Aller au contenu

Pochi

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    13

  • Inscription

  • Dernière visite

Pochi's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Pochi
    Merci pour ton aide Thanos! Vraiment sympa! Super support! A bientot sur le forum Cordialement, Pierre
  2. Pochi
    Bonjour Thanos, Oui je n'ai pas supprime le fichier en question car je n'etais pas sur qu'il fallait le faire...je le fais de ce pas^^ Non je n'ai rien touche pour le fichier swap, je ne sais meme pas de quoi il s'agit en fait Bittorrent est bien sur le C: Je crois qu'en fait c'est bien le systeme de restauration de windows qui cree des points de restauration....la partition D: n'a plus bouge depuis que j'ai desactive l'indexage. J'ai l'impression que c'est comme ca depuis que j'ai installe des MAJ Winidows ou le SP2 de Vista. je suppose qu'il faut effacer regulierement les points de restauration en desactivant le system... Ca ne doit donc pas etre bien grave. Tant que ce n'est pas un virus en tout cas, je suis rassure
  3. Pochi
    Impeccable la manip de MBAM! Ca a marche! Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4748 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18943 2010/10/07 17:32:48 mbam-log-2010-10-07 (17-32-48).txt Scan type: Full scan (C:\|D:\|E:\|G:\|H:\|) Objects scanned: 351412 Time elapsed: 1 hour(s), 28 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  4. Pochi
    Pas trop de risque je pense avec fsuipc.dll qui un module fondamental de Flight Simulator utilise par la plupart des addons pour ce jeux... Dans le doute, le scan: File name: FSUIPC.dll Submission date: 2010-10-06 21:16:28 (UTC) Current status: queued (#6) queued (#6) analysing finished Result: 4/ 43 (9.3%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2010.10.07.00 2010.10.06 - AntiVir 7.10.12.142 2010.10.06 - Antiy-AVL 2.0.3.7 2010.10.06 - Authentium 5.2.0.5 2010.10.06 - Avast 4.8.1351.0 2010.10.06 - Avast5 5.0.594.0 2010.10.06 - AVG 9.0.0.851 2010.10.06 - BitDefender 7.2 2010.10.06 - CAT-QuickHeal 11.00 2010.10.05 - ClamAV 0.96.2.0-git 2010.10.06 - Comodo 6303 2010.10.06 UnclassifiedMalware DrWeb 5.0.2.03300 2010.10.06 - Emsisoft 5.0.0.50 2010.10.06 - eSafe 7.0.17.0 2010.10.06 - eTrust-Vet 36.1.7895 2010.10.06 - F-Prot 4.6.2.117 2010.10.06 - F-Secure 9.0.15370.0 2010.10.06 - Fortinet 4.2.249.0 2010.10.06 - GData 21 2010.10.06 - Ikarus T3.1.1.90.0 2010.10.06 - Jiangmin 13.0.900 2010.10.06 - K7AntiVirus 9.63.2689 2010.10.06 - Kaspersky 7.0.0.125 2010.10.06 - McAfee 5.400.0.1158 2010.10.06 Suspect-AB!A282ECF1AF76 McAfee-GW-Edition 2010.1C 2010.10.06 - Microsoft 1.6201 2010.10.06 - NOD32 5510 2010.10.06 - Norman 6.06.07 2010.10.06 - nProtect 2010-10-06.02 2010.10.06 - Panda 10.0.2.7 2010.10.06 Suspicious file PCTools 7.0.3.5 2010.10.02 - Prevx 3.0 2010.10.06 - Rising 22.67.02.07 2010.09.30 - Sophos 4.58.0 2010.10.06 - Sunbelt 7000 2010.10.06 - SUPERAntiSpyware 4.40.0.1006 2010.10.06 - Symantec 20101.2.0.161 2010.10.06 - TheHacker 6.7.0.1.050 2010.10.06 - TrendMicro 9.120.0.1004 2010.10.06 PAK_Generic.006 TrendMicro-HouseCall 9.120.0.1004 2010.10.06 - VBA32 3.12.14.1 2010.10.06 - ViRobot 2010.10.4.4074 2010.10.06 - VirusBuster 12.67.6.0 2010.10.06 - Additional informationShow all MD5 : a282ecf1af763637e09652c169820149 SHA1 : b43d23a76c9504d9cf551904328fdd8b41aefdf2 SHA256: ac0e73e1ee0d972a85ee76a9945178e55cd2eb79e0ee5ee241c6f502cbcd4353 J'ai trouve ca si ca peut aider: http://www.edelwise.com/download/beWISEProgGuide.pdf
  5. Pochi
    File name: beWISEreboot.exe Submission date: 2010-10-06 21:10:55 (UTC) Current status: queued queued analysing finished Result: 5/ 43 (11.6%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2010.10.07.00 2010.10.06 - AntiVir 7.10.12.142 2010.10.06 - Antiy-AVL 2.0.3.7 2010.10.06 - Authentium 5.2.0.5 2010.10.06 - Avast 4.8.1351.0 2010.10.06 - Avast5 5.0.594.0 2010.10.06 - AVG 9.0.0.851 2010.10.06 - BitDefender 7.2 2010.10.06 - CAT-QuickHeal 11.00 2010.10.05 - ClamAV 0.96.2.0-git 2010.10.06 - Comodo 6303 2010.10.06 - DrWeb 5.0.2.03300 2010.10.06 - Emsisoft 5.0.0.50 2010.10.06 Trojan.Zlob!IK eSafe 7.0.17.0 2010.10.06 - eTrust-Vet 36.1.7895 2010.10.06 - F-Prot 4.6.2.117 2010.10.06 - F-Secure 9.0.15370.0 2010.10.06 - Fortinet 4.2.249.0 2010.10.06 - GData 21 2010.10.06 - Ikarus T3.1.1.90.0 2010.10.06 Trojan.Zlob Jiangmin 13.0.900 2010.10.06 - K7AntiVirus 9.63.2689 2010.10.06 - Kaspersky 7.0.0.125 2010.10.06 Trojan-Downloader.Win32.Zlob.bomj McAfee 5.400.0.1158 2010.10.06 - McAfee-GW-Edition 2010.1C 2010.10.06 - Microsoft 1.6201 2010.10.06 - NOD32 5510 2010.10.06 - Norman 6.06.07 2010.10.06 - nProtect 2010-10-06.02 2010.10.06 - Panda 10.0.2.7 2010.10.06 Suspicious file PCTools 7.0.3.5 2010.10.02 - Prevx 3.0 2010.10.06 - Rising 22.67.02.07 2010.09.30 - Sophos 4.58.0 2010.10.06 - Sunbelt 7000 2010.10.06 - SUPERAntiSpyware 4.40.0.1006 2010.10.06 - Symantec 20101.2.0.161 2010.10.06 - TheHacker 6.7.0.1.050 2010.10.06 - TrendMicro 9.120.0.1004 2010.10.06 - TrendMicro-HouseCall 9.120.0.1004 2010.10.06 - VBA32 3.12.14.1 2010.10.06 Trojan-Downloader.Zlob.bomj ViRobot 2010.10.4.4074 2010.10.06 - VirusBuster 12.67.6.0 2010.10.06 - Additional informationShow all MD5 : 3067d6cdd191a7b32680382d7c460c4c SHA1 : d4e2451224d31ed636c5229ad6a2bfbf3d54e0cf SHA256: 62b78dd213711b8b0d5c4e763b0a9c08542b0b35539d739dc603cf41f5de3b37
  6. Pochi
    beWISEreg.exe File name: beWISEreg.exe Submission date: 2010-10-06 21:08:00 (UTC) Current status: queued (#3) queued (#5) analysing finished Result: 21/ 38 (55.3%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2010.10.07.00 2010.10.06 Win-Trojan/Agent.577601 AntiVir 7.10.12.142 2010.10.06 - Antiy-AVL 2.0.3.7 2010.10.06 - Authentium 5.2.0.5 2010.10.06 W32/TrojanX.EGTZ AVG 9.0.0.851 2010.10.06 - BitDefender 7.2 2010.10.06 - CAT-QuickHeal 11.00 2010.10.05 Trojan.Bumat.rts Comodo 6303 2010.10.06 UnclassifiedMalware DrWeb 5.0.2.03300 2010.10.06 - eSafe 7.0.17.0 2010.10.06 - eTrust-Vet 36.1.7895 2010.10.06 - F-Prot 4.6.2.117 2010.10.06 W32/TrojanX.EGTZ F-Secure 9.0.15370.0 2010.10.06 - Fortinet 4.2.249.0 2010.10.06 - GData 21 2010.10.06 - Ikarus T3.1.1.90.0 2010.10.06 Trojan.Agent Jiangmin 13.0.900 2010.10.06 - K7AntiVirus 9.63.2689 2010.10.06 Trojan McAfee 5.400.0.1158 2010.10.06 Generic BackDoor!bkf McAfee-GW-Edition 2010.1C 2010.10.06 Heuristic.LooksLike.Win32.SuspiciousPE.F Microsoft 1.6201 2010.10.06 Trojan:Win32/Bumat!rts NOD32 5510 2010.10.06 probably a variant of Win32/Agent.NNNBGAL Norman 6.06.07 2010.10.06 Malware.EUXP nProtect 2010-10-06.02 2010.10.06 - Panda 10.0.2.7 2010.10.06 Bck/Pcclient.ED PCTools 7.0.3.5 2010.10.02 Backdoor.Formador Prevx 3.0 2010.10.06 High Risk System Back Door Rising 22.67.02.07 2010.09.30 - Sophos 4.58.0 2010.10.06 Mal/Generic-L Sunbelt 7000 2010.10.06 Backdoor.Formador SUPERAntiSpyware 4.40.0.1006 2010.10.06 - Symantec 20101.2.0.161 2010.10.06 Backdoor.Formador TheHacker 6.7.0.1.050 2010.10.06 - TrendMicro 9.120.0.1004 2010.10.06 BKDR_Generic.DIT TrendMicro-HouseCall 9.120.0.1004 2010.10.06 BKDR_Generic.DIT VBA32 3.12.14.1 2010.10.06 - ViRobot 2010.10.4.4074 2010.10.06 - VirusBuster 12.67.6.0 2010.10.06 Trojan.Agent.RKVC
  7. Pochi
    oreans32 AhnLab-V3 2010.10.07.00 2010.10.06 - AntiVir 7.10.12.142 2010.10.06 - Antiy-AVL 2.0.3.7 2010.10.06 - Authentium 5.2.0.5 2010.10.06 - AVG 9.0.0.851 2010.10.06 - BitDefender 7.2 2010.10.06 - CAT-QuickHeal 11.00 2010.10.05 - Comodo 6303 2010.10.06 - DrWeb 5.0.2.03300 2010.10.06 - eSafe 7.0.17.0 2010.10.06 - eTrust-Vet 36.1.7895 2010.10.06 - F-Prot 4.6.2.117 2010.10.06 - F-Secure 9.0.15370.0 2010.10.06 - Fortinet 4.2.249.0 2010.10.06 - GData 21 2010.10.06 - Ikarus T3.1.1.90.0 2010.10.06 Virus.Win32.Trojan Jiangmin 13.0.900 2010.10.06 - K7AntiVirus 9.63.2689 2010.10.06 - McAfee 5.400.0.1158 2010.10.06 - McAfee-GW-Edition 2010.1C 2010.10.06 - Microsoft 1.6201 2010.10.06 - NOD32 5510 2010.10.06 - Norman 6.06.07 2010.10.06 - nProtect 2010-10-06.02 2010.10.06 - Panda 10.0.2.7 2010.10.06 - PCTools 7.0.3.5 2010.10.02 - Prevx 3.0 2010.10.06 - Rising 22.67.02.07 2010.09.30 - Sophos 4.58.0 2010.10.06 - Sunbelt 7000 2010.10.06 - SUPERAntiSpyware 4.40.0.1006 2010.10.06 Application.Oreans32 Symantec 20101.2.0.161 2010.10.06 - TheHacker 6.7.0.1.050 2010.10.06 - TrendMicro 9.120.0.1004 2010.10.06 - TrendMicro-HouseCall 9.120.0.1004 2010.10.06 - VBA32 3.12.14.1 2010.10.06 - ViRobot 2010.10.4.4074 2010.10.06 - VirusBuster 12.67.6.0 2010.10.06 - Additional informationShow all MD5 : 63617de4a5178dc455a75c8c2cbfe823 SHA1 : 35c4fb957dc6ddbe381ea73cf499c081390c2286 SHA256: 3124d31fd3972fce9e74e8cfa79df4848a00b05fbc1cad2f8b8c08e7306be774
  8. Pochi
    Voici le rapport de Gmer! GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-10-07 04:45:25 Windows 6.0.6002 Service Pack 2 Running: l33sipnh.exe; Driver: C:\Users\Pochi\AppData\Local\Temp\pglcapow.sys ---- System - GMER 1.0.15 ---- Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8E485BAE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8E4859D2] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8E485B0C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- PAGE ntkrnlpa.exe!ZwLoadDriver 82D73DF0 7 Bytes JMP 8E485B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82DDF28F 5 Bytes JMP 8E4815D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 82E38063 5 Bytes JMP 8E482FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 82E39905 7 Bytes JMP 8E4859D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82E9990A 7 Bytes JMP 8E485BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CE01380, 0x3590D2, 0xE8000020] .text C:\Windows\system32\drivers\oreans32.sys section is writeable [0x8E4462A0, 0x7B40, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1664] kernel32.dll!SetUnhandledExceptionFilter 76CBA84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\system32\services.exe[692] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 001B0002 IAT C:\Windows\system32\services.exe[692] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 001B0000 IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74B07817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74B5A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74B0BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74AFF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74B075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74AFE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74B38395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74B0DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74AFFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74AFFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74AF71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74B8CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74B2C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74AFD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74AF6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74AF687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74B02AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) Device \FileSystem\fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF ダイナミック/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \FileSystem\fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft ファイルシステム フィルタ マネージャ/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs 9CDE305C ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (\x30cd\x30c3\x30c8\x30ef\x30fc\x30af \x30e2\x30cb\x30bf) 1? Reg HKLM\SYSTEM\ControlSet010\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (\x30cd\x30c3\x30c8\x30ef\x30fc\x30af \x30e2\x30cb\x30bf) 1? Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D004EE7-BD10-07A2-5644-135C7BDE1FB8} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D004EE7-BD10-07A2-5644-135C7BDE1FB8}@gceggjnkgoeeojigahpepcjkfnplihadmfghefhdhmneicepngbhgmjmcpmmmobgfdfhonpkjknbnl 0x6D 0x61 0x6E 0x68 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D3FC5B04-DF4F-7F03-C735-6E510A97E27C} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D3FC5B04-DF4F-7F03-C735-6E510A97E27C}@gchflieajcpbfebjfbegedkfagfommmhajdmekjfcgfpmmaaokpgknpjgnchmfgbbfhiifebmeaaae 0x6D 0x61 0x61 0x69 ... ---- EOF - GMER 1.0.15 ---- ********************************************************************************************************************* J'ai ca aussi : GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-10-07 04:44:16 Windows 6.0.6002 Service Pack 2 Running: l33sipnh.exe; Driver: C:\Users\Pochi\AppData\Local\Temp\pglcapow.sys ---- System - GMER 1.0.15 ---- Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8E485BAE] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateSection [0x8E4859D2] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwLoadDriver [0x8E485B0C] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) NtCreateSection Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- PAGE ntkrnlpa.exe!ZwLoadDriver 82D73DF0 7 Bytes JMP 8E485B10 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82DDF28F 5 Bytes JMP 8E4815D4 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 82E38063 5 Bytes JMP 8E482FFA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!NtCreateSection 82E39905 7 Bytes JMP 8E4859D6 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 82E9990A 7 Bytes JMP 8E485BB2 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) .text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CE01380, 0x3590D2, 0xE8000020] .text C:\Windows\system32\drivers\oreans32.sys section is writeable [0x8E4462A0, 0x7B40, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Alwil Software\Avast5\AvastSvc.exe[1664] kernel32.dll!SetUnhandledExceptionFilter 76CBA84F 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\system32\services.exe[692] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 001B0002 IAT C:\Windows\system32\services.exe[692] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 001B0000 IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74B07817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74B5A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74B0BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74AFF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74B075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74AFE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74B38395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74B0DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74AFFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74AFFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74AF71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74B8CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74B2C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74AFD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74AF6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74AF687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[1840] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74B02AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) Device \FileSystem\fastfat \FatCdrom aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF ダイナミック/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \FileSystem\fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft ファイルシステム フィルタ マネージャ/Microsoft Corporation) Device \FileSystem\cdfs \Cdfs 9CDE305C ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (\x30cd\x30c3\x30c8\x30ef\x30fc\x30af \x30e2\x30cb\x30bf) 1? Reg HKLM\SYSTEM\ControlSet010\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\Descriptions@WAN \x30df\x30cb\x30dd\x30fc\x30c8 (\x30cd\x30c3\x30c8\x30ef\x30fc\x30af \x30e2\x30cb\x30bf) 1? Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D004EE7-BD10-07A2-5644-135C7BDE1FB8} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D004EE7-BD10-07A2-5644-135C7BDE1FB8}@gceggjnkgoeeojigahpepcjkfnplihadmfghefhdhmneicepngbhgmjmcpmmmobgfdfhonpkjknbnl 0x6D 0x61 0x6E 0x68 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D3FC5B04-DF4F-7F03-C735-6E510A97E27C} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D3FC5B04-DF4F-7F03-C735-6E510A97E27C}@gchflieajcpbfebjfbegedkfagfommmhajdmekjfcgfpmmaaokpgknpjgnchmfgbbfhiifebmeaaae 0x6D 0x61 0x61 0x69 ... ---- EOF - GMER 1.0.15 ----
  9. Pochi
    Re-bonsoir, J ai tente le scan MalwareByte mais il plante au milieu: 問題イベント名: APPCRASH アプリケーション名: mbam.exe アプリケーションのバージョン: 1.46.0.1 アプリケーションのタイムスタンプ: 4bd9ed9b 障害モジュールの名前: mbam.dll 障害モジュールのバージョン: 1.46.0.0 障害モジュールのタイムスタンプ: 4bd9baec 例外コード: c0000005 例外オフセット: 0001fffe OS バージョン: 6.0.6002.2.2.0.768.3 ロケール ID: 1041 追加情報 1: 87a5 追加情報 2: f45e6b46e757375450e07e982ba7cd61 追加情報 3: ea5b 追加情報 4: de51562d0dabb5018a397a36a25588d7 Quel est le probleme? Merci Pierre
  10. Pochi
    Bonsoir! Et merci encore pour votre aide! J'ai bien installe MalwareByte's Anti-Malware mais je n'ai pas fait de scan encore. Je vais donc le faire maintenant^^ Apres je fais le GMER. Pierre ps: oups je n'avais pas vu qu'il y avait du japonais dans le log. Je suis trop habitue J'espere que ca gene pas pour l'interpretation. Desole
  11. Pochi
    Le log.txt Logfile of random's system information tool 1.08 (written by random/random) Run by Pochi at 2010-10-06 06:31:36 MicrosoftR Windows Vista? Home Premium Service Pack 2 System drive C: has 24 GB (38%) free of 61 GB Total RAM: 2045 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:32:06, on 2010/10/06 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\vVX1000.exe C:\Program Files\Saitek\SD6\Software\ProfilerU.exe C:\Program Files\Saitek\SD6\Software\SaiMfd.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\pdfforge Toolbar\SearchSettings.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\BitComet\BitComet.exe C:\Downloads\RSIT.exe C:\Program Files\trend micro\Pochi.exe R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live サインイン ヘルパー - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [searchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: すべての動画をBitCometでダウンロード - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: リンク先を &BitComet でダウンロードする - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: 全てのリンクを BitComet でダウンロードする - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun の Java コンソール - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing) O15 - Trusted Zone: Secuser.com - Sécurité informatique et protection de la vie privée O15 - ESC Trusted Zone: http://*.update.microsoft.com O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Bonjour サービス (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod サービス (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: nHancer Support (nHancer) - KSE - Korndorfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Saitek DirectOutput (SaiDOutput) - Saitek - C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10008 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}] BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll [2008-06-26 656696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - c:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-10-10 501384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live サインイン ヘルパー - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}] CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-28 857648] "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-23 86016] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-23 8478720] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-23 81920] "NVHotkey"=C:\Windows\system32\nvHotkey.dll [2007-08-23 81920] "LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2008-08-04 160800] "VX1000"=C:\Windows\vVX1000.exe [2008-08-04 721936] "ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2008-04-04 233472] "SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2008-04-04 131072] "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-08 2838912] "SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160] "SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] "DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter [] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-10-06 06:31:37 ----D---- C:\Program Files\trend micro 2010-10-06 06:31:36 ----D---- C:\rsit 2010-10-06 05:36:19 ----D---- C:\Users\Pochi\AppData\Roaming\Malwarebytes 2010-10-06 05:36:05 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-10-06 05:36:02 ----D---- C:\ProgramData\Malwarebytes 2010-10-06 05:36:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-10-06 05:36:02 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-10-06 03:08:21 ----A---- C:\Windows\system32\drivers\pavboot.sys 2010-10-06 03:08:19 ----D---- C:\Program Files\Panda Security 2010-10-05 01:16:07 ----A---- C:\Windows\system32\XAudio2_7.dll 2010-10-05 01:16:07 ----A---- C:\Windows\system32\XAPOFX1_5.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\xactengine3_7.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\D3DX9_43.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\d3dx11_43.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\d3dx10_43.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\d3dcsx_43.dll 2010-10-05 01:16:06 ----A---- C:\Windows\system32\D3DCompiler_43.dll 2010-10-05 01:16:05 ----A---- C:\Windows\system32\XAudio2_6.dll 2010-10-05 01:16:05 ----A---- C:\Windows\system32\XAPOFX1_4.dll 2010-10-05 01:16:05 ----A---- C:\Windows\system32\xactengine3_6.dll 2010-10-05 01:16:05 ----A---- C:\Windows\system32\X3DAudio1_7.dll 2010-10-05 01:16:03 ----A---- C:\Windows\system32\XAudio2_5.dll 2010-10-05 01:16:01 ----A---- C:\Windows\system32\xactengine3_5.dll 2010-10-05 01:16:01 ----A---- C:\Windows\system32\D3DCompiler_42.dll 2010-10-05 01:15:58 ----A---- C:\Windows\system32\D3DX9_42.dll 2010-10-05 01:15:58 ----A---- C:\Windows\system32\d3dx11_42.dll 2010-10-05 01:15:58 ----A---- C:\Windows\system32\d3dx10_42.dll 2010-10-05 01:15:58 ----A---- C:\Windows\system32\d3dcsx_42.dll 2010-10-05 01:15:57 ----A---- C:\Windows\system32\D3DX9_41.dll 2010-10-05 01:15:57 ----A---- C:\Windows\system32\d3dx10_41.dll 2010-10-05 01:15:57 ----A---- C:\Windows\system32\D3DCompiler_41.dll 2010-10-05 01:15:56 ----A---- C:\Windows\system32\XAudio2_4.dll 2010-10-05 01:15:56 ----A---- C:\Windows\system32\XAPOFX1_3.dll 2010-10-05 01:15:56 ----A---- C:\Windows\system32\xactengine3_4.dll 2010-10-05 01:15:56 ----A---- C:\Windows\system32\X3DAudio1_6.dll 2010-10-05 01:15:55 ----A---- C:\Windows\system32\XAudio2_2.dll 2010-10-05 01:15:55 ----A---- C:\Windows\system32\XAPOFX1_1.dll 2010-10-05 01:15:51 ----A---- C:\Windows\system32\xactengine3_2.dll 2010-10-05 01:07:31 ----D---- C:\Windows\system32\directx 2010-10-02 06:22:37 ----D---- C:\Program Files\KeyHoleTV 2010-09-25 22:05:11 ----D---- C:\Windows\system32\vi-VN 2010-09-25 22:05:11 ----D---- C:\Windows\system32\eu-ES 2010-09-25 22:05:11 ----D---- C:\Windows\system32\ca-ES 2010-09-25 21:57:44 ----D---- C:\Windows\system32\SPReview 2010-09-25 21:42:05 ----A---- C:\Windows\system32\scavenge.dll 2010-09-25 21:42:01 ----A---- C:\Windows\system32\compcln.exe 2010-09-25 21:38:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-09-25 21:38:30 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-09-25 21:38:30 ----A---- C:\Windows\system32\secproc_isv.dll 2010-09-25 21:38:30 ----A---- C:\Windows\system32\secproc.dll 2010-09-25 21:38:30 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2010-09-25 21:38:30 ----A---- C:\Windows\system32\SearchIndexer.exe 2010-09-25 21:38:30 ----A---- C:\Windows\system32\SearchFilterHost.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\sdohlp.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\sdclt.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scrrun.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scrobj.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scksp.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\schedsvc.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scesrv.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scecli.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\SCardSvr.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\scansetting.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\samsrv.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\samlib.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\rtffilt.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\rsaenh.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\rpcss.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\rpchttp.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\RMActivate.exe 2010-09-25 21:38:29 ----A---- C:\Windows\system32\riched20.dll 2010-09-25 21:38:29 ----A---- C:\Windows\system32\drivers\sdbus.sys 2010-09-25 21:38:29 ----A---- C:\Windows\system32\drivers\RNDISMP.sys 2010-09-25 21:38:29 ----A---- C:\Windows\system32\drivers\rmcast.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\powercpl.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PNPXAssoc.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PnPutil.exe 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PnPUnattend.exe 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pnpui.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pnpsetup.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pnidui.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PkgMgr.exe 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pidgenx.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\photowiz.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\perfdisk.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\PerfCenterCPL.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pdh.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\pcaui.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\p2psvc.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\P2PGraph.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\ntdll.dll 2010-09-25 21:38:27 ----A---- C:\Windows\system32\nslookup.exe 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\portcls.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\pciidex.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\pciide.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\pci.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\partmgr.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\pacer.sys 2010-09-25 21:38:27 ----A---- C:\Windows\system32\drivers\npfs.sys 2010-09-25 21:38:26 ----A---- C:\Windows\system32\osk.exe 2010-09-25 21:38:26 ----A---- C:\Windows\system32\oobefldr.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\onex.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\olepro32.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\oleprn.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\oleaut32.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\ole32.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\offfilt.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\odbccp32.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\odbcconf.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\odbc32.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\ocsetup.exe 2010-09-25 21:38:26 ----A---- C:\Windows\system32\ntmarta.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\NlsLexicons0009.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\NlsLexicons0007.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\nlhtml.dll 2010-09-25 21:38:26 ----A---- C:\Windows\system32\drivers\ohci1394.sys 2010-09-25 21:38:26 ----A---- C:\Windows\system32\drivers\nwifi.sys 2010-09-25 21:38:26 ----A---- C:\Windows\system32\drivers\ntfs.sys 2010-09-25 21:38:25 ----A---- C:\Windows\system32\RelMon.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rekeywiz.exe 2010-09-25 21:38:25 ----A---- C:\Windows\system32\regsvc.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\regapi.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\reg.exe 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rdpwsx.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rdpencom.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rastapi.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasppp.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasplap.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasmontr.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasmans.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasgcw.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasdlg.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasdial.exe 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasdiag.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\raschap.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\rasapi32.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\RacEngn.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\Query.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\qmgr.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\qedit.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\prnntfy.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\printui.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\PresentationSettings.exe 2010-09-25 21:38:25 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\ntprint.dll 2010-09-25 21:38:25 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2010-09-25 21:38:25 ----A---- C:\Windows\system32\drivers\rdbss.sys 2010-09-25 21:38:25 ----A---- C:\Windows\system32\drivers\rassstp.sys 2010-09-25 21:38:25 ----A---- C:\Windows\system32\drivers\raspppoe.sys 2010-09-25 21:38:24 ----A---- C:\Windows\system32\qdvd.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\QAGENTRT.DLL 2010-09-25 21:38:24 ----A---- C:\Windows\system32\puiapi.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\propsys.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\propdefs.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\profsvc.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2010-09-25 21:38:24 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-09-25 21:38:24 ----A---- C:\Windows\system32\powrprof.dll 2010-09-25 21:38:23 ----A---- C:\Windows\system32\psisdecd.dll 2010-09-25 21:38:23 ----A---- C:\Windows\system32\PSHED.DLL 2010-09-25 21:38:22 ----A---- C:\Windows\system32\shlwapi.dll 2010-09-25 21:38:22 ----A---- C:\Windows\system32\shdocvw.dll 2010-09-25 21:38:22 ----A---- C:\Windows\system32\setupapi.dll 2010-09-25 21:38:22 ----A---- C:\Windows\system32\sethc.exe 2010-09-25 21:38:22 ----A---- C:\Windows\system32\services.exe 2010-09-25 21:38:22 ----A---- C:\Windows\system32\sendmail.dll 2010-09-25 21:38:22 ----A---- C:\Windows\system32\drivers\sffp_sd.sys 2010-09-25 21:38:20 ----A---- C:\Windows\system32\ExplorerFrame.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\evr.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\eudcedit.exe 2010-09-25 21:38:20 ----A---- C:\Windows\system32\EhStorAPI.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\eapphost.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\eappgnui.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\eappcfg.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\eapp3hst.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\dwm.exe 2010-09-25 21:38:20 ----A---- C:\Windows\system32\dsprop.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\dsound.dll 2010-09-25 21:38:20 ----A---- C:\Windows\system32\drivers\exfat.sys 2010-09-25 21:38:20 ----A---- C:\Windows\system32\drivers\ecache.sys 2010-09-25 21:38:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2010-09-25 21:38:20 ----A---- C:\Windows\system32\drivers\dxg.sys 2010-09-25 21:38:20 ----A---- C:\Windows\system32\drivers\Dumpata.sys 2010-09-25 21:38:19 ----A---- C:\Windows\system32\f3ahvoas.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\esent.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\es.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\EncDec.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\emdmgmt.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\EhStorShell.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\EhStorPwdMgr.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\EhStorAuthn.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2010-09-25 21:38:19 ----A---- C:\Windows\system32\drivers\disk.sys 2010-09-25 21:38:19 ----A---- C:\Windows\system32\drivers\dfsc.sys 2010-09-25 21:38:19 ----A---- C:\Windows\system32\dpapimig.exe 2010-09-25 21:38:19 ----A---- C:\Windows\system32\diskraid.exe 2010-09-25 21:38:19 ----A---- C:\Windows\system32\diskpart.exe 2010-09-25 21:38:19 ----A---- C:\Windows\system32\dimsroam.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\diagperf.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\dhcpcsvc6.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\dhcpcsvc.dll 2010-09-25 21:38:19 ----A---- C:\Windows\system32\dfsr.exe 2010-09-25 21:38:19 ----A---- C:\Windows\system32\devmgr.dll 2010-09-25 21:38:19 ----A---- C:\Windows\explorer.exe 2010-09-25 21:38:18 ----A---- C:\Windows\system32\iasnap.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\IasMigReader.exe 2010-09-25 21:38:18 ----A---- C:\Windows\system32\IasMigPlugin.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\iashlpr.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\iasdatastore.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\iasads.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\iasacct.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\hbaapi.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\gpupdate.exe 2010-09-25 21:38:18 ----A---- C:\Windows\system32\gpsvc.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\gpresult.exe 2010-09-25 21:38:18 ----A---- C:\Windows\system32\drvstore.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\drvinst.exe 2010-09-25 21:38:18 ----A---- C:\Windows\system32\drmv2clt.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\drmmgrtn.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\drivers\hdaudbus.sys 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dot3svc.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dot3msm.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dot3cfg.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dnsrslvr.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dnsapi.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dmusic.dll 2010-09-25 21:38:18 ----A---- C:\Windows\system32\dmsynth.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\hidserv.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\hdwwiz.exe 2010-09-25 21:38:17 ----A---- C:\Windows\system32\gpedit.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\gpapi.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\gdi32.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fundisc.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\ftp.exe 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fontext.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\findstr.exe 2010-09-25 21:38:17 ----A---- C:\Windows\system32\feclient.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdWSD.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdWCN.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdSSDP.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdProxy.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdeploy.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdBthProxy.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fdBth.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\fc.exe 2010-09-25 21:38:17 ----A---- C:\Windows\system32\Faultrep.dll 2010-09-25 21:38:17 ----A---- C:\Windows\system32\drivers\hidusb.sys 2010-09-25 21:38:17 ----A---- C:\Windows\system32\drivers\hidclass.sys 2010-09-25 21:38:17 ----A---- C:\Windows\system32\drivers\fltMgr.sys 2010-09-25 21:38:17 ----A---- C:\Windows\system32\drivers\fastfat.sys 2010-09-25 21:38:16 ----A---- C:\Windows\system32\gameux.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\FwRemoteSvr.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2010-09-25 21:38:16 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2010-09-25 21:38:16 ----A---- C:\Windows\system32\drivers\bridge.sys 2010-09-25 21:38:16 ----A---- C:\Windows\system32\drivers\ataport.sys 2010-09-25 21:38:16 ----A---- C:\Windows\system32\drivers\atapi.sys 2010-09-25 21:38:16 ----A---- C:\Windows\system32\bthci.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\browseui.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\brcpl.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\blackbox.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\bitsigd.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\bcrypt.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\basecsp.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\azroles.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\autoplay.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\autofmt.exe 2010-09-25 21:38:16 ----A---- C:\Windows\system32\autoconv.exe 2010-09-25 21:38:16 ----A---- C:\Windows\system32\autochk.exe 2010-09-25 21:38:16 ----A---- C:\Windows\system32\authz.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\authui.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\audiosrv.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\AudioSes.dll 2010-09-25 21:38:16 ----A---- C:\Windows\system32\audiodg.exe 2010-09-25 21:38:15 ----A---- C:\Windows\system32\drivers\acpi.sys 2010-09-25 21:38:15 ----A---- C:\Windows\system32\BFE.DLL 2010-09-25 21:38:15 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-09-25 21:38:15 ----A---- C:\Windows\system32\apphelp.dll 2010-09-25 21:38:15 ----A---- C:\Windows\system32\apds.dll 2010-09-25 21:38:15 ----A---- C:\Windows\system32\adsmsext.dll 2010-09-25 21:38:15 ----A---- C:\Windows\system32\accessibilitycpl.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\drivers\crashdmp.sys 2010-09-25 21:38:14 ----A---- C:\Windows\system32\drivers\afd.sys 2010-09-25 21:38:14 ----A---- C:\Windows\system32\dbgeng.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\davclnt.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\crypt32.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\credui.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\connect.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\conime.exe 2010-09-25 21:38:14 ----A---- C:\Windows\system32\comuid.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\comsvcs.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\comdlg32.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\cmmon32.exe 2010-09-25 21:38:14 ----A---- C:\Windows\system32\cmdial32.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\advapi32.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\adtschema.dll 2010-09-25 21:38:14 ----A---- C:\Windows\system32\adsldpc.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\DevicePairingWizard.exe 2010-09-25 21:38:13 ----A---- C:\Windows\system32\DevicePairingProxy.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\DevicePairing.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\DeviceEject.exe 2010-09-25 21:38:13 ----A---- C:\Windows\system32\dataclen.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\d3d9.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\csrstub.exe 2010-09-25 21:38:13 ----A---- C:\Windows\system32\cscript.exe 2010-09-25 21:38:13 ----A---- C:\Windows\system32\cscdll.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\cscapi.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\cryptui.dll 2010-09-25 21:38:13 ----A---- C:\Windows\system32\cryptsvc.dll 2010-09-25 21:38:12 ----A---- C:\Windows\system32\drivers\cdrom.sys 2010-09-25 21:38:12 ----A---- C:\Windows\system32\cdd.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\drivers\Classpnp.sys 2010-09-25 21:38:11 ----A---- C:\Windows\system32\clfs.sys 2010-09-25 21:38:11 ----A---- C:\Windows\system32\cipher.exe 2010-09-25 21:38:11 ----A---- C:\Windows\system32\ci.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\CHxReadingStringIME.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\chtbrkr.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\chsbrkr.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\certmgr.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\CertEnrollUI.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\CertEnroll.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\certcli.dll 2010-09-25 21:38:11 ----A---- C:\Windows\system32\cbsra.exe 2010-09-25 21:38:11 ----A---- C:\Windows\system32\bthudtask.exe 2010-09-25 21:38:11 ----A---- C:\Windows\system32\bthserv.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msihnd.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msiexec.exe 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msftedit.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msexcl40.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msexch40.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\msdtctm.dll 2010-09-25 21:38:10 ----A---- C:\Windows\system32\certutil.exe 2010-09-25 21:38:10 ----A---- C:\Windows\system32\certreq.exe 2010-09-25 21:38:10 ----A---- C:\Windows\system32\certprop.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msi.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msdtcprx.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msdrm.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msctfui.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msctfp.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\MsCtfMonitor.dll 2010-09-25 21:38:09 ----A---- C:\Windows\system32\msctf.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\msimsg.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\MPSSVC.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\mprapi.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\mpr.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\modemui.dll 2010-09-25 21:38:08 ----A---- C:\Windows\system32\MMDevAPI.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\NetProjW.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\netplwiz.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\netlogon.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\netcenter.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\netapi32.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\ncryptui.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\ncrypt.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\mtxclu.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\mscories.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\mscorier.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\mscms.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\mscandui.dll 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\netio.sys 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\netbt.sys 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\ndiswan.sys 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\ndis.sys 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\mup.sys 2010-09-25 21:38:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2010-09-25 21:38:06 ----A---- C:\Windows\system32\newdev.exe 2010-09-25 21:38:06 ----A---- C:\Windows\system32\newdev.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\networkmap.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\networkitemfactory.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\networkexplorer.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\netshell.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\NcdProp.dll 2010-09-25 21:38:06 ----A---- C:\Windows\system32\NaturalLanguage6.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msxbde40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mswstr10.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mswsock.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mswdat10.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\MSVidCtl.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msvcrt.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msvcp60.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msutb.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mstsc.exe 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mstlsapi.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mstext40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssvp.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msstrc.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssrch.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssprxy.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssphtb.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssph.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mssitlb.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msshsq.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msshooks.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msscp.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msscntrs.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msscb.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msrepl40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msrd3x40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msrd2x40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\mspbde40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msnetobj.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msltus40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msjtes40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msjter40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msjint40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msjetoledb40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msjet40.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msisip.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msinfo32.exe 2010-09-25 21:38:05 ----A---- C:\Windows\system32\msimtf.dll 2010-09-25 21:38:05 ----A---- C:\Windows\system32\drivers\msrpc.sys 2010-09-25 21:38:05 ----A---- C:\Windows\system32\drivers\msiscsi.sys 2010-09-25 21:38:04 ----A---- C:\Windows\system32\iscsilog.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\ipsmsnap.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\IPSECSVC.DLL 2010-09-25 21:38:04 ----A---- C:\Windows\system32\InkEd.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\infocardapi.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\inetppui.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\inetpp.dll 2010-09-25 21:38:04 ----A---- C:\Windows\system32\imm32.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\ipsecsnp.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\IPHLPAPI.DLL 2010-09-25 21:38:03 ----A---- C:\Windows\system32\ipconfig.exe 2010-09-25 21:38:03 ----A---- C:\Windows\system32\input.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\ifmon.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\icardres.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\iassvcs.dll 2010-09-25 21:38:03 ----A---- C:\Windows\system32\iassdo.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\IMJP10K.DLL 2010-09-25 21:38:02 ----A---- C:\Windows\system32\imapi2fs.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\imapi2.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\imapi.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\IKEEXT.DLL 2010-09-25 21:38:02 ----A---- C:\Windows\system32\icardagt.exe 2010-09-25 21:38:02 ----A---- C:\Windows\system32\iassam.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\iasrecst.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\iasrad.dll 2010-09-25 21:38:02 ----A---- C:\Windows\system32\iaspolcy.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\mmcico.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\mimefilt.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\milcore.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\midimap.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\mfplat.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\mfc42u.dll 2010-09-25 21:38:01 ----A---- C:\Windows\system32\mfc42.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mmcndmgr.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mmci.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mmc.exe 2010-09-25 21:38:00 ----A---- C:\Windows\system32\MediaMetadataHandler.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mcmde.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\mblctr.exe 2010-09-25 21:38:00 ----A---- C:\Windows\system32\logagent.exe 2010-09-25 21:38:00 ----A---- C:\Windows\system32\l2nacp.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\korwbrkr.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\kernel32.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\kdusb.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\kdcom.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\kd1394.dll 2010-09-25 21:38:00 ----A---- C:\Windows\system32\drivers\ks.sys 2010-09-25 21:38:00 ----A---- C:\Windows\system32\drivers\kbdhid.sys 2010-09-25 21:37:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\WindowsCodecs.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\whealogr.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wevtutil.exe 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wevtsvc.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wercon.exe 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wer.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\WebClnt.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wdscore.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\wdc.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\shsetup.dll 2010-09-25 21:37:59 ----A---- C:\Windows\system32\Magnify.exe 2010-09-25 21:37:59 ----A---- C:\Windows\system32\logman.exe 2010-09-25 21:37:58 ----A---- C:\Windows\system32\win32spl.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wiaservc.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wiaaut.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wevtapi.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wersvc.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\WerFaultSecure.exe 2010-09-25 21:37:58 ----A---- C:\Windows\system32\WerFault.exe 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wcnwiz2.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wcnwiz.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\WcnNetsh.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\wcncsvc.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\version.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\vdsutil.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\vdsdyn.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\vds.exe 2010-09-25 21:37:58 ----A---- C:\Windows\system32\vdmdbg.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\uxsms.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\Utilman.exe 2010-09-25 21:37:58 ----A---- C:\Windows\system32\userenv.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\usercpl.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\user32.dll 2010-09-25 21:37:58 ----A---- C:\Windows\system32\drivers\watchdog.sys 2010-09-25 21:37:58 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS 2010-09-25 21:37:58 ----A---- C:\Windows\system32\drivers\usbport.sys 2010-09-25 21:37:57 ----A---- C:\Windows\system32\xmlfilter.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wusa.exe 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wshext.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wsepno.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\WSDMon.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wsdchngr.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wscsvc.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wscript.exe 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wscntfy.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wscisvif.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\WscEapPr.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wscapi.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wpcsvc.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wpccpl.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wpcao.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\wow32.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\WMVXENCD.DLL 2010-09-25 21:37:57 ----A---- C:\Windows\system32\WMVSDECD.DLL 2010-09-25 21:37:57 ----A---- C:\Windows\system32\WMVENCOD.DLL 2010-09-25 21:37:57 ----A---- C:\Windows\system32\w32time.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\VSSVC.exe 2010-09-25 21:37:57 ----A---- C:\Windows\system32\vssapi.dll 2010-09-25 21:37:57 ----A---- C:\Windows\system32\drivers\volsnap.sys 2010-09-25 21:37:57 ----A---- C:\Windows\system32\drivers\volmgrx.sys 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wsnmp32.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\WsmSvc.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wshbth.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wmpmde.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\WMPhoto.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wmpeffects.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\WMNetMgr.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wlgpclnt.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\Wldap32.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wlanui.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wlanpref.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wlangpui.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\wisptis.exe 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winsrv.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\WinSCard.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\WinSAT.exe 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winrnr.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winresume.exe 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winmm.dll 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winlogon.exe 2010-09-25 21:37:56 ----A---- C:\Windows\system32\winload.exe 2010-09-25 21:37:55 ----A---- C:\Windows\system32\wmicmiplugin.dll 2010-09-25 21:37:55 ----A---- C:\Windows\system32\wmdrmsdk.dll 2010-09-25 21:37:55 ----A---- C:\Windows\system32\sud.dll 2010-09-25 21:37:55 ----A---- C:\Windows\system32\Storprop.dll 2010-09-25 21:37:55 ----A---- C:\Windows\system32\stobject.dll 2010-09-25 21:37:55 ----A---- C:\Windows\system32\drivers\stream.sys 2010-09-25 21:37:55 ----A---- C:\Windows\system32\drivers\Storport.sys 2010-09-25 21:37:54 ----A---- C:\Windows\system32\srvsvc.dll 2010-09-25 21:37:54 ----A---- C:\Windows\system32\srcore.dll 2010-09-25 21:37:54 ----A---- C:\Windows\system32\srchadmin.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\sysmain.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\sysclass.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\SyncCenter.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\swprv.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\smss.exe 2010-09-25 21:37:53 ----A---- C:\Windows\system32\SmiEngine.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\SMBHelperClass.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\slwmi.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\slcc.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\SLC.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\shwebsvc.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\shsvcs.dll 2010-09-25 21:37:53 ----A---- C:\Windows\system32\drivers\smb.sys 2010-09-25 21:37:52 ----A---- C:\Windows\system32\sqlsrv32.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spwizui.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spwinsat.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spreview.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spp.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spoolss.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spinstall.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\sperror.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\spcmsg.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SndVol.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\slwga.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLUINotify.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLUI.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLsvc.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\slmgr.vbs 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLLUA.exe 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLCommDlg.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\slcinst.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\SLCExt.dll 2010-09-25 21:37:52 ----A---- C:\Windows\system32\drivers\spsys.sys 2010-09-25 21:37:51 ----A---- C:\Windows\system32\zipfldr.dll 2010-09-25 21:37:51 ----A---- C:\Windows\system32\untfs.dll 2010-09-25 21:37:51 ----A---- C:\Windows\system32\TsWpfWrp.exe 2010-09-25 21:37:51 ----A---- C:\Windows\system32\TSTheme.exe 2010-09-25 21:37:51 ----A---- C:\Windows\system32\tscupgrd.exe 2010-09-25 21:37:51 ----A---- C:\Windows\system32\softkbd.dll 2010-09-25 21:37:51 ----A---- C:\Windows\system32\SnippingTool.exe 2010-09-25 21:37:51 ----A---- C:\Windows\system32\drivers\USBCAMD.sys 2010-09-25 21:37:51 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys 2010-09-25 21:37:51 ----A---- C:\Windows\system32\drivers\usb8023.sys 2010-09-25 21:37:51 ----A---- C:\Windows\system32\drivers\udfs.sys 2010-09-25 21:37:50 ----A---- C:\Windows\system32\ulib.dll 2010-09-25 21:37:50 ----A---- C:\Windows\system32\uDWM.dll 2010-09-25 21:37:50 ----A---- C:\Windows\system32\drivers\usbhub.sys 2010-09-25 21:37:50 ----A---- C:\Windows\system32\drivers\usbehci.sys 2010-09-25 21:37:50 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys 2010-09-25 21:37:49 ----A---- C:\Windows\system32\umpnpmgr.dll 2010-09-25 21:37:49 ----A---- C:\Windows\system32\systemcpl.dll 2010-09-25 21:37:47 ----A---- C:\Windows\system32\tquery.dll 2010-09-25 21:37:47 ----A---- C:\Windows\system32\tcpipcfg.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\themeui.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\themecpl.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\thawbrkr.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\termsrv.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\tcpmon.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\taskeng.exe 2010-09-25 21:37:46 ----A---- C:\Windows\system32\taskcomp.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\tapisrv.dll 2010-09-25 21:37:46 ----A---- C:\Windows\system32\drivers\termdd.sys 2010-09-25 21:37:46 ----A---- C:\Windows\system32\drivers\tdx.sys 2010-09-25 21:31:58 ----D---- C:\Windows\system32\EventProviders 2010-09-25 18:02:03 ----A---- C:\Windows\system32\usp10.dll 2010-09-25 18:01:59 ----A---- C:\Windows\system32\ntoskrnl.exe 2010-09-25 18:01:59 ----A---- C:\Windows\system32\ntkrnlpa.exe 2010-09-25 18:01:47 ----A---- C:\Windows\system32\MP4SDECD.DLL 2010-09-25 18:01:41 ----A---- C:\Windows\system32\iertutil.dll 2010-09-25 18:01:39 ----A---- C:\Windows\system32\mshtml.dll 2010-09-25 18:01:39 ----A---- C:\Windows\system32\ieframe.dll 2010-09-25 18:01:38 ----A---- C:\Windows\system32\urlmon.dll 2010-09-25 18:01:37 ----A---- C:\Windows\system32\msfeeds.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\wininet.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\occache.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\mstime.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\ieui.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\iedkcs32.dll 2010-09-25 18:01:32 ----A---- C:\Windows\system32\ie4uinit.exe 2010-09-25 18:01:31 ----A---- C:\Windows\system32\msfeedssync.exe 2010-09-25 18:01:31 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-09-25 18:01:31 ----A---- C:\Windows\system32\jsproxy.dll 2010-09-25 18:01:31 ----A---- C:\Windows\system32\ieUnatt.exe 2010-09-25 18:01:31 ----A---- C:\Windows\system32\iesysprep.dll 2010-09-25 18:01:31 ----A---- C:\Windows\system32\iesetup.dll 2010-09-25 18:01:31 ----A---- C:\Windows\system32\iernonce.dll 2010-09-25 18:01:31 ----A---- C:\Windows\system32\iepeers.dll 2010-09-25 18:01:27 ----A---- C:\Windows\system32\iccvid.dll 2010-09-25 18:01:26 ----A---- C:\Windows\system32\spoolsv.exe 2010-09-25 18:01:17 ----A---- C:\Windows\system32\schannel.dll 2010-09-25 18:00:38 ----A---- C:\Windows\system32\win32k.sys 2010-09-25 18:00:18 ----A---- C:\Windows\system32\rtutils.dll 2010-09-25 17:59:41 ----A---- C:\Windows\system32\msxml3.dll 2010-09-25 17:59:39 ----A---- C:\Windows\system32\inetcomm.dll 2010-09-25 17:59:38 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-09-25 17:59:38 ----A---- C:\Windows\system32\drivers\srv.sys 2010-09-25 17:59:36 ----A---- C:\Windows\system32\drivers\tcpip.sys 2010-09-24 18:38:41 ----D---- C:\Program Files\MSXML 4.0 2010-09-22 22:03:21 ----D---- C:\Program Files\iPod 2010-09-22 22:03:20 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-09-22 22:03:20 ----D---- C:\Program Files\iTunes 2010-09-22 22:01:08 ----D---- C:\Program Files\QuickTime 2010-09-22 21:57:09 ----D---- C:\Program Files\Bonjour ======List of files/folders modified in the last 1 months====== 2010-10-06 06:32:00 ----D---- C:\Windows\Prefetch 2010-10-06 06:31:56 ----D---- C:\Windows\Temp 2010-10-06 06:31:37 ----RD---- C:\Program Files 2010-10-06 06:31:18 ----D---- C:\Users\Pochi\AppData\Roaming\Skype 2010-10-06 06:12:19 ----D---- C:\Downloads 2010-10-06 05:36:05 ----D---- C:\Windows\system32\drivers 2010-10-06 05:36:02 ----HD---- C:\ProgramData 2010-10-06 03:04:56 ----SD---- C:\Windows\Downloaded Program Files 2010-10-06 02:05:01 ----SHD---- C:\System Volume Information 2010-10-06 01:38:30 ----D---- C:\Windows 2010-10-06 00:06:14 ----D---- C:\Users\Pochi\AppData\Roaming\skypePM 2010-10-05 22:46:29 ----D---- C:\Windows\System32 2010-10-05 22:46:29 ----D---- C:\Windows\inf 2010-10-05 22:46:29 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-10-05 01:07:31 ----D---- C:\Windows\Logs 2010-10-04 23:36:03 ----D---- C:\Program Files\JkDefrag 2010-10-04 21:51:07 ----SHD---- C:\Windows\Installer 2010-10-04 04:10:47 ----HD---- C:\Program Files\InstallShield Installation Information 2010-10-04 04:05:27 ----D---- C:\Program Files\Microsoft Games 2010-10-04 02:22:34 ----D---- C:\ProgramData\DreamFleet 2010-10-01 07:01:45 ----D---- C:\Windows\system32\catroot2 2010-09-28 02:09:41 ----AD---- C:\ProgramData\TEMP 2010-09-28 02:05:41 ----D---- C:\Fraps 2010-09-27 02:14:23 ----D---- C:\Users\Pochi\AppData\Roaming\vlc 2010-09-25 23:19:54 ----SD---- C:\ProgramData\Microsoft 2010-09-25 23:19:47 ----SD---- C:\Users\Pochi\AppData\Roaming\Microsoft 2010-09-25 22:41:18 ----D---- C:\Windows\Microsoft.NET 2010-09-25 22:41:17 ----RSD---- C:\Windows\assembly 2010-09-25 22:34:37 ----D---- C:\Windows\system32\wbem 2010-09-25 22:30:44 ----D---- C:\Windows\winsxs 2010-09-25 22:28:49 ----D---- C:\Windows\system32\catroot 2010-09-25 22:25:41 ----D---- C:\Windows\rescache 2010-09-25 22:12:45 ----SHD---- C:\Boot 2010-09-25 22:05:37 ----D---- C:\Program Files\Windows Sidebar 2010-09-25 22:05:37 ----D---- C:\Program Files\Windows Media Player 2010-09-25 22:05:37 ----D---- C:\Program Files\Windows Mail 2010-09-25 22:05:37 ----D---- C:\Program Files\Windows Collaboration 2010-09-25 22:05:37 ----D---- C:\Program Files\Windows Calendar 2010-09-25 22:05:37 ----D---- C:\Program Files\Movie Maker 2010-09-25 22:05:37 ----D---- C:\Program Files\Internet Explorer 2010-09-25 22:05:36 ----D---- C:\Windows\servicing 2010-09-25 22:05:36 ----D---- C:\Program Files\Windows Photo Gallery 2010-09-25 22:05:36 ----D---- C:\Program Files\Windows Journal 2010-09-25 22:05:36 ----D---- C:\Program Files\Windows Defender 2010-09-25 22:05:36 ----D---- C:\Program Files\Common Files\System 2010-09-25 22:05:34 ----D---- C:\Windows\ehome 2010-09-25 22:05:33 ----D---- C:\Windows\system32\XPSViewer 2010-09-25 22:05:33 ----D---- C:\Windows\system32\sk-SK 2010-09-25 22:05:33 ----D---- C:\Windows\system32\oobe 2010-09-25 22:05:33 ----D---- C:\Windows\system32\migration 2010-09-25 22:05:33 ----D---- C:\Windows\system32\lv-LV 2010-09-25 22:05:33 ----D---- C:\Windows\system32\ko-KR 2010-09-25 22:05:33 ----D---- C:\Windows\system32\it-IT 2010-09-25 22:05:33 ----D---- C:\Windows\system32\hr-HR 2010-09-25 22:05:33 ----D---- C:\Windows\system32\et-EE 2010-09-25 22:05:33 ----D---- C:\Windows\system32\en-US 2010-09-25 22:05:33 ----D---- C:\Windows\system32\el-GR 2010-09-25 22:05:33 ----D---- C:\Windows\system32\de-DE 2010-09-25 22:05:33 ----D---- C:\Windows\system32\da-DK 2010-09-25 22:05:33 ----D---- C:\Windows\IME 2010-09-25 22:05:32 ----D---- C:\Windows\system32\zh-TW 2010-09-25 22:05:32 ----D---- C:\Windows\system32\zh-CN 2010-09-25 22:05:32 ----D---- C:\Windows\system32\uk-UA 2010-09-25 22:05:32 ----D---- C:\Windows\system32\sv-SE 2010-09-25 22:05:32 ----D---- C:\Windows\system32\sr-Latn-CS 2010-09-25 22:05:32 ----D---- C:\Windows\system32\SLUI 2010-09-25 22:05:32 ----D---- C:\Windows\system32\sl-SI 2010-09-25 22:05:32 ----D---- C:\Windows\system32\setup 2010-09-25 22:05:32 ----D---- C:\Windows\system32\ru-RU 2010-09-25 22:05:32 ----D---- C:\Windows\system32\pt-PT 2010-09-25 22:05:32 ----D---- C:\Windows\system32\pl-PL 2010-09-25 22:05:32 ----D---- C:\Windows\system32\manifeststore 2010-09-25 22:05:32 ----D---- C:\Windows\system32\ja 2010-09-25 22:05:32 ----D---- C:\Windows\system32\hu-HU 2010-09-25 22:05:32 ----D---- C:\Windows\system32\he-IL 2010-09-25 22:05:32 ----D---- C:\Windows\system32\fr-FR 2010-09-25 22:05:32 ----D---- C:\Windows\system32\fi-FI 2010-09-25 22:05:32 ----D---- C:\Windows\system32\es-ES 2010-09-25 22:05:32 ----D---- C:\Windows\system32\cs-CZ 2010-09-25 22:05:32 ----D---- C:\Windows\system32\AdvancedInstallers 2010-09-25 22:05:30 ----D---- C:\Windows\system32\ja-JP 2010-09-25 22:05:26 ----D---- C:\Windows\system32\tr-TR 2010-09-25 22:05:26 ----D---- C:\Windows\system32\th-TH 2010-09-25 22:05:26 ----D---- C:\Windows\system32\ro-RO 2010-09-25 22:05:26 ----D---- C:\Windows\system32\drivers\ja-JP 2010-09-25 22:05:26 ----D---- C:\Windows\system32\bg-BG 2010-09-25 22:05:25 ----D---- C:\Windows\system32\pt-BR 2010-09-25 22:05:25 ----D---- C:\Windows\system32\nl-NL 2010-09-25 22:05:25 ----D---- C:\Windows\system32\nb-NO 2010-09-25 22:05:25 ----D---- C:\Windows\system32\migwiz 2010-09-25 22:05:25 ----D---- C:\Windows\system32\lt-LT 2010-09-25 22:05:25 ----D---- C:\Windows\system32\ar-SA 2010-09-25 22:05:16 ----RSD---- C:\Windows\Fonts 2010-09-25 22:05:16 ----D---- C:\Windows\AppPatch 2010-09-25 22:05:11 ----D---- C:\Windows\system32\Boot 2010-09-25 22:03:55 ----D---- C:\Windows\system32\drivers\UMDF 2010-09-25 21:59:50 ----D---- C:\Windows\system32\Tasks 2010-09-25 21:55:35 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2010-09-25 18:43:49 ----D---- C:\Windows\Debug 2010-09-25 18:13:55 ----D---- C:\ProgramData\Microsoft Help 2010-09-24 16:32:39 ----D---- C:\Windows\Minidump 2010-09-22 22:03:20 ----D---- C:\Program Files\Common Files\Apple 2010-09-14 18:19:36 ----A---- C:\Windows\WORDPAD.INI 2010-09-10 14:34:30 ----A---- C:\Windows\system32\mrt.exe 2010-09-08 00:11:54 ----A---- C:\Windows\system32\aswBoot.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-10-18 36624] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672] R1 oreans32;oreans32; \??\C:\Windows\system32\drivers\oreans32.sys [2007-10-31 33920] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768] R2 dsunidrv;DellSupport UniDriver; C:\Windows\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-27 32256] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-27 43520] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-27 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192] R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848] R3 NETw4v32;Windows Vista 32 ビット用インテル® Wireless WiFi Link アダプタ ドライバ; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-08-13 2226688] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-23 7617600] R3 rxpvbus;Reality XP Avionics Bus Driver; C:\Windows\system32\DRIVERS\rxpvbus.sys [2005-11-04 44032] R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2008-04-04 14080] R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2008-04-04 35456] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-10 89088] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-13 330240] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-04-28 182456] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968] S0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [2006-10-05 4736] S3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704] S3 HdAudAddService;Microsoft 1.1 UAA ファンクション ドライバ (High Definition Audio 用) サービス; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032] S3 SaiH0464;SaiH0464; C:\Windows\system32\DRIVERS\SaiH0464.sys [2007-05-01 132232] S3 SaiH0762;SaiH0762; C:\Windows\system32\DRIVERS\SaiH0762.sys [2008-04-04 136832] S3 SaiH0763;SaiH0763; C:\Windows\system32\DRIVERS\SaiH0763.sys [2007-05-01 132232] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984] S3 usbaudio;USB オーディオ ドライバ (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216] S3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys [2008-08-04 1964432] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 ZSMC211;CMS-V23; C:\Windows\System32\Drivers\ZS211.sys [] S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-02-13 277784] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-09-20 73728] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-08 40384] R2 Bonjour Service;Bonjour サービス; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168] R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2008-08-04 164896] R2 nHancer;nHancer Support; C:\Program Files\nHancer\nHancerService.exe [2007-10-03 20480] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680] R2 SaiDOutput;Saitek DirectOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [2008-04-04 147456] R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-08 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-08 40384] R3 iPod Service;iPod サービス; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [] -----------------EOF----------------- Le info.txt info.txt logfile of random's system information tool 1.08 2010-10-06 06:32:14 ======Uninstall list====== Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll" Adobe Reader 8.2.0 - Japanese-->MsiExec.exe /I{AC76BA86-7AD7-1041-7B44-A82000000003} aerosoft's - Pro Flight Emulator Deluxe-->C:\Program Files\InstallShield Installation Information\{FCD605A8-4D9D-4FA8-B9EF-043399C84DBA}\setup.exe -runfromtemp -l0x0009 -uninst -removeonly Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D} Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup BitComet 1.03-->C:\Program Files\BitComet\uninst.exe Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643} Broadcom Management Programs-->MsiExec.exe /I{C99C0593-3B48-41D9-B42F-6E035B320449} Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" ClearView-->MsiExec.exe /I{3877E508-FD52-4095-A60C-9B2FC0341397} Condor: The Competition Soaring Simulator 1.1.1-->C:\Program Files\Condor\uninst.exe Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000fz.inf CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe Dell Touchpad-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Dell システム カスタマイズ ウィザード-->MsiExec.exe /I{98FD63BC-2DF2-4716-A093-3A9BC7C7B713} DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D} Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0011 -removeonly DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN Faros Freeplay FMGS for A320-->C:\PROGRA~1\Faros\A320FMGS\UNWISE.EXE C:\PROGRA~1\Faros\A320FMGS\INSTALL.LOG Fraps-->"C:\Fraps\uninstall.exe" Ground Environment Professional-->C:\Program Files\Flight One Software\GEProUninstal.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" ImgBurn (Remove Only)-->"C:\Program Files\ImgBurn\uninstall.exe" iPhone 構成ユーティリティ-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1} iTunes-->MsiExec.exe /I{350FB27C-CF62-4EF3-AF9D-70FF313FE221} Java SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000} JkDefrag 3.25 Fr-->"C:\Program Files\JkDefrag\unins000.exe" KeyHoleTV-->"C:\Program Files\KeyHoleTV\uninstall.exe" K-Lite Codec Pack 5.9.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins001.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102} MediaDirect-->C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x0011 -cluninstall mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Corporation-->MsiExec.exe /I{7B08D306-7266-4647-A926-2F78817ED1E0} Microsoft Flight Simulator X Demo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{B98A34C0-A6A2-4087-B272-557C1C6D0A07} Microsoft LifeCam-->MsiExec.exe /X{6BCB7EAA-598C-4836-B7EA-3642E41AA222} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Module de compatibilite pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE} mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MSXML 4.0 SP2 パーサーと SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA} NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0011 -removeonly nHancer-->MsiExec.exe /X{AEB357CC-EED3-489A-BA21-395A448E07FE} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Office Animation Runtime-->MsiExec.exe /X{AEEB3643-71DE-414d-9E3F-1159177FE211} OpenMG Limited Patch 4.7-07-15-19-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-15-19-01\HotFixSetup\setup.exe /u OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe PDF Manual NW-E010 Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4038EAF0-6F8E-4068-88F6-A417958B8AC5}\setup.exe" -l0x9 UNINSTALL -removeonly PDFCreator-->C:\Program Files\PDFCreator\unins000.exe pdfforge Toolbar v1.1.2-->MsiExec.exe /X{5791B7D3-8B34-4218-9750-6A8E45D0AD32} Project Canarias 2006-->MsiExec.exe /I{DA46AA5F-4934-4DAC-94E4-7D84AD9A4090} QuickSet-->MsiExec.exe /I{0F95AA42-0FF6-4D48-9CA1-64C8D0777500} QuickTime-->MsiExec.exe /I{EB900AF8-CC61-4E15-871B-98D1EA3E8025} Saitek DirectOutput 6.2.2.4-->MsiExec.exe /X{4F5C19F6-27CF-43EC-9BDC-31DB63F1E2DD} Saitek SD6 Programming Software 6.2.2.4-->MsiExec.exe /X{CABECAFA-EDC1-407E-933E-DC0FA0865367} Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE} Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D} Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A} Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4} Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060} Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22} Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46} Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA} SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x11 -remove -removeonly SimView-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB4813CB-D22D-44A0-9A72-A643870E9C0F}\Setup.exe" Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype? 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Outlook 2007 Junk Email Filter (kb2291599)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {768A5B4B-2FDF-4F3D-981E-33C53724BBC8} VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B} Version 1.0-->"G:\FS2004\Ameliorations FS\Eau\Real Environment Pro\unins000.exe" VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Call-->MsiExec.exe /I{FF7DB6B3-1288-4A82-A42A-14F76420DC42} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{457C231F-853D-4FB6-8E8D-72B73A113637} Windows Live アップロード ツール-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live おすすめパック-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live おすすめパック-->MsiExec.exe /I{B8ED7934-A409-485D-8A9B-B6E13FD70649} Windows Live サインイン アシスタント-->MsiExec.exe /I{283276C7-67EF-4EE4-8663-E46013148330} インテル® PROSet/Wireless ソフトウェア-->C:\Windows\Installer\iProInst.exe モデム診断ツール-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B} ======Security center information====== AS: Windows Defender (disabled) (outdated) =====Application event log===== Computer Name: Pochi-PC Event Code: 223 Message: WinMail (3560) WindowsMail0: ログ ファイルのバックアップを開始しています。範囲は C:\Users\Pochi\AppData\Local\Microsoft\Windows Mail\edb00001.log から C:\Users\Pochi\AppData\Local\Microsoft\Windows Mail\edb00001.log までです。 Record Number: 474 Source Name: ESENT Time Written: 20071020124849.000000-000 Event Type: 情報 User: Computer Name: Pochi-PC Event Code: 221 Message: WinMail (3560) WindowsMail0: ファイル C:\Users\Pochi\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore のバックアップを終了しています。 Record Number: 473 Source Name: ESENT Time Written: 20071020124849.000000-000 Event Type: 情報 User: Computer Name: Pochi-PC Event Code: 220 Message: WinMail (3560) WindowsMail0: ファイル C:\Users\Pochi\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (サイズ 2 Mb) のバックアップを開始しています。 Record Number: 472 Source Name: ESENT Time Written: 20071020124849.000000-000 Event Type: 情報 User: Computer Name: Pochi-PC Event Code: 210 Message: WinMail (3560) WindowsMail0: 完全バックアップを開始しています。 Record Number: 471 Source Name: ESENT Time Written: 20071020124849.000000-000 Event Type: 情報 User: Computer Name: Pochi-PC Event Code: 102 Message: WinMail (3560) WindowsMail0: データベース エンジン (6.00.6000.0000) は新しいインスタンス (0) を開始しました。 Record Number: 470 Source Name: ESENT Time Written: 20071020124848.000000-000 Event Type: 情報 User: =====Security event log===== Computer Name: Pochi-PC Event Code: 4624 Message: アカウントが正常にログオンしました。 サブジェクト: セキュリティ ID: S-1-5-18 アカウント名: POCHI-PC$ アカウント ドメイン: WORKGROUP ログオン ID: 0x3e7 ログオン タイプ: 2 新しいログオン: セキュリティ ID: S-1-5-21-229683998-808890475-2161963818-1000 アカウント名: Pochi アカウント ドメイン: Pochi-PC ログオン ID: 0x1c6f4 ログオン GUID: {00000000-0000-0000-0000-000000000000} プロセス情報: プロセス ID: 0x2c8 プロセス名: C:\Windows\System32\winlogon.exe ネットワーク情報: ワークステーション名: POCHI-PC ソース ネットワーク アドレス: 127.0.0.1 ソース ポート: 0 詳細な認証情報: ログオン プロセス: User32 認証パッケージ: Negotiate 移行されたサービス: - パッケージ名 (NTLM のみ): - キーの長さ: 0 このイベントは、ログオン セッションの作成時に生成されます。このイベントは、アクセス先のコンピュータで生成されます。 サブジェクトのフィールドは、ログオンを要求したローカル システム上のアカウントを示します。これはサーバー サービスなどのサービスまたは Winlogon.exe や Services.exe などのローカル プロセスであることが最も一般的です。 ログオン タイプのフィールドは、発生したログオンの種類を示します。最も一般的なタイプは、2 (対話型) と 3 (ネットワーク) です。 新しいログオンのフィールドは、新しいログオンを作成するアカウント、つまりログオン先のアカウントを示します。 ネットワークのフィールドは、リモート ログオン要求の送信元を示します。ワークステーション名は常に表示されるとは限らず、場合によっては空白のままであることがあります。 認証情報のフィールドは、この特定のログオン要求に関する詳細情報を示します。 - ログオン GUID は、このイベントを KDC イベントに関連付ける場合に使用できる一意の識別子です。 - 移行されたサービスは、このログオン要求に関与した中間サービスを示します。 - パッケージ名は、NTLM プロトコルのうち使用されたサブプロトコルを示します。 - キーの長さは、生成されたセッション キーの長さを示します。これは、セッション キーが要求されなかった場合は 0 になります。 Record Number: 50951 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090414133139.775349-000 Event Type: 成功の監査 User: Computer Name: Pochi-PC Event Code: 4648 Message: 明示的な資格情報を使用してログオンが試行されました。 サブジェクト: セキュリティ ID: S-1-5-18 アカウント名: POCHI-PC$ アカウント ドメイン: WORKGROUP ログオン ID: 0x3e7 ログオン GUID: {00000000-0000-0000-0000-000000000000} 資格情報が使用されたアカウント: アカウント名: Pochi アカウント ドメイン: Pochi-PC ログオン GUID: {00000000-0000-0000-0000-000000000000} ターゲット サーバー: ターゲット サーバー名: localhost 追加情報: localhost プロセス情報: プロセス ID: 0x2c8 プロセス名: C:\Windows\System32\winlogon.exe ネットワーク情報: ネットワーク アドレス: 127.0.0.1 ポート: 0 このイベントは、プロセスがアカウントの資格情報を明示的に指定して、そのアカウントへのログオンを試行した場合に生成されます。これは、スケジュール タスクなどのバッチ タイプ構成で、または RUNAS コマンドの使用時に発生するのが最も一般的です。 Record Number: 50950 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090414133139.775349-000 Event Type: 成功の監査 User: Computer Name: Pochi-PC Event Code: 4672 Message: 新しいログオンに特権が割り当てられました。 サブジェクト: セキュリティ ID: S-1-5-18 アカウント名: SYSTEM アカウント ドメイン: NT AUTHORITY ログオン ID: 0x3e7 特権: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 50949 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090414133138.823743-000 Event Type: 成功の監査 User: Computer Name: Pochi-PC Event Code: 4624 Message: アカウントが正常にログオンしました。 サブジェクト: セキュリティ ID: S-1-5-18 アカウント名: POCHI-PC$ アカウント ドメイン: WORKGROUP ログオン ID: 0x3e7 ログオン タイプ: 5 新しいログオン: セキュリティ ID: S-1-5-18 アカウント名: SYSTEM アカウント ドメイン: NT AUTHORITY ログオン ID: 0x3e7 ログオン GUID: {00000000-0000-0000-0000-000000000000} プロセス情報: プロセス ID: 0x280 プロセス名: C:\Windows\System32\services.exe ネットワーク情報: ワークステーション名: ソース ネットワーク アドレス: - ソース ポート: - 詳細な認証情報: ログオン プロセス: Advapi 認証パッケージ: Negotiate 移行されたサービス: - パッケージ名 (NTLM のみ): - キーの長さ: 0 このイベントは、ログオン セッションの作成時に生成されます。このイベントは、アクセス先のコンピュータで生成されます。 サブジェクトのフィールドは、ログオンを要求したローカル システム上のアカウントを示します。これはサーバー サービスなどのサービスまたは Winlogon.exe や Services.exe などのローカル プロセスであることが最も一般的です。 ログオン タイプのフィールドは、発生したログオンの種類を示します。最も一般的なタイプは、2 (対話型) と 3 (ネットワーク) です。 新しいログオンのフィールドは、新しいログオンを作成するアカウント、つまりログオン先のアカウントを示します。 ネットワークのフィールドは、リモート ログオン要求の送信元を示します。ワークステーション名は常に表示されるとは限らず、場合によっては空白のままであることがあります。 認証情報のフィールドは、この特定のログオン要求に関する詳細情報を示します。 - ログオン GUID は、このイベントを KDC イベントに関連付ける場合に使用できる一意の識別子です。 - 移行されたサービスは、このログオン要求に関与した中間サービスを示します。 - パッケージ名は、NTLM プロトコルのうち使用されたサブプロトコルを示します。 - キーの長さは、生成されたセッション キーの長さを示します。これは、セッション キーが要求されなかった場合は 0 になります。 Record Number: 50948 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090414133138.823743-000 Event Type: 成功の監査 User: Computer Name: Pochi-PC Event Code: 4648 Message: 明示的な資格情報を使用してログオンが試行されました。 サブジェクト: セキュリティ ID: S-1-5-18 アカウント名: POCHI-PC$ アカウント ドメイン: WORKGROUP ログオン ID: 0x3e7 ログオン GUID: {00000000-0000-0000-0000-000000000000} 資格情報が使用されたアカウント: アカウント名: SYSTEM アカウント ドメイン: NT AUTHORITY ログオン GUID: {00000000-0000-0000-0000-000000000000} ターゲット サーバー: ターゲット サーバー名: localhost 追加情報: localhost プロセス情報: プロセス ID: 0x280 プロセス名: C:\Windows\System32\services.exe ネットワーク情報: ネットワーク アドレス: - ポート: - このイベントは、プロセスがアカウントの資格情報を明示的に指定して、そのアカウントへのログオンを試行した場合に生成されます。これは、スケジュール タスクなどのバッチ タイプ構成で、または RUNAS コマンドの使用時に発生するのが最も一般的です。 Record Number: 50947 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090414133138.823743-000 Event Type: 成功の監査 User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 10, GenuineIntel "PROCESSOR_REVISION"=0f0a "NUMBER_OF_PROCESSORS"=2 "asl.log"=Destination=file "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip -----------------EOF-----------------
  12. Pochi
    Bonsoir, Merci pour la reponse rapide! Voici le rapport Activescan: ;*********************************************************************************************************************************************************************************** ANALYSIS: 2010-10-06 05:52:54 PROTECTIONS: 1 MALWARE: 22 SUSPECTS: 3 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== avast! Antivirus Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@atdmt[1].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@tradedoubler[2].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@tradedoubler[1].txt 00145457 Cookie/FastClick TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@fastclick[2].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@tribalfusion[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@mediaplex[2].txt 00167642 Cookie/Com.com TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@com[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@xiti[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@ad.yieldmanager[2].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@apmebf[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@serving-sys[1].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@bs.serving-sys[2].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@weborama[1].txt 00168109 Cookie/Adtech TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@adtech[1].txt 00168116 Cookie/Comclick TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@fl01.ct2.comclick[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@advertising[2].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@advertising[1].txt 00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@questionmarket[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@bluestreak[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@adviva[2].txt 00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No c:\users\pochi\appdata\roaming\microsoft\windows\cookies\pochi@smartadserver[2].txt 03074964 Trj/CI.A Virus/Trojan No 0 Yes No g:\my documents\my ebooks\atr72-500\f1 atr72 installation\dx7vb.exe 04574335 Bck/Pcclient.ED Virus/Trojan No 0 Yes No c:\windows\system32\bewisereg.exe ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== No c:\windows\system32\bewisereboot.exe No g:\my documents\my ebooks\f18e superhornet\fsuipc\fsuipc.zip[weatherset2.exe] No g:\my documents\my ebooks\f18e superhornet\fsuipc\backup\fsuipc.dll ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== Je vais lancer RSIT de ce pas! Pierre
  13. Pochi
    Bonsoir a tous, Voila, j'ai un soucis sur mon PC portable qui tourne sous Vista Premium 32 (version japonaise) Je me suis rendu compte depuis quelques temps que mon disque dur (2 partitions)se remplissait tout seul petit a petit. Exemple le plus flagrant: Je formate ma partition ou sont stockee mais donnees. J'obtiens donc une partition vide de 39GO avec 90MO de pris (je suppose que ces 90MO sont pris d'office par le systeme). J'eteins mon PC, je le rallume le lendemain et je vois que sur ma partition ce n'est plsu 90MO mais 440MO qui sont pris... Bien sur la partititon est vide aucun fichiers n'apparait, ni meme de fichiers caches. Est-ce un comportement normal? J'ai cherche des informations sur le net...j'ai trouve trois possibilites, un probleme de restauration systeme, ou probleme de fichier d'echange swap, ou alors un virus. Cependant, j'y connais quasiment rien a tout ca donc je requiers votre aide. Par acquis de conscience j'ai fait un scan Avast et Windows defender qui n'a rien detecte... Par contre, j'ai un aActivescan en cours qui a deja trouve 3 ficheirs suspicieux et 23 infectes... Pourriez-vous m'aider svp. Pierre
×
×
  • Créer...