raport analyse hijackthis suite a un post d'Aide

darwizardX · le 25 août 2009

alors voicie le log comme demandé

Logfile of random's system information tool 1.06 (written by random/random)

Run by DarwizardX at 2009-08-25 18:22:31

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2

System drive C: has 68 GB (44%) free of 153 GB

Total RAM: 4094 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:22:32, on 2009-08-25

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files (x86)\ASUS\AASP\1.00.82\aaCenter.exe

C:\Program Files\ASUS\EPU\EPU.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\DarwizardX\Downloads\RSIT.exe

C:\Program Files (x86)\hijack\DarwizardX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\iEvony\Skype4COM.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files (x86)\WinPcap\rpcapd.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 7637 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2008-12-30 17713152]

"Cpu Level Up help"=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]

"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"ForceActiveDesktopOn"=

"BindDirectlyToPropertySetStorage"=

"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02f60d1e-6004-11de-88c9-806e6f6e6963}]

shell\AutoRun\command - E:\AutoRunCD.exe

======List of files/folders created in the last 3 months======

2009-08-25 18:22:31 ----D---- C:\rsit

2009-08-24 22:22:53 ----D---- C:\Program Files (x86)\hijack

2009-08-21 21:09:36 ----D---- C:\Users\DarwizardX\AppData\Roaming\Malwarebytes

2009-08-21 21:09:31 ----D---- C:\ProgramData\Malwarebytes

2009-08-21 21:09:31 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2009-08-19 22:06:19 ----D---- C:\ProgramData\Blizzard Entertainment

2009-08-12 21:49:55 ----D---- C:\Users\DarwizardX\AppData\Roaming\WinRAR

2009-08-11 18:46:49 ----A---- C:\Windows\system32\mstscax.dll

2009-08-11 18:46:42 ----A---- C:\Windows\system32\atl.dll

2009-08-11 18:46:13 ----A---- C:\Windows\system32\avifil32.dll

2009-08-11 18:45:49 ----A---- C:\Windows\system32\wmp.dll

2009-08-11 18:45:46 ----A---- C:\Windows\system32\wmpdxm.dll

2009-08-11 18:45:45 ----A---- C:\Windows\system32\spwmp.dll

2009-08-11 18:45:43 ----A---- C:\Windows\system32\wmploc.DLL

2009-08-11 18:45:43 ----A---- C:\Windows\system32\dxmasf.dll

2009-08-09 18:59:32 ----RHD---- C:\Users\DarwizardX\AppData\Roaming\SecuROM

2009-08-09 18:58:01 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-08-09 18:57:59 ----A---- C:\Windows\system32\PnkBstrA.exe

2009-08-09 18:57:59 ----A---- C:\Windows\system32\pbsvc.exe

2009-08-09 18:57:53 ----A---- C:\Windows\system32\d3dx10_35.dll

2009-08-09 18:57:53 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2009-08-09 18:57:52 ----A---- C:\Windows\system32\d3dx9_35.dll

2009-08-09 18:57:52 ----A---- C:\Windows\system32\d3dx10_34.dll

2009-08-09 18:57:52 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2009-08-09 18:57:50 ----A---- C:\Windows\system32\d3dx9_34.dll

2009-08-09 18:57:48 ----A---- C:\Windows\system32\xinput1_3.dll

2009-08-09 18:56:48 ----D---- C:\ProgramData\Media Center Programs

2009-08-03 23:05:53 ----D---- C:\ProgramData\ma-config.com

2009-08-03 23:05:53 ----D---- C:\Program Files (x86)\ma-config.com

2009-08-02 12:27:29 ----D---- C:\Program Files (x86)\Teamspeak2_RC2

2009-07-30 07:12:37 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI4747.txt

2009-07-30 07:12:36 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI4747.txt

2009-07-30 07:12:10 ----A---- C:\Windows\dd_ATL80SP1_KB973923MSI46E8.txt

2009-07-30 07:12:08 ----A---- C:\Windows\dd_ATL80SP1_KB973923UI46E8.txt

2009-07-29 07:22:32 ----A---- C:\Windows\system32\mshtml.dll

2009-07-29 07:22:21 ----A---- C:\Windows\system32\ieframe.dll

2009-07-29 07:22:18 ----A---- C:\Windows\system32\urlmon.dll

2009-07-29 07:22:16 ----A---- C:\Windows\system32\wininet.dll

2009-07-29 07:22:16 ----A---- C:\Windows\system32\ieui.dll

2009-07-29 07:22:14 ----A---- C:\Windows\system32\ieencode.dll

2009-07-23 21:28:42 ----D---- C:\ProgramData\Blizzard

2009-07-21 18:10:04 ----D---- C:\ProgramData\NOS

2009-07-21 18:10:04 ----D---- C:\Program Files (x86)\NOS

2009-07-16 11:12:43 ----D---- C:\ProgramData\Apple Computer

2009-07-16 11:12:43 ----D---- C:\Program Files (x86)\QuickTime

2009-07-15 10:33:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2009-07-15 10:29:38 ----A---- C:\Windows\system32\t2embed.dll

2009-07-15 10:29:38 ----A---- C:\Windows\system32\fontsub.dll

2009-07-15 10:29:38 ----A---- C:\Windows\system32\dciman32.dll

2009-07-15 10:29:38 ----A---- C:\Windows\system32\atmfd.dll

2009-07-13 12:31:53 ----D---- C:\.jagex_cache_32

2009-07-12 08:46:34 ----D---- C:\Program Files (x86)\LimeWire

2009-07-07 11:23:39 ----D---- C:\VCO Almanac

2009-07-05 11:48:49 ----D---- C:\Program Files (x86)\iEvony

2009-07-04 14:25:04 ----D---- C:\Program Files (x86)\StarCraft

2009-07-03 22:08:37 ----D---- C:\Program Files (x86)\Bounty Bay Online

2009-07-03 13:13:32 ----A---- C:\Windows\ntbtlog.txt

2009-07-02 15:35:52 ----D---- C:\Windows\hpojp8500a909

2009-07-02 15:30:19 ----D---- C:\Program Files (x86)\Hewlett-Packard

2009-07-02 14:30:24 ----D---- C:\Program Files (x86)\HP

2009-07-02 14:30:23 ----HD---- C:\Config.Msi

2009-07-02 14:20:24 ----D---- C:\Downloads

2009-07-02 14:19:43 ----D---- C:\Program Files (x86)\Free Download Manager

2009-06-30 16:03:43 ----D---- C:\ProgramData\Electronic Arts

2009-06-30 15:57:35 ----D---- C:\Program Files (x86)\Microsoft WSE

2009-06-30 15:57:00 ----A---- C:\Windows\system32\d3dx9_31.dll

2009-06-30 15:43:51 ----D---- C:\Program Files (x86)\Electronic Arts

2009-06-30 09:41:20 ----D---- C:\ProgramData\Hewlett-Packard

2009-06-28 13:36:58 ----D---- C:\Program Files (x86)\jv16 PowerTools

2009-06-28 12:33:44 ----D---- C:\Windows\system32\vi-VN

2009-06-28 12:33:44 ----D---- C:\Windows\system32\eu-ES

2009-06-28 12:33:44 ----D---- C:\Windows\system32\ca-ES

2009-06-28 12:23:20 ----A---- C:\Windows\system32\networkexplorer.dll

2009-06-28 12:23:19 ----A---- C:\Windows\system32\nslookup.exe

2009-06-28 12:23:19 ----A---- C:\Windows\system32\newdev.exe

2009-06-28 12:23:19 ----A---- C:\Windows\system32\newdev.dll

2009-06-28 12:23:19 ----A---- C:\Windows\system32\networkmap.dll

2009-06-28 12:23:19 ----A---- C:\Windows\system32\networkitemfactory.dll

2009-06-28 12:23:19 ----A---- C:\Windows\system32\netshell.dll

2009-06-28 12:23:18 ----A---- C:\Windows\system32\ntdll.dll

2009-06-28 12:23:18 ----A---- C:\Windows\system32\NlsLexicons0009.dll

2009-06-28 12:23:18 ----A---- C:\Windows\system32\NlsLexicons0007.dll

2009-06-28 12:23:18 ----A---- C:\Windows\system32\nlhtml.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\mtxclu.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxml6.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxml3.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\msxbde40.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswstr10.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswsock.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\mswdat10.dll

2009-06-28 12:23:17 ----A---- C:\Windows\system32\msv1_0.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\netplwiz.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\netlogon.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\netiohlp.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\netcenter.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\MSVidCtl.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\msvcrt.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\msvcp60.dll

2009-06-28 12:23:16 ----A---- C:\Windows\system32\msutb.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\perfdisk.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\PerfCenterCPL.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\netapi32.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\ncryptui.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\ncrypt.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\NcdProp.dll

2009-06-28 12:23:15 ----A---- C:\Windows\system32\NaturalLanguage6.dll

2009-06-28 12:23:14 ----A---- C:\Windows\system32\pdh.dll

2009-06-28 12:23:14 ----A---- C:\Windows\system32\pcaui.dll

2009-06-28 12:23:13 ----A---- C:\Windows\system32\pnpsetup.dll

2009-06-28 12:23:13 ----A---- C:\Windows\system32\pnidui.dll

2009-06-28 12:23:12 ----A---- C:\Windows\system32\pidgenx.dll

2009-06-28 12:23:12 ----A---- C:\Windows\system32\photowiz.dll

2009-06-28 12:23:12 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-06-28 12:23:11 ----A---- C:\Windows\system32\odbcconf.dll

2009-06-28 12:23:11 ----A---- C:\Windows\system32\odbc32.dll

2009-06-28 12:23:11 ----A---- C:\Windows\system32\ocsetup.exe

2009-06-28 12:23:11 ----A---- C:\Windows\system32\occache.dll

2009-06-28 12:23:10 ----A---- C:\Windows\system32\p2psvc.dll

2009-06-28 12:23:10 ----A---- C:\Windows\system32\P2PGraph.dll

2009-06-28 12:23:10 ----A---- C:\Windows\system32\oobefldr.dll

2009-06-28 12:23:10 ----A---- C:\Windows\system32\ntprint.dll

2009-06-28 12:23:10 ----A---- C:\Windows\system32\ntmarta.dll

2009-06-28 12:23:09 ----A---- C:\Windows\system32\osk.exe

2009-06-28 12:23:09 ----A---- C:\Windows\system32\ole32.dll

2009-06-28 12:23:09 ----A---- C:\Windows\system32\offfilt.dll

2009-06-28 12:23:09 ----A---- C:\Windows\system32\odbccp32.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\onex.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\olepro32.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\oleprn.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\oleaut32.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msexcl40.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msexch40.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msdrm.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctfui.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctfp.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\MsCtfMonitor.dll

2009-06-28 12:23:08 ----A---- C:\Windows\system32\msctf.dll

2009-06-28 12:23:07 ----A---- C:\Windows\system32\msimsg.dll

2009-06-28 12:23:07 ----A---- C:\Windows\system32\msihnd.dll

2009-06-28 12:23:07 ----A---- C:\Windows\system32\msdtcprx.dll

2009-06-28 12:23:06 ----A---- C:\Windows\system32\msiexec.exe

2009-06-28 12:23:06 ----A---- C:\Windows\system32\msi.dll

2009-06-28 12:23:06 ----A---- C:\Windows\system32\mshtmled.dll

2009-06-28 12:23:06 ----A---- C:\Windows\system32\msftedit.dll

2009-06-28 12:23:06 ----A---- C:\Windows\system32\msfeedsbs.dll

2009-06-28 12:23:06 ----A---- C:\Windows\system32\msfeeds.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\msrating.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscories.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscorier.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscoree.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscms.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\mscandui.dll

2009-06-28 12:23:05 ----A---- C:\Windows\system32\MSAC3ENC.DLL

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msscntrs.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msscb.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrepl40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrd3x40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msrd2x40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\mspbde40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msltus40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjtes40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjter40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjint40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msjet40.dll

2009-06-28 12:23:04 ----A---- C:\Windows\system32\msisip.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstsc.exe

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstlsapi.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstime.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mstext40.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mssvp.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\mssitlb.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\msshsq.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\msnetobj.dll

2009-06-28 12:23:03 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL

2009-06-28 12:23:03 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL

2009-06-28 12:23:03 ----A---- C:\Windows\system32\msjetoledb40.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\msstrc.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssrch.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssprxy.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssphtb.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\mssph.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\msshooks.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\msscp.dll

2009-06-28 12:23:02 ----A---- C:\Windows\system32\msinfo32.exe

2009-06-28 12:23:02 ----A---- C:\Windows\system32\msimtf.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc_ssp.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc_isv.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\secproc.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\scrrun.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\scrobj.dll

2009-06-28 12:23:01 ----A---- C:\Windows\system32\scksp.dll

2009-06-28 12:23:00 ----A---- C:\Windows\system32\secur32.dll

2009-06-28 12:23:00 ----A---- C:\Windows\system32\secproc_ssp_isv.dll

2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchProtocolHost.exe

2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchIndexer.exe

2009-06-28 12:23:00 ----A---- C:\Windows\system32\SearchFilterHost.exe

2009-06-28 12:23:00 ----A---- C:\Windows\system32\sdohlp.dll

2009-06-28 12:22:58 ----A---- C:\Windows\system32\puiapi.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasdial.exe

2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasdiag.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\raschap.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\rasapi32.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\RacEngn.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\Query.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\quartz.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\qedit.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\qdvd.dll

2009-06-28 12:22:57 ----A---- C:\Windows\system32\psisdecd.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\printui.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\powrprof.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\powercpl.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-06-28 12:22:56 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\propsys.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\propdefs.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\prnntfy.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationNative_v0300.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll

2009-06-28 12:22:55 ----A---- C:\Windows\system32\PresentationHost.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\scesrv.dll

2009-06-28 12:22:54 ----A---- C:\Windows\system32\SCardSvr.dll

2009-06-28 12:22:54 ----A---- C:\Windows\system32\scansetting.dll

2009-06-28 12:22:54 ----A---- C:\Windows\system32\rsaenh.dll

2009-06-28 12:22:54 ----A---- C:\Windows\system32\rrinstaller.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\rpchttp.dll

2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_ssp.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate_isv.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\RMActivate.exe

2009-06-28 12:22:54 ----A---- C:\Windows\system32\riched20.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\schannel.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\scecli.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\samlib.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\rtutils.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\rtffilt.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\rdpencom.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\rasplap.dll

2009-06-28 12:22:53 ----A---- C:\Windows\system32\rasmontr.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\RelMon.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rekeywiz.exe

2009-06-28 12:22:52 ----A---- C:\Windows\system32\regapi.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\reg.exe

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rastls.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rastapi.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasppp.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasgcw.dll

2009-06-28 12:22:52 ----A---- C:\Windows\system32\rasdlg.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dsound.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dot3msm.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dot3cfg.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dnsapi.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dmusic.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dmsynth.dll

2009-06-28 12:22:51 ----A---- C:\Windows\system32\diskraid.exe

2009-06-28 12:22:51 ----A---- C:\Windows\system32\diskpart.exe

2009-06-28 12:22:51 ----A---- C:\Windows\system32\dimsroam.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\dsprop.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\drvstore.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\drvinst.exe

2009-06-28 12:22:50 ----A---- C:\Windows\system32\drmv2clt.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\drmmgrtn.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\dpapimig.exe

2009-06-28 12:22:50 ----A---- C:\Windows\system32\DevicePairing.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\dbgeng.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\davclnt.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\dataclen.dll

2009-06-28 12:22:50 ----A---- C:\Windows\system32\cscript.exe

2009-06-28 12:22:49 ----A---- C:\Windows\system32\dhcpcsvc6.dll

2009-06-28 12:22:49 ----A---- C:\Windows\system32\dhcpcsvc.dll

2009-06-28 12:22:49 ----A---- C:\Windows\system32\devmgr.dll

2009-06-28 12:22:49 ----A---- C:\Windows\system32\DevicePairingWizard.exe

2009-06-28 12:22:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll

2009-06-28 12:22:49 ----A---- C:\Windows\system32\d3d9.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdSSDP.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdProxy.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdeploy.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdBthProxy.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fdBth.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\fc.exe

2009-06-28 12:22:48 ----A---- C:\Windows\system32\Faultrep.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\f3ahvoas.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\extmgr.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\ExplorerFrame.dll

2009-06-28 12:22:48 ----A---- C:\Windows\system32\dfshim.dll

2009-06-28 12:22:48 ----A---- C:\Windows\explorer.exe

2009-06-28 12:22:47 ----A---- C:\Windows\system32\fundisc.dll

2009-06-28 12:22:47 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll

2009-06-28 12:22:47 ----A---- C:\Windows\system32\ftp.exe

2009-06-28 12:22:47 ----A---- C:\Windows\system32\fontext.dll

2009-06-28 12:22:47 ----A---- C:\Windows\system32\findstr.exe

2009-06-28 12:22:47 ----A---- C:\Windows\system32\feclient.dll

2009-06-28 12:22:47 ----A---- C:\Windows\system32\explorer.exe

2009-06-28 12:22:46 ----A---- C:\Windows\system32\fdWSD.dll

2009-06-28 12:22:46 ----A---- C:\Windows\system32\fdWCN.dll

2009-06-28 12:22:46 ----A---- C:\Windows\system32\EhStorAPI.dll

2009-06-28 12:22:46 ----A---- C:\Windows\system32\eapphost.dll

2009-06-28 12:22:46 ----A---- C:\Windows\system32\eappgnui.dll

2009-06-28 12:22:46 ----A---- C:\Windows\system32\eappcfg.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\evr.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\eudcedit.exe

2009-06-28 12:22:45 ----A---- C:\Windows\system32\esent.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\es.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\EncDec.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorShell.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorPwdMgr.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\EhStorAuthn.dll

2009-06-28 12:22:45 ----A---- C:\Windows\system32\eapp3hst.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\blackbox.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\bcrypt.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\basecsp.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\autoplay.dll

2009-06-28 12:22:44 ----A---- C:\Windows\system32\autoconv.exe

2009-06-28 12:22:43 ----A---- C:\Windows\system32\bthudtask.exe

2009-06-28 12:22:43 ----A---- C:\Windows\system32\azroles.dll

2009-06-28 12:22:43 ----A---- C:\Windows\system32\autofmt.exe

2009-06-28 12:22:42 ----A---- C:\Windows\system32\browseui.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\autochk.exe

2009-06-28 12:22:41 ----A---- C:\Windows\system32\authz.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\authui.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\AUDIOKSE.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\AudioEng.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\audiodg.exe

2009-06-28 12:22:41 ----A---- C:\Windows\system32\atmlib.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\apphelp.dll

2009-06-28 12:22:41 ----A---- C:\Windows\system32\apds.dll

2009-06-28 12:22:40 ----A---- C:\Windows\system32\comdlg32.dll

2009-06-28 12:22:40 ----A---- C:\Windows\system32\cmmon32.exe

2009-06-28 12:22:40 ----A---- C:\Windows\system32\cmdial32.dll

2009-06-28 12:22:40 ----A---- C:\Windows\system32\AudioSes.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\cscdll.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\cscapi.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\cryptui.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\cryptsvc.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\crypt32.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\connect.dll

2009-06-28 12:22:39 ----A---- C:\Windows\system32\conime.exe

2009-06-28 12:22:39 ----A---- C:\Windows\system32\comuid.dll

2009-06-28 12:22:38 ----A---- C:\Windows\system32\credui.dll

2009-06-28 12:22:38 ----A---- C:\Windows\system32\comsvcs.dll

2009-06-28 12:22:38 ----A---- C:\Windows\system32\certreq.exe

2009-06-28 12:22:38 ----A---- C:\Windows\system32\certmgr.dll

2009-06-28 12:22:38 ----A---- C:\Windows\system32\CertEnrollUI.dll

2009-06-28 12:22:38 ----A---- C:\Windows\system32\CertEnroll.dll

2009-06-28 12:22:37 ----A---- C:\Windows\system32\cipher.exe

2009-06-28 12:22:37 ----A---- C:\Windows\system32\chtbrkr.dll

2009-06-28 12:22:37 ----A---- C:\Windows\system32\certcli.dll

2009-06-28 12:22:36 ----A---- C:\Windows\system32\CHxReadingStringIME.dll

2009-06-28 12:22:36 ----A---- C:\Windows\system32\chsbrkr.dll

2009-06-28 12:22:36 ----A---- C:\Windows\system32\certutil.exe

2009-06-28 12:22:35 ----A---- C:\Windows\system32\korwbrkr.dll

2009-06-28 12:22:35 ----A---- C:\Windows\system32\kernel32.dll

2009-06-28 12:22:35 ----A---- C:\Windows\system32\kerberos.dll

2009-06-28 12:22:35 ----A---- C:\Windows\system32\jscript.dll

2009-06-28 12:22:34 ----A---- C:\Windows\system32\Magnify.exe

2009-06-28 12:22:34 ----A---- C:\Windows\system32\lpk.dll

2009-06-28 12:22:34 ----A---- C:\Windows\system32\logman.exe

2009-06-28 12:22:34 ----A---- C:\Windows\system32\logagent.exe

2009-06-28 12:22:34 ----A---- C:\Windows\system32\l2nacp.dll

2009-06-28 12:22:33 ----A---- C:\Windows\system32\input.dll

2009-06-28 12:22:33 ----A---- C:\Windows\system32\InkEd.dll

2009-06-28 12:22:33 ----A---- C:\Windows\system32\infocardapi.dll

2009-06-28 12:22:33 ----A---- C:\Windows\system32\inetcomm.dll

2009-06-28 12:22:32 ----A---- C:\Windows\system32\ipsmsnap.dll

2009-06-28 12:22:32 ----A---- C:\Windows\system32\ipconfig.exe

2009-06-28 12:22:31 ----A---- C:\Windows\system32\midimap.dll

2009-06-28 12:22:31 ----A---- C:\Windows\system32\ipsecsnp.dll

2009-06-28 12:22:31 ----A---- C:\Windows\system32\IPHLPAPI.DLL

2009-06-28 12:22:30 ----A---- C:\Windows\system32\mmc.exe

2009-06-28 12:22:30 ----A---- C:\Windows\system32\mimefilt.dll

2009-06-28 12:22:30 ----A---- C:\Windows\system32\milcore.dll

2009-06-28 12:22:29 ----A---- C:\Windows\system32\mprapi.dll

2009-06-28 12:22:29 ----A---- C:\Windows\system32\mpr.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\modemui.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\MMDevAPI.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmcndmgr.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmcico.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\mmci.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\mferror.dll

2009-06-28 12:22:28 ----A---- C:\Windows\system32\mfc42u.dll

2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfps.dll

2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfpmp.exe

2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfplat.dll

2009-06-28 12:22:27 ----A---- C:\Windows\system32\mfc42.dll

2009-06-28 12:22:27 ----A---- C:\Windows\system32\mf.dll

2009-06-28 12:22:27 ----A---- C:\Windows\system32\MediaMetadataHandler.dll

2009-06-28 12:22:25 ----A---- C:\Windows\system32\hidserv.dll

2009-06-28 12:22:25 ----A---- C:\Windows\system32\hdwwiz.exe

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iassdo.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iassam.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasrecst.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasrad.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iaspolcy.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasnap.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\IasMigReader.exe

2009-06-28 12:22:24 ----A---- C:\Windows\system32\IasMigPlugin.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\iasacct.dll

2009-06-28 12:22:24 ----A---- C:\Windows\system32\hbaapi.dll

2009-06-28 12:22:23 ----A---- C:\Windows\system32\iashlpr.dll

2009-06-28 12:22:23 ----A---- C:\Windows\system32\iasdatastore.dll

2009-06-28 12:22:23 ----A---- C:\Windows\system32\iasads.dll

2009-06-28 12:22:23 ----A---- C:\Windows\system32\gdi32.dll

2009-06-28 12:22:22 ----A---- C:\Windows\system32\gpedit.dll

2009-06-28 12:22:22 ----A---- C:\Windows\system32\gpapi.dll

2009-06-28 12:22:22 ----A---- C:\Windows\system32\gameux.dll

2009-06-28 12:22:22 ----A---- C:\Windows\system32\FwRemoteSvr.dll

2009-06-28 12:22:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL

2009-06-28 12:22:21 ----A---- C:\Windows\system32\gpupdate.exe

2009-06-28 12:22:21 ----A---- C:\Windows\system32\gpresult.exe

2009-06-28 12:22:18 ----A---- C:\Windows\system32\IMJP10K.DLL

2009-06-28 12:22:17 ----A---- C:\Windows\system32\imm32.dll

2009-06-28 12:22:16 ----A---- C:\Windows\system32\ifmon.dll

2009-06-28 12:22:16 ----A---- C:\Windows\system32\iertutil.dll

2009-06-28 12:22:16 ----A---- C:\Windows\system32\iepeers.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi2fs.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi2.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\imapi.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\iedkcs32.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\ieapfltr.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\ieaksie.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\icardres.dll

2009-06-28 12:22:15 ----A---- C:\Windows\system32\icardagt.exe

2009-06-28 12:22:15 ----A---- C:\Windows\system32\iassvcs.dll

2009-06-28 12:22:13 ----A---- C:\Windows\system32\untfs.dll

2009-06-28 12:22:12 ----A---- C:\Windows\system32\vbscript.dll

2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdsutil.dll

2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdsdyn.dll

2009-06-28 12:22:11 ----A---- C:\Windows\system32\vdmdbg.dll

2009-06-28 12:22:11 ----A---- C:\Windows\system32\Utilman.exe

2009-06-28 12:22:11 ----A---- C:\Windows\system32\usercpl.dll

2009-06-28 12:22:11 ----A---- C:\Windows\system32\user32.dll

2009-06-28 12:22:10 ----A---- C:\Windows\system32\usp10.dll

2009-06-28 12:22:10 ----A---- C:\Windows\system32\userenv.dll

2009-06-28 12:22:10 ----A---- C:\Windows\system32\TsWpfWrp.exe

2009-06-28 12:22:10 ----A---- C:\Windows\system32\TSTheme.exe

2009-06-28 12:22:09 ----A---- C:\Windows\system32\ulib.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\wdscore.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\wdc.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcnwiz2.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcnwiz.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\WcnNetsh.dll

2009-06-28 12:22:06 ----A---- C:\Windows\system32\wcncsvc.dll

2009-06-28 12:22:04 ----A---- C:\Windows\system32\vssapi.dll

2009-06-28 12:22:04 ----A---- C:\Windows\system32\version.dll

2009-06-28 12:21:59 ----A---- C:\Windows\system32\SyncCenter.dll

2009-06-28 12:21:57 ----A---- C:\Windows\system32\sud.dll

2009-06-28 12:21:55 ----A---- C:\Windows\system32\tquery.dll

2009-06-28 12:21:55 ----A---- C:\Windows\system32\thawbrkr.dll

2009-06-28 12:21:54 ----A---- C:\Windows\system32\tsgqec.dll

2009-06-28 12:21:54 ----A---- C:\Windows\system32\themeui.dll

2009-06-28 12:21:54 ----A---- C:\Windows\system32\themecpl.dll

2009-06-28 12:21:53 ----A---- C:\Windows\system32\tscupgrd.exe

2009-06-28 12:21:53 ----A---- C:\Windows\system32\tsbyuv.dll

2009-06-28 12:21:53 ----A---- C:\Windows\system32\systemcpl.dll

2009-06-28 12:21:51 ----A---- C:\Windows\system32\tcpmon.dll

2009-06-28 12:21:51 ----A---- C:\Windows\system32\tcpipcfg.dll

2009-06-28 12:21:51 ----A---- C:\Windows\system32\taskeng.exe

2009-06-28 12:21:51 ----A---- C:\Windows\system32\taskcomp.dll

2009-06-28 12:21:50 ----A---- C:\Windows\system32\WscEapPr.dll

2009-06-28 12:21:50 ----A---- C:\Windows\system32\tapisrv.dll

2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscript.exe

2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscntfy.dll

2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscisvif.dll

2009-06-28 12:21:49 ----A---- C:\Windows\system32\wscapi.dll

2009-06-28 12:21:49 ----A---- C:\Windows\system32\wpdwcn.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\wsnmp32.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\WsmSvc.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\wshext.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\wshbth.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\WSDMon.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\wsdchngr.dll

2009-06-28 12:21:48 ----A---- C:\Windows\system32\WSDApi.dll

2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpps.dll

2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpmde.dll

2009-06-28 12:21:47 ----A---- C:\Windows\system32\WMPhoto.dll

2009-06-28 12:21:47 ----A---- C:\Windows\system32\WMPEncEn.dll

2009-06-28 12:21:47 ----A---- C:\Windows\system32\wmpeffects.dll

2009-06-28 12:21:46 ----A---- C:\Windows\system32\WMNetMgr.dll

2009-06-28 12:21:41 ----A---- C:\Windows\system32\wpcao.dll

2009-06-28 12:21:40 ----A---- C:\Windows\system32\wpcsvc.dll

2009-06-28 12:21:40 ----A---- C:\Windows\system32\WMVXENCD.DLL

2009-06-28 12:21:39 ----A---- C:\Windows\system32\WMVSDECD.DLL

2009-06-28 12:21:39 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-06-28 12:21:36 ----A---- C:\Windows\system32\WMVENCOD.DLL

2009-06-28 12:21:36 ----A---- C:\Windows\system32\WMVDECOD.DLL

2009-06-28 12:21:34 ----A---- C:\Windows\system32\accessibilitycpl.dll

2009-06-28 12:21:27 ----A---- C:\Windows\system32\zipfldr.dll

2009-06-28 12:21:27 ----A---- C:\Windows\system32\xmlfilter.dll

2009-06-28 12:21:27 ----A---- C:\Windows\system32\aaclient.dll

2009-06-28 12:21:24 ----A---- C:\Windows\system32\wusa.exe

2009-06-28 12:21:17 ----A---- C:\Windows\system32\adtschema.dll

2009-06-28 12:21:17 ----A---- C:\Windows\system32\adsmsext.dll

2009-06-28 12:21:16 ----A---- C:\Windows\system32\advapi32.dll

2009-06-28 12:21:15 ----A---- C:\Windows\system32\adsldpc.dll

2009-06-28 12:21:14 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-06-28 12:21:03 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-06-28 12:20:52 ----A---- C:\Windows\system32\WebClnt.dll

2009-06-28 12:20:52 ----A---- C:\Windows\system32\webcheck.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmsdk.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmnet.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wmdrmdev.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\WMADMOD.DLL

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wlgpclnt.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\Wldap32.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\win32spl.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wiaaut.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\whealogr.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wevtutil.exe

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wevtapi.dll

2009-06-28 12:20:51 ----A---- C:\Windows\system32\WerFaultSecure.exe

2009-06-28 12:20:51 ----A---- C:\Windows\system32\WerFault.exe

2009-06-28 12:20:51 ----A---- C:\Windows\system32\wer.dll

2009-06-28 12:20:49 ----A---- C:\Windows\system32\WinSCard.dll

2009-06-28 12:20:49 ----A---- C:\Windows\system32\winrnr.dll

2009-06-28 12:20:49 ----A---- C:\Windows\system32\winmm.dll

2009-06-28 12:20:49 ----A---- C:\Windows\system32\winhttp.dll

2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanpref.dll

2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanmsm.dll

2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlanhlp.dll

2009-06-28 12:20:45 ----A---- C:\Windows\system32\wlangpui.dll

2009-06-28 12:20:45 ----A---- C:\Windows\system32\winlogon.exe

2009-06-28 12:20:44 ----A---- C:\Windows\system32\wlanui.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\softkbd.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\SMBHelperClass.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\slwmi.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\slwga.dll

2009-06-28 12:20:42 ----A---- C:\Windows\system32\slmgr.vbs

2009-06-28 12:20:42 ----A---- C:\Windows\system32\SLCommDlg.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\sperror.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\spcmsg.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\SndVol.exe

2009-06-28 12:20:41 ----A---- C:\Windows\system32\shwebsvc.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\shsvcs.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\shsetup.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\setupapi.dll

2009-06-28 12:20:41 ----A---- C:\Windows\system32\sethc.exe

2009-06-28 12:20:41 ----A---- C:\Windows\system32\services.exe

2009-06-28 12:20:41 ----A---- C:\Windows\system32\sendmail.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\slcinst.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\SLCExt.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\slcc.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\SLC.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\shlwapi.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\shell32.dll

2009-06-28 12:20:40 ----A---- C:\Windows\system32\shdocvw.dll

2009-06-28 12:20:37 ----A---- C:\Windows\system32\Storprop.dll

2009-06-28 12:20:37 ----A---- C:\Windows\system32\stobject.dll

2009-06-28 12:20:37 ----A---- C:\Windows\system32\spreview.exe

2009-06-28 12:20:36 ----A---- C:\Windows\system32\spp.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\srchadmin.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\sqlsrv32.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\spwizui.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\spwinsat.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\spoolss.dll

2009-06-28 12:20:32 ----A---- C:\Windows\system32\spinstall.exe

2009-06-28 11:00:47 ----A---- C:\Windows\system32\aswBoot.exe

2009-06-28 10:20:24 ----D---- C:\Program Files (x86)\Windows Installer Clean Up

2009-06-28 10:16:09 ----D---- C:\Program Files (x86)\MSECACHE

2009-06-27 09:52:00 ----D---- C:\Program Files (x86)\MSXML 4.0

2009-06-26 17:24:55 ----D---- C:\Program Files (x86)\Common Files\HP

2009-06-26 14:41:11 ----A---- C:\Windows\system32\javaws.exe

2009-06-26 14:41:11 ----A---- C:\Windows\system32\javaw.exe

2009-06-26 14:41:11 ----A---- C:\Windows\system32\java.exe

2009-06-26 12:06:32 ----D---- C:\ProgramData\WEBREG

2009-06-26 12:02:19 ----D---- C:\Users\DarwizardX\AppData\Roaming\HP

2009-06-26 11:47:35 ----D---- C:\Program Files (x86)\Common Files\Hewlett-Packard

2009-06-26 11:45:38 ----D---- C:\ProgramData\HP

2009-06-26 09:41:49 ----D---- C:\Users\DarwizardX\AppData\Roaming\LimeWire

2009-06-26 09:41:17 ----A---- C:\Windows\system32\deploytk.dll

2009-06-26 09:40:57 ----D---- C:\Program Files (x86)\Java

2009-06-25 19:25:41 ----D---- C:\Users\DarwizardX\AppData\Roaming\Logitech

2009-06-25 19:05:46 ----D---- C:\ProgramData\Logitech

2009-06-25 19:05:33 ----D---- C:\Users\DarwizardX\AppData\Roaming\InstallShield

2009-06-25 19:05:27 ----D---- C:\ProgramData\LogiShrd

2009-06-24 10:18:04 ----D---- C:\Program Files (x86)\Microsoft Works

2009-06-24 10:17:42 ----D---- C:\Program Files (x86)\Common Files\DESIGNER

2009-06-24 10:17:27 ----D---- C:\Program Files (x86)\Microsoft.NET

2009-06-24 10:14:49 ----D---- C:\ProgramData\Microsoft Help

2009-06-24 10:14:49 ----D---- C:\Program Files (x86)\Microsoft Office

2009-06-24 10:14:10 ----RHD---- C:\MSOCache

2009-06-24 07:18:00 ----D---- C:\Windows\pss

2009-06-23 20:12:38 ----D---- C:\Program Files (x86)\WinPcap

2009-06-23 19:07:05 ----A---- C:\Windows\War3Unin.exe

2009-06-23 16:58:02 ----A---- C:\BnetLog.txt

2009-06-23 16:55:01 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment

2009-06-23 12:58:43 ----D---- C:\ProgramData\Azureus

2009-06-23 12:58:42 ----D---- C:\Users\DarwizardX\AppData\Roaming\Azureus

2009-06-23 12:58:13 ----D---- C:\Program Files (x86)\Common Files\i4j_jres

2009-06-23 12:56:57 ----D---- C:\Program Files (x86)\Project64 1.6

2009-06-23 12:55:36 ----D---- C:\Users\DarwizardX\AppData\Roaming\vlc

2009-06-23 12:55:19 ----D---- C:\Program Files (x86)\VideoLAN

2009-06-23 12:54:59 ----D---- C:\Users\DarwizardX\AppData\Roaming\ATI

2009-06-23 12:54:59 ----D---- C:\ProgramData\ATI

2009-06-23 12:50:59 ----D---- C:\ATI

2009-06-23 12:48:04 ----D---- C:\ProgramData\Spybot - Search & Destroy

2009-06-23 12:48:04 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy

2009-06-23 12:41:52 ----D---- C:\Users\DarwizardX\AppData\Roaming\Macromedia

2009-06-23 12:41:52 ----D---- C:\Users\DarwizardX\AppData\Roaming\Adobe

2009-06-23 12:38:39 ----A---- C:\Windows\system32\d3dx9_32.dll

2009-06-23 12:38:22 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2009-06-23 12:37:19 ----D---- C:\Windows\system32\Macromed

2009-06-23 12:37:07 ----D---- C:\Users\DarwizardX\AppData\Roaming\teamspeak2

2009-06-23 12:37:03 ----D---- C:\Program Files (x86)\Microsoft

2009-06-23 12:36:47 ----D---- C:\Program Files (x86)\Windows Live SkyDrive

2009-06-23 12:36:29 ----D---- C:\Program Files (x86)\Windows Live

2009-06-23 12:36:13 ----D---- C:\Windows\PCHEALTH

2009-06-23 12:35:21 ----D---- C:\Program Files (x86)\Common Files\Windows Live

2009-06-23 12:33:53 ----D---- C:\Users\DarwizardX\AppData\Roaming\Mozilla

2009-06-23 12:33:48 ----D---- C:\Program Files (x86)\Mozilla Firefox

2009-06-23 12:32:34 ----D---- C:\Program Files (x86)\WinRAR

2009-06-23 11:41:14 ----A---- C:\Windows\system32\netfxperf.dll

2009-06-23 11:37:29 ----A---- C:\Windows\system32\MSVCR71.dll

2009-06-23 11:37:29 ----A---- C:\Windows\system32\MSVCP71.dll

2009-06-23 11:37:29 ----A---- C:\Windows\system32\MFC71.dll

2009-06-23 11:33:45 ----A---- C:\Windows\system32\kbd106n.dll

2009-06-23 11:33:09 ----A---- C:\Windows\system32\jsproxy.dll

2009-06-23 11:30:58 ----A---- C:\Windows\system32\rpcrt4.dll

2009-06-23 11:30:56 ----A---- C:\Windows\system32\localspl.dll

2009-06-23 11:30:41 ----D---- C:\ProgramData\WinZip

2009-06-23 11:26:53 ----D---- C:\ProgramData\Adobe

2009-06-23 11:26:50 ----D---- C:\Program Files (x86)\Common Files\Adobe

2009-06-23 11:26:50 ----D---- C:\Program Files (x86)\Adobe

2009-06-23 11:24:09 ----D---- C:\ProgramData\ASUS OC Profiles

2009-06-23 11:21:21 ----A---- C:\Windows\system32\MSVCRTD.DLL

2009-06-23 11:21:21 ----A---- C:\Windows\system32\mfc42d.dll

2009-06-23 11:20:14 ----A---- C:\Windows\Language_trs.ini

2009-06-23 11:17:19 ----HD---- C:\ASUS.000

2009-06-23 11:17:08 ----HD---- C:\ASUS.SYS

2009-06-23 11:16:47 ----D---- C:\Program Files (x86)\Downloaded Installations

2009-06-23 11:14:38 ----RA---- C:\Windows\system32\AsIO.dll

2009-06-23 11:14:38 ----D---- C:\Program Files (x86)\ASUS

2009-06-23 11:13:45 ----A---- C:\Windows\system32\wups.dll

2009-06-23 11:13:45 ----A---- C:\Windows\system32\wudriver.dll

2009-06-23 11:13:45 ----A---- C:\Windows\system32\wuapi.dll

2009-06-23 11:13:39 ----A---- C:\Windows\system32\wuwebv.dll

2009-06-23 11:13:39 ----A---- C:\Windows\system32\wuapp.exe

2009-06-23 11:10:43 ----D---- C:\Windows\system32\Atheros_L1e

2009-06-23 11:04:15 ----D---- C:\Program Files (x86)\AMD

2009-06-23 11:04:14 ----D---- C:\Program Files (x86)\ATI Technologies

2009-06-23 11:00:08 ----D---- C:\Windows\ASUSInstAll

2009-06-23 10:57:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2009-06-23 10:56:55 ----D---- C:\Program Files (x86)\VIA

2009-06-23 10:56:54 ----N---- C:\Windows\difxapi.dll

2009-06-23 10:56:43 ----D---- C:\Program Files (x86)\Common Files\InstallShield

2009-06-23 10:56:41 ----SHD---- C:\Windows\Installer

2009-06-23 10:56:12 ----A---- C:\Windows\Ascd_log.ini

2009-06-23 10:55:37 ----A---- C:\Windows\Ascd_tmp.ini

2009-06-23 10:54:01 ----D---- C:\Users\DarwizardX\AppData\Roaming\Identities

2009-06-23 10:53:45 ----SD---- C:\Users\DarwizardX\AppData\Roaming\Microsoft

2009-06-23 10:53:45 ----D---- C:\Users\DarwizardX\AppData\Roaming\Media Center Programs

2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Modèles

2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Menu Démarrer

2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Favoris

2009-06-23 10:51:54 ----SHD---- C:\ProgramData\Bureau

2009-06-23 10:51:26 ----D---- C:\Windows\Debug

2009-06-23 10:46:52 ----D---- C:\Windows\SoftwareDistribution

2009-06-23 10:42:20 ----D---- C:\Windows\Prefetch

2009-06-23 10:42:06 ----SHD---- C:\System Volume Information

2009-06-23 05:41:23 ----D---- C:\Windows\Panther

2009-06-23 05:41:10 ----RAS---- C:\BOOTSECT.BAK

2009-06-23 05:41:09 ----SHD---- C:\Boot

======List of files/folders modified in the last 3 months======

2009-08-25 18:22:03 ----D---- C:\Windows\Temp

2009-08-24 22:22:56 ----RD---- C:\Program Files (x86)

2009-08-22 14:13:23 ----D---- C:\Windows

2009-08-21 21:09:32 ----D---- C:\Windows\system32\drivers

2009-08-21 21:09:31 ----HD---- C:\ProgramData

2009-08-19 19:08:11 ----D---- C:\Windows\Logs

2009-08-17 22:23:15 ----D---- C:\Windows\SysWOW64

2009-08-12 22:01:18 ----D---- C:\Windows\LiveKernelReports

2009-08-12 18:26:17 ----D---- C:\Windows\System32

2009-08-12 14:11:55 ----D---- C:\Windows\winsxs

2009-08-12 14:11:18 ----D---- C:\Program Files (x86)\Windows Media Player

2009-08-09 19:52:49 ----SD---- C:\ProgramData\Microsoft

2009-07-26 22:40:09 ----D---- C:\Windows\inf

2009-07-22 19:07:16 ----SD---- C:\Windows\Downloaded Program Files

2009-07-16 11:13:04 ----D---- C:\Program Files (x86)\Internet Explorer

2009-07-15 15:10:37 ----D---- C:\Program Files (x86)\Windows Mail

2009-07-03 14:47:00 ----D---- C:\Windows\twain_32

2009-07-03 13:24:00 ----SHD---- C:\$Recycle.Bin

2009-07-03 13:23:19 ----RD---- C:\Users

2009-07-02 14:35:20 ----D---- C:\Windows\rescache

2009-07-02 14:10:09 ----D---- C:\Windows\system32\migration

2009-07-02 14:10:09 ----D---- C:\Windows\system32\fr-FR

2009-07-02 13:51:44 ----RD---- C:\Program Files

2009-06-30 15:57:39 ----RSD---- C:\Windows\assembly

2009-06-30 15:57:28 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2009-06-28 12:46:49 ----D---- C:\Windows\Microsoft.NET

2009-06-28 12:34:26 ----D---- C:\Windows\servicing

2009-06-28 12:34:26 ----D---- C:\Windows\ehome

2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Sidebar

2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Photo Gallery

2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Windows Calendar

2009-06-28 12:34:26 ----D---- C:\Program Files (x86)\Common Files\System

2009-06-28 12:34:19 ----D---- C:\Windows\system32\XPSViewer

2009-06-28 12:34:19 ----D---- C:\Windows\system32\sk-SK

2009-06-28 12:34:19 ----D---- C:\Windows\system32\oobe

2009-06-28 12:34:19 ----D---- C:\Windows\system32\lv-LV

2009-06-28 12:34:19 ----D---- C:\Windows\system32\ko-KR

2009-06-28 12:34:19 ----D---- C:\Windows\system32\it-IT

2009-06-28 12:34:19 ----D---- C:\Windows\system32\hr-HR

2009-06-28 12:34:19 ----D---- C:\Windows\system32\fr

2009-06-28 12:34:19 ----D---- C:\Windows\system32\et-EE

2009-06-28 12:34:19 ----D---- C:\Windows\system32\en-US

2009-06-28 12:34:19 ----D---- C:\Windows\system32\el-GR

2009-06-28 12:34:19 ----D---- C:\Windows\system32\de-DE

2009-06-28 12:34:19 ----D---- C:\Windows\system32\da-DK

2009-06-28 12:34:18 ----D---- C:\Windows\system32\ru-RU

2009-06-28 12:34:18 ----D---- C:\Windows\system32\AdvancedInstallers

2009-06-28 12:34:15 ----D---- C:\Windows\system32\sv-SE

2009-06-28 12:34:15 ----D---- C:\Windows\system32\SLUI

2009-06-28 12:34:15 ----D---- C:\Windows\system32\setup

2009-06-28 12:34:15 ----D---- C:\Windows\system32\pt-PT

2009-06-28 12:34:15 ----D---- C:\Windows\system32\hu-HU

2009-06-28 12:34:15 ----D---- C:\Windows\system32\he-IL

2009-06-28 12:34:15 ----D---- C:\Windows\system32\fi-FI

2009-06-28 12:34:15 ----D---- C:\Windows\system32\cs-CZ

2009-06-28 12:34:14 ----D---- C:\Windows\system32\zh-TW

2009-06-28 12:34:14 ----D---- C:\Windows\system32\zh-CN

2009-06-28 12:34:14 ----D---- C:\Windows\system32\wbem

2009-06-28 12:34:14 ----D---- C:\Windows\system32\uk-UA

2009-06-28 12:34:14 ----D---- C:\Windows\system32\tr-TR

2009-06-28 12:34:14 ----D---- C:\Windows\system32\th-TH

2009-06-28 12:34:14 ----D---- C:\Windows\system32\sr-Latn-CS

2009-06-28 12:34:14 ----D---- C:\Windows\system32\sl-SI

2009-06-28 12:34:14 ----D---- C:\Windows\system32\ro-RO

2009-06-28 12:34:14 ----D---- C:\Windows\system32\pl-PL

2009-06-28 12:34:14 ----D---- C:\Windows\system32\nl-NL

2009-06-28 12:34:14 ----D---- C:\Windows\system32\nb-NO

2009-06-28 12:34:14 ----D---- C:\Windows\system32\manifeststore

2009-06-28 12:34:14 ----D---- C:\Windows\system32\lt-LT

2009-06-28 12:34:14 ----D---- C:\Windows\system32\ja-JP

2009-06-28 12:34:14 ----D---- C:\Windows\system32\es-ES

2009-06-28 12:34:14 ----D---- C:\Windows\system32\bg-BG

2009-06-28 12:34:14 ----D---- C:\Windows\system32\ar-SA

2009-06-28 12:34:13 ----D---- C:\Windows\system32\pt-BR

2009-06-28 12:34:13 ----D---- C:\Windows\system32\migwiz

2009-06-28 12:34:06 ----D---- C:\Windows\IME

2009-06-28 12:33:50 ----RSD---- C:\Windows\Fonts

2009-06-28 12:33:50 ----D---- C:\Windows\AppPatch

2009-06-27 08:23:21 ----D---- C:\Windows\PolicyDefinitions

2009-06-26 18:41:43 ----A---- C:\Windows\win.ini

2009-06-26 17:24:55 ----D---- C:\Program Files (x86)\Common Files

2009-06-24 10:15:33 ----D---- C:\Windows\ShellNew

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2007-12-17 14392]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []

R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []

R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys []

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x64.sys []

R3 L8042Kbd;SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys []

R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []

R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []

R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []

S2 X4HSX32;X4HSX32; \??\C:\Program Files (x86)\GameTap Web Player\bin\Release\X4HSX32.Sys []

S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys []

S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys []

S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []

S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-15 86016]

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-20 21504]

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-08-09 66872]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-29 89920]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2007-11-06 92792]

S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]

-----------------EOF-----------------

et voici le info O_O son gros les les texte

info.txt logfile of random's system information tool 1.06 2009-08-25 18:22:33

======Uninstall list======

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 8.1.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}

AI Suite-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x40c

Archiveur WinRAR-->C:\Program Files (x86)\WinRAR\uninstall.exe

Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

ASUSUpdate-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe" -l0xc0c

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x040c -removeonly

Atheros Ethernet Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{FB686487-C637-4EEF-BCB1-C92463F2CC05}\setup.exe" -runfromtemp -l0x040c -removeonly

avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup

Bounty Bay Online-->"C:\Program Files (x86)\Bounty Bay Online\unins000.exe"

Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}

CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

Crysis®-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}

EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe

EPU-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}\setup.exe" -l0x40c

Express Gate-->MsiExec.exe /X{A0494B41-EBD7-4C0D-91B7-DC39741B27BB}

Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}

HijackThis 2.0.2-->"C:\Users\DarwizardX\Desktop\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""

HP Print Diagnostic Utility-->MsiExec.exe /I{F6C050A4-0EC4-44FE-A3B6-71978ED31418}

HydraVision-->MsiExec.exe /X{13A63CE1-102E-0F29-1461-BD793DCB0766}

Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}

Java 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}

jv16 PowerTools 1.3-->"C:\Program Files (x86)\jv16 PowerTools\unins000.exe"

Les Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x040c -removeonly

LimeWire 5.2.13-->"C:\Program Files (x86)\LimeWire\uninstall.exe"

Logitech SetPoint-->C:\Program Files (x86)\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x040c -removeonly

Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}

Mozilla Firefox (3.5.2)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

PC Probe II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe" -l0x40c

Project64 1.6-->MsiExec.exe /X{9559F7CA-5E34-4237-A2D9-D856464AD727}

PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u

QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}

Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}

Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"

StarCraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\StarCraft\Uninstall.exe

TeamSpeak 2 RC2-->"C:\Program Files (x86)\Teamspeak2_RC2\unins000.exe"

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Version d'évaluation de Microsoft Office Home and Student 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

VIA Le gestionnaire du dispositif de plate-forme-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

VLC media player 0.9.9-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe

Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat

Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}

Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}

Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}

Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}

WinPcap 4.0.2-->C:\Program Files (x86)\WinPcap\uninstall.exe

World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

======Security center information======

AS: Spybot - Search and Destroy (disabled) (outdated)

AS: Windows Defender

======System event log======

Computer Name: PC-de-Darwizard

Event Code: 15016

Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.

Record Number: 498

Source Name: Microsoft-Windows-HttpEvent

Time Written: 20090623145127.826086-000

Event Type: Erreur

User:

Computer Name: 26L2233B3-02

Event Code: 134

Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

Record Number: 16

Source Name: Microsoft-Windows-Time-Service

Time Written: 20090623144447.000000-000

Event Type: Avertissement

User:

Computer Name: 26L2233B3-02

Event Code: 134

Message: NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x9 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

Record Number: 15

Source Name: Microsoft-Windows-Time-Service

Time Written: 20090623144447.000000-000

Event Type: Avertissement

User:

Computer Name: 26L2233B3-02

Event Code: 15016

Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.

Record Number: 14

Source Name: Microsoft-Windows-HttpEvent

Time Written: 20090623144442.751523-000

Event Type: Erreur

User:

Computer Name: 26L2233B3-02

Event Code: 263

Message: Le service ‘ShellHWDetection’ n'a peut-être pas annulé son inscription aux notifications d’événements de périphériques avant d’être arrêté.

Record Number: 13

Source Name: PlugPlayManager

Time Written: 20090623144442.000000-000

Event Type: Avertissement

User:

=====Application event log=====

Computer Name: PC-de-Darwizard

Event Code: 63

Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.

Record Number: 55

Source Name: Microsoft-Windows-WMI

Time Written: 20090623145534.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Darwizard

Event Code: 63

Message: Le fournisseur WmiPerfClass a été inscrit dans l’espace de noms Windows Management Instrumentation root\cimv2, afin d’utiliser le compte LocalSystem. Ce compte bénéficie de privilèges et le fournisseur peut provoquer une violation de sécurité s’il ne représente pas correctement les demandes utilisateur.

Record Number: 54

Source Name: Microsoft-Windows-WMI

Time Written: 20090623145534.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

Computer Name: PC-de-Darwizard

Event Code: 10

Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.

Record Number: 29

Source Name: Microsoft-Windows-WMI

Time Written: 20090623145141.000000-000

Event Type: Erreur

User:

Computer Name: PC-de-Darwizard

Event Code: 1008

Message: Le service Windows Search tente de supprimer l’ancien catalogue.

Record Number: 25

Source Name: Microsoft-Windows-Search

Time Written: 20090623145136.000000-000

Event Type: Avertissement

User:

Computer Name: 26L2233B3-02

Event Code: 1036

Message: Échec de InitializePrintProvider pour le fournisseur inetpp.dll. Cela peut se produire à la suite d’une instabilité du système ou d’une insuffisance des ressources système.

Record Number: 13

Source Name: Microsoft-Windows-SpoolerSpoolss

Time Written: 20090623144644.000000-000

Event Type: Avertissement

User: AUTORITE NT\SYSTEM

=====Security event log=====

Computer Name: 26L2233B3-02

Event Code: 4648

Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :

ID de sécurité : S-1-5-18

Nom du compte : 26L2233B3-02$

Domaine du compte : WORKGROUP

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :

Nom du serveur cible : localhost

Informations supplémentaires : localhost

Informations sur le processus :

ID du processus : 0x224

Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :

Adresse du réseau : -

Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.

Record Number: 5

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090623144359.320845-000

Event Type: Succès de l'audit

User:

Computer Name: 26L2233B3-02

Event Code: 4902

Message: La table de stratégie d’audit par utilisateur a été créée.

Nombre d’éléments : 0

ID de la stratégie : 0x88b6f

Record Number: 4

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090623144352.004398-000

Event Type: Succès de l'audit

User:

Computer Name: 26L2233B3-02

Event Code: 4624

Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :

ID de sécurité : S-1-0-0

Nom du compte : -

Domaine du compte : -

ID d’ouverture de session : 0x0

Type d’ouverture de session : 0

Nouvelle ouverture de session :

ID de sécurité : S-1-5-18

Nom du compte : SYSTEM

Domaine du compte : AUTORITE NT

ID d’ouverture de session : 0x3e7

GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :

ID du processus : 0x4

Nom du processus :

Informations sur le réseau :

Nom de la station de travail : -

Adresse du réseau source : -

Port source : -

Informations détaillées sur l’authentification :

Processus d’ouverture de session : -

Package d’authentification : -

Services en transit : -

Nom du package (NTLM uniquement) : -

Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.

- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .

- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.

- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.

- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.

Record Number: 3

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090623144348.400775-000

Event Type: Succès de l'audit

User:

Computer Name: 26L2233B3-02

Event Code: 4608

Message: Windows démarre.

Cet événement est journalisé lorsque LSASS.EXE démarre et que le sous-système d’audit est initialisé.

Record Number: 2

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090623144348.400775-000

Event Type: Succès de l'audit

User:

Computer Name: 26L2233B3-02

Event Code: 4634

Message: Fermeture de session d’un compte.

Sujet :

ID de sécurité : S-1-5-7

Nom du compte : ANONYMOUS LOGON

Domaine du compte : NT AUTHORITY

ID du compte : 0x21410

Type d’ouverture de session : 3

Cet événement est généré lorsqu’une session ouverte est supprimée. Il peut être associé à un événement d’ouverture de session en utilisant la valeur ID d’ouverture de session. Les ID d’ouverture de session ne sont uniques qu’entre les redémarrages sur un même ordinateur.

Record Number: 1

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20080121034608.538800-000

Event Type: Succès de l'audit

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=16

"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 4 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=0402

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Falkra · le 25 août 2009

Clean, pas d'infection.

darwizardX · le 26 août 2009

..... donc il/ils est bien caché ...

ou peut-etre Windows qui sembale seulement.......

Connexion

Pas encore inscrit ?

raport analyse hijackthis suite a un post d'Aide

Messages recommandés

darwizardX

Lien vers le commentaire

Partager sur d’autres sites

Falkra

Lien vers le commentaire

Partager sur d’autres sites

darwizardX

Lien vers le commentaire

Partager sur d’autres sites

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer