07-02 10:25:58 ----A---- C:\Windows\system32\migisol.dll 2010-07-02 10:25:58 ----A---- C:\Windows\system32\MigAutoPlay.exe 2010-07-02 10:25:57 ----A---- C:\Windows\system32\seclogon.dll 2010-07-02 10:25:57 ----A---- C:\Windows\system32\SecEdit.exe 2010-07-02 10:25:57 ----A---- C:\Windows\system32\sdshext.dll 2010-07-02 10:25:57 ----A---- C:\Windows\system32\sdrsvc.dll 2010-07-02 10:25:56 ----A---- C:\Windows\system32\shrink.dll 2010-07-02 10:25:56 ----A---- C:\Windows\system32\shimgvw.dll 2010-07-02 10:25:56 ----A---- C:\Windows\system32\shgina.dll 2010-07-02 10:25:56 ----A---- C:\Windows\system32\secpol.msc 2010-07-02 10:25:55 ----A---- C:\Windows\system32\shutdown.exe 2010-07-02 10:25:55 ----A---- C:\Windows\system32\shrpubw.exe 2010-07-02 10:25:54 ----A---- C:\Windows\system32\SmiInstaller.dll 2010-07-02 10:25:54 ----A---- C:\Windows\system32\shacct.dll 2010-07-02 10:25:54 ----A---- C:\Windows\system32\drivers\sfloppy.sys 2010-07-02 10:25:53 ----A---- C:\Windows\system32\drivers\smclib.sys 2010-07-02 10:25:51 ----A---- C:\Windows\system32\sfc_os.dll 2010-07-02 10:25:51 ----A---- C:\Windows\system32\sfc.exe 2010-07-02 10:25:51 ----A---- C:\Windows\system32\setupugc.exe 2010-07-02 10:25:51 ----A---- C:\Windows\system32\setupSNK.exe 2010-07-02 10:25:51 ----A---- C:\Windows\system32\setupcln.dll 2010-07-02 10:25:51 ----A---- C:\Windows\system32\setupcl.exe 2010-07-02 10:25:51 ----A---- C:\Windows\system32\setbcdlocale.dll 2010-07-02 10:25:51 ----A---- C:\Windows\system32\SessEnv.dll 2010-07-02 10:25:51 ----A---- C:\Windows\system32\serialui.dll 2010-07-02 10:25:51 ----A---- C:\Windows\system32\drivers\sermouse.sys 2010-07-02 10:25:51 ----A---- C:\Windows\system32\drivers\serial.sys 2010-07-02 10:25:50 ----A---- C:\Windows\system32\Sens.dll 2010-07-02 10:25:50 ----A---- C:\Windows\system32\drivers\serenum.sys 2010-07-02 10:25:49 ----A---- C:\Windows\system32\ppcsnap.dll 2010-07-02 10:25:48 ----A---- C:\Windows\system32\pnrpnsp.dll 2010-07-02 10:25:48 ----A---- C:\Windows\system32\PNPXAssocPrx.dll 2010-07-02 10:25:47 ----A---- C:\Windows\system32\pots.dll 2010-07-02 10:25:47 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2010-07-02 10:25:47 ----A---- C:\Windows\system32\pnpts.dll 2010-07-02 10:25:46 ----A---- C:\Windows\system32\puiobj.dll 2010-07-02 10:25:46 ----A---- C:\Windows\system32\psbase.dll 2010-07-02 10:25:46 ----A---- C:\Windows\system32\provthrd.dll 2010-07-02 10:25:46 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll 2010-07-02 10:25:45 ----A---- C:\Windows\system32\QAGENT.DLL 2010-07-02 10:25:45 ----A---- C:\Windows\system32\PushPrinterConnections.exe 2010-07-02 10:25:44 ----A---- C:\Windows\system32\prntvpt.dll 2010-07-02 10:25:44 ----A---- C:\Windows\system32\prevhost.exe 2010-07-02 10:25:43 ----A---- C:\Windows\system32\profprov.dll 2010-07-02 10:25:43 ----A---- C:\Windows\system32\procinst.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\pcasvc.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\pcadm.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\p2pnetsh.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\p2phost.exe 2010-07-02 10:25:42 ----A---- C:\Windows\system32\p2pcollab.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\P2P.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\olethk32.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\olesvr32.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\oledlg.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\olecli32.dll 2010-07-02 10:25:42 ----A---- C:\Windows\system32\drivers\parvdm.sys 2010-07-02 10:25:42 ----A---- C:\Windows\system32\drivers\parport.sys 2010-07-02 10:25:41 ----A---- C:\Windows\system32\osblprov.dll 2010-07-02 10:25:41 ----A---- C:\Windows\system32\osbaseln.dll 2010-07-02 10:25:41 ----A---- C:\Windows\system32\OptionalFeatures.exe 2010-07-02 10:25:41 ----A---- C:\Windows\system32\oleacc.dll 2010-07-02 10:25:41 ----A---- C:\Windows\system32\ogldrv.dll 2010-07-02 10:25:40 ----A---- C:\Windows\system32\PING.EXE 2010-07-02 10:25:39 ----A---- C:\Windows\system32\PlaySndSrv.dll 2010-07-02 10:25:39 ----A---- C:\Windows\system32\pla.dll 2010-07-02 10:25:39 ----A---- C:\Windows\system32\pdhui.dll 2010-07-02 10:25:38 ----A---- C:\Windows\system32\rstrui.exe 2010-07-02 10:25:38 ----A---- C:\Windows\system32\RstrtMgr.dll 2010-07-02 10:25:38 ----A---- C:\Windows\system32\rshx32.dll 2010-07-02 10:25:38 ----A---- C:\Windows\system32\perfts.dll 2010-07-02 10:25:38 ----A---- C:\Windows\system32\perfnet.dll 2010-07-02 10:25:38 ----A---- C:\Windows\system32\perfmon.msc 2010-07-02 10:25:38 ----A---- C:\Windows\system32\perfmon.exe 2010-07-02 10:25:38 ----A---- C:\Windows\system32\drivers\rspndr.sys 2010-07-02 10:25:36 ----A---- C:\Windows\system32\runonce.exe 2010-07-02 10:25:35 ----A---- C:\Windows\system32\rtm.dll 2010-07-02 10:25:35 ----A---- C:\Windows\system32\RpcPing.exe 2010-07-02 10:25:35 ----A---- C:\Windows\system32\riched32.dll 2010-07-02 10:25:35 ----A---- C:\Windows\system32\rgb9rast.dll 2010-07-02 10:25:35 ----A---- C:\Windows\system32\resutils.dll 2010-07-02 10:25:35 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL 2010-07-02 10:25:35 ----A---- C:\Windows\system32\drivers\rootmdm.sys 2010-07-02 10:25:34 ----A---- C:\Windows\system32\sdengin2.dll 2010-07-02 10:25:34 ----A---- C:\Windows\system32\schtasks.exe 2010-07-02 10:25:34 ----A---- C:\Windows\system32\sbunattend.exe 2010-07-02 10:25:34 ----A---- C:\Windows\system32\Robocopy.exe 2010-07-02 10:25:33 ----A---- C:\Windows\system32\sdchange.exe 2010-07-02 10:25:33 ----A---- C:\Windows\system32\sbeio.dll 2010-07-02 10:25:33 ----A---- C:\Windows\system32\sbe.dll 2010-07-02 10:25:33 ----A---- C:\Windows\system32\drivers\scsiport.sys 2010-07-02 10:25:32 ----A---- C:\Windows\system32\rasctrs.dll 2010-07-02 10:25:32 ----A---- C:\Windows\system32\rascfg.dll 2010-07-02 10:25:32 ----A---- C:\Windows\system32\rasauto.dll 2010-07-02 10:25:32 ----A---- C:\Windows\system32\RacAgent.exe 2010-07-02 10:25:32 ----A---- C:\Windows\system32\qwinsta.exe 2010-07-02 10:25:32 ----A---- C:\Windows\system32\drivers\rasacd.sys 2010-07-02 10:25:32 ----A---- C:\Windows\system32\drivers\qwavedrv.sys 2010-07-02 10:25:31 ----A---- C:\Windows\system32\qwave.dll 2010-07-02 10:25:31 ----A---- C:\Windows\system32\QUTIL.DLL 2010-07-02 10:25:31 ----A---- C:\Windows\system32\quser.exe 2010-07-02 10:25:31 ----A---- C:\Windows\system32\qdv.dll 2010-07-02 10:25:31 ----A---- C:\Windows\system32\QCLIPROV.DLL 2010-07-02 10:25:31 ----A---- C:\Windows\system32\qcap.dll 2010-07-02 10:25:31 ----A---- C:\Windows\system32\qasf.dll 2010-07-02 10:25:30 ----A---- C:\Windows\system32\rdrleakdiag.exe 2010-07-02 10:25:30 ----A---- C:\Windows\system32\RDPENCDD.dll 2010-07-02 10:25:30 ----A---- C:\Windows\system32\QSVRMGMT.DLL 2010-07-02 10:25:30 ----A---- C:\Windows\system32\QSHVHOST.DLL 2010-07-02 10:25:30 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys 2010-07-02 10:25:29 ----A---- C:\Windows\system32\remotepg.dll 2010-07-02 10:25:29 ----A---- C:\Windows\system32\regini.exe 2010-07-02 10:25:29 ----A---- C:\Windows\system32\RegCtrl.dll 2010-07-02 10:25:29 ----A---- C:\Windows\system32\rasphone.exe 2010-07-02 10:25:29 ----A---- C:\Windows\system32\RASMM.dll 2010-07-02 10:25:29 ----A---- C:\Windows\system32\rasman.dll 2010-07-02 10:25:29 ----A---- C:\Windows\system32\raserver.exe 2010-07-02 10:25:29 ----A---- C:\Windows\system32\drivers\RDPCDD.sys 2010-07-02 10:25:29 ----A---- C:\Windows\system32\drivers\rasl2tp.sys 2010-07-02 10:25:29 ----A---- C:\Windows\regedit.exe 2010-07-02 10:25:28 ----A---- C:\Windows\system32\rdpdd.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\rdpcfgex.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\rasqec.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\drivers\raspptp.sys 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3dim700.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3dim.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3d8.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3d10core.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3d10_1core.dll 2010-07-02 10:25:28 ----A---- C:\Windows\system32\d3d10_1.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\devenum.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\Defrag.exe 2010-07-02 10:25:27 ----A---- C:\Windows\system32\ddraw.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\dbnetlib.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\dbghelp.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\d3dxof.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\d3d10.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\cryptnet.dll 2010-07-02 10:25:27 ----A---- C:\Windows\system32\credssp.dll 2010-07-02 10:25:26 ----A---- C:\Windows\system32\dinput8.dll 2010-07-02 10:25:26 ----A---- C:\Windows\system32\dimsjob.dll 2010-07-02 10:25:26 ----A---- C:\Windows\system32\diantz.exe 2010-07-02 10:25:26 ----A---- C:\Windows\system32\csrss.exe 2010-07-02 10:25:26 ----A---- C:\Windows\system32\csrsrv.dll 2010-07-02 10:25:26 ----A---- C:\Windows\system32\cryptdll.dll 2010-07-02 10:25:25 ----A---- C:\Windows\system32\dispex.dll 2010-07-02 10:25:25 ----A---- C:\Windows\system32\dispdiag.exe 2010-07-02 10:25:25 ----A---- C:\Windows\system32\dispci.dll 2010-07-02 10:25:25 ----A---- C:\Windows\system32\dfrgui.exe 2010-07-02 10:25:25 ----A---- C:\Windows\system32\DfrgNtfs.exe 2010-07-02 10:25:24 ----A---- C:\Windows\system32\dhcpsapi.dll 2010-07-02 10:25:24 ----A---- C:\Windows\system32\DHCPQEC.DLL 2010-07-02 10:25:24 ----A---- C:\Windows\system32\DfsShlEx.dll 2010-07-02 10:25:24 ----A---- C:\Windows\system32\dfrgifc.exe 2010-07-02 10:25:24 ----A---- C:\Windows\system32\dfrgfat.exe 2010-07-02 10:25:24 ----A---- C:\Windows\system32\DFDWiz.exe 2010-07-02 10:25:24 ----A---- C:\Windows\system32\dfdts.dll 2010-07-02 10:25:24 ----A---- C:\Windows\system32\cmlua.dll 2010-07-02 10:25:24 ----A---- C:\Windows\system32\cmd.exe 2010-07-02 10:25:24 ----A---- C:\Windows\system32\cmcfg32.dll 2010-07-02 10:25:24 ----A---- C:\Windows\system32\clusapi.dll 2010-07-02 10:25:23 ----A---- C:\Windows\system32\cmipnpinstall.dll 2010-07-02 10:25:23 ----A---- C:\Windows\system32\cmifw.dll 2010-07-02 10:25:23 ----A---- C:\Windows\system32\cmicryptinstall.dll 2010-07-02 10:25:23 ----A---- C:\Windows\system32\cmdl32.exe 2010-07-02 10:25:23 ----A---- C:\Windows\system32\cic.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\convert.exe 2010-07-02 10:25:22 ----A---- C:\Windows\system32\comsnap.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\comres.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\comrepl.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\ComputerDefaults.exe 2010-07-02 10:25:22 ----A---- C:\Windows\system32\compstui.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\CompMgmtLauncher.exe 2010-07-02 10:25:22 ----A---- C:\Windows\system32\CompatUI.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\clfsw32.dll 2010-07-02 10:25:22 ----A---- C:\Windows\system32\clbcatq.dll 2010-07-02 10:25:21 ----A---- C:\Windows\system32\consent.exe 2010-07-02 10:25:21 ----A---- C:\Windows\system32\colorui.dll 2010-07-02 10:25:21 ----A---- C:\Windows\system32\COLORCNV.DLL 2010-07-02 10:25:21 ----A---- C:\Windows\system32\colbact.dll 2010-07-02 10:25:21 ----A---- C:\Windows\system32\cofiredm.dll 2010-07-02 10:25:21 ----A---- C:\Windows\system32\cmstplua.dll 2010-07-02 10:25:21 ----A---- C:\Windows\system32\cmstp.exe 2010-07-02 10:25:21 ----A---- C:\Windows\system32\cmpbk32.dll 2010-07-02 10:25:20 ----A---- C:\Windows\system32\els.dll 2010-07-02 10:25:20 ----A---- C:\Windows\system32\comctl32.dll 2010-07-02 10:25:20 ----A---- C:\Windows\system32\cmutil.dll 2010-07-02 10:25:18 ----A---- C:\Windows\system32\esentutl.exe 2010-07-02 10:25:18 ----A---- C:\Windows\system32\esentprf.dll 2010-07-02 10:25:18 ----A---- C:\Windows\system32\EncDump.dll 2010-07-02 10:25:17 ----A---- C:\Windows\system32\efsadu.dll 2010-07-02 10:25:17 ----A---- C:\Windows\system32\eapsvc.dll 2010-07-02 10:25:17 ----A---- C:\Windows\system32\EAPQEC.DLL 2010-07-02 10:25:17 ----A---- C:\Windows\system32\eappprxy.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\fmifs.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\FirewallAPI.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\findnetprinters.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\filemgmt.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\fdPHost.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\fde.dll 2010-07-02 10:25:16 ----A---- C:\Windows\system32\drivers\flpydisk.sys 2010-07-02 10:25:16 ----A---- C:\Windows\system32\drivers\filetrace.sys 2010-07-02 10:25:16 ----A---- C:\Windows\system32\drivers\fileinfo.sys 2010-07-02 10:25:16 ----A---- C:\Windows\system32\drivers\fdc.sys 2010-07-02 10:25:15 ----A---- C:\Windows\system32\FirewallControlPanel.exe 2010-07-02 10:25:15 ----A---- C:\Windows\system32\eventcls.dll 2010-07-02 10:25:13 ----A---- C:\Windows\system32\extrac32.exe 2010-07-02 10:25:13 ----A---- C:\Windows\system32\expand.exe 2010-07-02 10:25:12 ----A---- C:\Windows\system32\drivers\drmkaud.sys 2010-07-02 10:25:12 ----A---- C:\Windows\system32\drivers\drmk.sys 2010-07-02 10:25:12 ----A---- C:\Windows\system32\driverquery.exe 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dpx.dll 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dot3ui.dll 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dot3gpui.dll 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dot3gpclnt.dll 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dot3dlg.dll 2010-07-02 10:25:12 ----A---- C:\Windows\system32\dot3api.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dps.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dpnet.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\DpiScaling.exe 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dnshc.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dnscacheugc.exe 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmutil.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmscript.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmocx.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmloader.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmime.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmdskres2.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmdskmgr.dll 2010-07-02 10:25:11 ----A---- C:\Windows\system32\dmdlgs.dll 2010-07-02 10:25:10 ----A---- C:\Windows\system32\dxgi.dll 2010-07-02 10:25:10 ----A---- C:\Windows\system32\dxdiagn.dll 2010-07-02 10:25:10 ----A---- C:\Windows\system32\dxdiag.exe 2010-07-02 10:25:10 ----A---- C:\Windows\system32\DWWIN.EXE 2010-07-02 10:25:10 ----A---- C:\Windows\system32\drivers\dxapi.sys 2010-07-02 10:25:10 ----A---- C:\Windows\system32\dmvdsitf.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dxva2.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dwmredir.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dwmapi.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dskquoui.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dskquota.dll 2010-07-02 10:25:09 ----A---- C:\Windows\system32\dsdmo.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\duser.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\dsuiext.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\dssenh.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\dssec.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\dsquery.dll 2010-07-02 10:25:08 ----A---- C:\Windows\system32\dsauth.dll 2010-07-02 10:25:07 ----A---- C:\Windows\system32\authfwcfg.dll 2010-07-02 10:25:07 ----A---- C:\Windows\system32\AudioEng.dll 2010-07-02 10:25:07 ----A---- C:\Windows\system32\audiodev.dll 2010-07-02 10:25:07 ----A---- C:\Windows\system32\AtBroker.exe 2010-07-02 10:25:07 ----A---- C:\Windows\system32\at.exe 2010-07-02 10:25:06 ----A---- C:\Windows\system32\AuthFWSnapin.dll 2010-07-02 10:25:06 ----A---- C:\Windows\system32\AuthFWGP.dll 2010-07-02 10:25:06 ----A---- C:\Windows\system32\auditpol.exe 2010-07-02 10:25:06 ----A---- C:\Windows\system32\AUDIOKSE.dll 2010-07-02 10:25:05 ----A---- C:\Windows\system32\drivers\asyncmac.sys 2010-07-02 10:25:04 ----A---- C:\Windows\system32\drivers\beep.sys 2010-07-02 10:25:04 ----A---- C:\Windows\system32\bitsadmin.exe 2010-07-02 10:25:04 ----A---- C:\Windows\system32\bcdedit.exe 2010-07-02 10:25:04 ----A---- C:\Windows\system32\batt.dll 2010-07-02 10:25:04 ----A---- C:\Windows\system32\basesrv.dll 2010-07-02 10:25:04 ----A---- C:\Windows\bfsvc.exe 2010-07-02 10:25:03 ----A---- C:\Windows\system32\drivers\bdasup.sys 2010-07-02 10:25:03 ----A---- C:\Windows\system32\bcdsrv.dll 2010-07-02 10:25:03 ----A---- C:\Windows\system32\bcdprov.dll 2010-07-02 10:25:03 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll 2010-07-02 10:25:02 ----A---- C:\Windows\system32\AzSqlExt.dll 2010-07-02 10:25:02 ----A---- C:\Windows\system32\azroleui.dll 2010-07-02 10:25:02 ----A---- C:\Windows\system32\avrt.dll 2010-07-02 10:25:02 ----A---- C:\Windows\system32\ACW.exe 2010-07-02 10:25:02 ----A---- C:\Windows\system32\ActiveContentWizard.dll 2010-07-02 10:25:02 ----A---- C:\Windows\system32\ActionQueue.dll 2010-07-02 10:25:01 ----A---- C:\Windows\system32\drivers\1394bus.sys 2010-07-02 10:25:01 ----A---- C:\Windows\system32\actxprxy.dll 2010-07-02 10:25:01 ----A---- C:\Windows\system32\activeds.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\drivers\amdk8.sys 2010-07-02 10:25:00 ----A---- C:\Windows\system32\apss.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\appmgr.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\apircl.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\apilogen.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\amxread.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\amstream.dll 2010-07-02 10:25:00 ----A---- C:\Windows\system32\aclui.dll 2010-07-02 10:24:59 ----A---- C:\Windows\system32\appinfo.dll 2010-07-02 10:24:59 ----A---- C:\Windows\system32\adsnt.dll 2010-07-02 10:24:58 ----A---- C:\Windows\system32\alg.exe 2010-07-02 10:24:58 ----A---- C:\Windows\system32\adsldp.dll 2010-07-02 10:24:57 ----A---- C:\Windows\system32\catsrvut.dll 2010-07-02 10:24:57 ----A---- C:\Windows\system32\catsrv.dll 2010-07-02 10:24:57 ----A---- C:\Windows\system32\cacls.exe 2010-07-02 10:24:57 ----A---- C:\Windows\system32\cabinet.dll 2010-07-02 10:24:57 ----A---- C:\Windows\system32\btpanui.dll 2010-07-02 10:24:56 ----A---- C:\Windows\system32\drivers\bowser.sys 2010-07-02 10:24:56 ----A---- C:\Windows\system32\capisp.dll 2010-07-02 10:24:56 ----A---- C:\Windows\system32\bridgeunattend.exe 2010-07-02 10:24:56 ----A---- C:\Windows\system32\brcplsdw.dll 2010-07-02 10:24:56 ----A---- C:\Windows\system32\BOOTVID.DLL 2010-07-02 10:24:56 ----A---- C:\Windows\system32\bootstr.dll 2010-07-02 10:24:55 ----A---- C:\Windows\system32\CertEnrollCtrl.exe 2010-07-02 10:24:55 ----A---- C:\Windows\system32\browser.dll 2010-07-02 10:24:54 ----A---- C:\Windows\system32\drivers\cdfs.sys 2010-07-02 10:24:54 ----A---- C:\Windows\system32\cfgmgr32.dll 2010-07-02 10:24:54 ----A---- C:\Windows\system32\cfgbkend.dll 2010-07-02 10:24:54 ----A---- C:\Windows\system32\cewmdm.dll 2010-07-02 10:24:54 ----A---- C:\Windows\system32\cdosys.dll 2010-07-02 10:24:53 ----A---- C:\Windows\system32\bootcfg.exe 2010-07-02 10:24:53 ----A---- C:\Windows\system32\BlbEvents.dll 2010-07-02 10:24:53 ----A---- C:\Windows\system32\blb_ps.dll 2010-07-02 10:24:47 ----A---- C:\Windows\system32\imagesp1.dll 2010-07-02 10:24:47 ----A---- C:\Windows\system32\imagehlp.dll 2010-07-02 10:24:46 ----A---- C:\Windows\system32\inetmib1.dll 2010-07-02 10:24:44 ----A---- C:\Windows\system32\InfDefaultInstall.exe 2010-07-02 10:24:42 ----A---- C:\Windows\system32\iashost.exe 2010-07-02 10:24:42 ----A---- C:\Windows\system32\ias.dll 2010-07-02 10:24:42 ----A---- C:\Windows\system32\drivers\i8042prt.sys 2010-07-02 10:24:41 ----A---- C:\Windows\system32\icaapi.dll 2010-07-02 10:24:40 ----A---- C:\Windows\system32\ifsutil.dll 2010-07-02 10:24:39 ----A---- C:\Windows\system32\icsunattend.exe 2010-07-02 10:24:39 ----A---- C:\Windows\system32\icsfiltr.dll 2010-07-02 10:24:39 ----A---- C:\Windows\system32\icm32.dll 2010-07-02 10:24:37 ----A---- C:\Windows\system32\idndl.dll 2010-07-02 10:24:37 ----A---- C:\Windows\system32\icfupgd.dll 2010-07-02 10:24:37 ----A---- C:\Windows\system32\icacls.exe 2010-07-02 10:24:36 ----A---- C:\Windows\system32\HotStartUserAgent.dll 2010-07-02 10:24:35 ----A---- C:\Windows\system32\hnetmon.dll 2010-07-02 10:24:35 ----A---- C:\Windows\system32\hnetcfg.dll 2010-07-02 10:24:35 ----A---- C:\Windows\system32\hlink.dll 2010-07-02 10:24:34 ----A---- C:\Windows\system32\FXSMON.dll 2010-07-02 10:24:34 ----A---- C:\Windows\system32\FXSEXT32.dll 2010-07-02 10:24:34 ----A---- C:\Windows\system32\FXSCOVER.exe 2010-07-02 10:24:34 ----A---- C:\Windows\system32\FXSCOMPOSE.dll 2010-07-02 10:24:34 ----A---- C:\Windows\system32\FXSCOMEX.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSXP32.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSUTILITY.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSUNATD.exe 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSTIFF.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSRESM.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSCOM.dll 2010-07-02 10:24:33 ----A---- C:\Windows\system32\FXSAPI.dll 2010-07-02 10:24:32 ----A---- C:\Windows\system32\FXSSVC.exe 2010-07-02 10:24:32 ----A---- C:\Windows\system32\FXSROUTE.dll 2010-07-02 10:24:31 ----A---- C:\Windows\system32\FXST30.dll 2010-07-02 10:24:31 ----A---- C:\Windows\system32\FXSST.dll 2010-07-02 10:24:31 ----A---- C:\Windows\system32\fsutil.exe 2010-07-02 10:24:31 ----A---- C:\Windows\system32\fsmgmt.msc 2010-07-02 10:24:31 ----A---- C:\Windows\system32\framedyn.dll 2010-07-02 10:24:31 ----A---- C:\Windows\system32\framebuf.dll 2010-07-02 10:24:31 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2010-07-02 10:24:30 ----A---- C:\Windows\system32\fwcfg.dll 2010-07-02 10:24:30 ----A---- C:\Windows\system32\framedynos.dll 2010-07-02 10:24:30 ----A---- C:\Windows\system32\fphc.dll 2010-07-02 10:24:30 ----A---- C:\Windows\fveupdate.exe 2010-07-02 10:24:29 ----A---- C:\Windows\system32\HelpPaneProxy.dll 2010-07-02 10:24:29 ----A---- C:\Windows\system32\GuidedHelp.dll 2010-07-02 10:24:29 ----A---- C:\Windows\system32\drivers\hidparse.sys 2010-07-02 10:24:28 ----A---- C:\Windows\system32\getmac.exe 2010-07-02 10:24:28 ----A---- C:\Windows\HelpPane.exe 2010-07-02 10:24:27 ----A---- C:\Windows\system32\gatherWiredInfo.vbs 2010-07-02 10:24:27 ----A---- C:\Windows\system32\gacinstall.dll 2010-07-02 10:24:26 ----A---- C:\Windows\system32\graftabl.com 2010-07-02 10:24:26 ----A---- C:\Windows\system32\gpedit.msc 2010-07-02 10:24:20 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe 2010-07-02 10:24:18 ----A---- C:\Windows\system32\wiaacmgr.exe 2010-07-02 10:24:17 ----A---- C:\Windows\system32\wiadss.dll 2010-07-02 10:24:17 ----A---- C:\Windows\system32\wiadefui.dll 2010-07-02 10:24:17 ----A---- C:\Windows\system32\wfapigp.dll 2010-07-02 10:24:15 ----A---- C:\Windows\system32\wiascanprofiles.dll 2010-07-02 10:24:15 ----A---- C:\Windows\system32\wiarpc.dll 2010-07-02 10:24:14 ----A---- C:\Windows\system32\winusb.dll 2010-07-02 10:24:14 ----A---- C:\Windows\system32\winsta.dll 2010-07-02 10:24:14 ----A---- C:\Windows\system32\WINSRPC.DLL 2010-07-02 10:24:14 ----A---- C:\Windows\system32\wiashext.dll 2010-07-02 10:24:13 ----A---- C:\Windows\system32\WinSATAPI.dll 2010-07-02 10:24:12 ----A---- C:\Windows\system32\WLanConn.dll 2010-07-02 10:24:12 ----A---- C:\Windows\system32\wlancfg.dll 2010-07-02 10:24:12 ----A---- C:\Windows\system32\wininit.exe 2010-07-02 10:24:11 ----A---- C:\Windows\system32\WinFax.dll 2010-07-02 10:24:11 ----A---- C:\Windows\system32\winethc.dll 2010-07-02 10:24:10 ----A---- C:\Windows\system32\winnsi.dll 2010-07-02 10:24:08 ----A---- C:\Windows\system32\wbadmin.exe 2010-07-02 10:24:08 ----A---- C:\Windows\system32\wavemsp.dll 2010-07-02 10:24:08 ----A---- C:\Windows\system32\WavDest.dll 2010-07-02 10:24:08 ----A---- C:\Windows\system32\w32tm.exe 2010-07-02 10:24:07 ----A---- C:\Windows\system32\wbemcomn.dll 2010-07-02 10:24:07 ----A---- C:\Windows\system32\waitfor.exe 2010-07-02 10:24:07 ----A---- C:\Windows\system32\drivers\wanarp.sys 2010-07-02 10:24:06 ----A---- C:\Windows\system32\vssadmin.exe 2010-07-02 10:24:06 ----A---- C:\Windows\system32\vss_ps.dll 2010-07-02 10:24:05 ----A---- C:\Windows\system32\vsstrace.dll 2010-07-02 10:24:03 ----A---- C:\Windows\system32\wermgr.exe 2010-07-02 10:24:03 ----A---- C:\Windows\system32\werdiagcontroller.dll 2010-07-02 10:24:02 ----A---- C:\Windows\system32\wercplsupport.dll 2010-07-02 10:24:00 ----A---- C:\Windows\system32\wdi.dll 2010-07-02 10:24:00 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2010-07-02 10:24:00 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2010-07-02 10:23:59 ----A---- C:\Windows\system32\wscproxystub.dll 2010-07-02 10:23:58 ----A---- C:\Windows\system32\wship6.dll 2010-07-02 10:23:58 ----A---- C:\Windows\system32\wshcon.dll 2010-07-02 10:23:58 ----A---- C:\Windows\system32\wsecedit.dll 2010-07-02 10:23:58 ----A---- C:\Windows\system32\wscmisetup.dll 2010-07-02 10:23:58 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys 2010-07-02 10:23:57 ----A---- C:\Windows\system32\wpdbusenum.dll 2010-07-02 10:23:56 ----A---- C:\Windows\system32\ws2_32.dll 2010-07-02 10:23:56 ----A---- C:\Windows\system32\wpnpinst.exe 2010-07-02 10:23:56 ----A---- C:\Windows\system32\wpdwcn.dll 2010-07-02 10:23:56 ----A---- C:\Windows\system32\WPDSp.dll 2010-07-02 10:23:56 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2010-07-02 10:23:56 ----A---- C:\Windows\system32\wpd_ci.dll 2010-07-02 10:23:55 ----A---- C:\Windows\system32\xcopy.exe 2010-07-02 10:23:55 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2010-07-02 10:23:55 ----A---- C:\Windows\system32\wpdshext.dll 2010-07-02 10:23:54 ----A---- C:\Windows\system32\xolehlp.dll 2010-07-02 10:23:54 ----A---- C:\Windows\system32\xactsrv.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\XPSSHHDR.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\xmlprovi.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\xmllite.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\wzcdlg.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\wvc.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\WUDFPlatform.dll 2010-07-02 10:23:53 ----A---- C:\Windows\system32\drivers\WUDFRd.sys 2010-07-02 10:23:53 ----A---- C:\Windows\system32\drivers\WUDFPf.sys 2010-07-02 10:23:52 ----A---- C:\Windows\system32\WUDFx.dll 2010-07-02 10:23:52 ----A---- C:\Windows\system32\WUDFSvc.dll 2010-07-02 10:23:52 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2010-07-02 10:23:52 ----A---- C:\Windows\system32\wsqmcons.exe 2010-07-02 10:23:52 ----A---- C:\Windows\system32\wsock32.dll 2010-07-02 10:23:52 ----A---- C:\Windows\system32\WSHTCPIP.DLL 2010-07-02 10:23:51 ----A---- C:\Windows\system32\xpssvcs.dll 2010-07-02 10:23:51 ----A---- C:\Windows\system32\WUDFHost.exe 2010-07-02 10:23:51 ----A---- C:\Windows\system32\wtsapi32.dll 2010-07-02 10:23:49 ----A---- C:\Windows\system32\xwizards.dll 2010-07-02 10:23:48 ----A---- C:\Windows\system32\wmidx.dll 2010-07-02 10:23:48 ----A---- C:\Windows\system32\WlanMmHC.dll 2010-07-02 10:23:48 ----A---- C:\Windows\system32\drivers\wmilib.sys 2010-07-02 10:23:47 ----A---- C:\Windows\system32\wmdrmdev.dll 2010-07-02 10:23:47 ----A---- C:\Windows\system32\WlanMM.dll 2010-07-02 10:23:47 ----A---- C:\Windows\system32\WLanHC.dll 2010-07-02 10:23:47 ----A---- C:\Windows\system32\wlanext.exe 2010-07-02 10:23:47 ----A---- C:\Windows\system32\wlandlg.dll 2010-07-02 10:23:46 ----A---- C:\Windows\system32\wmdrmnet.dll 2010-07-02 10:23:46 ----A---- C:\Windows\system32\WMASF.DLL 2010-07-02 10:23:46 ----A---- C:\Windows\system32\WMADMOE.DLL 2010-07-02 10:23:46 ----A---- C:\Windows\system32\WMADMOD.DLL 2010-07-02 10:23:45 ----A---- C:\Windows\system32\wmpshell.dll 2010-07-02 10:23:44 ----A---- C:\Windows\system32\WMSPDMOE.DLL 2010-07-02 10:23:44 ----A---- C:\Windows\system32\wmpsrcwp.dll 2010-07-02 10:23:41 ----A---- C:\Windows\system32\WMVSENCD.DLL 2010-07-02 10:23:40 ----A---- C:\Windows\system32\wmvdspa.dll 2010-07-02 10:23:40 ----A---- C:\Windows\system32\WMVDECOD.DLL 2010-07-02 10:23:38 ----A---- C:\Windows\system32\wmiprop.dll 2010-07-02 10:23:36 ----A---- C:\Windows\system32\WMPEncEn.dll 2010-07-02 10:23:32 ----A---- C:\Windows\system32\wmpcm.dll 2010-07-02 10:23:25 ----A---- C:\Windows\system32\systeminfo.exe 2010-07-02 10:23:24 ----A---- C:\Windows\system32\Tabbtn.dll 2010-07-02 10:23:18 ----A---- C:\Windows\system32\tbssvc.dll 2010-07-02 10:23:17 ----A---- C:\Windows\system32\taskmgr.exe 2010-07-02 10:23:17 ----A---- C:\Windows\system32\tasklist.exe 2010-07-02 10:23:17 ----A---- C:\Windows\system32\taskkill.exe 2010-07-02 10:23:16 ----A---- C:\Windows\system32\tdh.dll 2010-07-02 10:23:16 ----A---- C:\Windows\system32\tcpmon.ini 2010-07-02 10:23:16 ----A---- C:\Windows\system32\tbs.dll 2010-07-02 10:23:16 ----A---- C:\Windows\system32\taskschd.dll 2010-07-02 10:23:16 ----A---- C:\Windows\system32\drivers\tdtcp.sys 2010-07-02 10:23:16 ----A---- C:\Windows\system32\drivers\tdpipe.sys 2010-07-02 10:23:16 ----A---- C:\Windows\system32\drivers\tdi.sys 2010-07-02 10:23:15 ----A---- C:\Windows\system32\TapiMigPlugin.dll 2010-07-02 10:23:15 ----A---- C:\Windows\system32\tabcal.exe 2010-07-02 10:23:15 ----A---- C:\Windows\system32\TabbtnEx.dll 2010-07-02 10:23:14 ----A---- C:\Windows\system32\takeown.exe 2010-07-02 10:23:14 ----A---- C:\Windows\system32\srrstr.dll 2010-07-02 10:23:14 ----A---- C:\Windows\system32\srdelayed.exe 2010-07-02 10:23:14 ----A---- C:\Windows\system32\srclient.dll 2010-07-02 10:23:14 ----A---- C:\Windows\system32\sqmapi.dll 2010-07-02 10:23:14 ----A---- C:\Windows\system32\sqlcese30.dll 2010-07-02 10:23:14 ----A---- C:\Windows\system32\drivers\tape.sys 2010-07-02 10:23:13 ----A---- C:\Windows\system32\sstpsvc.dll 2010-07-02 10:23:13 ----A---- C:\Windows\system32\SSShim.dll 2010-07-02 10:23:13 ----A---- C:\Windows\system32\ssdpsrv.dll 2010-07-02 10:23:13 ----A---- C:\Windows\system32\sqlceqp30.dll 2010-07-02 10:23:12 ----A---- C:\Windows\system32\srwmi.dll 2010-07-02 10:23:11 ----A---- C:\Windows\system32\spwizeng.dll 2010-07-02 10:23:11 ----A---- C:\Windows\system32\spbcd.dll 2010-07-02 10:23:11 ----A---- C:\Windows\system32\SoundRecorder.exe 2010-07-02 10:23:11 ----A---- C:\Windows\system32\drivers\spldr.sys 2010-07-02 10:23:09 ----A---- C:\Windows\system32\SysFxUI.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\syncui.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\synceng.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\sxstrace.exe 2010-07-02 10:23:09 ----A---- C:\Windows\system32\spwizres.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\spwizimg.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\sppnp.dll 2010-07-02 10:23:09 ----A---- C:\Windows\system32\spopk.dll 2010-07-02 10:23:08 ----A---- C:\Windows\system32\sxsstore.dll 2010-07-02 10:23:08 ----A---- C:\Windows\system32\sxs.dll 2010-07-02 10:23:06 ----A---- C:\Windows\system32\syssetup.dll 2010-07-02 10:23:06 ----A---- C:\Windows\system32\syskey.exe 2010-07-02 10:23:06 ----A---- C:\Windows\system32\sti_ci.dll 2010-07-02 10:23:05 ----A---- C:\Windows\system32\usbperf.dll 2010-07-02 10:23:05 ----A---- C:\Windows\system32\usbmon.dll 2010-07-02 10:23:05 ----A---- C:\Windows\system32\svchost.exe 2010-07-02 10:23:05 ----A---- C:\Windows\system32\drivers\usbscan.sys 2010-07-02 10:23:05 ----A---- C:\Windows\system32\drivers\swenum.sys 2010-07-02 10:23:04 ----A---- C:\Windows\system32\userinit.exe 2010-07-02 10:23:04 ----A---- C:\Windows\system32\usbui.dll 2010-07-02 10:23:04 ----A---- C:\Windows\system32\upnphost.dll 2010-07-02 10:23:04 ----A---- C:\Windows\system32\upnpcont.exe 2010-07-02 10:23:04 ----A---- C:\Windows\system32\upnp.dll 2010-07-02 10:23:03 ----A---- C:\Windows\system32\xwtpw32.dll 2010-07-02 10:23:03 ----A---- C:\Windows\system32\vga64k.dll 2010-07-02 10:23:03 ----A---- C:\Windows\system32\vga256.dll 2010-07-02 10:23:03 ----A---- C:\Windows\system32\vga.dll 2010-07-02 10:23:03 ----A---- C:\Windows\system32\drivers\vga.sys 2010-07-02 10:23:03 ----A---- C:\Windows\system32\drivers\usbd.sys 2010-07-02 10:23:03 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2010-07-02 10:23:02 ----A---- C:\Windows\system32\VIDRESZR.DLL 2010-07-02 10:23:02 ----A---- C:\Windows\system32\verifier.dll 2010-07-02 10:23:02 ----A---- C:\Windows\system32\VAN.dll 2010-07-02 10:23:02 ----A---- C:\Windows\system32\uxtheme.dll 2010-07-02 10:23:02 ----A---- C:\Windows\system32\uudf.dll 2010-07-02 10:23:02 ----A---- C:\Windows\system32\utildll.dll 2010-07-02 10:23:02 ----A---- C:\Windows\system32\drivers\volmgr.sys 2010-07-02 10:23:02 ----A---- C:\Windows\system32\drivers\videoprt.sys 2010-07-02 10:23:01 ----A---- C:\Windows\system32\vfwwdm32.dll 2010-07-02 10:23:01 ----A---- C:\Windows\system32\verifier.exe 2010-07-02 10:23:01 ----A---- C:\Windows\system32\vdsldr.exe 2010-07-02 10:23:01 ----A---- C:\Windows\system32\vdsbas.dll 2010-07-02 10:23:01 ----A---- C:\Windows\system32\vds_ps.dll 2010-07-02 10:23:01 ----A---- C:\Windows\system32\vdmredir.dll 2010-07-02 10:23:01 ----A---- C:\Windows\system32\trkwks.dll 2010-07-02 10:23:01 ----A---- C:\Windows\system32\tracerpt.exe 2010-07-02 10:23:00 ----A---- C:\Windows\system32\TSpkg.dll 2010-07-02 10:23:00 ----A---- C:\Windows\system32\TpmInit.exe 2010-07-02 10:23:00 ----A---- C:\Windows\system32\TMM.dll 2010-07-02 10:23:00 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2010-07-02 10:22:59 ----A---- C:\Windows\system32\tsddd.dll 2010-07-02 10:22:59 ----A---- C:\Windows\system32\TimeDateMUICallback.dll 2010-07-02 10:22:59 ----A---- C:\Windows\system32\termmgr.dll 2010-07-02 10:22:58 ----A---- C:\Windows\system32\thumbcache.dll 2010-07-02 10:22:57 ----A---- C:\Windows\system32\umb.dll 2010-07-02 10:22:57 ----A---- C:\Windows\system32\drivers\umbus.sys 2010-07-02 10:22:56 ----A---- C:\Windows\system32\unlodctr.exe 2010-07-02 10:22:56 ----A---- C:\Windows\system32\UIHub.dll 2010-07-02 10:22:56 ----A---- C:\Windows\system32\drivers\umpass.sys 2010-07-02 10:22:55 ----A---- C:\Windows\system32\unbcl.dll 2010-07-02 10:22:55 ----A---- C:\Windows\system32\unattendedjoin.exe 2010-07-02 10:22:55 ----A---- C:\Windows\system32\unattend.dll 2010-07-02 10:22:55 ----A---- C:\Windows\system32\ucsvc.exe 2010-07-02 10:22:55 ----A---- C:\Windows\system32\txfw32.dll 2010-07-02 10:22:54 ----A---- C:\Windows\system32\UIAutomationCore.dll 2010-07-02 10:22:54 ----A---- C:\Windows\system32\uexfat.dll 2010-07-02 10:22:54 ----A---- C:\Windows\system32\txflog.dll 2010-07-02 10:22:54 ----A---- C:\Windows\system32\twext.dll 2010-07-02 10:22:53 ----A---- C:\Windows\system32\ufat.dll 2010-07-02 10:22:51 ----A---- C:\Windows\system32\UI0Detect.exe 2010-07-02 10:06:35 ----A---- C:\Windows\system32\d3dx9_32.dll 2010-07-02 10:06:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2010-07-02 10:05:06 ----D---- C:\Program Files\Microsoft 2010-07-02 10:04:45 ----D---- C:\Program Files\Windows Live SkyDrive 2010-07-02 10:04:24 ----D---- C:\Program Files\Windows Live 2010-07-02 10:03:59 ----D---- C:\Windows\PCHEALTH 2010-07-02 10:03:04 ----D---- C:\Users\Samy\AppData\Roaming\Mozilla 2010-07-02 09:58:31 ----D---- C:\Program Files\Mozilla Firefox 2010-07-02 07:17:19 ----D---- C:\Users\Samy\AppData\Roaming\Apple Computer 2010-07-02 07:12:34 ----A---- C:\Windows\system32\GEARAspi.dll 2010-07-02 07:12:34 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2010-07-02 07:12:33 ----DC---- C:\Windows\system32\DRVSTORE 2010-07-02 07:11:57 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-07-02 07:11:13 ----D---- C:\Program Files\QuickTime 2010-07-02 07:11:12 ----D---- C:\ProgramData\Apple Computer 2010-07-02 07:10:43 ----D---- C:\Program Files\Apple Software Update 2010-07-02 07:10:11 ----D---- C:\Program Files\Bonjour 2010-07-02 07:09:43 ----D---- C:\ProgramData\Apple 2010-07-02 07:09:43 ----D---- C:\Program Files\Common Files\Apple 2010-07-02 07:02:17 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-02 07:01:53 ----D---- C:\Program Files\Epson Software 2010-07-02 07:01:51 ----D---- C:\Program Files\Common Files\InstallShield 2010-07-02 06:49:32 ----D---- C:\Program Files\Common Files\Windows Live 2010-07-02 06:48:16 ----A---- C:\Windows\system32\kerberos.dll 2010-07-02 06:48:15 ----A---- C:\Windows\system32\schannel.dll 2010-07-02 06:47:32 ----D---- C:\Program Files\Microsoft Silverlight 2010-07-01 23:37:24 ----A---- C:\Windows\system32\t2embed.dll 2010-07-01 23:37:23 ----A---- C:\Windows\system32\lpk.dll 2010-07-01 23:37:23 ----A---- C:\Windows\system32\fontsub.dll 2010-07-01 23:37:23 ----A---- C:\Windows\system32\dciman32.dll 2010-07-01 23:32:28 ----A---- C:\Windows\system32\winipsec.dll 2010-07-01 23:32:27 ----A---- C:\Windows\system32\polstore.dll 2010-07-01 23:31:24 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-07-01 23:31:24 ----A---- C:\Windows\system32\drivers\srv.sys 2010-07-01 23:28:50 ----A---- C:\Windows\system32\netevent.dll 2010-07-01 23:28:50 ----A---- C:\Windows\system32\MRINFO.EXE 2010-07-01 23:28:49 ----A---- C:\Windows\system32\TCPSVCS.EXE 2010-07-01 23:28:49 ----A---- C:\Windows\system32\ROUTE.EXE 2010-07-01 23:28:49 ----A---- C:\Windows\system32\NETSTAT.EXE 2010-07-01 23:28:49 ----A---- C:\Windows\system32\netiohlp.dll 2010-07-01 23:28:49 ----A---- C:\Windows\system32\HOSTNAME.EXE 2010-07-01 23:28:49 ----A---- C:\Windows\system32\finger.exe 2010-07-01 23:28:49 ----A---- C:\Windows\system32\ARP.EXE 2010-07-01 23:26:25 ----A---- C:\Windows\system32\L2SecHC.dll 2010-07-01 23:26:24 ----A---- C:\Windows\system32\wlansvc.dll 2010-07-01 23:26:24 ----A---- C:\Windows\system32\wlanmsm.dll 2010-07-01 23:26:24 ----A---- C:\Windows\system32\wlanhlp.dll 2010-07-01 23:26:24 ----A---- C:\Windows\system32\wlanapi.dll 2010-07-01 23:26:23 ----A---- C:\Windows\system32\wlansec.dll 2010-07-01 23:26:20 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs 2010-07-01 23:25:09 ----A---- C:\Windows\system32\msxml3.dll 2010-07-01 23:25:08 ----A---- C:\Windows\system32\msxml6.dll 2010-07-01 23:25:07 ----A---- C:\Windows\system32\msxml3r.dll 2010-07-01 23:25:06 ----A---- C:\Windows\system32\msxml6r.dll 2010-07-01 23:23:54 ----A---- C:\Windows\system32\wdigest.dll 2010-07-01 23:23:54 ----A---- C:\Windows\system32\secur32.dll 2010-07-01 23:23:54 ----A---- C:\Windows\system32\msv1_0.dll 2010-07-01 23:23:54 ----A---- C:\Windows\system32\lsass.exe 2010-07-01 23:23:54 ----A---- C:\Windows\system32\lsasrv.dll 2010-07-01 23:23:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2010-07-01 23:22:47 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2010-07-01 23:22:47 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2010-07-01 23:22:47 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2010-07-01 23:20:48 ----A---- C:\Windows\system32\rrinstaller.exe 2010-07-01 23:20:48 ----A---- C:\Windows\system32\mfps.dll 2010-07-01 23:20:48 ----A---- C:\Windows\system32\mfpmp.exe 2010-07-01 23:20:48 ----A---- C:\Windows\system32\mferror.dll 2010-07-01 23:20:48 ----A---- C:\Windows\system32\mf.dll 2010-07-01 23:20:46 ----A---- C:\Windows\system32\WMVCORE.DLL 2010-07-01 23:19:32 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-07-01 23:19:32 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-07-01 23:15:20 ----A---- C:\Windows\system32\atl.dll 2010-07-01 23:11:03 ----A---- C:\Windows\system32\wkssvc.dll 2010-07-01 23:09:59 ----A---- C:\Windows\system32\tsgqec.dll 2010-07-01 23:09:59 ----A---- C:\Windows\system32\mstscax.dll 2010-07-01 23:09:59 ----A---- C:\Windows\system32\aaclient.dll 2010-07-01 22:58:09 ----A---- C:\Windows\system32\localspl.dll 2010-07-01 22:54:52 ----A---- C:\Windows\system32\wintrust.dll 2010-07-01 22:52:05 ----A---- C:\Windows\system32\NlsLexicons0045.dll 2010-07-01 22:52:04 ----A---- C:\Windows\system32\NlsLexicons0049.dll 2010-07-01 22:52:04 ----A---- C:\Windows\system32\NlsLexicons0047.dll 2010-07-01 22:52:04 ----A---- C:\Windows\system32\NlsLexicons0046.dll 2010-07-01 22:52:04 ----A---- C:\Windows\system32\NlsLexicons0020.dll 2010-07-01 22:52:03 ----A---- C:\Windows\system32\NlsLexicons0039.dll 2010-07-01 22:52:03 ----A---- C:\Windows\system32\NlsLexicons0022.dll 2010-07-01 22:52:03 ----A---- C:\Windows\system32\NlsLexicons0021.dll 2010-07-01 22:52:02 ----A---- C:\Windows\system32\NlsLexicons0026.dll 2010-07-01 22:52:02 ----A---- C:\Windows\system32\NlsLexicons0024.dll 2010-07-01 22:52:01 ----A---- C:\Windows\system32\NlsLexicons0027.dll 2010-07-01 22:52:01 ----A---- C:\Windows\system32\NlsLexicons0013.dll 2010-07-01 22:52:01 ----A---- C:\Windows\system32\NlsLexicons0011.dll 2010-07-01 22:52:01 ----A---- C:\Windows\system32\NlsLexicons0010.dll 2010-07-01 22:52:00 ----A---- C:\Windows\system32\NlsLexicons0019.dll 2010-07-01 22:52:00 ----A---- C:\Windows\system32\NlsLexicons0018.dll 2010-07-01 22:51:59 ----A---- C:\Windows\system32\NlsLexicons0003.dll 2010-07-01 22:51:59 ----A---- C:\Windows\system32\NlsLexicons0002.dll 2010-07-01 22:51:59 ----A---- C:\Windows\system32\NlsLexicons0001.dll 2010-07-01 22:51:58 ----A---- C:\Windows\system32\NlsLexicons004a.dll 2010-07-01 22:51:57 ----A---- C:\Windows\system32\NlsLexicons004e.dll 2010-07-01 22:51:57 ----A---- C:\Windows\system32\NlsLexicons004c.dll 2010-07-01 22:51:57 ----A---- C:\Windows\system32\NlsLexicons004b.dll 2010-07-01 22:51:57 ----A---- C:\Windows\system32\NlsLexicons003e.dll 2010-07-01 22:51:56 ----A---- C:\Windows\system32\NlsLexicons002a.dll 2010-07-01 22:51:56 ----A---- C:\Windows\system32\NlsLexicons001b.dll 2010-07-01 22:51:56 ----A---- C:\Windows\system32\NlsLexicons001a.dll 2010-07-01 22:51:55 ----A---- C:\Windows\system32\NlsLexicons001d.dll 2010-07-01 22:51:55 ----A---- C:\Windows\system32\NlsLexicons000a.dll 2010-07-01 22:51:54 ----A---- C:\Windows\system32\NlsLexicons000f.dll 2010-07-01 22:51:54 ----A---- C:\Windows\system32\NlsLexicons000d.dll 2010-07-01 22:51:54 ----A---- C:\Windows\system32\NlsLexicons000c.dll 2010-07-01 22:51:53 ----A---- C:\Windows\system32\NlsLexicons0816.dll 2010-07-01 22:51:53 ----A---- C:\Windows\system32\NlsLexicons0416.dll 2010-07-01 22:51:53 ----A---- C:\Windows\system32\NlsLexicons0414.dll 2010-07-01 22:51:52 ----A---- C:\Windows\system32\NlsModels0011.dll 2010-07-01 22:51:52 ----A---- C:\Windows\system32\NlsLexicons081a.dll 2010-07-01 22:51:52 ----A---- C:\Windows\system32\NlsData0046.dll 2010-07-01 22:51:52 ----A---- C:\Windows\system32\NlsData0045.dll 2010-07-01 22:51:51 ----A---- C:\Windows\system32\NlsData0049.dll 2010-07-01 22:51:51 ----A---- C:\Windows\system32\NlsData0047.dll 2010-07-01 22:51:51 ----A---- C:\Windows\system32\NlsData0039.dll 2010-07-01 22:51:50 ----A---- C:\Windows\system32\NlsData0024.dll 2010-07-01 22:51:50 ----A---- C:\Windows\system32\NlsData0022.dll 2010-07-01 22:51:50 ----A---- C:\Windows\system32\NlsData0021.dll 2010-07-01 22:51:50 ----A---- C:\Windows\system32\NlsData0020.dll 2010-07-01 22:51:49 ----A---- C:\Windows\system32\NlsData0027.dll 2010-07-01 22:51:49 ----A---- C:\Windows\system32\NlsData0026.dll 2010-07-01 22:51:49 ----A---- C:\Windows\system32\NlsData0010.dll 2010-07-01 22:51:48 ----A---- C:\Windows\system32\NlsData0018.dll 2010-07-01 22:51:48 ----A---- C:\Windows\system32\NlsData0013.dll 2010-07-01 22:51:48 ----A---- C:\Windows\system32\NlsData0011.dll 2010-07-01 22:51:48 ----A---- C:\Windows\system32\NlsData0000.dll 2010-07-01 22:51:47 ----A---- C:\Windows\system32\NlsData0019.dll 2010-07-01 22:51:46 ----A---- C:\Windows\system32\NlsData0009.dll 2010-07-01 22:51:46 ----A---- C:\Windows\system32\NlsData0007.dll 2010-07-01 22:51:46 ----A---- C:\Windows\system32\NlsData0003.dll 2010-07-01 22:51:46 ----A---- C:\Windows\system32\NlsData0002.dll 2010-07-01 22:51:46 ----A---- C:\Windows\system32\NlsData0001.dll 2010-07-01 22:51:45 ----A---- C:\Windows\system32\NlsData004c.dll 2010-07-01 22:51:45 ----A---- C:\Windows\system32\NlsData004b.dll 2010-07-01 22:51:45 ----A---- C:\Windows\system32\NlsData004a.dll 2010-07-01 22:51:44 ----A---- C:\Windows\system32\NlsData004e.dll 2010-07-01 22:51:44 ----A---- C:\Windows\system32\NlsData003e.dll 2010-07-01 22:51:44 ----A---- C:\Windows\system32\NlsData002a.dll 2010-07-01 22:51:44 ----A---- C:\Windows\system32\NlsData001a.dll 2010-07-01 22:51:43 ----A---- C:\Windows\system32\NlsData001d.dll 2010-07-01 22:51:43 ----A---- C:\Windows\system32\NlsData001b.dll 2010-07-01 22:51:43 ----A---- C:\Windows\system32\NlsData000a.dll 2010-07-01 22:51:42 ----A---- C:\Windows\system32\NlsData000f.dll 2010-07-01 22:51:42 ----A---- C:\Windows\system32\NlsData000d.dll 2010-07-01 22:51:42 ----A---- C:\Windows\system32\NlsData000c.dll 2010-07-01 22:51:41 ----A---- C:\Windows\system32\NlsData0416.dll 2010-07-01 22:51:41 ----A---- C:\Windows\system32\NlsData0414.dll 2010-07-01 22:51:40 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll 2010-07-01 22:51:40 ----A---- C:\Windows\system32\NlsData0c1a.dll 2010-07-01 22:51:40 ----A---- C:\Windows\system32\NlsData081a.dll 2010-07-01 22:51:40 ----A---- C:\Windows\system32\NlsData0816.dll 2010-07-01 22:48:14 ----A---- C:\Windows\system32\kbd106n.dll 2010-07-01 22:43:41 ----A---- C:\Windows\system32\iphlpsvc.dll 2010-07-01 22:43:41 ----A---- C:\Windows\system32\drivers\tunnel.sys 2010-07-01 22:43:41 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-07-01 22:43:40 ----A---- C:\Windows\system32\drivers\TUNMP.SYS 2010-07-01 22:43:40 ----A---- C:\Windows\system32\drivers\tcpipreg.sys 2010-07-01 22:41:22 ----A---- C:\Windows\system32\browserchoice.exe 2010-07-01 22:39:15 ----A---- C:\Windows\system32\cabview.dll 2010-07-01 22:37:26 ----A---- C:\Windows\system32\printcom.dll 2010-07-01 22:34:35 ----A---- C:\Windows\system32\wshrm.dll 2010-07-01 22:33:17 ----A---- C:\Windows\system32\wmpdxm.dll 2010-07-01 21:42:48 ----A---- C:\Windows\system32\INETRES.dll 2010-07-01 21:42:32 ----A---- C:\Windows\system32\msasn1.dll 2010-07-01 21:42:05 ----A---- C:\Windows\system32\rpcrt4.dll 2010-07-01 21:41:26 ----A---- C:\Windows\system32\nshhttp.dll 2010-07-01 21:41:26 ----A---- C:\Windows\system32\httpapi.dll 2010-07-01 21:41:25 ----A---- C:\Windows\system32\drivers\http.sys 2010-07-01 21:40:17 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-07-01 21:40:02 ----A---- C:\Windows\system32\rastls.dll 2010-07-01 21:39:47 ----A---- C:\Windows\system32\WSDApi.dll 2010-07-01 21:38:56 ----A---- C:\Windows\system32\msvfw32.dll 2010-07-01 21:38:56 ----A---- C:\Windows\system32\mciavi32.dll 2010-07-01 21:38:56 ----A---- C:\Windows\system32\avifil32.dll 2010-07-01 21:38:56 ----A---- C:\Windows\system32\avicap32.dll 2010-07-01 21:38:55 ----A---- C:\Windows\system32\quartz.dll 2010-07-01 21:38:55 ----A---- C:\Windows\system32\msvidc32.dll 2010-07-01 21:38:55 ----A---- C:\Windows\system32\msrle32.dll 2010-07-01 21:38:54 ----A---- C:\Windows\system32\tsbyuv.dll 2010-07-01 21:38:54 ----A---- C:\Windows\system32\msyuv.dll 2010-07-01 21:38:54 ----A---- C:\Windows\system32\iyuv_32.dll 2010-07-01 21:37:59 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2010-07-01 21:20:32 ----N---- C:\Windows\system32\MpSigStub.exe 2010-07-01 21:07:27 ----A---- C:\Windows\ALCFDRTM.EXE 2010-07-01 21:05:50 ----D---- C:\Program Files\Microsoft Security Essentials 2010-07-01 20:37:48 ----D---- C:\Windows\Panther 2010-07-01 20:37:34 ----RAS---- C:\BOOTSECT.BAK 2010-07-01 20:37:32 ----SHD---- C:\Boot 2010-07-01 20:35:46 ----A---- C:\Windows\system32\hcrstco.dll 2010-07-01 20:35:46 ----A---- C:\Windows\system32\hccoin.dll 2010-07-01 20:31:36 ----A---- C:\Windows\system32\gpprefcl.dll 2010-07-01 20:31:07 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-07-01 20:31:07 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-07-01 20:31:07 ----A---- C:\Windows\system32\secproc_isv.dll 2010-07-01 20:31:07 ----A---- C:\Windows\system32\secproc.dll 2010-07-01 20:31:07 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-07-01 20:31:07 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-07-01 20:31:07 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-07-01 20:31:07 ----A---- C:\Windows\system32\RMActivate.exe 2010-07-01 20:31:07 ----A---- C:\Windows\system32\msdrm.dll 2010-07-01 20:29:35 ----D---- C:\Users\Samy\AppData\Roaming\Macromedia 2010-07-01 20:29:35 ----D---- C:\Users\Samy\AppData\Roaming\Adobe 2010-07-01 20:27:12 ----A---- C:\Windows\system32\wmploc.DLL 2010-07-01 20:27:12 ----A---- C:\Windows\system32\unregmp2.exe 2010-07-01 20:27:11 ----A---- C:\Windows\system32\wmp.dll 2010-07-01 20:27:11 ----A---- C:\Windows\system32\spwmp.dll 2010-07-01 20:27:11 ----A---- C:\Windows\system32\dxmasf.dll 2010-07-01 20:14:14 ----D---- C:\ProgramData\NVIDIA 2010-07-01 20:11:50 ----SHD---- C:\Windows\Installer 2010-07-01 20:11:46 ----D---- C:\ProgramData\NVIDIA Corporation 2010-07-01 20:11:27 ----D---- C:\Program Files\NVIDIA Corporation 2010-07-01 20:07:07 ----A---- C:\Windows\system32\dpinst.exe 2010-07-01 19:57:12 ----A---- C:\Windows\system32\wups2.dll 2010-07-01 19:57:12 ----A---- C:\Windows\system32\wucltux.dll 2010-07-01 19:57:12 ----A---- C:\Windows\system32\wuaueng.dll 2010-07-01 19:57:12 ----A---- C:\Windows\system32\wuauclt.exe 2010-07-01 19:56:23 ----D---- C:\Users\Samy\AppData\Roaming\Identities 2010-07-01 19:55:54 ----SD---- C:\Users\Samy\AppData\Roaming\Microsoft 2010-07-01 19:55:18 ----A---- C:\Windows\system32\wups.dll 2010-07-01 19:55:18 ----A---- C:\Windows\system32\wudriver.dll 2010-07-01 19:55:18 ----A---- C:\Windows\system32\wuapi.dll 2010-07-01 19:54:14 ----A---- C:\Windows\system32\wuwebv.dll 2010-07-01 19:54:14 ----A---- C:\Windows\system32\wuapp.exe 2010-07-01 19:53:06 ----SHD---- C:\ProgramData\Modèles 2010-07-01 19:53:06 ----SHD---- C:\ProgramData\Menu Démarrer 2010-07-01 19:53:06 ----SHD---- C:\ProgramData\Favoris 2010-07-01 19:53:06 ----SHD---- C:\ProgramData\Bureau 2010-07-01 19:53:06 ----SHD---- C:\Program Files\Fichiers communs 2010-07-01 19:42:50 ----D---- C:\Windows\SoftwareDistribution 2010-07-01 19:40:48 ----D---- C:\Windows\system32\catroot2 2010-07-01 19:40:38 ----D---- C:\Windows\Debug 2010-07-01 19:40:37 ----D---- C:\Windows\CSC 2010-07-01 19:39:22 ----D---- C:\Windows\Prefetch 2010-07-01 19:39:13 ----SHD---- C:\System Volume Information ======List of files/folders modified in the last 1 months====== 2010-07-25 14:53:49 ----D---- C:\Windows\Temp 2010-07-25 14:48:50 ----D---- C:\Windows\system32\drivers 2010-07-25 14:48:50 ----D---- C:\Windows\schemas 2010-07-25 14:47:48 ----D---- C:\Windows\Tasks 2010-07-25 14:47:48 ----D---- C:\Windows\System32 2010-07-25 12:49:44 ----D---- C:\Windows\system32\config 2010-07-25 12:46:41 ----D---- C:\Windows 2010-07-23 14:45:21 ----HD---- C:\ProgramData 2010-07-23 14:45:20 ----RD---- C:\Program Files 2010-07-23 14:13:57 ----RSD---- C:\Windows\Fonts 2010-07-22 14:20:27 ----D---- C:\Windows\system32\FxsTmp 2010-07-22 12:50:24 ----D---- C:\Windows\winsxs 2010-07-21 19:45:41 ----D---- C:\Program Files\Common Files\microsoft shared 2010-07-17 12:03:51 ----RSD---- C:\Windows\assembly 2010-07-16 18:44:21 ----D---- C:\Windows\inf 2010-07-16 18:44:21 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-07-16 13:57:32 ----D---- C:\Windows\system32\NDF 2010-07-14 18:57:40 ----D---- C:\Windows\Help 2010-07-14 18:57:01 ----D---- C:\Windows\system32\catroot 2010-07-14 10:06:18 ----D---- C:\Program Files\Windows Mail 2010-07-12 22:57:34 ----D---- C:\Windows\system32\WDI 2010-07-10 17:15:57 ----D---- C:\Windows\LiveKernelReports 2010-07-07 12:38:24 ----SD---- C:\ProgramData\Microsoft 2010-07-07 08:13:56 ----SD---- C:\Windows\Downloaded Program Files 2010-07-05 14:00:04 ----D---- C:\Windows\system32\LogFiles 2010-07-03 14:04:29 ----D---- C:\Windows\rescache 2010-07-03 13:50:13 ----D---- C:\Program Files\Common Files 2010-07-03 13:41:18 ----D---- C:\Windows\system32\Tasks 2010-07-03 07:35:35 ----D---- C:\Windows\twain_32 2010-07-02 21:39:05 ----A---- C:\Windows\system32\mrt.exe 2010-07-02 19:16:04 ----D---- C:\Windows\Microsoft.NET 2010-07-02 19:15:16 ----D---- C:\Windows\Logs 2010-07-02 14:19:18 ----D---- C:\Windows\system32\wbem 2010-07-02 13:32:20 ----D---- C:\Windows\system32\drivers\UMDF 2010-07-02 13:29:58 ----D---- C:\Program Files\Windows Sidebar 2010-07-02 13:29:58 ----D---- C:\Program Files\Windows Media Player 2010-07-02 13:29:58 ----D---- C:\Program Files\Windows Calendar 2010-07-02 13:29:58 ----D---- C:\Program Files\Movie Maker 2010-07-02 13:29:58 ----D---- C:\Program Files\Internet Explorer 2010-07-02 13:29:57 ----D---- C:\Program Files\Windows Photo Gallery 2010-07-02 13:29:57 ----D---- C:\Program Files\Windows Journal 2010-07-02 13:29:57 ----D---- C:\Program Files\Windows Collaboration 2010-07-02 13:29:57 ----D---- C:\Program Files\Common Files\System 2010-07-02 13:29:56 ----D---- C:\Windows\servicing 2010-07-02 13:29:56 ----D---- C:\Program Files\Windows Defender 2010-07-02 13:29:51 ----D---- C:\Windows\PolicyDefinitions 2010-07-02 13:29:51 ----D---- C:\Windows\IME 2010-07-02 13:29:50 ----D---- C:\Windows\system32\XPSViewer 2010-07-02 13:29:50 ----D---- C:\Windows\system32\sk-SK 2010-07-02 13:29:50 ----D---- C:\Windows\system32\oobe 2010-07-02 13:29:50 ----D---- C:\Windows\system32\migration 2010-07-02 13:29:50 ----D---- C:\Windows\system32\lv-LV 2010-07-02 13:29:50 ----D---- C:\Windows\system32\ko-KR 2010-07-02 13:29:50 ----D---- C:\Windows\system32\it-IT 2010-07-02 13:29:50 ----D---- C:\Windows\system32\hr-HR 2010-07-02 13:29:50 ----D---- C:\Windows\system32\fr 2010-07-02 13:29:50 ----D---- C:\Windows\system32\et-EE 2010-07-02 13:29:50 ----D---- C:\Windows\system32\en-US 2010-07-02 13:29:50 ----D---- C:\Windows\system32\el-GR 2010-07-02 13:29:50 ----D---- C:\Windows\system32\de-DE 2010-07-02 13:29:50 ----D---- C:\Windows\system32\da-DK 2010-07-02 13:29:49 ----D---- C:\Windows\system32\ru-RU 2010-07-02 13:29:49 ----D---- C:\Windows\system32\AdvancedInstallers 2010-07-02 13:29:48 ----D---- C:\Windows\system32\fr-FR 2010-07-02 13:29:46 ----D---- C:\Windows\system32\sv-SE 2010-07-02 13:29:46 ----D---- C:\Windows\system32\SLUI 2010-07-02 13:29:46 ----D---- C:\Windows\system32\setup 2010-07-02 13:29:46 ----D---- C:\Windows\system32\pt-PT 2010-07-02 13:29:46 ----D---- C:\Windows\system32\hu-HU 2010-07-02 13:29:46 ----D---- C:\Windows\system32\he-IL 2010-07-02 13:29:46 ----D---- C:\Windows\system32\fi-FI 2010-07-02 13:29:46 ----D---- C:\Windows\system32\cs-CZ 2010-07-02 13:29:44 ----D---- C:\Windows\system32\zh-TW 2010-07-02 13:29:44 ----D---- C:\Windows\system32\zh-CN 2010-07-02 13:29:44 ----D---- C:\Windows\system32\uk-UA 2010-07-02 13:29:44 ----D---- C:\Windows\system32\th-TH 2010-07-02 13:29:44 ----D---- C:\Windows\system32\sr-Latn-CS 2010-07-02 13:29:44 ----D---- C:\Windows\system32\sl-SI 2010-07-02 13:29:44 ----D---- C:\Windows\system32\ro-RO 2010-07-02 13:29:44 ----D---- C:\Windows\system32\pl-PL 2010-07-02 13:29:44 ----D---- C:\Windows\system32\manifeststore 2010-07-02 13:29:44 ----D---- C:\Windows\system32\ja-JP 2010-07-02 13:29:44 ----D---- C:\Windows\system32\es-ES 2010-07-02 13:29:44 ----D---- C:\Windows\system32\drivers\fr-FR 2010-07-02 13:29:44 ----D---- C:\Windows\system32\bg-BG 2010-07-02 13:29:43 ----D---- C:\Windows\system32\tr-TR 2010-07-02 13:29:43 ----D---- C:\Windows\system32\nl-NL 2010-07-02 13:29:43 ----D---- C:\Windows\system32\nb-NO 2010-07-02 13:29:43 ----D---- C:\Windows\system32\lt-LT 2010-07-02 13:29:43 ----D---- C:\Windows\system32\ar-SA 2010-07-02 13:29:42 ----D---- C:\Windows\system32\pt-BR 2010-07-02 13:29:42 ----D---- C:\Windows\system32\migwiz 2010-07-02 13:29:30 ----D---- C:\Windows\AppPatch 2010-07-02 13:29:24 ----D---- C:\Windows\system32\Boot 2010-07-02 13:19:20 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2010-07-02 11:19:59 ----ASH---- C:\Program Files\desktop.ini 2010-07-02 11:11:11 ----D---- C:\Windows\MSAgent 2010-07-02 11:11:10 ----D---- C:\Windows\L2Schemas 2010-07-02 11:11:10 ----D---- C:\Windows\DigitalLocker 2010-07-02 11:11:07 ----D---- C:\Windows\system32\com 2010-07-02 11:11:05 ----D---- C:\Windows\system32\sysprep 2010-07-02 11:11:01 ----D---- C:\Windows\system32\ias 2010-07-02 11:09:49 ----D---- C:\Windows\Boot 2010-07-02 10:52:36 ----A---- C:\Windows\system32\ifxcardm.dll 2010-07-02 10:52:31 ----A---- C:\Windows\system32\axaltocm.dll 2010-07-02 07:13:07 ----D---- C:\Windows\system32\ras 2010-07-02 07:13:07 ----D---- C:\Windows\system32\icsxml 2010-07-01 19:59:13 ----D---- C:\Windows\system32\CodeIntegrity 2010-07-01 19:56:59 ----SHD---- C:\$Recycle.Bin 2010-07-01 19:55:32 ----RD---- C:\Users 2010-07-01 19:53:11 ----D---- C:\Windows\system32\restore 2010-07-01 19:53:06 ----D---- C:\Program Files\Windows NT ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-02 691696] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216] R2 irda;Protocole IrDA; C:\Windows\system32\DRIVERS\irda.sys [2008-01-18 95744] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 irsir;Pilote série infrarouge Microsoft; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-18 20992] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496] S0 udtirqe;udtirqe; C:\Windows\System32\drivers\rxugevdl.sys [2010-07-25 54016] S3 an4j3fjf;an4j3fjf; C:\Windows\system32\drivers\an4j3fjf.sys [] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328] S3 ute4ndez;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\ute4ndez.sys [2010-07-03 7168] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-18 21504] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- INFO.TXT info.txt logfile of random's system information tool 1.08 2010-07-25 14:54:02 ======Uninstall list====== 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E} Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} Auslogics Disk Defrag-->"C:\Program Files\Auslogics Disk Defrag\unins000.exe" Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Daggerfall-->"C:\Program Files\Daggerfall\unins000.exe" Epson Copy Utility 3.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}\SETUP.EXE" -l0x40c -UnInstall EPSON TWAIN 5-->C:\Program Files\InstallShield Installation Information\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}\setup.exe -runfromtemp -l0x0c0cUNINSTALL -removeonly Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9} Half-Life 2: Episode One-->"D:\Program Files\Steam\steam.exe" steam://uninstall/380 Half-Life 2: Episode Two-->"D:\Program Files\Steam\steam.exe" steam://uninstall/420 Half-Life 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/220 HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8} iTunes-->MsiExec.exe /I{91F7F3F3-CE80-48C3-8327-7D24A0A5716A} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile FRA Language Pack-->MsiExec.exe /X{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Antimalware Service FR-FR Language Pack-->MsiExec.exe /X{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9} Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE} Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{CC1DB186-550F-3CFE-A2A9-EBA5E5A34BC1} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Module linguistique Microsoft .NET Framework 4 Client Profile FRA-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1036 /parameterfolder ClientLP Morrowind-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Morrowind\MWUninstall\Setup.exe" -l0x9 Mozilla Firefox (3.6.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NFO viewer v 2.1-->"C:\Program Files\NFO viewer\unins000.exe" NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Portal-->"D:\Program Files\Steam\steam.exe" steam://uninstall/400 PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D} Realtek AC'97 Audio-->Alcrmv.exe -r -m RomStation-->D:\Program Files\RomStation\Uninstal.exe ScummVM 1.1.1-->"C:\Program Files\ScummVM\unins000.exe" Serious Sam HD: The Second Encounter-->"D:\Program Files\Steam\steam.exe" steam://uninstall/41010 Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} SumatraPDF-->"C:\Program Files\SumatraPDF\uninstall.exe" System Requirements Lab-->MsiExec.exe /I{9E1BAB75-EB78-440D-94C0-A3857BE2E733} Team Fortress 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/440 TES Construction Set-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Morrowind\CSUninstall\Setup.exe" -l0x9 Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VLC media player 1.1.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818} Windows Live Movie Maker-->MsiExec.exe /X{230B83A5-7D88-4B95-B71E-F44C0C78B002} ======Security center information====== AS: Windows Defender (disabled) ======System event log====== Computer Name: CoolerMaster Event Code: 20 Message: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070643 : Mise à jour des définitions pour Microsoft Security Essentials – KB972696 (Définition 1.85.1381.0). Record Number: 95366 Source Name: Microsoft-Windows-WindowsUpdateClient Time Written: 20100704060729.322325-000 Event Type: Erreur User: AUTORITE NT\SYSTEM Computer Name: CoolerMaster Event Code: 2001 Message: Microsoft Antimalware a rencontré une erreur lors d'une tentative de mise à jour de signature. Nouvelle version de la signature : Ancienne version de la signature : 1.85.1354.0 Source de la mise à jour : Serveur Microsoft Update Phase de la mise à jour : Installer Chemin d'accès source : Microsoft Corporation Type de signature : Antivirus Type de mise à jour : Complet Utilisateur : AUTORITE NT\SYSTEM Version actuelle du moteur : Version précédente du moteur : 1.1.5902.0 Code d'erreur : 0x80070643 Description de l'erreur : Erreur irrécupérable lors de l'installation. Record Number: 95365 Source Name: Microsoft Antimalware Time Written: 20100704060530.000000-000 Event Type: Erreur User: Computer Name: CoolerMaster Event Code: 6 Message: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Record Number: 95258 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20100704054713.140625-000 Event Type: Erreur User: AUTORITE NT\SYSTEM Computer Name: CoolerMaster Event Code: 6 Message: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Record Number: 95127 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20100703121425.562500-000 Event Type: Erreur User: AUTORITE NT\SYSTEM Computer Name: CoolerMaster Event Code: 6 Message: Certaines fonctionnalités de gestion de l’alimentation relatives aux performances du processeur ont été désactivées en raison d’un problème connu avec le microprogramme. Contactez le fabricant de l’ordinateur pour obtenir la mise à jour du microprogramme. Record Number: 95011 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20100703114027.359375-000 Event Type: Erreur User: AUTORITE NT\SYSTEM =====Application event log===== Computer Name: CoolerMaster Event Code: 33 Message: La création du contexte d’activation a échoué pour « C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVisionIePlugin.dll ». Assembly dépendant Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. Record Number: 103 Source Name: SideBySide Time Written: 20100701181414.000000-000 Event Type: Erreur User: Computer Name: CoolerMaster Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 65 Source Name: Microsoft-Windows-WMI Time Written: 20100701175631.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: CoolerMaster Event Code: 63 Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur. Record Number: 63 Source Name: Microsoft-Windows-WMI Time Written: 20100701175630.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM Computer Name: CoolerMaster Event Code: 1008 Message: Le service Windows Search tente de supprimer l’ancien catalogue. Record Number: 27 Source Name: Microsoft-Windows-Search Time Written: 20100701175228.000000-000 Event Type: Avertissement User: Computer Name: 26L2233B2-09 Event Code: 1036 Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système. Record Number: 13 Source Name: Microsoft-Windows-SpoolerSpoolss Time Written: 20100701174241.000000-000 Event Type: Avertissement User: AUTORITE NT\SYSTEM =====Security event log===== Computer Name: 26L2233B2-09 Event Code: 4648 Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites. Sujet : ID de sécurité : S-1-5-18 Nom du compte : 26L2233B2-09$ Domaine du compte : WORKGROUP ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Compte dont les informations d’identification ont été utilisées : Nom du compte : SYSTEM Domaine du compte : AUTORITE NT GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Serveur cible : Nom du serveur cible : localhost Informations supplémentaires : localhost Informations sur le processus : ID du processus : 0x210 Nom du processus : C:\Windows\System32\services.exe Informations sur le réseau : Adresse du réseau : - Port : - Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS. Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100701174015.328125-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-09 Event Code: 4902 Message: La table de stratégie d’audit par utilisateur a été créée. Nombre d’éléments : 0 ID de la stratégie : 0x4d256 Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100701174011.828125-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-09 Event Code: 4624 Message: L’ouverture de session d’un compte s’est correctement déroulée. Sujet : ID de sécurité : S-1-0-0 Nom du compte : - Domaine du compte : - ID d’ouverture de session : 0x0 Type d’ouverture de session : 0 Nouvelle ouverture de session : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000} Informations sur le processus : ID du processus : 0x4 Nom du processus : Informations sur le réseau : Nom de la station de travail : - Adresse du réseau source : - Port source : - Informations détaillées sur l’authentification : Processus d’ouverture de session : - Package d’authentification : - Services en transit : - Nom du package (NTLM uniquement) : - Longueur de la clé : 0 Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée. Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe. Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau). Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté. Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas. Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique. - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC . - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session. - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM. - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée. Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100701174010.890625-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-09 Event Code: 4608 Message: Windows démarre. Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100701174010.890625-000 Event Type: Succès de l'audit User: Computer Name: 26L2233B2-09 Event Code: 4647 Message: Fermeture de session initiée par l’utilisateur : Sujet : ID de sécurité : S-1-5-21-918056312-2952985149-2686913973-500 Nom du compte : Administrator Domaine du compte : 26L2233B2-09 ID d’ouverture de session : 0x8657f Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20061102130853.734800-000 Event Type: Succès de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 15 Stepping 0, AuthenticAMD "PROCESSOR_REVISION"=0f00 "NUMBER_OF_PROCESSORS"=1 "asl.log"=Destination=file;OnFirstLog=command,environment,parent "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ -----------------EOF----------------- Voilà

On m'a oublié ! http://forum.zebulon.fr/trojanwin32-fakespypro-t178209.html

Bonjour, Je viens de faire une analyse avec Microsoft Security Essentials (dernière mise à jour) et apparemment il m'a détecté un trojan, j'ai donc cliqué sur "nettoyer l'ordinateur". Ça me donne ça : 759134268981_onchkomcbolayvirushap.jpg - NoelShack - Envoyez vos images, photos, et partagez-les. La bête se trouvait ici : C:\Users\Samy\AppData\Local\inseuayqb\ndeqqhotssd.exe J'aimerais savoir si le trojan a bien été totalement viré, j'ai donc fait pour vous une analyse HijackThis : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:41:11, on 23/07/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18928) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O17 - HKLM\System\CCS\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{287B6D8D-A204-4D9E-BFB4-83B4D9CA0E6F}: NameServer = 89.2.0.1,89.2.0.2 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @%SystemRoot%\System32\irmon.dll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 17482 bytes J'ai une Vista 32 Bits. Merci d'avance