bonjour, voila j'ai lu les different post ms je ne suis pas très douée....; j'ai Téléchargé Random's system information tool (RSIT)et voila le resultat...
Logfile of random's system information tool 1.08 (written by random/random)
Run by morgane at 2010-08-23 20:03:45
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 138 GB (60%) free of 230 GB
Total RAM: 1278 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:24, on 23/08/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\SFR\Kit\9props.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ManyCam\Bin\ManyCam.exe
C:\Windows\system32\Taskmgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Microsoft LifeCam\LifeTray.exe
C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\morgane\Downloads\RSIT.exe
C:\Program Files\trend micro\morgane.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SFR : téléphone portable, forfait téléphone mobile, sfr mobile adsl, opérateur de téléphonie mobile
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: LimeWire Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\RunOnce: [HDReg] C:\Program Files\HDReg\HDRegApp.exe -r
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [smpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: YesMessenger.lnk = C:\Program Files\Roulettechat\Messenger.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
--
End of file - 24961 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\Extension de garantie.job
C:\Windows\tasks\HDReg.job
C:\Windows\tasks\Norton Security Scan for morgane.job
C:\Windows\tasks\Recovery DVD Creator.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
Objet d'aide à la navigation SFR - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [2009-10-15 165184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-10-23 96984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}]
Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSoft.dll [2010-06-13 2734688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2010-08-06 321312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-06-16 2226048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-06 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-06-16 2226048]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-10-23 565960]
{D4027C7F-154A-4066-A1AD-4243D8127440} - LimeWire Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-17 1233288]
{4daac69c-cba7-45e2-9bc8-1044483d3352} - Softonic_France Toolbar - C:\Program Files\Softonic_France\tbSoft.dll [2010-06-13 2734688]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-06-17 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
""= []
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-07 30192]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-10-24 107112]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-10-27 22696]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-06-20 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-06-20 92704]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"HDReg"=C:\Program Files\HDReg\HDRegApp.exe [2005-06-21 192512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-08-06 1232896]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-05-03 1116728]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"Connexion SFR 9props.exe"=C:\Program Files\SFR\Kit\9props.exe [2009-10-15 959808]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe [2010-02-26 3404600]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"ManyCam"=C:\Program Files\ManyCam\Bin\ManyCam.exe [2010-08-11 1713448]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2010-01-27 256280]
C:\Users\morgane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
YesMessenger.lnk - C:\Program Files\Roulettechat\Messenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-08-23 20:03:47 ----D---- C:\Program Files\trend micro
2010-08-23 20:03:45 ----D---- C:\rsit
2010-08-23 19:26:47 ----D---- C:\Windows\system32\drivers\NSS
2010-08-23 19:26:47 ----D---- C:\Program Files\Norton Security Scan
2010-08-23 19:26:44 ----D---- C:\ProgramData\NortonInstaller
2010-08-23 19:26:44 ----D---- C:\Program Files\NortonInstaller
2010-08-23 18:56:54 ----D---- C:\Users\morgane\AppData\Roaming\ManyCam
2010-08-23 18:56:19 ----D---- C:\Program Files\ManyCam
2010-08-20 17:24:12 ----D---- C:\Program Files\Microsoft LifeCam
2010-08-20 17:11:58 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-20 17:11:44 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-08-17 19:30:18 ----D---- C:\Program Files\MSECache
2010-08-15 22:23:58 ----D---- C:\ProgramData\Xerox
2010-08-15 21:57:21 ----A---- C:\Windows\yesmessenger.ini
2010-08-15 21:53:45 ----A---- C:\Windows\yes_messenger.ini
2010-08-15 21:53:44 ----D---- C:\Program Files\Roulettechat
2010-08-15 17:47:31 ----D---- C:\Program Files\VPSS
2010-08-14 18:37:20 ----A---- C:\Windows\system32\ov530usd.dll
2010-08-14 18:37:20 ----A---- C:\Windows\system32\drivers\ov530vid.sys
2010-08-14 18:37:19 ----A---- C:\Windows\system32\ov530ext.dll
2010-08-14 18:37:19 ----A---- C:\Windows\system32\drivers\ov530cmd.sys
2010-08-14 18:37:19 ----A---- C:\Windows\system32\drivers\camfilt2.sys
2010-08-14 18:37:19 ----A---- C:\Windows\ov530dib.dll
2010-08-14 17:53:41 ----A---- C:\Windows\system32\HWLMSET2PS.dll
2010-08-14 17:53:41 ----A---- C:\Windows\system32\HWLMSET2.exe
2010-08-14 17:24:48 ----HDC---- C:\ProgramData\{D4FF7F5C-BACC-401C-BEC6-F71DA6C6E92B}
2010-08-14 17:24:46 ----D---- C:\Program Files\SmartTweak Software
2010-08-14 17:01:18 ----D---- C:\Program Files\Hercules
2010-08-14 17:01:01 ----D---- C:\Users\morgane\AppData\Roaming\InstallShield
2010-08-14 16:23:42 ----D---- C:\Windows\OvtCam
2010-08-14 14:32:45 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-08-14 14:32:45 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-08-14 13:03:10 ----ASH---- C:\hiberfil.sys
2010-08-14 13:01:52 ----A---- C:\Windows\ntbtlog.txt
2010-08-14 11:56:54 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-08-14 11:51:16 ----D---- C:\ProgramData\Lavasoft
2010-08-14 10:55:27 ----D---- C:\Windows\Minidump
2010-08-07 10:39:19 ----D---- C:\ProgramData\McAfee Security Scan
2010-08-07 10:39:19 ----D---- C:\ProgramData\McAfee
2010-08-07 10:39:17 ----D---- C:\Program Files\McAfee Security Scan
2010-08-07 03:06:53 ----A---- C:\Windows\system32\t2embed.dll
2010-08-07 03:06:53 ----A---- C:\Windows\system32\lpk.dll
2010-08-07 03:06:53 ----A---- C:\Windows\system32\fontsub.dll
2010-08-07 03:06:53 ----A---- C:\Windows\system32\dciman32.dll
2010-08-07 03:06:53 ----A---- C:\Windows\system32\atmlib.dll
2010-08-07 03:06:53 ----A---- C:\Windows\system32\atmfd.dll
2010-08-07 03:06:33 ----A---- C:\Windows\system32\winhttp.dll
2010-08-07 03:05:52 ----A---- C:\Windows\system32\es.dll
2010-08-07 03:02:17 ----A---- C:\Windows\system32\wmploc.DLL
2010-08-07 03:02:13 ----A---- C:\Windows\system32\wmp.dll
2010-08-07 03:02:13 ----A---- C:\Windows\system32\spwmp.dll
2010-08-07 03:02:12 ----A---- C:\Windows\system32\dxmasf.dll
2010-08-07 03:02:04 ----A---- C:\Windows\system32\unregmp2.exe
2010-08-06 20:42:59 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-06 20:42:32 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-08-06 20:40:04 ----D---- C:\Program Files\Microsoft Sync Framework
2010-08-06 20:37:48 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-08-06 20:37:12 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-08-06 20:33:58 ----D---- C:\Program Files\Microsoft
2010-08-06 20:33:36 ----D---- C:\Program Files\Windows Live SkyDrive
2010-08-06 20:32:48 ----D---- C:\Windows\PCHEALTH
2010-08-06 20:29:55 ----D---- C:\Program Files\Conduit
2010-08-06 20:29:51 ----D---- C:\Program Files\Softonic_France
2010-08-06 20:21:57 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-06 19:48:59 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-06 19:48:59 ----A---- C:\Windows\system32\advpack.dll
2010-08-06 19:48:59 ----A---- C:\Windows\system32\admparse.dll
2010-08-06 19:48:58 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-06 19:48:58 ----A---- C:\Windows\system32\ieakui.dll
2010-08-06 19:48:58 ----A---- C:\Windows\system32\ieaksie.dll
2010-08-06 19:48:57 ----A---- C:\Windows\system32\wininet.dll
2010-08-06 19:48:57 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-06 19:48:56 ----A---- C:\Windows\system32\dxtrans.dll
2010-08-06 19:48:56 ----A---- C:\Windows\system32\dxtmsft.dll
2010-08-06 19:48:55 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-06 19:48:54 ----A---- C:\Windows\system32\ieui.dll
2010-08-06 19:48:53 ----A---- C:\Windows\system32\ieframe.dll
2010-08-06 19:48:51 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-06 19:48:51 ----A---- C:\Windows\system32\ieencode.dll
2010-08-06 19:48:50 ----A---- C:\Windows\system32\mshtmler.dll
2010-08-06 19:48:50 ----A---- C:\Windows\system32\mshtml.dll
2010-08-06 19:48:48 ----A---- C:\Windows\system32\mstime.dll
2010-08-06 19:48:47 ----A---- C:\Windows\system32\icardie.dll
2010-08-06 19:48:45 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-06 19:48:44 ----A---- C:\Windows\system32\occache.dll
2010-08-06 19:48:43 ----A---- C:\Windows\system32\urlmon.dll
2010-08-06 19:48:42 ----A---- C:\Windows\system32\pngfilt.dll
2010-08-06 19:48:42 ----A---- C:\Windows\system32\iesetup.dll
2010-08-06 19:48:42 ----A---- C:\Windows\system32\iertutil.dll
2010-08-06 19:48:42 ----A---- C:\Windows\system32\iernonce.dll
2010-08-06 19:48:42 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-06 19:46:47 ----A---- C:\Windows\system32\winipsec.dll
2010-08-06 19:46:47 ----A---- C:\Windows\system32\polstore.dll
2010-08-06 19:46:47 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-08-06 19:46:47 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-08-06 19:45:52 ----A---- C:\Windows\system32\riched20.dll
2010-08-06 19:45:51 ----A---- C:\Windows\system32\riched32.dll
2010-08-06 19:45:50 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2010-08-06 19:45:49 ----A---- C:\Windows\system32\rasser.dll
2010-08-06 19:45:49 ----A---- C:\Windows\system32\rascfg.dll
2010-08-06 19:45:49 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2010-08-06 19:45:48 ----A---- C:\Windows\system32\rasmxs.dll
2010-08-06 19:45:48 ----A---- C:\Windows\system32\rasdiag.dll
2010-08-06 19:45:48 ----A---- C:\Windows\system32\netcfgx.dll
2010-08-06 19:45:48 ----A---- C:\Windows\system32\drivers\wanarp.sys
2010-08-06 19:45:47 ----A---- C:\Windows\system32\msftedit.dll
2010-08-06 19:45:47 ----A---- C:\Windows\system32\icsunattend.exe
2010-08-06 19:45:46 ----A---- C:\Windows\system32\wshqos.dll
2010-08-06 19:45:46 ----A---- C:\Windows\system32\ipnathlp.dll
2010-08-06 19:45:45 ----A---- C:\Windows\system32\traffic.dll
2010-08-06 19:45:45 ----A---- C:\Windows\system32\pacerprf.dll
2010-08-06 19:45:45 ----A---- C:\Windows\system32\drivers\pacer.sys
2010-08-06 19:45:45 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-08-06 19:45:45 ----A---- C:\Windows\system32\cdd.dll
2010-08-06 19:45:44 ----A---- C:\Windows\system32\dps.dll
2010-08-06 19:44:56 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-06 19:44:56 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-06 19:44:10 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-08-06 19:44:10 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-08-06 19:44:09 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-08-06 19:43:20 ----A---- C:\Windows\system32\ACCTRES.dll
2010-08-06 19:43:19 ----A---- C:\Windows\system32\msoert2.dll
2010-08-06 19:43:19 ----A---- C:\Windows\system32\msoeacct.dll
2010-08-06 19:42:16 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-08-06 19:42:16 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-08-06 19:42:16 ----A---- C:\Windows\system32\netiohlp.dll
2010-08-06 19:42:16 ----A---- C:\Windows\system32\netevent.dll
2010-08-06 19:42:16 ----A---- C:\Windows\system32\MRINFO.EXE
2010-08-06 19:42:16 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-08-06 19:42:16 ----A---- C:\Windows\system32\finger.exe
2010-08-06 19:42:15 ----A---- C:\Windows\system32\ROUTE.EXE
2010-08-06 19:42:15 ----A---- C:\Windows\system32\ARP.EXE
2010-08-06 19:40:58 ----A---- C:\Windows\system32\wtsapi32.dll
2010-08-06 19:40:58 ----A---- C:\Windows\system32\drivers\acpi.sys
2010-08-06 19:40:54 ----A---- C:\Windows\system32\sysmain.dll
2010-08-06 19:40:05 ----A---- C:\Windows\system32\WebClnt.dll
2010-08-06 19:40:05 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2010-08-06 19:39:20 ----A---- C:\Windows\system32\L2SecHC.dll
2010-08-06 19:39:19 ----A---- C:\Windows\system32\wlansvc.dll
2010-08-06 19:39:19 ----A---- C:\Windows\system32\wlansec.dll
2010-08-06 19:39:19 ----A---- C:\Windows\system32\wlanmsm.dll
2010-08-06 19:39:19 ----A---- C:\Windows\system32\wlanhlp.dll
2010-08-06 19:39:19 ----A---- C:\Windows\system32\wlanapi.dll
2010-08-06 19:38:21 ----A---- C:\Windows\system32\msxml3r.dll
2010-08-06 19:38:21 ----A---- C:\Windows\system32\msxml3.dll
2010-08-06 19:38:20 ----A---- C:\Windows\system32\msxml6r.dll
2010-08-06 19:38:20 ----A---- C:\Windows\system32\msxml6.dll
2010-08-06 19:36:33 ----A---- C:\Windows\system32\msv1_0.dll
2010-08-06 19:35:42 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-08-06 19:35:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-08-06 19:35:42 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-08-06 19:34:53 ----A---- C:\Windows\system32\rrinstaller.exe
2010-08-06 19:34:53 ----A---- C:\Windows\system32\mfps.dll
2010-08-06 19:34:53 ----A---- C:\Windows\system32\mferror.dll
2010-08-06 19:34:53 ----A---- C:\Windows\system32\mf.dll
2010-08-06 19:34:52 ----A---- C:\Windows\system32\mfpmp.exe
2010-08-06 19:34:51 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-08-06 19:33:59 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-06 19:33:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-06 19:31:38 ----A---- C:\Windows\system32\vbscript.dll
2010-08-06 19:30:54 ----A---- C:\Windows\system32\atl.dll
2010-08-06 19:30:13 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2010-08-06 19:29:30 ----A---- C:\Windows\system32\gdi32.dll
2010-08-06 19:28:50 ----A---- C:\Windows\system32\drivers\ntfs.sys
2010-08-06 19:28:49 ----A---- C:\Windows\system32\drivers\monitor.sys
2010-08-06 19:27:13 ----A---- C:\Windows\system32\xolehlp.dll
2010-08-06 19:27:13 ----A---- C:\Windows\system32\msdtcprx.dll
2010-08-06 19:26:32 ----A---- C:\Windows\system32\wkssvc.dll
2010-08-06 19:25:50 ----A---- C:\Windows\system32\aaclient.dll
2010-08-06 19:25:49 ----A---- C:\Windows\system32\tsgqec.dll
2010-08-06 19:25:49 ----A---- C:\Windows\system32\mstscax.dll
2010-08-06 19:25:02 ----A---- C:\Windows\system32\wmpeffects.dll
2010-08-06 19:19:06 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-08-06 19:18:23 ----A---- C:\Windows\system32\FirewallAPI.dll
2010-08-06 19:18:22 ----A---- C:\Windows\system32\MPSSVC.dll
2010-08-06 19:18:22 ----A---- C:\Windows\system32\icfupgd.dll
2010-08-06 19:18:22 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2010-08-06 19:18:21 ----A---- C:\Windows\system32\wfapigp.dll
2010-08-06 19:18:21 ----A---- C:\Windows\system32\cmifw.dll
2010-08-06 19:17:33 ----A---- C:\Windows\system32\netapi32.dll
2010-08-06 19:15:00 ----A---- C:\Windows\system32\mcmde.dll
2010-08-06 19:14:59 ----A---- C:\Windows\system32\EncDec.dll
2010-08-06 19:14:58 ----A---- C:\Windows\system32\psisdecd.dll
2010-08-06 19:11:27 ----A---- C:\Windows\system32\shell32.dll
2010-08-06 19:10:34 ----A---- C:\Windows\system32\tzres.dll
2010-08-06 19:09:44 ----A---- C:\Windows\system32\localspl.dll
2010-08-06 19:07:51 ----A---- C:\Windows\system32\drivers\pciidex.sys
2010-08-06 19:07:51 ----A---- C:\Windows\system32\drivers\pciide.sys
2010-08-06 19:07:51 ----A---- C:\Windows\system32\drivers\ataport.sys
2010-08-06 19:07:51 ----A---- C:\Windows\system32\drivers\atapi.sys
2010-08-06 19:07:50 ----A---- C:\Windows\system32\drivers\volsnap.sys
2010-08-06 19:07:50 ----A---- C:\Windows\system32\drivers\nwifi.sys
2010-08-06 19:07:16 ----A---- C:\Windows\explorer.exe
2010-08-06 19:05:33 ----A---- C:\Windows\system32\wintrust.dll
2010-08-06 19:04:44 ----A---- C:\Windows\system32\wdigest.dll
2010-08-06 19:04:44 ----A---- C:\Windows\system32\secur32.dll
2010-08-06 19:04:44 ----A---- C:\Windows\system32\kerberos.dll
2010-08-06 19:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-08-06 19:04:43 ----A---- C:\Windows\system32\lsass.exe
2010-08-06 19:04:43 ----A---- C:\Windows\system32\lsasrv.dll
2010-08-06 19:04:42 ----A---- C:\Windows\system32\schannel.dll
2010-08-06 19:03:46 ----A---- C:\Windows\system32\netcfg.exe
2010-08-06 19:02:45 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2010-08-06 19:02:44 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2010-08-06 19:02:44 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2010-08-06 19:02:44 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2010-08-06 19:02:44 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2010-08-06 19:02:43 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2010-08-06 19:02:43 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2010-08-06 19:02:42 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2010-08-06 19:02:41 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2010-08-06 19:02:40 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2010-08-06 19:02:39 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2010-08-06 19:02:38 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2010-08-06 19:02:38 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2010-08-06 19:02:37 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2010-08-06 19:02:37 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2010-08-06 19:02:36 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2010-08-06 19:02:35 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2010-08-06 19:02:35 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2010-08-06 19:02:34 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2010-08-06 19:02:32 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2010-08-06 19:02:32 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-08-06 19:02:32 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-08-06 19:02:31 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2010-08-06 19:02:31 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2010-08-06 19:02:30 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2010-08-06 19:02:30 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2010-08-06 19:02:29 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2010-08-06 19:02:29 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2010-08-06 19:02:28 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2010-08-06 19:02:27 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2010-08-06 19:02:25 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2010-08-06 19:02:25 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2010-08-06 19:02:24 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2010-08-06 19:02:23 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2010-08-06 19:02:23 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2010-08-06 19:02:22 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2010-08-06 19:02:21 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2010-08-06 19:02:21 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2010-08-06 19:02:20 ----A---- C:\Windows\system32\NlsModels0011.dll
2010-08-06 19:02:20 ----A---- C:\Windows\system32\NlsData0046.dll
2010-08-06 19:02:20 ----A---- C:\Windows\system32\NlsData0045.dll
2010-08-06 19:02:19 ----A---- C:\Windows\system32\NlsData0049.dll
2010-08-06 19:02:19 ----A---- C:\Windows\system32\NlsData0047.dll
2010-08-06 19:02:19 ----A---- C:\Windows\system32\NlsData0039.dll
2010-08-06 19:02:18 ----A---- C:\Windows\system32\NlsData0021.dll
2010-08-06 19:02:18 ----A---- C:\Windows\system32\NlsData0020.dll
2010-08-06 19:02:17 ----A---- C:\Windows\system32\NlsData0026.dll
2010-08-06 19:02:17 ----A---- C:\Windows\system32\NlsData0024.dll
2010-08-06 19:02:17 ----A---- C:\Windows\system32\NlsData0022.dll
2010-08-06 19:02:16 ----A---- C:\Windows\system32\NlsData0027.dll
2010-08-06 19:02:16 ----A---- C:\Windows\system32\NlsData0011.dll
2010-08-06 19:02:16 ----A---- C:\Windows\system32\NlsData0010.dll
2010-08-06 19:02:15 ----A---- C:\Windows\system32\NlsData0018.dll
2010-08-06 19:02:15 ----A---- C:\Windows\system32\NlsData0013.dll
2010-08-06 19:02:14 ----A---- C:\Windows\system32\NlsData0019.dll
2010-08-06 19:02:14 ----A---- C:\Windows\system32\NlsData0001.dll
2010-08-06 19:02:14 ----A---- C:\Windows\system32\NlsData0000.dll
2010-08-06 19:02:13 ----A---- C:\Windows\system32\NlsData0003.dll
2010-08-06 19:02:13 ----A---- C:\Windows\system32\NlsData0002.dll
2010-08-06 19:02:12 ----A---- C:\Windows\system32\NlsData0007.dll
2010-08-06 19:02:10 ----A---- C:\Windows\system32\NlsData004b.dll
2010-08-06 19:02:10 ----A---- C:\Windows\system32\NlsData004a.dll
2010-08-06 19:02:10 ----A---- C:\Windows\system32\NlsData0009.dll
2010-08-06 19:02:09 ----A---- C:\Windows\system32\NlsData004e.dll
2010-08-06 19:02:09 ----A---- C:\Windows\system32\NlsData004c.dll
2010-08-06 19:02:08 ----A---- C:\Windows\system32\NlsData003e.dll
2010-08-06 19:02:07 ----A---- C:\Windows\system32\NlsData002a.dll
2010-08-06 19:02:06 ----A---- C:\Windows\system32\NlsData001a.dll
2010-08-06 19:02:05 ----A---- C:\Windows\system32\NlsData001b.dll
2010-08-06 19:02:03 ----A---- C:\Windows\system32\NlsData001d.dll
2010-08-06 19:02:02 ----A---- C:\Windows\system32\NlsData000a.dll
2010-08-06 19:02:01 ----A---- C:\Windows\system32\NlsData000d.dll
2010-08-06 19:02:01 ----A---- C:\Windows\system32\NlsData000c.dll
2010-08-06 19:02:00 ----A---- C:\Windows\system32\NlsData000f.dll
2010-08-06 19:01:59 ----A---- C:\Windows\system32\NlsData0414.dll
2010-08-06 19:01:57 ----A---- C:\Windows\system32\NlsData0416.dll
2010-08-06 19:01:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-08-06 19:01:56 ----A---- C:\Windows\system32\NlsData081a.dll
2010-08-06 19:01:56 ----A---- C:\Windows\system32\NlsData0816.dll
2010-08-06 19:01:54 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2010-08-06 19:01:54 ----A---- C:\Windows\system32\NlsData0c1a.dll
2010-08-06 18:56:05 ----D---- C:\Program Files\Ask.com
2010-08-06 18:55:01 ----A---- C:\Windows\system32\setupapi.dll
2010-08-06 18:53:39 ----D---- C:\ProgramData\Sun
2010-08-06 18:53:38 ----D---- C:\Program Files\Common Files\Java
2010-08-06 18:53:07 ----A---- C:\Windows\system32\srdelayed.exe
2010-08-06 18:53:07 ----A---- C:\Windows\system32\srcore.dll
2010-08-06 18:53:07 ----A---- C:\Windows\system32\srclient.dll
2010-08-06 18:53:07 ----A---- C:\Windows\system32\rstrui.exe
2010-08-06 18:53:06 ----A---- C:\Windows\system32\wpd_ci.dll
2010-08-06 18:53:06 ----A---- C:\Windows\system32\kd1394.dll
2010-08-06 18:53:05 ----A---- C:\Windows\system32\winresume.exe
2010-08-06 18:53:05 ----A---- C:\Windows\system32\winload.exe
2010-08-06 18:53:04 ----A---- C:\Windows\system32\clfs.sys
2010-08-06 18:53:04 ----A---- C:\Windows\system32\ci.dll
2010-08-06 18:53:03 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-08-06 18:53:03 ----A---- C:\Windows\system32\drvinst.exe
2010-08-06 18:53:03 ----A---- C:\Windows\system32\cfgmgr32.dll
2010-08-06 18:53:02 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-06 18:53:02 ----A---- C:\Windows\system32\kbd106n.dll
2010-08-06 18:53:02 ----A---- C:\Windows\system32\dpx.dll
2010-08-06 18:53:01 ----A---- C:\Windows\system32\unlodctr.exe
2010-08-06 18:53:01 ----A---- C:\Windows\system32\lodctr.exe
2010-08-06 18:53:01 ----A---- C:\Windows\system32\loadperf.dll
2010-08-06 18:53:00 ----A---- C:\Windows\system32\prflbmsg.dll
2010-08-06 18:53:00 ----A---- C:\Windows\system32\deploytk.dll
2010-08-06 18:52:59 ----A---- C:\Windows\system32\schedsvc.dll
2010-08-06 18:52:59 ----A---- C:\Windows\system32\javaws.exe
2010-08-06 18:52:59 ----A---- C:\Windows\system32\javaw.exe
2010-08-06 18:52:58 ----A---- C:\Windows\system32\java.exe
2010-08-06 18:52:58 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2010-08-06 18:52:57 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2010-08-06 18:52:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-08-06 18:52:55 ----A---- C:\Windows\system32\drivers\sermouse.sys
2010-08-06 18:52:55 ----A---- C:\Windows\system32\dispci.dll
2010-08-06 18:52:55 ----A---- C:\Windows\system32\batt.dll
2010-08-06 18:52:54 ----A---- C:\Windows\system32\drivers\mouhid.sys
2010-08-06 18:52:54 ----A---- C:\Windows\system32\drivers\mouclass.sys
2010-08-06 18:52:54 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2010-08-06 18:52:53 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2010-08-06 18:52:16 ----D---- C:\Program Files\Java
2010-08-06 18:50:08 ----A---- C:\Windows\system32\rpcss.dll
2010-08-06 18:50:06 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-08-06 18:50:06 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-08-06 18:50:03 ----A---- C:\Windows\system32\sdohlp.dll
2010-08-06 18:50:03 ----A---- C:\Windows\system32\iasdatastore.dll
2010-08-06 18:50:03 ----A---- C:\Windows\system32\iasads.dll
2010-08-06 18:50:02 ----A---- C:\Windows\system32\iasrecst.dll
2010-08-06 18:48:46 ----A---- C:\Windows\system32\jscript.dll
2010-08-06 18:48:08 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-08-06 18:48:08 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-08-06 18:48:08 ----A---- C:\Windows\system32\drivers\TUNMP.SYS
2010-08-06 18:48:08 ----A---- C:\Windows\system32\drivers\netio.sys
2010-08-06 18:48:07 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-08-06 18:48:07 ----A---- C:\Windows\system32\netiougc.exe
2010-08-06 18:48:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-06 18:46:36 ----D---- C:\Program Files\CCleaner
2010-08-06 18:46:17 ----A---- C:\Windows\system32\WMASF.DLL
2010-08-06 18:46:17 ----A---- C:\Windows\system32\LAPRXY.DLL
2010-08-06 18:46:17 ----A---- C:\Windows\system32\asferror.dll
2010-08-06 18:45:35 ----A---- C:\Windows\system32\browserchoice.exe
2010-08-06 18:44:45 ----A---- C:\Windows\system32\kernel32.dll
2010-08-06 18:44:44 ----A---- C:\Windows\system32\apilogen.dll
2010-08-06 18:44:44 ----A---- C:\Windows\system32\amxread.dll
2010-08-06 18:44:07 ----A---- C:\Windows\system32\SLC.dll
2010-08-06 18:44:07 ----A---- C:\Windows\system32\mcbuilder.exe
2010-08-06 18:44:06 ----A---- C:\Windows\system32\slwmi.dll
2010-08-06 18:44:05 ----A---- C:\Windows\system32\SLUINotify.dll
2010-08-06 18:44:05 ----A---- C:\Windows\system32\SLUI.exe
2010-08-06 18:44:05 ----A---- C:\Windows\system32\SLLUA.exe
2010-08-06 18:44:05 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-08-06 18:44:04 ----A---- C:\Windows\system32\SLsvc.exe
2010-08-06 18:44:04 ----A---- C:\Windows\system32\slcinst.dll
2010-08-06 18:43:26 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-08-06 18:43:25 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-08-06 18:43:25 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-08-06 18:42:50 ----A---- C:\Windows\system32\cabview.dll
2010-08-06 18:41:40 ----A---- C:\Windows\system32\ntprint.exe
2010-08-06 18:41:40 ----A---- C:\Windows\system32\ntprint.dll
2010-08-06 18:41:39 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-08-06 18:41:39 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-08-06 18:41:39 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2010-08-06 18:41:38 ----A---- C:\Windows\system32\authui.dll
2010-08-06 18:41:36 ----A---- C:\Windows\system32\sendmail.dll
2010-08-06 18:41:04 ----A---- C:\Windows\system32\win32spl.dll
2010-08-06 18:41:04 ----A---- C:\Windows\system32\printcom.dll
2010-08-06 18:40:42 ----A---- C:\Windows\system32\win32k.sys
2010-08-06 18:39:48 ----A---- C:\Windows\system32\wshrm.dll
2010-08-06 18:39:48 ----A---- C:\Windows\system32\drivers\rmcast.sys
2010-08-06 18:39:05 ----A---- C:\Windows\system32\wmpdxm.dll
2010-08-06 18:38:05 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-08-06 18:38:05 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-08-06 18:38:05 ----A---- C:\Windows\system32\msdrm.dll
2010-08-06 18:38:04 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-08-06 18:38:04 ----A---- C:\Windows\system32\secproc.dll
2010-08-06 18:38:04 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-08-06 18:38:04 ----A---- C:\Windows\system32\RMActivate.exe
2010-08-06 18:38:03 ----A---- C:\Windows\system32\secproc_isv.dll
2010-08-06 18:38:03 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-08-06 18:37:29 ----A---- C:\Windows\system32\sbunattend.exe
2010-08-06 18:36:57 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-08-06 18:36:57 ----A---- C:\Windows\system32\dnscacheugc.exe
2010-08-06 18:36:57 ----A---- C:\Windows\system32\dnsapi.dll
2010-08-06 18:36:46 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2010-08-06 18:34:04 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-08-06 18:34:02 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-08-06 18:34:01 ----A---- C:\Windows\system32\gameux.dll
2010-08-06 18:33:29 ----A---- C:\Windows\system32\logagent.exe
2010-08-06 18:33:28 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-08-06 18:32:48 ----A---- C:\Windows\system32\INETRES.dll
2010-08-06 18:32:48 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-06 18:32:32 ----A---- C:\Windows\system32\msasn1.dll
2010-08-06 18:32:17 ----A---- C:\Windows\system32\connect.dll
2010-08-06 18:32:00 ----A---- C:\Windows\system32\wmi.dll
2010-08-06 18:32:00 ----A---- C:\Windows\system32\imagehlp.dll
2010-08-06 18:32:00 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2010-08-06 18:29:45 ----A---- C:\Windows\system32\rpcrt4.dll
2010-08-06 18:29:14 ----A---- C:\Windows\system32\httpapi.dll
2010-08-06 18:29:14 ----A---- C:\Windows\system32\drivers\http.sys
2010-08-06 18:29:13 ----A---- C:\Windows\system32\nshhttp.dll
2010-08-06 18:27:44 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-06 18:27:14 ----A---- C:\Windows\system32\raschap.dll
2010-08-06 18:27:13 ----A---- C:\Windows\system32\rastls.dll
2010-08-06 18:26:56 ----A---- C:\Windows\system32\WSDApi.dll
2010-08-06 18:25:03 ----A---- C:\Windows\system32\tsbyuv.dll
2010-08-06 18:25:03 ----A---- C:\Windows\system32\quartz.dll
2010-08-06 18:25:03 ----A---- C:\Windows\system32\msyuv.dll
2010-08-06 18:25:03 ----A---- C:\Windows\system32\iyuv_32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\msvidc32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\msvfw32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\msrle32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\mciavi32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\avifil32.dll
2010-08-06 18:25:02 ----A---- C:\Windows\system32\avicap32.dll
2010-08-06 18:24:26 ----A---- C:\Windows\system32\qmgr.dll
2010-08-06 18:24:19 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-08-06 16:54:13 ----A---- C:\Windows\WinInit.ini
2010-08-06 16:45:25 ----D---- C:\ProgramData\Norton
2010-08-06 16:34:46 ----N---- C:\Windows\system32\MpSigStub.exe
2010-08-06 16:04:41 ----D---- C:\Users\morgane\AppData\Roaming\Macromedia
2010-08-06 16:04:22 ----D---- C:\Users\morgane\AppData\Roaming\Google
2010-08-06 16:02:46 ----A---- C:\Windows\system32\wucltux.dll
2010-08-06 16:02:45 ----A---- C:\Windows\system32\wups2.dll
2010-08-06 16:02:45 ----A---- C:\Windows\system32\wuaueng.dll
2010-08-06 16:02:45 ----A---- C:\Windows\system32\wuauclt.exe
2010-08-06 16:02:14 ----A---- C:\Windows\system32\wups.dll
2010-08-06 16:02:14 ----A---- C:\Windows\system32\wudriver.dll
2010-08-06 16:02:14 ----A---- C:\Windows\system32\wuapi.dll
2010-08-06 16:01:47 ----A---- C:\Windows\system32\wuwebv.dll
2010-08-06 16:01:47 ----A---- C:\Windows\system32\wuapp.exe
2010-08-05 21:35:39 ----D---- C:\ProgramData\PC Suite
2010-08-05 21:35:37 ----D---- C:\Users\morgane\AppData\Roaming\PC Suite
2010-08-04 20:53:07 ----D---- C:\Program Files\DIFX
2010-08-04 20:53:05 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-08-04 20:52:12 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-04 20:51:47 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2010-08-04 20:51:47 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2010-08-04 20:51:46 ----A---- C:\Windows\system32\FsUsbExService.Exe
2010-08-04 20:50:37 ----D---- C:\Program Files\PC Connectivity Solution
2010-08-04 20:49:52 ----D---- C:\Users\morgane\AppData\Roaming\Samsung
2010-08-04 20:49:23 ----D---- C:\Program Files\MarkAny
2010-08-04 20:49:20 ----D---- C:\ProgramData\Samsung
2010-08-04 20:46:32 ----A---- C:\Windows\system32\infocardapi.dll
2010-08-04 20:46:32 ----A---- C:\Windows\system32\icardres.dll
2010-08-04 20:46:32 ----A---- C:\Windows\system32\icardagt.exe
2010-08-04 20:46:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-08-04 20:46:24 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-08-04 20:46:24 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-08-04 20:46:24 ----A---- C:\Windows\system32\PresentationHost.exe
2010-08-04 20:35:09 ----A---- C:\Windows\system32\netfxperf.dll
2010-08-04 20:35:09 ----A---- C:\Windows\system32\dfshim.dll
2010-08-04 20:35:06 ----A---- C:\Windows\system32\mscories.dll
2010-08-04 20:35:06 ----A---- C:\Windows\system32\mscorier.dll
2010-08-04 20:35:06 ----A---- C:\Windows\system32\mscoree.dll
2010-08-04 20:21:03 ----D---- C:\Program Files\Samsung
2010-08-04 20:20:44 ----D---- C:\Program Files\Common Files\Samsung
2010-07-29 16:01:39 ----D---- C:\Users\morgane\AppData\Roaming\Talkback
2010-07-29 16:01:14 ----D---- C:\Users\morgane\AppData\Roaming\Mozilla
2010-07-29 15:44:04 ----D---- C:\Program Files\SFR
2010-07-29 15:35:52 ----D---- C:\Users\morgane\AppData\Roaming\Adobe
======List of files/folders modified in the last 1 months======
2010-08-23 20:03:57 ----D---- C:\Windows\Temp
2010-08-23 20:03:48 ----D---- C:\Windows\Prefetch
2010-08-23 20:03:47 ----RD---- C:\Program Files
2010-08-23 19:27:16 ----D---- C:\Windows\Tasks
2010-08-23 19:27:08 ----D---- C:\Windows\system32\Tasks
2010-08-23 19:26:47 ----D---- C:\Windows\system32\drivers
2010-08-23 19:26:47 ----D---- C:\ProgramData\Symantec
2010-08-23 19:26:44 ----HD---- C:\ProgramData
2010-08-23 07:45:01 ----SHD---- C:\System Volume Information
2010-08-20 17:46:57 ----D---- C:\Windows
2010-08-20 17:31:51 ----AD---- C:\Windows\System32
2010-08-20 17:31:11 ----SHD---- C:\Windows\Installer
2010-08-20 17:30:55 ----D---- C:\Windows\system32\catroot
2010-08-20 17:30:55 ----D---- C:\Windows\inf
2010-08-20 17:30:36 ----D---- C:\Windows\system32\catroot2
2010-08-20 17:06:00 ----D---- C:\Windows\winsxs
2010-08-17 19:31:45 ----D---- C:\Program Files\Microsoft Office
2010-08-17 19:31:36 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-15 22:30:40 ----SD---- C:\ProgramData\Microsoft
2010-08-15 17:52:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-14 17:54:16 ----SD---- C:\Users\morgane\AppData\Roaming\Microsoft
2010-08-14 17:53:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-14 16:31:26 ----D---- C:\Program Files\Common Files\InstallShield
2010-08-14 16:23:43 ----D---- C:\Windows\twain_32
2010-08-14 14:19:46 ----D---- C:\Program Files\Packard Bell
2010-08-14 14:19:16 ----D---- C:\Users\morgane\AppData\Roaming\Packard Bell
2010-08-14 11:31:18 ----D---- C:\Windows\system32\LogFiles
2010-08-14 11:12:38 ----D---- C:\Windows\Debug
2010-08-10 18:06:21 ----D---- C:\Program Files\Mozilla Firefox
2010-08-08 10:08:20 ----SD---- C:\Windows\Downloaded Program Files
2010-08-08 03:01:04 ----D---- C:\Windows\servicing
2010-08-07 09:42:33 ----D---- C:\Windows\rescache
2010-08-07 09:40:58 ----D---- C:\Program Files\Norton Internet Security
2010-08-07 03:22:55 ----D---- C:\Windows\system32\fr-FR
2010-08-07 03:22:55 ----D---- C:\Windows\system32\drivers\fr-FR
2010-08-07 03:22:54 ----D---- C:\Program Files\Windows Media Player
2010-08-06 22:10:54 ----D---- C:\Windows\Microsoft.NET
2010-08-06 22:10:26 ----RSD---- C:\Windows\assembly
2010-08-06 20:42:17 ----D---- C:\Program Files\Windows Live
2010-08-06 20:21:57 ----D---- C:\Program Files\Common Files
2010-08-06 20:11:33 ----D---- C:\ProgramData\NVIDIA
2010-08-06 20:06:30 ----ASH---- C:\Program Files\desktop.ini
2010-08-06 19:55:37 ----D---- C:\Windows\system32\migration
2010-08-06 19:55:37 ----D---- C:\Program Files\Internet Explorer
2010-08-06 19:55:36 ----D---- C:\Windows\AppPatch
2010-08-06 19:55:35 ----D---- C:\Windows\system32\ras
2010-08-06 19:55:35 ----D---- C:\Windows\system32\icsxml
2010-08-06 19:55:35 ----D---- C:\Program Files\Windows Calendar
2010-08-06 19:55:32 ----D---- C:\Windows\system32\wbem
2010-08-06 19:55:32 ----D---- C:\Program Files\Windows Mail
2010-08-06 19:55:32 ----D---- C:\Program Files\Common Files\System
2010-08-06 19:55:30 ----D---- C:\Windows\ehome
2010-08-06 19:55:30 ----D---- C:\Program Files\Movie Maker
2010-08-06 19:55:26 ----D---- C:\Windows\system32\SLUI
2010-08-06 19:55:26 ----D---- C:\Windows\system32\manifeststore
2010-08-06 19:55:25 ----D---- C:\Program Files\Windows Sidebar
2010-08-06 19:55:22 ----RSD---- C:\Windows\Fonts
2010-08-06 18:31:14 ----D---- C:\Windows\Registration
2010-08-06 18:23:48 ----D---- C:\Windows\SoftwareDistribution
2010-08-06 17:06:31 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-08-06 16:49:31 ----D---- C:\Program Files\Symantec
2010-08-06 16:15:27 ----D---- C:\Windows\system32\NDF
2010-08-06 16:14:17 ----D---- C:\ProgramData\Electronic Arts
2010-08-04 22:18:29 ----D---- C:\Windows\system32\WDI
2010-08-04 21:43:36 ----D---- C:\Windows\system32\XPSViewer
2010-08-04 21:43:36 ----D---- C:\Windows\system32\en-US
2010-08-04 20:22:27 ----D---- C:\Windows\Logs
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-09-27 36560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-07-15 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20100811.001\IDSvix86.sys [2010-07-29 281648]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-10-06 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-08-03 188080]
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2010-02-04 18136]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-07-15 102448]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 30576]
R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100823.002\NAVENG.SYS [2010-07-15 85424]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100823.002\NAVEX15.SYS [2010-07-15 1362608]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-20 7468128]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2006-11-02 9216]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-08-03 12720]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-08-06 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-08-03 145968]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2009-08-03 39856]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-08-03 38448]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-08-03 26416]
R3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 camfilt2;camfilt2; C:\Windows\system32\DRIVERS\camfilt2.sys [2007-08-29 96384]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-04-28 54632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 ovt530;Hercules Deluxe Webcam; C:\Windows\System32\Drivers\ov530vid.sys [2007-02-02 167464]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2010-02-04 95568]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-20 118784]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-09-20 46736]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2010-08-06 1251720]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-10-24 107624]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-10-13 49296]
S3 fsssvc;Service Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-07 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ISPwdSvc;Validation de mot de passe Symantec IS; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-10-27 80552]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; C:\Program Files\Samsung\Kies\WiselinkPro\WiselinkPro.exe [2010-01-18 9201664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2010-08-23 20:04:30
======Uninstall list======
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
-->MsiExec.exe /I{0D330013-4A99-46D6-83C6-2C959C68DBFF}
-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}
Adobe Reader 8 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A80000000002}
Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
ADSL Neuf-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NEUF_FR*
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Creator 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CREATOR9*
Firefox-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *FirefoxFR*
Flash Player 9 Internet Explorer-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Flashplayer*
Galerie de photos Windows Live-->MsiExec.exe /X{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}
Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GOOGLE_EARTH*
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GoogleDesktop-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleDesktop*
GoogleToolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
HDReg France-->MsiExec.exe /I{0ED40D2A-7131-4FE7-941E-5C329336F712}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Infocentre Rev. 2.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8}
Java 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216018FF}
Junk Mail filter update-->MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
Kies-->"C:\Program Files\InstallShield Installation Information\{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}\setup.exe" -runfromtemp -l0x040c -removeonly
Kies-->MsiExec.exe /X{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
ManyCam 2.5.68 (remove only)-->"C:\Program Files\ManyCam\uninstall.exe"
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Corporation-->MsiExec.exe /I{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
Microsoft LifeCam-->MsiExec.exe /X{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}
Microsoft Search Enhancement Pack-->MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Mozilla Firefox (3.6.-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NIS2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *NIS2007_FR*
Norton AntiVirus-->MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Protection Center-->MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\InstStub.exe /X
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Packard Bell - Skype 2.5-->"C:\Program Files\Skype\Phone\unins000.exe"
PC Connectivity Solution-->MsiExec.exe /I{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}
Realtek HD Audio V6.0.1.5377-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO_REALTEK*
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
Roxio Creator 9 LE-->MsiExec.exe /I{B7FB0C86-41A4-4402-9A33-912C462042A0}
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe
SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_FR*
SFR - Kit de connexion-->C:\Program Files\SFR\Kit\uninstall.exe
Shockwave player 10-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Shockwave*
Skype 2.5.2.151-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
Softonic_France Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UpdateMyDrivers-->"C:\ProgramData\{D4FF7F5C-BACC-401C-BEC6-F71DA6C6E92B}\UpdateMyDrivers.exe" REMOVE=TRUE MODIFY=FALSE
UpdateMyDrivers-->C:\ProgramData\{D4FF7F5C-BACC-401C-BEC6-F71DA6C6E92B}\UpdateMyDrivers.exe
Video NVIDIA v97.46-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VIDEO_NVIDIA_GOB*
Virtual Plastic Surgery Software - VPSS v1.0-->"C:\Program Files\VPSS\unins000.exe"
Visionneuse Microsoft PowerPoint-->MsiExec.exe /X{95140000-00AF-040C-0000-0000000FF1CE}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504}
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Contrôle parental-->MsiExec.exe /X{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}
Windows Live FolderShare-->MsiExec.exe /X{76810709-A7D3-468D-9167-A1780C1E766C}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B}
Windows Live Movie Maker-->MsiExec.exe /X{230B83A5-7D88-4B95-B71E-F44C0C78B002}
Windows Live Toolbar-->MsiExec.exe /X{9D6524E6-15CF-4852-BF70-04FE973A3DE1}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Xtra Controller-->C:\Program Files\InstallShield Installation Information\{59579B12-97E6-437E-B988-BA032165D355}\setup.exe -runfromtemp -l0x040c -removeonly
YesMessenger 2.4.14-->"C:\Program Files\Roulettechat\unins000.exe"
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security
AS: Spybot - Search and Destroy (outdated)
AS: Windows Defender
AS: Norton Internet Security
======System event log======
Computer Name: PC-de-morgane
Event Code: 57
Message: Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Record Number: 141757
Source Name: volsnap
Time Written: 20100823180409.530564-000
Event Type: Avertissement
User:
Computer Name: PC-de-morgane
Event Code: 57
Message: Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Record Number: 141758
Source Name: volsnap
Time Written: 20100823180414.530564-000
Event Type: Avertissement
User:
Computer Name: PC-de-morgane
Event Code: 57
Message: Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Record Number: 141759
Source Name: volsnap
Time Written: 20100823180419.541564-000
Event Type: Avertissement
User:
Computer Name: PC-de-morgane
Event Code: 57
Message: Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Record Number: 141760
Source Name: volsnap
Time Written: 20100823180424.541564-000
Event Type: Avertissement
User:
Computer Name: PC-de-morgane
Event Code: 57
Message: Le système n'a pas pu vider les données du journal de transaction. Les données pourraient être endommagées.
Record Number: 141761
Source Name: volsnap
Time Written: 20100823180429.541564-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-morgane
Event Code: 1008
Message: Échec de la procédure d’ouverture pour le service « MSDTC » dans la DLL « C:\Windows\system32\msdtcuiu.DLL ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Record Number: 3458
Source Name: Microsoft-Windows-Perflib
Time Written: 20100823175814.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-morgane
Event Code: 1008
Message: Échec de la procédure d’ouverture pour le service « PNRPsvc » dans la DLL « C:\Windows\system32\pnrpperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Record Number: 3459
Source Name: Microsoft-Windows-Perflib
Time Written: 20100823175815.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-morgane
Event Code: 1005
Message: Impossible de trouver la procédure d’ouverture « OpenIPSecPerformanceData » dans la DLL « C:\Windows\System32\ipsecsvc.dll » pour le service « PolicyAgent ». Les données de performance pour ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Record Number: 3460
Source Name: Microsoft-Windows-Perflib
Time Written: 20100823175815.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-morgane
Event Code: 1018
Message: La collecte des données des compteurs de performance a été désactivée pour cette session à partir du service « PolicyAgent » car la bibliothèque de compteurs de performance pour ce service a généré une ou plusieurs erreurs. Les erreurs à l’origine de cette action ont été écrites dans le journal d’événements d’applications.
Record Number: 3461
Source Name: Microsoft-Windows-Perflib
Time Written: 20100823175815.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-morgane
Event Code: 1008
Message: Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\Windows\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.
Record Number: 3462
Source Name: Microsoft-Windows-Perflib
Time Written: 20100823175816.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: PC-de-morgane
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MORGANE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x270
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Adresse du réseau : -
Port : -
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 2721
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823034202.503164-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-morgane
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MORGANE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 5
Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x270
Nom du processus : C:\Windows\System32\services.exe
Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -
Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 2722
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823034202.503164-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-morgane
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2723
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823034202.503164-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-morgane
Event Code: 4904
Message: Une tentative d’inscription de la source d’un événement de sécurité a été effectuée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MORGANE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Processus :
ID du processus : 0x157c
Nom du processus : C:\Windows\System32\VSSVC.exe
Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x12bb2551
Record Number: 2724
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823053414.105564-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-morgane
Event Code: 4905
Message: Une tentative d’annulation d’inscription de la source d’un événement de sécurité a été effectuée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-MORGANE$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Processus :
ID du processus : 0x157c
Nom du processus : C:\Windows\System32\VSSVC.exe
Source de l’événement :
Nom de la source : VSSAudit
ID de la source de l’événement : 0x12bb2551
Record Number: 2725
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100823053414.105564-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
-----------------EOF-----------------
