[Résolu] "Freeze" de l'ordi

Bien l'bonjour :]

Je m'permet de venir vous solliciter car j'ai un souci avec mon pc, que mes maigres connaissances ne parviennent pas à résoudre.
Depuis quelques temps déjà, et ce de manière assez régulière, mon pc se bloque. C'est à dire que le curseur ne bouge plus, la souris ne répond plus... ca ne dure pas plus d'une seconde à chaque fois, bien que cela puisse se répéter quelques fois d'affilée.

Évidemment, c'est un peu agaçant, surtout que mon travail me demande de pas mal utiliser l'ordi, sans parler du temps que j'y passe pour mes loisirs.

Avant de venir vous embêter, j'ai tout de même essayé deux trois trucs. Tout d'abord j'ai mis à jour mes pilotes graphiques. Le problème à semblé se régler (peut-être que j'ai juste halluciné, plein d'espoir que j'étais), puis il est revenu!
J'ai donc fait un scan Avast, qui n'a rien trouvé d'anormal. Puis après avoir lu les sujets annonce que vous avez écrit, j'ai viré Avast et ai installé Spybot search and destroy ainsi que Avira. J'ai fait des scans, et ils n'ont rien trouvé de plus que quelques cookies.

J'ai généré un rapport HijackThis, que j'ai soumis sur leur site, et ils ne m'a pas semblé qu'ils aient trouvé quelque chose de grave.

Bref je désespère un peu, car le souci persiste et qu'il entame gentiment ma santé mentale haha

Aussi, si vous vouliez bien m'accorder un peu de temps pour m'aider à déceler et résoudre ce problème, ce serait vraiment sympa ^^

P.S. Quand je met le mode d'affichage miniatures dans un dossier contenant des images, cela ne m'affiche pas la miniature mais simplement l'icône du programme qui ouvre mes fichiers image. Je ne sais pas si cela peut avoir un quelconque rapport avec le problème qui m'amène à vous, mais j'aime autant le préciser au cas o?u ce serait le cas.

Yo.

Petite mise à jour.
Le problème de mes miniatures n'avait rien à voir, je l'ai reglé en changeant les options des dossiers.

Une petite précision quant à mon problème principal, qui persiste: Seul ma souris se bloque...
J'ai bien vérifié en me servant du clavier au moment ou le curseur bloquait, et le clavier fonctionne. Cependant, une mise à jour des pilotes de la souris n'a pas résolu l'affaire.

Salut scade


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Aaah super! Merci de prendre le temps de regarder mon problème, c'est vraiment sympa.

Voici les deux rapports demandés.

LOG.TXT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-09-29 07:17:25
Microsoft® Windows Vista™ Édition Intégrale Service Pack 2
System drive C: has 24 GB (30%) free of 80 GB
Total RAM: 3326 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:17:53, on 29.09.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\HijackThis\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/ci(...)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
O16 - DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} (ccr_downloader Control) - http://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9cc9064c91d1b) (gupdate1c9cc9064c91d1b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 8717 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{B385E0D1-A5D4-47FA-8925-5BEFA24C4592}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"Skytel"=C:\Windows\Skytel.exe [2007-03-16 1822720]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"MotiveReportAgent"=C:\Program Files\Common Files\Motive\McciBootStrapper.exe [2005-12-16 202240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-27 198160]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2007-04-09 1423360]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2009-03-12 342312]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"NCsoft Launcher"=C:\Program Files\NCSoft\Launcher\NCLauncher.exe /Minimized []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-15 233888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.ini - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.js - edit -
.js - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.txt - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"

======List of files/folders created in the last 1 months======

2009-09-29 07:17:25 ----D---- C:\rsit
2009-09-28 23:23:24 ----D---- C:\Users\Admin\AppData\Roaming\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\ProgramData\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-23 23:19:01 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2009-09-23 15:43:10 ----D---- C:\Program Files\NCSoft
2009-09-22 11:53:34 ----D---- C:\Program Files\Sib Cursor Editor
2009-09-15 19:19:20 ----D---- C:\Program Files\ma-config.com
2009-09-15 18:44:54 ----D---- C:\Users\Admin\AppData\Roaming\Ahead
2009-09-15 14:24:41 ----D---- C:\Program Files\HijackThis
2009-09-15 13:12:48 ----D---- C:\ProgramData\Avira
2009-09-15 13:12:48 ----D---- C:\Program Files\Avira
2009-09-14 01:46:05 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-13 11:47:57 ----D---- C:\Users\Admin\AppData\Roaming\Thunderbird
2009-09-13 08:34:36 ----D---- C:\Users\Admin\AppData\Roaming\FileZilla
2009-09-12 23:40:30 ----D---- C:\Windows\system32\vi-VN
2009-09-12 23:40:30 ----D---- C:\Windows\system32\eu-ES
2009-09-12 23:40:30 ----D---- C:\Windows\system32\ca-ES
2009-09-12 23:15:43 ----D---- C:\Windows\system32\EventProviders
2009-09-10 23:31:31 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-10 23:31:27 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-10 23:31:26 ----A---- C:\Windows\system32\mssrch.dll
2009-09-10 23:31:23 ----A---- C:\Windows\system32\tquery.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\scavenge.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-10 23:31:21 ----A---- C:\Windows\system32\msi.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\sysmain.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-10 23:31:19 ----A---- C:\Windows\system32\icardagt.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spreview.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spinstall.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-10 23:31:18 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-10 23:31:17 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\spwizui.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\shell32.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\secproc.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-10 23:31:15 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\mssvp.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssph.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mscoree.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\imapi2.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-09-10 23:31:13 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-10 23:31:13 ----A---- C:\Windows\system32\esent.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\sperror.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-10 23:31:12 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\SLC.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-10 23:31:11 ----A---- C:\Windows\system32\msshsq.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-10 23:31:10 ----A---- C:\Windows\system32\pmcsnap.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\msjet40.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\Query.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\qmgr.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-09-10 23:31:09 ----A---- C:\Windows\system32\msxml6.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\ole32.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\msexch40.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\diagperf.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\winload.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\uDWM.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\ntdll.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\msxml3.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mmc.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mblctr.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\EncDec.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\riched20.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\fdBth.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\dfsr.exe
2009-09-10 23:31:05 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-10 23:31:05 ----A---- C:\Windows\system32\kernel32.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\spoolss.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\milcore.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\gpedit.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\mstext40.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\Magnify.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\fveapi.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\es.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\cscsvc.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-10 23:31:01 ----A---- C:\Windows\system32\advapi32.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\slwmi.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\vssapi.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\authui.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-10 23:30:57 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\propsys.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\newdev.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-10 23:30:56 ----A---- C:\Windows\system32\crypt32.dll
2009-09-10 23:30:56 ----A---- C:\Windows\explorer.exe
2009-09-10 23:30:55 ----A---- C:\Windows\system32\setupapi.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\rpcss.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\msltus40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\davclnt.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\d3d9.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\photowiz.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\mfc42.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\browseui.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\user32.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\samsrv.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\quartz.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\ci.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\win32spl.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-10 23:30:52 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\netshell.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\kerberos.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-10 23:30:51 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\winhttp.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\msctf.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\compcln.exe
2009-09-10 23:30:51 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\apds.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\SLUI.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-10 23:30:50 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\gdi32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\eapphost.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\winresume.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\wbengine.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\propdefs.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\odbc32.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-10 23:30:47 ----A---- C:\Windows\system32\swprv.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\usp10.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\vds.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\netlogon.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msscb.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msctfp.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\drvinst.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\devmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-10 23:30:44 ----A---- C:\Windows\system32\WFS.exe
2009-09-10 23:30:44 ----A---- C:\Windows\system32\BFE.DLL
2009-09-10 23:30:43 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\schannel.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\evr.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-10 23:30:42 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\services.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wercon.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\adtschema.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\taskeng.exe
2009-09-10 23:30:39 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msjter40.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdrm.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\certcli.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\reg.exe
2009-09-10 23:30:38 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\certutil.exe
2009-09-10 23:30:37 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\w32time.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msshooks.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bthserv.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-10 23:30:36 ----A---- C:\Windows\system32\scrptadm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\netapi32.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msstrc.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msihnd.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetpp.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\dfshim.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\termsrv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\profsvc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\mscories.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\imapi.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\hidserv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\fundisc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\wdc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\rasmans.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\pnidui.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\msiexec.exe
2009-09-10 23:30:34 ----A---- C:\Windows\system32\icardres.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\iassdo.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\wersvc.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-10 23:30:33 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-10 23:30:33 ----A---- C:\Windows\system32\scrrun.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-10 23:30:33 ----A---- C:\Windows\system32\autofmt.exe
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pdh.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\azroles.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\winlogon.exe
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\untfs.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\spp.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\sethc.exe
2009-09-10 23:30:30 ----A---- C:\Windows\system32\scrobj.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\rtutils.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\kd1394.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\iassam.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\comuid.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\certmgr.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\wisptis.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\iasnap.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\dwm.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\cscui.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\autochk.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\winsrv.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\printui.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\onex.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\kdcom.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\cscript.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\basecsp.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\autoconv.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\audiodg.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\wow32.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\winmm.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\userenv.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\RelMon.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\osk.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\mswsock.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\kdusb.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFault.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\Utilman.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\offfilt.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\msftedit.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wsepno.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\sysclass.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\stobject.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\SndVol.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mscms.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mfplat.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mcmde.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\diskraid.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\apphelp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscript.exe
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ulib.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\secur32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\rastapi.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-10 23:30:24 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\dsound.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\cryptui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rastls.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\ntprint.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\logman.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\gpapi.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\diskpart.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\brcpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wusa.exe
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wshext.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\regsvc.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\netcenter.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\mscorier.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\iasrad.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\findstr.exe
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wer.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\themecpl.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\uxsms.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\slcc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\scansetting.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\msutb.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\iasads.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\umrdp.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powrprof.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powercpl.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\newdev.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\networkmap.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\mstsc.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\iasacct.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\authz.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\usercpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\themeui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\sud.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\samlib.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\qdvd.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\pcaui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\mmci.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\fveui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\connect.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\brcplsiw.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\autoplay.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\regapi.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\fvecpl.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\wpcao.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-10 23:30:16 ----A---- C:\Windows\system32\cscobj.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scksp.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scesrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\oleprn.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\mpr.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\feclient.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\WindowsUltimateExtrasCPL.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\sdclt.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\imm32.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\scecli.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\qedit.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\pnpui.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-10 23:30:13 ----A---- C:\Windows\system32\certreq.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\whealogr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\srcore.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\rasplap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\raschap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fontext.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\conime.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wlanui.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\rasppp.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-10 23:30:11 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dsprop.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\shsetup.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\modemui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\smss.exe
2009-09-10 23:30:09 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\mscandui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\dataclen.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\blackbox.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\appmgmts.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\logagent.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\ifmon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\CscMig.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\credui.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\cipher.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\certprop.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\wscapi.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\softkbd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\sendmail.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msscp.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msimtf.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msctfui.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\InkEd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\gpresult.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\wshbth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\version.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\rdpclip.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\puiapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\olepro32.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\msisip.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\mprapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\input.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\gpprnext.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\cdd.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\rdpendp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\msjint40.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\ftp.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fc.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\dmusic.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\cscapi.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\Storprop.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdial.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\gpscript.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\cscdll.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthci.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\slcinst.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\nslookup.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\gpscript.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\qprocess.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\mmcico.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\tscon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\shadow.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\logoff.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\csrstub.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgusr.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgport.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chglogon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\cbsra.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tskill.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tsdiscon.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\rwinsta.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\reset.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\query.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\qappsrv.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\winrnr.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\slwga.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\midimap.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\inetppui.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\change.exe
2009-09-10 23:29:56 ----A---- C:\Windows\system32\msimsg.dll
2009-09-10 23:29:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\wdscore.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-10 23:29:36 ----A---- C:\Windows\system32\drvstore.dll
2009-09-09 11:38:08 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 11:37:47 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\finger.exe
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 11:37:30 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 11:37:29 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfps.dll
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mf.dll
2009-09-09 11:37:28 ----A---- C:\Windows\system32\mferror.dll
2009-09-07 21:12:38 ----D---- C:\Users\Admin\AppData\Roaming\teamspeak2
2009-09-07 01:15:46 ----A---- C:\Windows\uninst.exe
2009-09-03 16:09:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 16:09:04 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 12:15:24 ----A---- C:\Windows\IsUn040c.exe

======List of files/folders modified in the last 1 months======

2009-09-29 07:17:27 ----D---- C:\Windows\Temp
2009-09-29 06:56:39 ----D---- C:\Windows\system32\catroot2
2009-09-29 06:56:30 ----D---- C:\ProgramData\NVIDIA
2009-09-28 23:23:18 ----D---- C:\Windows\system32\drivers
2009-09-28 23:23:16 ----D---- C:\ProgramData
2009-09-28 23:23:16 ----D---- C:\Program Files
2009-09-25 13:28:35 ----D---- C:\Windows\System32
2009-09-25 13:28:35 ----D---- C:\Windows\inf
2009-09-25 13:28:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-25 10:46:26 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-25 10:45:41 ----SHD---- C:\System Volume Information
2009-09-24 13:56:58 ----RSD---- C:\Windows\Fonts
2009-09-23 23:18:54 ----SHD---- C:\Windows\Installer
2009-09-23 23:18:54 ----HD---- C:\Config.Msi
2009-09-23 15:46:45 ----D---- C:\Users\Admin\AppData\Roaming\GetRightToGo
2009-09-23 15:46:42 ----D---- C:\Windows\system32\Tasks
2009-09-23 15:43:53 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2009-09-23 14:13:54 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2009-09-23 09:28:05 ----D---- C:\Users\Admin\AppData\Roaming\Notepad++
2009-09-21 22:35:31 ----D---- C:\Program Files\Common Files\Logitech
2009-09-15 19:19:20 ----D---- C:\ProgramData\ma-config.com
2009-09-15 17:14:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-09-15 17:12:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-15 10:56:47 ----D---- C:\Program Files\Lavasoft
2009-09-14 01:49:43 ----D---- C:\Windows
2009-09-14 01:45:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-14 01:44:55 ----D---- C:\Program Files\AGEIA Technologies
2009-09-14 01:43:24 ----D---- C:\Windows\system32\catroot
2009-09-14 01:42:31 ----D---- C:\NVIDIA
2009-09-13 13:18:59 ----D---- C:\Program Files\FileZilla Client
2009-09-13 11:47:59 ----D---- C:\Users\Admin\AppData\Roaming\Mozilla
2009-09-13 08:53:19 ----D---- C:\Windows\rescache
2009-09-12 23:57:51 ----D---- C:\Windows\Microsoft.NET
2009-09-12 23:57:46 ----RSD---- C:\Windows\assembly
2009-09-12 23:47:00 ----SHD---- C:\Boot
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Sidebar
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Media Player
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Mail
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Journal
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Collaboration
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Calendar
2009-09-12 23:40:55 ----D---- C:\Program Files\Movie Maker
2009-09-12 23:40:55 ----D---- C:\Program Files\Internet Explorer
2009-09-12 23:40:55 ----D---- C:\Program Files\Common Files\System
2009-09-12 23:40:54 ----D---- C:\Windows\servicing
2009-09-12 23:40:54 ----D---- C:\Windows\ehome
2009-09-12 23:40:54 ----D---- C:\Program Files\Windows Defender
2009-09-12 23:40:51 ----D---- C:\Windows\system32\XPSViewer
2009-09-12 23:40:51 ----D---- C:\Windows\system32\sk-SK
2009-09-12 23:40:51 ----D---- C:\Windows\system32\lv-LV
2009-09-12 23:40:51 ----D---- C:\Windows\system32\ko-KR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\hr-HR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\et-EE
2009-09-12 23:40:51 ----D---- C:\Windows\system32\da-DK
2009-09-12 23:40:51 ----D---- C:\Windows\PolicyDefinitions
2009-09-12 23:40:51 ----D---- C:\Windows\IME
2009-09-12 23:40:50 ----D---- C:\Windows\system32\ru-RU
2009-09-12 23:40:50 ----D---- C:\Windows\system32\oobe
2009-09-12 23:40:50 ----D---- C:\Windows\system32\migration
2009-09-12 23:40:50 ----D---- C:\Windows\system32\it-IT
2009-09-12 23:40:50 ----D---- C:\Windows\system32\fr
2009-09-12 23:40:50 ----D---- C:\Windows\system32\en-US
2009-09-12 23:40:50 ----D---- C:\Windows\system32\el-GR
2009-09-12 23:40:50 ----D---- C:\Windows\system32\de-DE
2009-09-12 23:40:50 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-12 23:40:49 ----D---- C:\Windows\system32\fr-FR
2009-09-12 23:40:48 ----D---- C:\Windows\system32\sv-SE
2009-09-12 23:40:48 ----D---- C:\Windows\system32\SLUI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\setup
2009-09-12 23:40:48 ----D---- C:\Windows\system32\pt-PT
2009-09-12 23:40:48 ----D---- C:\Windows\system32\hu-HU
2009-09-12 23:40:48 ----D---- C:\Windows\system32\he-IL
2009-09-12 23:40:48 ----D---- C:\Windows\system32\fi-FI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\cs-CZ
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-TW
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-CN
2009-09-12 23:40:47 ----D---- C:\Windows\system32\uk-UA
2009-09-12 23:40:47 ----D---- C:\Windows\system32\th-TH
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sl-SI
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ro-RO
2009-09-12 23:40:47 ----D---- C:\Windows\system32\pl-PL
2009-09-12 23:40:47 ----D---- C:\Windows\system32\manifeststore
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ja-JP
2009-09-12 23:40:47 ----D---- C:\Windows\system32\es-ES
2009-09-12 23:40:47 ----D---- C:\Windows\system32\bg-BG
2009-09-12 23:40:44 ----D---- C:\Windows\system32\tr-TR
2009-09-12 23:40:43 ----D---- C:\Windows\system32\wbem
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nl-NL
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nb-NO
2009-09-12 23:40:43 ----D---- C:\Windows\system32\lt-LT
2009-09-12 23:40:43 ----D---- C:\Windows\system32\ar-SA
2009-09-12 23:40:42 ----D---- C:\Windows\system32\pt-BR
2009-09-12 23:40:42 ----D---- C:\Windows\system32\migwiz
2009-09-12 23:40:36 ----D---- C:\Windows\AppPatch
2009-09-12 23:40:30 ----D---- C:\Windows\system32\Boot
2009-09-12 23:39:18 ----D---- C:\Windows\system32\RTCOM
2009-09-12 23:35:41 ----D---- C:\Windows\winsxs
2009-09-10 15:35:42 ----D---- C:\Program Files\Mozilla Firefox
2009-09-09 12:04:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 12:04:15 ----D---- C:\ProgramData\Microsoft Help
2009-09-06 19:50:52 ----D---- C:\Program Files\Google
2009-09-06 10:45:56 ----D---- C:\Windows\Tasks
2009-09-06 10:45:32 ----D---- C:\Program Files\HP
2009-09-06 10:44:41 ----D---- C:\Program Files\Pando Networks
2009-09-06 10:44:22 ----D---- C:\Program Files\Common Files
2009-09-06 10:42:08 ----D---- C:\Windows\Downloaded Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-09-15 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2007-12-30 278984]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-09-15 55656]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2007-12-30 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\Windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-07-02 33840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-17 9545152]
R3 tapvpn;TAP VPN Adapter; C:\Windows\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 a333v447;a333v447; C:\Windows\system32\drivers\a333v447.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2007-07-23 13696]
S3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2007-07-23 30848]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 gUSBSTOi;gUSBSTOi; \??\C:\Users\DAVIDC~1\AppData\Local\Temp\gUSBSTOi.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-07-07 25544]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-19 22016]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-11-08 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [2006-01-09 19345]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [2006-01-09 18003]
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-11-08 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 MyPenPro;MyPen Pro; C:\Windows\Syste

Salut scade


Télécharge combofix.exe (de sUBs) sur le bureau :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

Double clique sur combofix.exe, clique sur OUI et valide par Entrée

Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


@++

Bonsoir bonsoir!

J'ai bien suivi la procédure indiquée, ai coupé l'antivirus, spybot etc... et ai lancé la bête.

Je ne pense pas que ce soit grave, mais l'ordi a fait deux gros bips une fois combofix chargé ^^
Voici en tout cas le rapport qu'il a généré:

ComboFix 09-09-28.01 - Admin 29.09.2009 23:25.1.2 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6002.2.1252.41.1036.18.3326.2346 [GMT 2:00]
Lancé depuis: c:\users\Admin\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-3195084191-325066223-97801302-1000
c:\$recycle.bin\S-1-5-21-3195084191-325066223-97801302-1003
c:\$recycle.bin\S-1-5-21-3195084191-325066223-97801302-1004
c:\$recycle.bin\S-1-5-21-3195084191-325066223-97801302-500
c:\$recycle.bin\S-1-5-21-51003140-4199384537-3980697693-500
c:\program files\webmediaplayer
c:\program files\webmediaplayer\resources\wmp_translation_file.xml
c:\program files\webmediaplayer\skins\classic.skn
c:\program files\webmediaplayer\sqlite3.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Conditions générales.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Confidentialité.url
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Désinstaller.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url
c:\windows\Installer\1ffa7c.msi

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-08-28 au 2009-09-29 ))))))))))))))))))))))))))))))))))))
.

2009-09-29 21:30 . 2009-09-29 21:30 -------- d-----w- c:\users\Admin\AppData\Local\temp
2009-09-29 21:30 . 2009-09-29 21:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-29 09:56 . 2009-09-29 09:56 -------- d-----w- C:\cygdrive
2009-09-29 09:33 . 2009-09-29 09:33 -------- d-----w- c:\program files\Recuva
2009-09-29 09:26 . 2009-09-29 09:26 -------- d-----w- c:\program files\PC Inspector File Recovery
2009-09-29 05:17 . 2009-09-29 05:57 -------- d-----w- C:\rsit
2009-09-28 21:23 . 2009-09-28 21:23 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes
2009-09-28 21:23 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-28 21:23 . 2009-09-28 21:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-28 21:23 . 2009-09-28 21:23 -------- d-----w- c:\programdata\Malwarebytes
2009-09-28 21:23 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-23 21:19 . 2009-09-23 22:23 -------- d-----w- c:\users\Admin\AppData\Roaming\Skype
2009-09-23 13:43 . 2009-09-23 13:43 -------- d-----w- c:\users\Admin\AppData\Local\assembly
2009-09-23 13:43 . 2009-09-25 08:46 -------- d-----w- c:\program files\NCSoft
2009-09-22 09:53 . 2009-09-22 09:53 -------- d-----w- c:\program files\Sib Cursor Editor
2009-09-21 20:35 . 2009-09-21 20:35 -------- d-----w- c:\users\Admin\AppData\Local\Downloaded Installations
2009-09-15 17:19 . 2009-09-15 17:19 -------- d-----w- c:\program files\ma-config.com
2009-09-15 16:44 . 2009-09-15 16:44 -------- d-----w- c:\users\Admin\AppData\Roaming\Ahead
2009-09-15 16:42 . 2009-09-15 16:42 -------- d-----w- c:\users\Admin\AppData\Local\Ahead
2009-09-15 11:12 . 2009-09-15 11:16 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-09-15 11:12 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-09-15 11:12 . 2009-09-15 11:12 -------- d-----w- c:\programdata\Avira
2009-09-15 11:12 . 2009-09-15 11:12 -------- d-----w- c:\program files\Avira
2009-09-13 23:46 . 2009-09-13 23:46 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-13 09:47 . 2009-09-13 09:48 -------- d-----w- c:\users\Admin\AppData\Local\Thunderbird
2009-09-13 09:47 . 2009-09-13 09:47 -------- d-----w- c:\users\Admin\AppData\Roaming\Thunderbird
2009-09-13 06:34 . 2009-09-28 13:18 -------- d-----w- c:\users\Admin\AppData\Roaming\FileZilla
2009-09-12 21:40 . 2009-09-12 21:40 -------- d-----w- c:\windows\system32\ca-ES
2009-09-12 21:40 . 2009-09-12 21:40 -------- d-----w- c:\windows\system32\eu-ES
2009-09-12 21:40 . 2009-09-12 21:40 -------- d-----w- c:\windows\system32\vi-VN
2009-09-12 21:15 . 2009-09-12 21:15 -------- d-----w- c:\windows\system32\EventProviders
2009-09-10 21:30 . 2009-04-11 06:28 321536 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-10 21:29 . 2009-04-11 06:28 19968 ----a-w- c:\windows\system32\winrnr.dll
2009-09-10 13:35 . 2009-09-10 13:35 680 ----a-w- c:\users\Admin\AppData\Local\d3d9caps.dat
2009-09-07 19:12 . 2009-09-07 19:12 -------- d-----w- c:\users\Admin\AppData\Roaming\teamspeak2
2009-09-07 11:31 . 2009-09-07 11:31 -------- d-----w- c:\users\Admin\AppData\Local\eMule
2009-09-06 23:26 . 2009-09-06 23:26 -------- d-----w- c:\users\Admin\AppData\Local\DOSBox
2009-09-06 23:15 . 1996-03-05 11:59 289280 ----a-w- c:\windows\uninst.exe
2009-09-03 14:09 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-03 14:09 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-02 10:15 . 1998-10-07 11:08 327168 ----a-w- c:\windows\IsUn040c.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-29 21:16 . 2007-11-12 12:54 -------- d-----w- c:\programdata\NVIDIA
2009-09-29 21:16 . 2009-09-13 23:48 32879 ----a-w- c:\programdata\nvModes.dat
2009-09-29 17:58 . 2006-11-02 16:03 678718 ----a-w- c:\windows\system32\perfh00C.dat
2009-09-29 17:58 . 2006-11-02 16:03 127798 ----a-w- c:\windows\system32\perfc00C.dat
2009-09-29 09:26 . 2007-11-12 19:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-29 05:22 . 2009-08-15 14:25 1 ----a-w- c:\users\Admin\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-09-24 16:56 . 2009-08-03 10:05 112216 ----a-w- c:\users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-23 13:46 . 2009-08-26 12:58 -------- d-----w- c:\users\Admin\AppData\Roaming\GetRightToGo
2009-09-23 07:28 . 2009-08-27 15:42 -------- d-----w- c:\users\Admin\AppData\Roaming\Notepad++
2009-09-21 20:35 . 2008-06-13 16:27 -------- d-----w- c:\program files\Common Files\Logitech
2009-09-15 17:19 . 2008-08-27 08:16 -------- d-----w- c:\programdata\ma-config.com
2009-09-15 15:14 . 2008-12-17 10:38 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-09-15 15:12 . 2008-12-17 10:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-15 08:56 . 2008-02-06 06:41 -------- d-----w- c:\program files\Lavasoft
2009-09-13 23:45 . 2007-12-31 11:46 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-13 23:44 . 2007-12-31 11:48 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-13 11:18 . 2008-10-06 07:05 -------- d-----w- c:\program files\FileZilla Client
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Journal
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration
2009-09-12 21:40 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-12 21:40 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender
2009-09-09 10:04 . 2008-06-10 15:59 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-09 10:04 . 2007-11-12 14:58 -------- d-----w- c:\programdata\Microsoft Help
2009-09-06 17:50 . 2007-11-15 19:43 -------- d-----w- c:\program files\Google
2009-09-06 08:45 . 2009-04-06 16:15 -------- d-----w- c:\program files\HP
2009-09-06 08:44 . 2009-07-19 09:22 -------- d-----w- c:\program files\Pando Networks
2009-08-28 22:54 . 2007-11-15 20:54 -------- d-----w- c:\program files\Java
2009-08-27 00:25 . 2009-08-27 00:25 -------- d-----w- c:\users\Admin\AppData\Roaming\Media Player Classic
2009-08-27 00:25 . 2009-08-27 00:25 -------- d-----w- c:\users\Admin\AppData\Roaming\DivX
2009-08-25 10:47 . 2009-08-25 10:47 -------- dc-h--w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-21 13:13 . 2009-08-21 13:13 -------- d--h--r- c:\users\Admin\AppData\Roaming\SecuROM
2009-08-21 13:11 . 2009-08-21 13:11 22328 ----a-w- c:\users\Admin\AppData\Roaming\PnkBstrK.sys
2009-08-21 13:11 . 2009-08-21 13:11 22328 ----a-w- c:\users\Admin\AppData\Roaming\PnkBstrK.sys
2009-08-21 13:11 . 2008-06-13 17:06 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-08-21 13:11 . 2008-06-13 17:06 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-08-21 13:11 . 2009-08-21 13:11 669184 ----a-w- c:\windows\system32\pbsvc.exe
2009-08-21 13:11 . 2008-06-13 17:06 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-08-17 00:42 . 2009-08-17 00:42 2505248 ----a-w- c:\windows\system32\nvcpluir.dll
2009-08-17 00:42 . 2009-08-17 00:42 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 00:42 . 2009-08-17 00:42 1411616 ----a-w- c:\windows\system32\nvsvsr.dll
2009-08-17 00:42 . 2009-08-17 00:42 1346080 ----a-w- c:\windows\system32\nvsvs.dll
2009-08-16 22:57 . 2009-08-16 22:57 9545152 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2009-08-16 22:57 . 2009-08-16 22:57 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-16 22:57 . 2009-08-16 22:57 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2009-08-16 22:57 . 2009-08-16 22:57 3298304 ----a-w- c:\windows\system32\nvwgf2um.dll
2009-08-16 22:57 . 2009-08-16 22:57 2169376 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-16 22:57 . 2009-08-16 22:57 1985536 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-16 22:57 . 2009-08-16 22:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-16 22:57 . 2009-08-16 22:57 155648 ----a-w- c:\windows\system32\nvcod162.dll
2009-08-16 22:57 . 2009-08-16 22:57 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-16 22:57 . 2009-08-16 22:57 10858496 ----a-w- c:\windows\system32\nvoglv32.dll
2009-08-16 22:57 . 2007-07-06 05:15 7569920 ----a-w- c:\windows\system32\nvd3dum.dll
2009-08-16 22:57 . 2007-07-06 05:15 1044992 ----a-w- c:\windows\system32\nvapi.dll
2009-08-16 17:19 . 2007-11-12 15:11 -------- d-----w- c:\program files\CyberLink
2009-08-16 14:57 . 2009-08-16 14:46 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-08-16 12:08 . 2008-02-16 15:40 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-08-16 11:56 . 2008-02-16 15:40 -------- d-----w- c:\program files\World of Warcraft
2009-08-15 18:19 . 2008-06-13 16:27 -------- d-----w- c:\program files\Logitech
2009-08-15 14:24 . 2009-08-15 14:24 -------- d-----w- c:\users\Admin\AppData\Roaming\OpenOffice.org
2009-08-15 14:22 . 2009-08-15 14:22 -------- d-----w- c:\program files\JRE
2009-08-15 14:22 . 2009-08-15 14:21 -------- d-----w- c:\program files\OpenOffice.org 3
2009-08-15 10:45 . 2009-04-06 16:14 -------- d-----w- c:\programdata\HP
2009-08-14 16:27 . 2009-09-09 09:37 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-09 09:37 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-09 09:37 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-09 09:37 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-09 09:37 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-09 09:37 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-09 09:37 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-09 09:37 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-09 09:37 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-09 09:37 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-09 09:37 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-14 11:36 . 2009-08-14 11:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-11 10:35 . 2007-09-12 04:28 485920 ----a-w- c:\windows\system32\nvuninst.exe
2009-08-09 10:27 . 2009-08-08 16:46 -------- d-----w- c:\users\Admin\AppData\Roaming\vlc
2009-08-09 09:46 . 2007-11-15 20:52 -------- d-----w- c:\program files\BitLord
2009-08-09 09:46 . 2009-08-08 14:56 -------- d-----w- c:\users\Admin\AppData\Roaming\Winamp
2009-08-08 01:00 . 2009-08-08 01:00 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-08-07 17:51 . 2009-08-07 17:51 15308424 ----a-w- c:\windows\system32\xlive.dll
2009-08-07 17:51 . 2009-08-07 17:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-08-03 10:05 . 2009-08-03 10:05 -------- d-----w- c:\users\Admin\AppData\Roaming\Logitech
2009-08-02 22:21 . 2009-08-02 22:21 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-07-25 03:23 . 2008-12-20 08:22 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-07-22 19:13 . 2009-07-22 19:13 28592 ----a-w- c:\windows\system32\drivers\tap0901.sys
2009-07-21 21:52 . 2009-07-29 09:43 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 09:43 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 09:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 09:43 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-15 14:59 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-15 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-15 14:59 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-15 14:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-15 14:59 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-11 19:01 . 2009-09-09 09:37 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-07-11 19:01 . 2009-09-09 09:37 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-07-11 19:01 . 2009-09-09 09:37 293376 ----a-w- c:\windows\system32\wlanmsm.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"MotiveReportAgent"="c:\program files\Common Files\Motive\McciBootStrapper.exe" [2005-12-16 202240]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-27 198160]
"Ai Nap"="c:\program files\ASUS\AI Suite\AiNap\AiNap.exe" [2007-04-09 1423360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2009-03-12 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-23 4423680]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-03-16 1822720]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-02-29 76304]

c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-1 805392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):69,ea,9c,8b,f2,33,ca,01

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{43727764-08F4-4F2E-A020-12B6364C7716}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{31EA63B3-8C76-4E1A-A020-B1948C5165F4}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{3D64D1CB-744B-4152-9770-625124711B78}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{E1192435-1816-4613-B3CE-BF5AA0774D39}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{41E3D905-F5EE-4067-906A-D6D5E019FF33}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{EC2B1E58-AD56-4389-9E3A-87961CDFB754}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{C204A96C-1401-44CB-A2EA-8B799227C5A3}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{6953B812-1CEB-4163-ADD3-221A429495AD}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{C45F3616-445C-4661-836C-7796651818A9}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{6A794B7B-BCEC-4C34-8D34-8B2E8B8D7C47}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{45EBB824-A4E2-4600-BEEF-15E0EA426186}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{1CC5440E-ABD6-40E2-B43F-CD4CFCCD75D3}d:\\valve\\condition zero\\czero.exe"= UDP:d:\valve\condition zero\czero.exe:Condition Zero Launcher
"UDP Query User{94C335DC-2324-4F7E-821F-892CE1C6CD12}d:\\valve\\condition zero\\czero.exe"= TCP:d:\valve\condition zero\czero.exe:Condition Zero Launcher
"TCP Query User{1D2A8403-1C82-4D86-AA68-CC63330C485D}c:\\valve\\steam\\steamapps\\scade_cadigan\\condition zero\\hl.exe"= UDP:c:\valve\steam\steamapps\scade_cadigan\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{827A26C4-96DB-49AB-A5D8-48B96C492201}c:\\valve\\steam\\steamapps\\scade_cadigan\\condition zero\\hl.exe"= TCP:c:\valve\steam\steamapps\scade_cadigan\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{CD7333E7-F14D-4648-9FF4-E171D73B2DD2}d:\\the lord of the rings online\\lotroclient.exe"= UDP:d:\the lord of the rings online\lotroclient.exe:lotroclient
"UDP Query User{1E4608AF-06CB-40A5-9E42-98A226BE2857}d:\\the lord of the rings online\\lotroclient.exe"= TCP:d:\the lord of the rings online\lotroclient.exe:lotroclient
"TCP Query User{C765EB2D-B2BB-4EF8-AF88-CC744998FE5F}d:\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= UDP:d:\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{F9DB7215-C0FE-4B11-9365-F31CAB20DAA0}d:\\world of warcraft\\wow-1.12.0-frfr-downloader.exe"= TCP:d:\world of warcraft\wow-1.12.0-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{D8C9B293-FD33-441B-9106-C9BC71F020AB}d:\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= UDP:d:\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader
"UDP Query User{90478990-F398-4D28-8762-74BE61EB948B}d:\\world of warcraft\\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe"= TCP:d:\world of warcraft\wow-1.12.x-to-2.0.1-frfr-patch-downloader.exe:Blizzard Downloader
"TCP Query User{1019FEC0-341F-402C-B470-F07C5BCD1BEF}d:\\world of warcraft\\repair.exe"= UDP:d:\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{491D87B4-11C7-42BB-9DA7-C82118C58A79}d:\\world of warcraft\\repair.exe"= TCP:d:\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{94E8F977-DE1A-42EE-8C92-C705BDCFEA49}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{724E151A-C3CB-4351-BE70-4981C4799A8E}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{3F6BD6B6-5E6C-4A2E-9F9B-B024BEF0AD76}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{67623927-5EE1-41E1-9141-8BCD7DF4784E}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{DC96AF50-9D95-4946-9DCA-82B74CA29925}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{6DFC32F7-98C5-4743-82F3-DD799730C2F3}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{A2F7AFB2-4537-496E-A84C-0DBF3DEA85BB}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{CAF8D368-6A7B-4F21-BA14-63504D22CD44}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"{7CDE38A2-DB01-48A1-B519-B31CA4AE90F6}"= UDP:d:\assassin's creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{3CE99516-BCA1-48AB-A7A7-DF8E02005DDE}"= TCP:d:\assassin's creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{B04F324D-4186-4D74-B2FF-32A4821F2E4C}"= UDP:d:\assassin's creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{0163C88D-6663-42BA-BD41-2D7219FF3F60}"= TCP:d:\assassin's creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{834A46C4-2632-4B20-98E1-87F7E5125DCB}"= UDP:d:\assassin's creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{73F0EB3E-ADB7-45D5-862B-7A48D7A963D8}"= TCP:d:\assassin's creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{2E0FF077-D944-4400-883F-CB2DCCB80D7A}d:\\need for speed prostreet\\nfs.exe"= UDP:d:\need for speed prostreet\nfs.exe:nfs
"UDP Query User{AFA1B4C1-2FC4-435A-8BED-2963E4213A34}d:\\need for speed prostreet\\nfs.exe"= TCP:d:\need for speed prostreet\nfs.exe:nfs
"{80800A87-173B-489C-A7F2-5F1F12973B20}"= UDP:37940:Port mumule
"{AE4069B4-E94C-4830-9508-6AFB50133349}"= UDP:64740:Port mumule 2
"TCP Query User{3D54204B-A018-492A-AF33-FF58C03AB7D9}c:\\program files\\rndlabs\\baboviolent 2\\bv2.exe"= UDP:c:\program files\rndlabs\baboviolent 2\bv2.exe:bv2
"UDP Query User{82AF6686-E7FA-45C8-911D-BAF1C5D39EBA}c:\\program files\\rndlabs\\baboviolent 2\\bv2.exe"= TCP:c:\program files\rndlabs\baboviolent 2\bv2.exe:bv2
"TCP Query User{2A68B751-EE63-4394-922B-BBD716DD3E3F}d:\\baboviolent 2\\bv2.exe"= UDP:d:\baboviolent 2\bv2.exe:bv2
"UDP Query User{8622556F-D009-47CA-B7A5-CD885E4C6520}d:\\baboviolent 2\\bv2.exe"= TCP:d:\baboviolent 2\bv2.exe:bv2
"TCP Query User{D188556C-6B84-4F7B-9361-01F7DAC030C8}d:\\baboviolent 2\\bv2.exe"= UDP:d:\baboviolent 2\bv2.exe:bv2
"UDP Query User{0C5DB608-35B8-4AD4-BF55-8C83A8216960}d:\\baboviolent 2\\bv2.exe"= TCP:d:\baboviolent 2\bv2.exe:bv2
"TCP Query User{5EC82DF2-5852-4365-A5AE-F26191FE839B}c:\\program files\\filezilla client\\filezilla.exe"= UDP:c:\program files\filezilla client\filezilla.exe:FileZilla FTP Client
"UDP Query User{DADE60B2-6995-433D-AF87-6A77CF7FB578}c:\\program files\\filezilla client\\filezilla.exe"= TCP:c:\program files\filezilla client\filezilla.exe:FileZilla FTP Client
"TCP Query User{46C37119-2DE5-4E68-A552-03F7EA72C52E}d:\\warcraft iii\\war3.exe"= UDP:d:\warcraft iii\war3.exe:Warcraft III
"UDP Query User{EB67A586-EF43-4C7D-9683-567ADC351FD9}d:\\warcraft iii\\war3.exe"= TCP:d:\warcraft iii\war3.exe:Warcraft III
"{012862BF-297B-40EC-B344-38DD9823C030}"= UDP:6112:Port w3
"{8FD68069-A818-4099-939C-A38417A58114}"= UDP:6119:port w32
"TCP Query User{9094A610-E747-4836-9516-2B6474DA81D9}c:\\valve\\steam\\steamapps\\scade_cadigan\\counter-strike source\\hl2.exe"= UDP:c:\valve\steam\steamapps\scade_cadigan\counter-strike source\hl2.exe:hl2
"UDP Query User{0D32C9A8-C050-48B3-8B1C-98BA7964A161}c:\\valve\\steam\\steamapps\\scade_cadigan\\counter-strike source\\hl2.exe"= TCP:c:\valve\steam\steamapps\scade_cadigan\counter-strike source\hl2.exe:hl2
"TCP Query User{BA4C207D-FAA1-437E-872D-B092A5C056B5}d:\\zu online\\zu-online\\zuonline.exe"= UDP:d:\zu online\zu-online\zuonline.exe:ZuOnline
"UDP Query User{00F11750-735B-4B02-B74A-989DD8FD75EA}d:\\zu online\\zu-online\\zuonline.exe"= TCP:d:\zu online\zu-online\zuonline.exe:ZuOnline
"TCP Query User{9915BEAA-8769-404F-B3C9-D52D48BF4D35}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{2AAD80CC-A44B-4535-B1A1-F21D7B240151}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{5B63338A-A434-4925-9911-6C60FF180724}c:\\users\\poukram\\desktop\\wotlk_intro_fr.avi-downloader.exe"= UDP:c:\users\poukram\desktop\wotlk_intro_fr.avi-downloader.exe:wotlk_intro_fr.avi-downloader.exe
"UDP Query User{53294C42-1612-4C24-9677-8894D28D304D}c:\\users\\poukram\\desktop\\wotlk_intro_fr.avi-downloader.exe"= TCP:c:\users\poukram\desktop\wotlk_intro_fr.avi-downloader.exe:wotlk_intro_fr.avi-downloader.exe
"{E3303F5D-76B2-49D0-81EF-9F7AB33ACEEC}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{CBF31DC7-A863-46E9-B437-959B447E8501}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"TCP Query User{A838A35E-63B0-4DC7-B926-DD56C09CA7C7}c:\\users\\poukram\\desktop\\wotlk-intro_fr_fr-downloader.exe"= UDP:c:\users\poukram\desktop\wotlk-intro_fr_fr-downloader.exe:wotlk-intro_fr_fr-downloader.exe
"UDP Query User{510445AB-DD3C-4627-A7D7-19C39D0A9149}c:\\users\\poukram\\desktop\\wotlk-intro_fr_fr-downloader.exe"= TCP:c:\users\poukram\desktop\wotlk-intro_fr_fr-downloader.exe:wotlk-intro_fr_fr-downloader.exe
"TCP Query User{7E317FC2-4E3F-4A55-AEF0-A16A5D8F6014}c:\\users\\poukram\\desktop\\war europe downloader.exe"= UDP:c:\users\poukram\desktop\war europe downloader.exe:war europe downloader.exe
"UDP Query User{652A982A-8C47-463F-9E7D-1464E31B558B}c:\\users\\poukram\\desktop\\war europe downloader.exe"= TCP:c:\users\poukram\desktop\war europe downloader.exe:war europe downloader.exe
"{77C2E341-3C53-4D3C-A09D-21E8101AEB6B}"= UDP:d:\warhammer mark of chaos\Warhammer.exe:Warhammer® Mark of Chaos™ - Battle March™ GOLD
"{29606666-573C-496A-8420-971E8BAC7732}"= TCP:d:\warhammer mark of chaos\Warhammer.exe:Warhammer® Mark of Chaos™ - Battle March™ GOLD
"TCP Query User{456EF44B-ED4D-4C3F-8981-C9A7D8D731F2}d:\\world of warcraft\\backgrounddownloader.exe"= UDP:d:\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{6FFD3BB1-6F43-43BB-93D0-79956AF0C257}d:\\world of warcraft\\backgrounddownloader.exe"= TCP:d:\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{3CF4F4F8-E45C-411E-B539-A91C8B845735}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{B2CF76A3-B1D1-4596-9672-4FE34CB55556}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"{0E9891DF-2EED-4F65-BE93-ABACB802C2E4}"= UDP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{A5C49E1A-3DAB-4ECF-8036-EF92E01800C5}"= TCP:c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{2AB27A60-FEE8-4B91-B697-3ABE0483078D}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{29037FDA-77E1-480D-9512-52AC27F65FA2}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{6BCD1F06-53A9-457A-8A3C-755A3CAF449D}d:\\maxtv\\maxtv.exe"= UDP:d:\maxtv\maxtv.exe:maxtv
"UDP Query User{E378D9AC-6A58-4A50-86D9-3B06A56407BC}d:\\maxtv\\maxtv.exe"= TCP:d:\maxtv\maxtv.exe:maxtv
"TCP Query User{8CECF229-B6D5-40A3-8293-328809018BA7}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{FE0145DA-CD4F-483C-90E6-8503CEA160B3}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"TCP Query User{5D88C426-C783-4E04-B90A-8AF6328AF2BB}d:\\maxtv\\core\\maxtv_xul.exe"= UDP:d:\maxtv\core\maxtv_xul.exe:maxtv_xul
"UDP Query User{3784FA93-2E2F-4EBD-86B2-EB8EF386341B}d:\\maxtv\\core\\maxtv_xul.exe"= TCP:d:\maxtv\core\maxtv_xul.exe:maxtv_xul
"TCP Query User{B482AD7A-CC12-45B5-A46B-04D24E1C804E}c:\\valve\\steam\\steamapps\\scade_cadigan\\condition zero\\hl.exe"= UDP:c:\valve\steam\steamapps\scade_cadigan\condition zero\hl.exe:Half-Life Launcher
"UDP Query User{AC7B69CE-EE4B-4DF9-8756-F5F44B26D40B}c:\\valve\\steam\\steamapps\\scade_cadigan\\condition zero\\hl.exe"= TCP:c:\valve\steam\steamapps\scade_cadigan\condition zero\hl.exe:Half-Life Launcher
"TCP Query User{A346581E-76B3-4E27-B39C-87771F92B83B}d:\\world of warcraft\\repair.exe"= UDP:d:\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{98BA8065-C4F2-4AE6-8A34-B7D0659FB0CE}d:\\world of warcraft\\repair.exe"= TCP:d:\world of warcraft\repair.exe:Blizzard Repair Utility
"TCP Query User{762DF61A-05C5-408E-B12D-556CFB28C321}c:\\users\\poukram\\appdata\\local\\temp\\blizzard launcher temporary - 5194de30\\launcher.exe"= UDP:c:\users\poukram\appdata\local\temp\blizzard launcher temporary - 5194de30\launcher.exe:launcher.exe
"UDP Query User{19FE0EB3-0E6D-4609-96AF-8F3E5CF91FAB}c:\\users\\poukram\\appdata\\local\\temp\\blizzard launcher temporary - 5194de30\\launcher.exe"= TCP:c:\users\poukram\appdata\local\temp\blizzard launcher temporary - 5194de30\launcher.exe:launcher.exe
"{62ADD0F8-510C-4D42-BB0A-FE00A3C0A35C}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{5FC54C31-0B93-465C-84DD-F194B2D04B4D}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"TCP Query User{D1CEEEDD-98EF-435F-A4A8-75A8A27487C2}c:\\program files\\sony\\station\\launchpad\\launchpad.exe"= UDP:c:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"UDP Query User{08CAE4CF-360D-4668-B677-D346DA1B9BAE}c:\\program files\\sony\\station\\launchpad\\launchpad.exe"= TCP:c:\program files\sony\station\launchpad\launchpad.exe:LaunchPad
"TCP Query User{83842E8F-B83E-40E9-B3F8-472CB8C35C5B}c:\\users\\poukram\\appdata\\local\\temp\\blizzard launcher temporary - 06a67038\\launcher.exe"= UDP:c:\users\poukram\appdata\local\temp\blizzard launcher temporary - 06a67038\launcher.exe:launcher.exe
"UDP Query User{C1810E20-475E-44C1-9813-53185DB0EDAC}c:\\users\\poukram\\appdata\\local\\temp\\blizzard launcher temporary - 06a67038\\launcher.exe"= TCP:c:\users\poukram\appdata\local\temp\blizzard launcher temporary - 06a67038\launcher.exe:launcher.exe
"{42AB60B5-3837-4B3E-81A1-512D8C9A67DD}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{354C762D-631C-4203-B5E4-F740A71DEF71}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"TCP Query User{2813D9BD-8523-4BA5-AB47-F21EB2BC36AA}d:\\dungeons & dragons online - stormreach\\dndclient.exe"= UDP:d:\dungeons & dragons online - stormreach\dndclient.exe:dndclient
"UDP Query User{64BFF265-E9C1-444E-A9B6-90AB542AE8BE}d:\\dungeons & dragons online - stormreach\\dndclient.exe"= TCP:d:\dungeons & dragons online - stormreach\dndclient.exe:dndclient
"{9B738251-55C6-47A9-8579-3BC592CA7C8E}"= UDP:d:\cyanide\Dungeon Party\DungeonParty.exe:Dungeon Party
"{7155E06F-B46A-4C2C-B4A1-776B3788A85E}"= TCP:d:\cyanide\Dungeon Party\DungeonParty.exe:Dungeon Party
"{29844517-D8E5-411C-821B-9595EB5555E5}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{6E98C7CB-73C5-4787-9AA5-1535F1C86EE4}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{4546AFDE-2A1E-4564-B587-2E143FE1FD06}"= UDP:d:\itunes\iTunes.exe:iTunes
"{04425B23-981B-4305-BC44-9A9E3EA79CE1}"= TCP:d:\itunes\iTunes.exe:iTunes
"TCP Query User{A9087F4F-A7FB-43A1-AA00-39A2894D82AF}d:\\playonline\\squareenix\\playonlineviewer\\pol.exe"= UDP:d:\playonline\squareenix\playonlineviewer\pol.exe:PlayOnline Viewer
"UDP Query User{B37BC97B-93CE-42D6-9D70-737B5FA64CA7}d:\\playonline\\squareenix\\playonlineviewer\\pol.exe"= TCP:d:\playonline\squareenix\playonlineviewer\pol.exe:PlayOnline Viewer
"TCP Query User{9CB082CB-E3E2-4D11-96C4-4DFC1B4B9452}c:\\users\\poukram\\desktop\\yuleech-runesofmagic2_0_1_1821-de.exe"= UDP:c:\users\poukram\desktop\yuleech-runesofmagic2_0_1_1821-de.exe:yuleech-runesofmagic2_0_1_1821-de.exe
"UDP Query User{274A9525-0902-4526-B739-4DE421BA8DCD}c:\\users\\poukram\\desktop\\yuleech-runesofmagic2_0_1_1821-de.exe"= TCP:c:\users\poukram\desktop\yuleech-runesofmagic2_0_1_1821-de.exe:yuleech-runesofmagic2_0_1_1821-de.exe
"{01A670B5-4D74-4146-94E0-CFFAB572E60F}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{21CED74D-D3DC-4873-BD22-EDF5DA44282A}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{AA37CABC-7D74-45D5-ABE1-89618000090D}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{E3B82328-B52B-4490-B997-C9143FEE1C1E}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{5406DD4F-AB10-4BD4-8B69-D6EB3651F020}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{B86B1188-E753-47D0-BEA9-4A65518E016F}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{9C665607-35B6-4371-AEE6-C466A7D3477F}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{B3117C75-C3B2-4F6C-AEBC-4DDEE77EF7AC}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{3A1A9BB8-833D-4977-B903-7B0EECA45C2E}d:\\world of warcraft\\launcher.exe"= UDP:d:\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{F898A6B0-5EFD-4AF4-AB65-F5C9372FDC41}d:\\world of warcraft\\launcher.exe"= TCP:d:\world of warcraft\launcher.exe:Blizzard Launcher
"{87328BBC-7057-42DC-85BD-D94C65E78C91}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{6F957C6D-A820-4651-8574-80EEDEA4D791}c:\\valve\\steam\\steamapps\\scade_cadigan\\half-life\\hl.exe"= UDP:c:\valve\steam\steamapps\scade_cadigan\half-life\hl.exe:Half-Life Launcher
"UDP Query User{B1969F8D-207F-4C46-BA4E-98F743A47BC4}c:\\valve\\steam\\steamapps\\scade_cadigan\\half-life\\hl.exe"= TCP:c:\valve\steam\steamapps\scade_cadigan\half-life\hl.exe:Half-Life Launcher
"TCP Query User{D8E8D819-0F81-4EAF-84A0-B13A753AFD19}c:\\valve\\steam\\steamapps\\scade_cadigan\\dedicated server\\hlds.exe"= UDP:c:\valve\steam\steamapps\scade_cadigan\dedicated server\hlds.exe:HLDS Launcher
"UDP Query User{D280E5D7-FE67-492A-AB39-22773E50B2AD}c:\\valve\\steam\\steamapps\\scade_cadigan\\dedicated server\\hlds.exe"= TCP:c:\valve\steam\steamapps\scade_cadigan\dedicated server\hlds.exe:HLDS Launcher
"{41275C45-81C2-4EE0-A108-DBD799B36B72}"= UDP:d:\demigod\bin\Demigod.exe:Demigod
"{01D9FD85-000D-41B4-8A00-3D9476D85B7F}"= TCP:d:\demigod\bin\Demigod.exe:Demigod
"TCP Query User{43D405C2-C38D-4081-8EED-1A0CA396F147}d:\\world of warcraft\\world of warcraft2\\launcher.exe"= UDP:d:\world of warcraft\world of warcraft2\launcher.exe:Blizzard Launcher
"UDP Query User{A3655AFD-13DF-4BFA-8155-C5F6750601E1}d:\\world of warcraft\\world of warcraft2\\launcher.exe"= TCP:d:\world of warcraft\world of warcraft2\launcher.exe:Blizzard Launcher
"TCP Query User{5ABC5008-A2E5-4045-8890-7B1E5100C1F9}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{BC89D268-8A6D-4D60-8C8B-00C30122DD92}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"{6C4DD219-1AEA-4984-BF2C-79B0FBD54F53}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-frFR-downloader.exe:Blizzard Downloader
"{90D77CB4-7028-40E6-AAD1-D2E3A9202F59}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-frFR-downloader.exe:Blizzard Downloader
"{39E44A8E-42F1-4404-8CEC-2E5C6291C276}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:Blizzard Downloader
"{023E69CA-0486-48E3-A3A0-E9A8492E62D8}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0-frFR-downloader.exe:Blizzard Downloader
"TCP Query User{AF1CD373-95EB-422A-A031-0D7F71ABA075}d:\\world of warcraft\\launcher.exe"= UDP:d:\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{B7160312-DC10-4599-87B5-A2C97BD833A9}d:\\world of warcraft\\launcher.exe"= TCP:d:\world of warcraft\launcher.exe:Blizzard Launcher
"TCP Query User{77CFE74D-506A-4889-9864-62422386B5CB}d:\\warcraft iii\\war3.exe"= UDP:d:\warcraft iii\war3.exe:Warcraft III
"UDP Query User{F6144BF3-CCDA-4821-B3C2-73D36D891FB1}d:\\warcraft iii\\war3.exe"= TCP:d:\warcraft iii\war3.exe:Warcraft III
"{5F26DCF9-BAE9-4A8C-BBEC-C6C3FFA3842A}"= UDP:6112:war3
"{E6776D57-277E-4E10-990A-07700B2102E7}"= TCP:6112:war32
"{00D5DA50-8DAE-4CDE-9B99-68352DC18A13}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:Blizzard Downloader
"{ED3C8024-D576-46F4-B75D-AA6FEFB7A5CB}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-frFR-downloader.exe:Blizzard Downloader
"{4626BD65-6485-41DA-90AE-3CAC22A9E206}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{BC0EF17D-E6A1-4F7B-94B0-A7F7E1039285}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{84C7CBDA-E89E-4D6C-AED0-1EFA8A7886A0}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{ADB7442A-BA16-4D2A-8ACA-18C57D621E1C}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{4FEC6644-9A62-4B50-9144-E95C16E79E9D}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{97B7A154-4E54-4D32-ACBE-43EE2B4ED8E1}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{A5CEF058-A9E2-4B67-A469-26E6C8FAF104}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{6601D14E-6DF6-42E6-B600-0EE81AF2466A}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{35E7669B-0547-4A24-A6E1-D4D89EAC262F}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{EE9617D5-2B93-4673-A80F-4114EF59D495}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{9E2FB506-2F0B-4ADE-B850-829C2367F995}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:Blizzard Downloader
"{CEC9BC13-6AD8-47BC-ACE8-D8411EF6A110}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-frFR-downloader.exe:Blizzard Downloader
"{2BF13A75-F62D-4791-B973-837A6CCC000B}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-frFR-downloader.exe:Blizzard Downloader
"{7CBF1864-84AF-42A5-B466-FF594CB722AC}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-frFR-downloader.exe:Blizzard Downloader
"TCP Query User{0D743438-6640-4B53-BBA0-6F76A72187AA}C:3\\jeux\\pc\\left 4 dead\\left4dead.exe"= UDP:C:3\jeux\pc\left 4 dead\left4dead.exe:left4dead.exe
"UDP Query User{98E57C6F-29AA-4174-8B85-DC2BC3B25ACE}C:3\\jeux\\pc\\left 4 dead\\left4dead.exe"= TCP:C:3\jeux\pc\left 4 dead\left4dead.exe:left4dead.exe

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [25.08.2009 12:48 64160]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [15.09.2009 13:12 108289]
R2 SBKUPNT;SBKUPNT;c:\windows\System32\drivers\SBKUPNT.SYS [16.06.2009 09:45 14976]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [17.08.2009 01:32 239648]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\l160x86.sys [12.11.2008 14:42 46592]
R3 HssDrv;Hotspot Shield Helper Miniport;c:\windows\System32\drivers\hssdrv.sys [02.07.2009 04:34 33840]
S2 gupdate1c9cc9064c91d1b;Service Google Update (gupdate1c9cc9064c91d1b);c:\program files\Google\Update\GoogleUpdate.exe [04.05.2009 10:14 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [03.07.2009 16:49 1028432]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [01.09.2009 08:07 234864]
S3 MyPenPro;MyPen Pro;c:\windows\System32\drivers\MyPenPro.sys [23.04.2009 12:33 44032]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 tap0901;TAP-Win32 Adapter V9;c:\windows\System32\drivers\tap0901.sys [22.07.2009 21:13 28592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contenu du dossier 'Tâches planifiées'

2009-09-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 10:48]

2009-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-04 08:14]

2009-09-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-04 08:14]

2009-09-29 c:\windows\Tasks\User_Feed_Synchronization-{B385E0D1-A5D4-47FA-8925-5BEFA24C4592}.job
- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} - hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ehex8jq4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.anthegaya.fr/
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-NCsoft Launcher - c:\program files\NCSoft\Launcher\NCLauncher.exe
AddRemove-Hamachi - d:\hamachi\uninstall.exe
AddRemove-Steam App 240 - c:\valve\Steam\steam.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-29 23:30
Windows 6.0.6002 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
Heure de fin: 2009-09-29 23:32
ComboFix-quarantined-files.txt 2009-09-29 21:31

Avant-CF: 24'489'361'408 octets libres
Après-CF: 24'646'721'536 octets libres

430 --- E O F --- 2009-09-29 07:31



Bonne soirée!

Salut scade


Télécharge OTM (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTM.exe


Double-clique sur OTM.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.


@++

Hopla, bonjour!

Voila qui est fait
Je suppose que toutes ces procédures doivent vous paraître simples ou logiques avec la pratique et la connaissance, mais bon, de mon point de vue d'ignorant: chapeau.
Et encore merci, cela doit prendre du temps de consulter tous ces logs

Voici justement celui d'OTM:

All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
Service\Driver npggsvc not found.
Unable to delete service\driver keynpggsvc.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules not found.
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules not found.
========== FILES ==========
c:\program files\BitLord\Torrents moved successfully.
Folder move failed. c:\program files\BitLord\rules scheduled to be moved on reboot.
Folder move failed. c:\program files\BitLord\lang scheduled to be moved on reboot.
c:\program files\BitLord\Downloads moved successfully.
Folder move failed. c:\program files\BitLord scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 32193 bytes
File delete failed. C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 163023752 bytes
->Java cache emptied: 15740703 bytes
->FireFox cache emptied: 84816210 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
File delete failed. C:\Users\Default User\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 67 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
File delete failed. C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP\WiseCustomCalla.dll scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP scheduled to be deleted on reboot.
File delete failed. C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP\WiseCustomCalla.dll scheduled to be deleted on reboot.
Folder delete failed. C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP scheduled to be deleted on reboot.
%systemroot% .tmp files removed: 311296 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 1272 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 251.70 mb


OTM by OldTimer - Version 3.0.0.6 log created on 09302009_105437

Salut scade


Mettre MalwareByte's Anti-Malware à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Bonsoir bonsoir.
Instructions suivies. Seul hic: je n'ai qu'une seule session :s Je sais, c'est mal, j'ai lu le post de conseils ^-^ Il faudra que je m'emploie à changer ça.

MalwareByte's n'a absolument rien trouvé

Bonne soirée/journée ^^

Salut scade


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste les rapports log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

Hello ^-^
Voici les logs:

LOG.TXT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-10-01 14:26:23
Microsoft® Windows Vista™ Édition Intégrale Service Pack 2
System drive C: has 18 GB (23%) free of 80 GB
Total RAM: 3326 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:27:22, on 01.10.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\conime.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/ci(...)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
O16 - DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} (ccr_downloader Control) - http://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9cc9064c91d1b) (gupdate1c9cc9064c91d1b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 8067 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{B385E0D1-A5D4-47FA-8925-5BEFA24C4592}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"Skytel"=C:\Windows\Skytel.exe [2007-03-16 1822720]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"MotiveReportAgent"=C:\Program Files\Common Files\Motive\McciBootStrapper.exe [2005-12-16 202240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-27 198160]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2007-04-09 1423360]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2009-03-12 342312]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-15 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.ini - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.js - edit -
.js - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.txt - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"

======List of files/folders created in the last 1 months======

2009-10-01 14:26:23 ----D---- C:\rsit
2009-10-01 14:24:43 ----D---- C:\Users\Admin\AppData\Roaming\Turbine
2009-10-01 11:35:36 ----D---- C:\ProgramData\PMB Files
2009-10-01 01:34:20 ----A---- C:\Windows\ntbtlog.txt
2009-09-30 10:54:37 ----D---- C:\_OTM
2009-09-29 23:32:04 ----D---- C:\Windows\temp
2009-09-29 23:32:02 ----SHD---- C:\$RECYCLE.BIN
2009-09-29 23:32:01 ----A---- C:\ComboFix.txt
2009-09-29 23:23:52 ----A---- C:\Windows\zip.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWXCACLS.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWSC.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWREG.exe
2009-09-29 23:23:52 ----A---- C:\Windows\sed.exe
2009-09-29 23:23:52 ----A---- C:\Windows\PEV.exe
2009-09-29 23:23:52 ----A---- C:\Windows\NIRCMD.exe
2009-09-29 23:23:52 ----A---- C:\Windows\grep.exe
2009-09-29 23:23:48 ----D---- C:\Windows\ERDNT
2009-09-29 23:23:48 ----D---- C:\ComboFix
2009-09-29 23:22:18 ----D---- C:\Qoobox
2009-09-29 11:56:25 ----D---- C:\cygdrive
2009-09-29 11:33:44 ----D---- C:\Program Files\Recuva
2009-09-29 11:26:11 ----D---- C:\Program Files\PC Inspector File Recovery
2009-09-28 23:23:24 ----D---- C:\Users\Admin\AppData\Roaming\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\ProgramData\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-23 23:19:01 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2009-09-23 15:43:10 ----D---- C:\Program Files\NCSoft
2009-09-22 11:53:34 ----D---- C:\Program Files\Sib Cursor Editor
2009-09-15 19:19:20 ----D---- C:\Program Files\ma-config.com
2009-09-15 18:44:54 ----D---- C:\Users\Admin\AppData\Roaming\Ahead
2009-09-15 14:24:41 ----D---- C:\Program Files\HijackThis
2009-09-15 13:12:48 ----D---- C:\ProgramData\Avira
2009-09-15 13:12:48 ----D---- C:\Program Files\Avira
2009-09-14 01:46:05 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-13 11:47:57 ----D---- C:\Users\Admin\AppData\Roaming\Thunderbird
2009-09-13 08:34:36 ----D---- C:\Users\Admin\AppData\Roaming\FileZilla
2009-09-12 23:40:30 ----D---- C:\Windows\system32\vi-VN
2009-09-12 23:40:30 ----D---- C:\Windows\system32\eu-ES
2009-09-12 23:40:30 ----D---- C:\Windows\system32\ca-ES
2009-09-12 23:15:43 ----D---- C:\Windows\system32\EventProviders
2009-09-10 23:31:31 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-10 23:31:27 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-10 23:31:26 ----A---- C:\Windows\system32\mssrch.dll
2009-09-10 23:31:23 ----A---- C:\Windows\system32\tquery.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\scavenge.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-10 23:31:21 ----A---- C:\Windows\system32\msi.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\sysmain.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-10 23:31:19 ----A---- C:\Windows\system32\icardagt.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spreview.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spinstall.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-10 23:31:18 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-10 23:31:17 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\spwizui.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\shell32.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\secproc.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-10 23:31:15 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\mssvp.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssph.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mscoree.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\imapi2.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-09-10 23:31:13 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-10 23:31:13 ----A---- C:\Windows\system32\esent.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\sperror.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-10 23:31:12 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\SLC.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-10 23:31:11 ----A---- C:\Windows\system32\msshsq.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-10 23:31:10 ----A---- C:\Windows\system32\pmcsnap.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\msjet40.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\Query.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\qmgr.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-09-10 23:31:09 ----A---- C:\Windows\system32\msxml6.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\ole32.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\msexch40.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\diagperf.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\winload.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\uDWM.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\ntdll.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\msxml3.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mmc.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mblctr.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\EncDec.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\riched20.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\fdBth.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\dfsr.exe
2009-09-10 23:31:05 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-10 23:31:05 ----A---- C:\Windows\system32\kernel32.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\spoolss.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\milcore.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\gpedit.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\mstext40.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\Magnify.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\fveapi.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\es.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\cscsvc.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-10 23:31:01 ----A---- C:\Windows\system32\advapi32.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\slwmi.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\vssapi.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\authui.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-10 23:30:57 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\propsys.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\newdev.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-10 23:30:56 ----A---- C:\Windows\system32\crypt32.dll
2009-09-10 23:30:56 ----A---- C:\Windows\explorer.exe
2009-09-10 23:30:55 ----A---- C:\Windows\system32\setupapi.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\rpcss.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\msltus40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\davclnt.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\d3d9.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\photowiz.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\mfc42.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\browseui.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\user32.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\samsrv.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\quartz.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\ci.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\win32spl.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-10 23:30:52 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\netshell.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\kerberos.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-10 23:30:51 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\winhttp.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\msctf.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\compcln.exe
2009-09-10 23:30:51 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\apds.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\SLUI.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-10 23:30:50 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\gdi32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\eapphost.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\winresume.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\wbengine.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\propdefs.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\odbc32.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-10 23:30:47 ----A---- C:\Windows\system32\swprv.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\usp10.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\vds.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\netlogon.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msscb.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msctfp.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\drvinst.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\devmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-10 23:30:44 ----A---- C:\Windows\system32\WFS.exe
2009-09-10 23:30:44 ----A---- C:\Windows\system32\BFE.DLL
2009-09-10 23:30:43 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\schannel.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\evr.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-10 23:30:42 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\services.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wercon.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\adtschema.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\taskeng.exe
2009-09-10 23:30:39 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msjter40.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdrm.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\certcli.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\reg.exe
2009-09-10 23:30:38 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\certutil.exe
2009-09-10 23:30:37 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\w32time.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msshooks.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bthserv.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-10 23:30:36 ----A---- C:\Windows\system32\scrptadm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\netapi32.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msstrc.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msihnd.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetpp.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\dfshim.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\termsrv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\profsvc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\mscories.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\imapi.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\hidserv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\fundisc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\wdc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\rasmans.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\pnidui.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\msiexec.exe
2009-09-10 23:30:34 ----A---- C:\Windows\system32\icardres.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\iassdo.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\wersvc.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-10 23:30:33 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-10 23:30:33 ----A---- C:\Windows\system32\scrrun.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-10 23:30:33 ----A---- C:\Windows\system32\autofmt.exe
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pdh.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\azroles.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\winlogon.exe
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\untfs.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\spp.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\sethc.exe
2009-09-10 23:30:30 ----A---- C:\Windows\system32\scrobj.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\rtutils.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\kd1394.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\iassam.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\comuid.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\certmgr.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\wisptis.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\iasnap.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\dwm.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\cscui.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\autochk.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\winsrv.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\printui.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\onex.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\kdcom.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\cscript.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\basecsp.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\autoconv.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\audiodg.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\wow32.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\winmm.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\userenv.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\RelMon.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\osk.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\mswsock.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\kdusb.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFault.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\Utilman.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\offfilt.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\msftedit.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wsepno.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\sysclass.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\stobject.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\SndVol.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mscms.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mfplat.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mcmde.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\diskraid.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\apphelp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscript.exe
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ulib.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\secur32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\rastapi.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-10 23:30:24 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\dsound.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\cryptui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rastls.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\ntprint.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\logman.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\gpapi.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\diskpart.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\brcpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wusa.exe
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wshext.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\regsvc.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\netcenter.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\mscorier.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\iasrad.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\findstr.exe
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wer.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\themecpl.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\uxsms.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\slcc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\scansetting.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\msutb.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\iasads.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\umrdp.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powrprof.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powercpl.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\newdev.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\networkmap.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\mstsc.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\iasacct.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\authz.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\usercpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\themeui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\sud.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\samlib.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\qdvd.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\pcaui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\mmci.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\fveui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\connect.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\brcplsiw.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\autoplay.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\regapi.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\fvecpl.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\wpcao.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-10 23:30:16 ----A---- C:\Windows\system32\cscobj.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scksp.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scesrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\oleprn.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\mpr.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\feclient.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\WindowsUltimateExtrasCPL.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\sdclt.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\imm32.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\scecli.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\qedit.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\pnpui.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-10 23:30:13 ----A---- C:\Windows\system32\certreq.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\whealogr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\srcore.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\rasplap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\raschap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fontext.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\conime.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wlanui.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\rasppp.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-10 23:30:11 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dsprop.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\shsetup.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\modemui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\smss.exe
2009-09-10 23:30:09 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\mscandui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\dataclen.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\blackbox.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\appmgmts.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\logagent.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\ifmon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\CscMig.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\credui.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\cipher.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\certprop.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\wscapi.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\softkbd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\sendmail.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msscp.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msimtf.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msctfui.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\InkEd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\gpresult.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\wshbth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\version.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\rdpclip.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\puiapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\olepro32.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\msisip.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\mprapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\input.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\gpprnext.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\cdd.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\rdpendp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\msjint40.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\ftp.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fc.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\dmusic.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\cscapi.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\Storprop.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdial.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\gpscript.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\cscdll.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthci.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\slcinst.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\nslookup.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\gpscript.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\qprocess.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\mmcico.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\tscon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\shadow.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\logoff.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\csrstub.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgusr.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgport.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chglogon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\cbsra.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tskill.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tsdiscon.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\rwinsta.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\reset.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\query.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\qappsrv.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\winrnr.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\slwga.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\midimap.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\inetppui.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\change.exe
2009-09-10 23:29:56 ----A---- C:\Windows\system32\msimsg.dll
2009-09-10 23:29:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\wdscore.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-10 23:29:36 ----A---- C:\Windows\system32\drvstore.dll
2009-09-09 11:38:08 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 11:37:47 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\finger.exe
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 11:37:30 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 11:37:29 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfps.dll
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mf.dll
2009-09-09 11:37:28 ----A---- C:\Windows\system32\mferror.dll
2009-09-07 21:12:38 ----D---- C:\Users\Admin\AppData\Roaming\teamspeak2
2009-09-07 01:15:46 ----A---- C:\Windows\uninst.exe
2009-09-03 16:09:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 16:09:04 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 12:15:24 ----A---- C:\Windows\IsUn040c.exe

======List of files/folders modified in the last 1 months======

2009-10-01 14:24:33 ----D---- C:\Windows
2009-10-01 14:24:11 ----RSD---- C:\Windows\assembly
2009-10-01 14:23:44 ----SHD---- C:\System Volume Information
2009-10-01 11:35:36 ----D---- C:\ProgramData
2009-10-01 11:35:25 ----D---- C:\Program Files\Pando Networks
2009-10-01 11:14:00 ----D---- C:\ProgramData\NVIDIA
2009-09-30 19:29:44 ----D---- C:\Windows\System32
2009-09-30 19:29:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-30 19:29:43 ----D---- C:\Windows\inf
2009-09-30 12:11:43 ----SHD---- C:\Windows\Installer
2009-09-30 12:11:42 ----D---- C:\Config.Msi
2009-09-30 10:54:38 ----D---- C:\Program Files\BitLord
2009-09-29 23:32:04 ----D---- C:\Windows\system32\fr-FR
2009-09-29 23:30:51 ----A---- C:\Windows\system.ini
2009-09-29 23:30:20 ----D---- C:\Program Files
2009-09-29 23:27:52 ----D---- C:\Windows\system32\drivers
2009-09-29 23:27:52 ----D---- C:\Windows\AppPatch
2009-09-29 23:27:52 ----D---- C:\Program Files\Common Files
2009-09-29 11:26:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-29 11:21:09 ----D---- C:\Windows\Logs
2009-09-29 06:56:39 ----D---- C:\Windows\system32\catroot2
2009-09-24 13:56:58 ----RSD---- C:\Windows\Fonts
2009-09-23 15:46:45 ----D---- C:\Users\Admin\AppData\Roaming\GetRightToGo
2009-09-23 15:46:42 ----D---- C:\Windows\system32\Tasks
2009-09-23 15:43:53 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2009-09-23 14:13:54 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2009-09-23 09:28:05 ----D---- C:\Users\Admin\AppData\Roaming\Notepad++
2009-09-21 22:35:31 ----D---- C:\Program Files\Common Files\Logitech
2009-09-15 19:19:20 ----D---- C:\ProgramData\ma-config.com
2009-09-15 17:14:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-09-15 17:12:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-15 10:56:47 ----D---- C:\Program Files\Lavasoft
2009-09-14 01:45:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-14 01:44:55 ----D---- C:\Program Files\AGEIA Technologies
2009-09-14 01:43:24 ----D---- C:\Windows\system32\catroot
2009-09-14 01:42:31 ----D---- C:\NVIDIA
2009-09-13 13:18:59 ----D---- C:\Program Files\FileZilla Client
2009-09-13 11:47:59 ----D---- C:\Users\Admin\AppData\Roaming\Mozilla
2009-09-13 08:53:19 ----D---- C:\Windows\rescache
2009-09-12 23:57:51 ----D---- C:\Windows\Microsoft.NET
2009-09-12 23:47:00 ----D---- C:\Boot
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Sidebar
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Media Player
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Mail
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Journal
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Collaboration
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Calendar
2009-09-12 23:40:55 ----D---- C:\Program Files\Movie Maker
2009-09-12 23:40:55 ----D---- C:\Program Files\Internet Explorer
2009-09-12 23:40:55 ----D---- C:\Program Files\Common Files\System
2009-09-12 23:40:54 ----D---- C:\Windows\servicing
2009-09-12 23:40:54 ----D---- C:\Windows\ehome
2009-09-12 23:40:54 ----D---- C:\Program Files\Windows Defender
2009-09-12 23:40:51 ----D---- C:\Windows\system32\XPSViewer
2009-09-12 23:40:51 ----D---- C:\Windows\system32\sk-SK
2009-09-12 23:40:51 ----D---- C:\Windows\system32\lv-LV
2009-09-12 23:40:51 ----D---- C:\Windows\system32\ko-KR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\hr-HR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\et-EE
2009-09-12 23:40:51 ----D---- C:\Windows\system32\da-DK
2009-09-12 23:40:51 ----D---- C:\Windows\PolicyDefinitions
2009-09-12 23:40:51 ----D---- C:\Windows\IME
2009-09-12 23:40:50 ----D---- C:\Windows\system32\ru-RU
2009-09-12 23:40:50 ----D---- C:\Windows\system32\oobe
2009-09-12 23:40:50 ----D---- C:\Windows\system32\migration
2009-09-12 23:40:50 ----D---- C:\Windows\system32\it-IT
2009-09-12 23:40:50 ----D---- C:\Windows\system32\fr
2009-09-12 23:40:50 ----D---- C:\Windows\system32\en-US
2009-09-12 23:40:50 ----D---- C:\Windows\system32\el-GR
2009-09-12 23:40:50 ----D---- C:\Windows\system32\de-DE
2009-09-12 23:40:50 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-12 23:40:48 ----D---- C:\Windows\system32\sv-SE
2009-09-12 23:40:48 ----D---- C:\Windows\system32\SLUI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\setup
2009-09-12 23:40:48 ----D---- C:\Windows\system32\pt-PT
2009-09-12 23:40:48 ----D---- C:\Windows\system32\hu-HU
2009-09-12 23:40:48 ----D---- C:\Windows\system32\he-IL
2009-09-12 23:40:48 ----D---- C:\Windows\system32\fi-FI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\cs-CZ
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-TW
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-CN
2009-09-12 23:40:47 ----D---- C:\Windows\system32\uk-UA
2009-09-12 23:40:47 ----D---- C:\Windows\system32\th-TH
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sl-SI
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ro-RO
2009-09-12 23:40:47 ----D---- C:\Windows\system32\pl-PL
2009-09-12 23:40:47 ----D---- C:\Windows\system32\manifeststore
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ja-JP
2009-09-12 23:40:47 ----D---- C:\Windows\system32\es-ES
2009-09-12 23:40:47 ----D---- C:\Windows\system32\bg-BG
2009-09-12 23:40:44 ----D---- C:\Windows\system32\tr-TR
2009-09-12 23:40:43 ----D---- C:\Windows\system32\wbem
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nl-NL
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nb-NO
2009-09-12 23:40:43 ----D---- C:\Windows\system32\lt-LT
2009-09-12 23:40:43 ----D---- C:\Windows\system32\ar-SA
2009-09-12 23:40:42 ----D---- C:\Windows\system32\pt-BR
2009-09-12 23:40:42 ----D---- C:\Windows\system32\migwiz
2009-09-12 23:40:30 ----D---- C:\Windows\system32\Boot
2009-09-12 23:39:18 ----D---- C:\Windows\system32\RTCOM
2009-09-12 23:35:41 ----D---- C:\Windows\winsxs
2009-09-10 15:35:42 ----D---- C:\Program Files\Mozilla Firefox
2009-09-09 12:04:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 12:04:15 ----D---- C:\ProgramData\Microsoft Help
2009-09-06 19:50:52 ----D---- C:\Program Files\Google
2009-09-06 10:45:56 ----D---- C:\Windows\Tasks
2009-09-06 10:45:32 ----D---- C:\Program Files\HP
2009-09-06 10:42:08 ----D---- C:\Windows\Downloaded Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-09-15 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2007-12-30 278984]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-09-15 55656]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2007-12-30 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\Windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-07-02 33840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-17 9545152]
R3 tapvpn;TAP VPN Adapter; C:\Windows\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ap2u56x0;ap2u56x0; C:\Windows\system32\drivers\ap2u56x0.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2007-07-23 13696]
S3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2007-07-23 30848]
S3 catchme;catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 gUSBSTOi;gUSBSTOi; \??\C:\Users\DAVIDC~1\AppData\Local\Temp\gUSBSTOi.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-07-07 25544]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-19 22016]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-11-08 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [2006-01-09 19345]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [2006-01-09 18003]
S3 MRESP50;MRESP50

Salut scade


Important Désactive TeaTimer le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO


- Démarre Spybot clique sur Mode coche Mode avancé
- A gauche clique sur Outils ==> Résident

- Décoche la case devant Résident "TeaTimer"



- Quitte Spybot


-----


Double clique sur le raccourci d'HijackThis sur ton Bureau, clique sur Do a scan system only coche la case devant la(les) ligne(s) suivante(s) si présente(s)
Si plus de raccourci sur le bureau, il ce trouve ici :
C:\Program Files\HijackThis\Admin.exe

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"


- Ferme les fenêtres en cours sauf HijackThis, clique sur Fix checked

- Quitte HijackThis


-----


Télécharge OTM (de Old_Timer) sur le bureau :

http://oldtimer.geekstogo.com/OTM.exe


Double-clique sur OTM.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.


@++

Hopla, et bonjour ^^

J'ai fait tout ce qu'il fallait et voici donc le rapport:

All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========

Service\Driver npggsvc deleted successfully.

Service\Driver catchme deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
C:\Program Files\BitLord\rules moved successfully.
C:\Program Files\BitLord\lang moved successfully.
C:\Program Files\BitLord moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 3807052 bytes
->Temporary Internet Files folder emptied: 3817938 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 76105973 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP folder deleted successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder deleted successfully.
%systemroot% .tmp files removed: 311296 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 3092 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 80.15 mb


OTM by OldTimer - Version 3.0.0.6 log created on 10022009_092736

Files moved on Reboot...

Registry entries deleted on Reboot...


-----

De plus, j'ai refait un scan avec Hijack, et les entrées que tu m'as demandé de cocher sont toujours là. Apparemment de ce que j'ai lu, elles devaient être soit supprimées soit réparées par le programme, donc j'en conclus qu'elles n'ont été que réparées et que c'est probablement normal, mais je préfère le signaler ^^

Bonne journée!

Salut scade


Supprime ce dossier C:\rsit

Refais un scan avec RSIT et poste le rapport log.txt seulement à la fin de l’analyse

Le rapport est dans le dossier ici C:\rsit


@++

Bien l'bonjour!

Voici le rapport demandé :]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Admin at 2009-10-03 12:14:16
Microsoft® Windows Vista™ Édition Intégrale Service Pack 2
System drive C: has 26 GB (32%) free of 80 GB
Total RAM: 3326 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:24, on 03.10.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\AASP\1.00.32\aaCenter.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\HijackThis\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/ci(...)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
O16 - DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} (ccr_downloader Control) - http://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Service Google Update (gupdate1c9cc9064c91d1b) (gupdate1c9cc9064c91d1b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 7639 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{B385E0D1-A5D4-47FA-8925-5BEFA24C4592}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"Skytel"=C:\Windows\Skytel.exe [2007-03-16 1822720]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"MotiveReportAgent"=C:\Program Files\Common Files\Motive\McciBootStrapper.exe [2005-12-16 202240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-08-27 198160]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2007-04-09 1423360]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2009-03-12 342312]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-11-15 233888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.ini - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.js - edit -
.js - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"
.txt - open - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE" /verb open "%1"

======List of files/folders created in the last 1 months======

2009-10-03 12:14:16 ----D---- C:\rsit
2009-10-03 12:04:15 ----N---- C:\Windows\system32\MpSigStub.exe
2009-10-03 11:58:19 ----A---- C:\Windows\system32\wups2.dll
2009-10-03 11:58:19 ----A---- C:\Windows\system32\wucltux.dll
2009-10-03 11:58:19 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-03 11:58:19 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-03 11:57:46 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-03 11:57:46 ----A---- C:\Windows\system32\wuapp.exe
2009-10-03 11:56:53 ----D---- C:\Program Files\Microsoft
2009-10-01 14:24:43 ----D---- C:\Users\Admin\AppData\Roaming\Turbine
2009-10-01 11:35:36 ----D---- C:\ProgramData\PMB Files
2009-10-01 01:34:20 ----A---- C:\Windows\ntbtlog.txt
2009-09-30 10:54:37 ----D---- C:\_OTM
2009-09-29 23:32:04 ----D---- C:\Windows\temp
2009-09-29 23:32:02 ----SHD---- C:\$RECYCLE.BIN
2009-09-29 23:32:01 ----A---- C:\ComboFix.txt
2009-09-29 23:23:52 ----A---- C:\Windows\zip.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWXCACLS.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWSC.exe
2009-09-29 23:23:52 ----A---- C:\Windows\SWREG.exe
2009-09-29 23:23:52 ----A---- C:\Windows\sed.exe
2009-09-29 23:23:52 ----A---- C:\Windows\PEV.exe
2009-09-29 23:23:52 ----A---- C:\Windows\NIRCMD.exe
2009-09-29 23:23:52 ----A---- C:\Windows\grep.exe
2009-09-29 23:23:48 ----D---- C:\Windows\ERDNT
2009-09-29 23:23:48 ----D---- C:\ComboFix
2009-09-29 23:22:18 ----D---- C:\Qoobox
2009-09-29 11:56:25 ----D---- C:\cygdrive
2009-09-29 11:33:44 ----D---- C:\Program Files\Recuva
2009-09-29 11:26:11 ----D---- C:\Program Files\PC Inspector File Recovery
2009-09-28 23:23:24 ----D---- C:\Users\Admin\AppData\Roaming\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\ProgramData\Malwarebytes
2009-09-28 23:23:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-09-23 23:19:01 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2009-09-23 15:43:10 ----D---- C:\Program Files\NCSoft
2009-09-22 11:53:34 ----D---- C:\Program Files\Sib Cursor Editor
2009-09-15 19:19:20 ----D---- C:\Program Files\ma-config.com
2009-09-15 18:44:54 ----D---- C:\Users\Admin\AppData\Roaming\Ahead
2009-09-15 14:24:41 ----D---- C:\Program Files\HijackThis
2009-09-15 13:12:48 ----D---- C:\ProgramData\Avira
2009-09-15 13:12:48 ----D---- C:\Program Files\Avira
2009-09-14 01:46:05 ----D---- C:\Program Files\NVIDIA Corporation
2009-09-13 11:47:57 ----D---- C:\Users\Admin\AppData\Roaming\Thunderbird
2009-09-13 08:34:36 ----D---- C:\Users\Admin\AppData\Roaming\FileZilla
2009-09-12 23:40:30 ----D---- C:\Windows\system32\vi-VN
2009-09-12 23:40:30 ----D---- C:\Windows\system32\eu-ES
2009-09-12 23:40:30 ----D---- C:\Windows\system32\ca-ES
2009-09-12 23:15:43 ----D---- C:\Windows\system32\EventProviders
2009-09-10 23:31:31 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-10 23:31:29 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-10 23:31:28 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-10 23:31:27 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-10 23:31:26 ----A---- C:\Windows\system32\mssrch.dll
2009-09-10 23:31:23 ----A---- C:\Windows\system32\tquery.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\scavenge.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-10 23:31:22 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-10 23:31:22 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-10 23:31:21 ----A---- C:\Windows\system32\msi.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\sysmain.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-10 23:31:20 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-10 23:31:19 ----A---- C:\Windows\system32\icardagt.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spreview.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\spinstall.exe
2009-09-10 23:31:18 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-10 23:31:18 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-10 23:31:17 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\spwizui.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\shell32.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\secproc.dll
2009-09-10 23:31:16 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-10 23:31:15 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-10 23:31:15 ----A---- C:\Windows\system32\mssvp.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mssph.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-10 23:31:14 ----A---- C:\Windows\system32\mscoree.dll
2009-09-10 23:31:14 ----A---- C:\Windows\system32\imapi2.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-10 23:31:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-09-10 23:31:13 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-10 23:31:13 ----A---- C:\Windows\system32\esent.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\sperror.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-10 23:31:12 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-10 23:31:12 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\SLC.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-10 23:31:11 ----A---- C:\Windows\system32\msshsq.dll
2009-09-10 23:31:11 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-10 23:31:10 ----A---- C:\Windows\system32\pmcsnap.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\msjet40.dll
2009-09-10 23:31:10 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\Query.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\qmgr.dll
2009-09-10 23:31:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-09-10 23:31:09 ----A---- C:\Windows\system32\msxml6.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\ole32.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\msexch40.dll
2009-09-10 23:31:08 ----A---- C:\Windows\system32\diagperf.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\winload.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\uDWM.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\ntdll.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\msxml3.dll
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mmc.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\mblctr.exe
2009-09-10 23:31:07 ----A---- C:\Windows\system32\EncDec.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\riched20.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\fdBth.dll
2009-09-10 23:31:06 ----A---- C:\Windows\system32\dfsr.exe
2009-09-10 23:31:05 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-10 23:31:05 ----A---- C:\Windows\system32\kernel32.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\spoolss.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-10 23:31:04 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\milcore.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-10 23:31:04 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\gpedit.dll
2009-09-10 23:31:03 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\mstext40.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\Magnify.exe
2009-09-10 23:31:02 ----A---- C:\Windows\system32\fveapi.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\es.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\cscsvc.dll
2009-09-10 23:31:02 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-10 23:31:01 ----A---- C:\Windows\system32\advapi32.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\slwmi.dll
2009-09-10 23:30:59 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\vssapi.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-10 23:30:58 ----A---- C:\Windows\system32\authui.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-10 23:30:57 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-10 23:30:57 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\propsys.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\newdev.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-10 23:30:56 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-10 23:30:56 ----A---- C:\Windows\system32\crypt32.dll
2009-09-10 23:30:56 ----A---- C:\Windows\explorer.exe
2009-09-10 23:30:55 ----A---- C:\Windows\system32\setupapi.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\rpcss.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\msltus40.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\davclnt.dll
2009-09-10 23:30:55 ----A---- C:\Windows\system32\d3d9.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\photowiz.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\mfc42.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-10 23:30:54 ----A---- C:\Windows\system32\browseui.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\user32.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\samsrv.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\quartz.dll
2009-09-10 23:30:53 ----A---- C:\Windows\system32\ci.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\win32spl.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-10 23:30:52 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\netshell.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\kerberos.dll
2009-09-10 23:30:52 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-10 23:30:51 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\winhttp.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\msctf.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\compcln.exe
2009-09-10 23:30:51 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-10 23:30:51 ----A---- C:\Windows\system32\apds.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\SLUI.exe
2009-09-10 23:30:50 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-10 23:30:50 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-10 23:30:50 ----A---- C:\Windows\system32\gdi32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-10 23:30:49 ----A---- C:\Windows\system32\eapphost.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\winresume.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\wbengine.exe
2009-09-10 23:30:48 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\propdefs.dll
2009-09-10 23:30:48 ----A---- C:\Windows\system32\odbc32.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-10 23:30:47 ----A---- C:\Windows\system32\swprv.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-10 23:30:47 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\usp10.dll
2009-09-10 23:30:46 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\vds.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\netlogon.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msscb.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\msctfp.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\drvinst.exe
2009-09-10 23:30:45 ----A---- C:\Windows\system32\devmgr.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-10 23:30:45 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-10 23:30:44 ----A---- C:\Windows\system32\WFS.exe
2009-09-10 23:30:44 ----A---- C:\Windows\system32\BFE.DLL
2009-09-10 23:30:43 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\schannel.dll
2009-09-10 23:30:43 ----A---- C:\Windows\system32\evr.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-10 23:30:42 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-10 23:30:42 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-10 23:30:41 ----A---- C:\Windows\system32\services.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wercon.exe
2009-09-10 23:30:40 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-10 23:30:40 ----A---- C:\Windows\system32\adtschema.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\taskeng.exe
2009-09-10 23:30:39 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msjter40.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\msdrm.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-10 23:30:39 ----A---- C:\Windows\system32\certcli.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\reg.exe
2009-09-10 23:30:38 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-10 23:30:38 ----A---- C:\Windows\system32\certutil.exe
2009-09-10 23:30:37 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\w32time.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msshooks.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bthserv.dll
2009-09-10 23:30:37 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-10 23:30:36 ----A---- C:\Windows\system32\scrptadm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\netapi32.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msstrc.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\msihnd.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetpp.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-10 23:30:36 ----A---- C:\Windows\system32\dfshim.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\termsrv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\profsvc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\mscories.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\imapi.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\hidserv.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\fundisc.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-10 23:30:35 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\wdc.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\rasmans.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\pnidui.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\msiexec.exe
2009-09-10 23:30:34 ----A---- C:\Windows\system32\icardres.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\iassdo.dll
2009-09-10 23:30:34 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\wersvc.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-10 23:30:33 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-10 23:30:33 ----A---- C:\Windows\system32\scrrun.dll
2009-09-10 23:30:33 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-10 23:30:33 ----A---- C:\Windows\system32\autofmt.exe
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\pdh.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-10 23:30:32 ----A---- C:\Windows\system32\azroles.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\winlogon.exe
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-10 23:30:31 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\untfs.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\spp.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\sethc.exe
2009-09-10 23:30:30 ----A---- C:\Windows\system32\scrobj.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\rtutils.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\kd1394.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\iassam.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\comuid.dll
2009-09-10 23:30:30 ----A---- C:\Windows\system32\certmgr.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\wisptis.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\iasnap.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\dwm.exe
2009-09-10 23:30:29 ----A---- C:\Windows\system32\cscui.dll
2009-09-10 23:30:29 ----A---- C:\Windows\system32\autochk.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\winsrv.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\printui.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\onex.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\kdcom.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\cscript.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\basecsp.dll
2009-09-10 23:30:28 ----A---- C:\Windows\system32\autoconv.exe
2009-09-10 23:30:28 ----A---- C:\Windows\system32\audiodg.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\wow32.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\winmm.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\userenv.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\RelMon.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\osk.exe
2009-09-10 23:30:27 ----A---- C:\Windows\system32\mswsock.dll
2009-09-10 23:30:27 ----A---- C:\Windows\system32\kdusb.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\WerFault.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\Utilman.exe
2009-09-10 23:30:26 ----A---- C:\Windows\system32\offfilt.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\msftedit.dll
2009-09-10 23:30:26 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wsepno.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\sysclass.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\stobject.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\SndVol.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mscms.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mfplat.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\mcmde.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\diskraid.exe
2009-09-10 23:30:25 ----A---- C:\Windows\system32\apphelp.dll
2009-09-10 23:30:25 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscript.exe
2009-09-10 23:30:24 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ulib.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\secur32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\rastapi.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-10 23:30:24 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\dsound.dll
2009-09-10 23:30:24 ----A---- C:\Windows\system32\cryptui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-10 23:30:23 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rastls.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\ntprint.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\logman.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\gpapi.dll
2009-09-10 23:30:23 ----A---- C:\Windows\system32\diskpart.exe
2009-09-10 23:30:23 ----A---- C:\Windows\system32\brcpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wusa.exe
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wshext.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\regsvc.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\netcenter.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\mscorier.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\iasrad.dll
2009-09-10 23:30:22 ----A---- C:\Windows\system32\findstr.exe
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\wer.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\themecpl.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-10 23:30:21 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\uxsms.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\slcc.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\scansetting.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\msutb.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-10 23:30:20 ----A---- C:\Windows\system32\iasads.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\umrdp.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powrprof.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\powercpl.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\newdev.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\networkmap.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\mstsc.exe
2009-09-10 23:30:19 ----A---- C:\Windows\system32\iasacct.dll
2009-09-10 23:30:19 ----A---- C:\Windows\system32\authz.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\usercpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\themeui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\sud.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\samlib.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\qdvd.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\pcaui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\mmci.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\fveui.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\connect.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\brcplsiw.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\autoplay.dll
2009-09-10 23:30:18 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\regapi.dll
2009-09-10 23:30:17 ----A---- C:\Windows\system32\fvecpl.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\wpcao.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-10 23:30:16 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-10 23:30:16 ----A---- C:\Windows\system32\cscobj.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scksp.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\scesrv.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\oleprn.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\mpr.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\feclient.dll
2009-09-10 23:30:15 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\WindowsUltimateExtrasCPL.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\sdclt.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\imm32.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-10 23:30:14 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-10 23:30:14 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\scecli.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\qedit.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\pnpui.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-10 23:30:13 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-10 23:30:13 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-10 23:30:13 ----A---- C:\Windows\system32\certreq.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\whealogr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\srcore.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\rasplap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\raschap.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fontext.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-10 23:30:12 ----A---- C:\Windows\system32\conime.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-10 23:30:12 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wlanui.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\rasppp.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-10 23:30:11 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dsprop.dll
2009-09-10 23:30:11 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\shsetup.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-10 23:30:10 ----A---- C:\Windows\system32\modemui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\smss.exe
2009-09-10 23:30:09 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\mscandui.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\dataclen.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\blackbox.dll
2009-09-10 23:30:09 ----A---- C:\Windows\system32\appmgmts.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\logagent.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\ifmon.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\CscMig.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\credui.dll
2009-09-10 23:30:08 ----A---- C:\Windows\system32\cipher.exe
2009-09-10 23:30:08 ----A---- C:\Windows\system32\certprop.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\wscapi.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\softkbd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\sendmail.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msscp.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msimtf.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\msctfui.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\InkEd.dll
2009-09-10 23:30:07 ----A---- C:\Windows\system32\gpresult.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\wshbth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\version.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\rdpclip.exe
2009-09-10 23:30:06 ----A---- C:\Windows\system32\puiapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\olepro32.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\msisip.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\mprapi.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\input.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\gpprnext.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-10 23:30:06 ----A---- C:\Windows\system32\cdd.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\rdpendp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\msjint40.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\ftp.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\fc.exe
2009-09-10 23:30:05 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\dmusic.dll
2009-09-10 23:30:05 ----A---- C:\Windows\system32\cscapi.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\Storprop.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdial.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\gpscript.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\cscdll.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-10 23:30:04 ----A---- C:\Windows\system32\bthci.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\slcinst.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\nslookup.exe
2009-09-10 23:30:03 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\gpscript.dll
2009-09-10 23:30:03 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\qprocess.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-10 23:30:02 ----A---- C:\Windows\system32\mmcico.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-10 23:30:02 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\tscon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\shadow.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\logoff.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-10 23:30:01 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\csrstub.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgusr.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chgport.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\chglogon.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\cbsra.exe
2009-09-10 23:30:01 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tskill.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\tsdiscon.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\rwinsta.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\reset.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\query.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\qappsrv.exe
2009-09-10 23:30:00 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\winrnr.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\slwga.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\midimap.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\inetppui.dll
2009-09-10 23:29:59 ----A---- C:\Windows\system32\change.exe
2009-09-10 23:29:56 ----A---- C:\Windows\system32\msimsg.dll
2009-09-10 23:29:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\wdscore.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-10 23:29:39 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-10 23:29:36 ----A---- C:\Windows\system32\drvstore.dll
2009-09-09 11:38:08 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 11:37:47 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 11:37:46 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 11:37:46 ----A---- C:\Windows\system32\finger.exe
2009-09-09 11:37:46 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 11:37:33 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 11:37:30 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 11:37:29 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfps.dll
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-09 11:37:29 ----A---- C:\Windows\system32\mf.dll
2009-09-09 11:37:28 ----A---- C:\Windows\system32\mferror.dll
2009-09-07 21:12:38 ----D---- C:\Users\Admin\AppData\Roaming\teamspeak2
2009-09-07 01:15:46 ----A---- C:\Windows\uninst.exe

======List of files/folders modified in the last 1 months======

2009-10-03 12:14:24 ----D---- C:\Windows\Prefetch
2009-10-03 12:11:07 ----D---- C:\Windows\rescache
2009-10-03 12:04:15 ----D---- C:\Windows\System32
2009-10-03 12:04:08 ----SHD---- C:\System Volume Information
2009-10-03 11:59:03 ----D---- C:\Windows\winsxs
2009-10-03 11:58:54 ----D---- C:\Windows\system32\fr-FR
2009-10-03 11:58:54 ----D---- C:\Windows\PolicyDefinitions
2009-10-03 11:58:33 ----D---- C:\Windows\system32\catroot
2009-10-03 11:57:20 ----SHD---- C:\Windows\Installer
2009-10-03 11:57:20 ----D---- C:\Config.Msi
2009-10-03 11:56:53 ----D---- C:\Program Files
2009-10-03 11:54:04 ----D---- C:\ProgramData\NVIDIA
2009-10-02 09:27:40 ----D---- C:\Windows
2009-10-02 09:27:09 ----D---- C:\Windows\system32\Tasks
2009-10-02 09:22:45 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-02 09:21:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-01 14:24:11 ----RSD---- C:\Windows\assembly
2009-10-01 11:35:36 ----D---- C:\ProgramData
2009-10-01 11:35:25 ----D---- C:\Program Files\Pando Networks
2009-09-30 19:29:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-09-30 19:29:43 ----D---- C:\Windows\inf
2009-09-29 23:30:51 ----A---- C:\Windows\system.ini
2009-09-29 23:27:52 ----D---- C:\Windows\system32\drivers
2009-09-29 23:27:52 ----D---- C:\Windows\AppPatch
2009-09-29 23:27:52 ----D---- C:\Program Files\Common Files
2009-09-29 11:26:10 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-29 11:21:09 ----D---- C:\Windows\Logs
2009-09-29 06:56:39 ----D---- C:\Windows\system32\catroot2
2009-09-24 13:56:58 ----RSD---- C:\Windows\Fonts
2009-09-23 15:46:45 ----D---- C:\Users\Admin\AppData\Roaming\GetRightToGo
2009-09-23 15:43:53 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2009-09-23 14:13:54 ----D---- C:\Users\Admin\AppData\Roaming\Adobe
2009-09-23 09:28:05 ----D---- C:\Users\Admin\AppData\Roaming\Notepad++
2009-09-21 22:35:31 ----D---- C:\Program Files\Common Files\Logitech
2009-09-15 19:19:20 ----D---- C:\ProgramData\ma-config.com
2009-09-15 10:56:47 ----D---- C:\Program Files\Lavasoft
2009-09-14 01:45:03 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-09-14 01:44:55 ----D---- C:\Program Files\AGEIA Technologies
2009-09-14 01:42:31 ----D---- C:\NVIDIA
2009-09-13 13:18:59 ----D---- C:\Program Files\FileZilla Client
2009-09-13 11:47:59 ----D---- C:\Users\Admin\AppData\Roaming\Mozilla
2009-09-12 23:57:51 ----D---- C:\Windows\Microsoft.NET
2009-09-12 23:47:00 ----D---- C:\Boot
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Sidebar
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Photo Gallery
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Media Player
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Mail
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Journal
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Collaboration
2009-09-12 23:40:55 ----D---- C:\Program Files\Windows Calendar
2009-09-12 23:40:55 ----D---- C:\Program Files\Movie Maker
2009-09-12 23:40:55 ----D---- C:\Program Files\Internet Explorer
2009-09-12 23:40:55 ----D---- C:\Program Files\Common Files\System
2009-09-12 23:40:54 ----D---- C:\Windows\servicing
2009-09-12 23:40:54 ----D---- C:\Windows\ehome
2009-09-12 23:40:54 ----D---- C:\Program Files\Windows Defender
2009-09-12 23:40:51 ----D---- C:\Windows\system32\XPSViewer
2009-09-12 23:40:51 ----D---- C:\Windows\system32\sk-SK
2009-09-12 23:40:51 ----D---- C:\Windows\system32\lv-LV
2009-09-12 23:40:51 ----D---- C:\Windows\system32\ko-KR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\hr-HR
2009-09-12 23:40:51 ----D---- C:\Windows\system32\et-EE
2009-09-12 23:40:51 ----D---- C:\Windows\system32\da-DK
2009-09-12 23:40:51 ----D---- C:\Windows\IME
2009-09-12 23:40:50 ----D---- C:\Windows\system32\ru-RU
2009-09-12 23:40:50 ----D---- C:\Windows\system32\oobe
2009-09-12 23:40:50 ----D---- C:\Windows\system32\migration
2009-09-12 23:40:50 ----D---- C:\Windows\system32\it-IT
2009-09-12 23:40:50 ----D---- C:\Windows\system32\fr
2009-09-12 23:40:50 ----D---- C:\Windows\system32\en-US
2009-09-12 23:40:50 ----D---- C:\Windows\system32\el-GR
2009-09-12 23:40:50 ----D---- C:\Windows\system32\de-DE
2009-09-12 23:40:50 ----D---- C:\Windows\system32\AdvancedInstallers
2009-09-12 23:40:48 ----D---- C:\Windows\system32\sv-SE
2009-09-12 23:40:48 ----D---- C:\Windows\system32\SLUI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\setup
2009-09-12 23:40:48 ----D---- C:\Windows\system32\pt-PT
2009-09-12 23:40:48 ----D---- C:\Windows\system32\hu-HU
2009-09-12 23:40:48 ----D---- C:\Windows\system32\he-IL
2009-09-12 23:40:48 ----D---- C:\Windows\system32\fi-FI
2009-09-12 23:40:48 ----D---- C:\Windows\system32\cs-CZ
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-TW
2009-09-12 23:40:47 ----D---- C:\Windows\system32\zh-CN
2009-09-12 23:40:47 ----D---- C:\Windows\system32\uk-UA
2009-09-12 23:40:47 ----D---- C:\Windows\system32\th-TH
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sr-Latn-CS
2009-09-12 23:40:47 ----D---- C:\Windows\system32\sl-SI
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ro-RO
2009-09-12 23:40:47 ----D---- C:\Windows\system32\pl-PL
2009-09-12 23:40:47 ----D---- C:\Windows\system32\manifeststore
2009-09-12 23:40:47 ----D---- C:\Windows\system32\ja-JP
2009-09-12 23:40:47 ----D---- C:\Windows\system32\es-ES
2009-09-12 23:40:47 ----D---- C:\Windows\system32\bg-BG
2009-09-12 23:40:44 ----D---- C:\Windows\system32\tr-TR
2009-09-12 23:40:43 ----D---- C:\Windows\system32\wbem
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nl-NL
2009-09-12 23:40:43 ----D---- C:\Windows\system32\nb-NO
2009-09-12 23:40:43 ----D---- C:\Windows\system32\lt-LT
2009-09-12 23:40:43 ----D---- C:\Windows\system32\ar-SA
2009-09-12 23:40:42 ----D---- C:\Windows\system32\pt-BR
2009-09-12 23:40:42 ----D---- C:\Windows\system32\migwiz
2009-09-12 23:40:30 ----D---- C:\Windows\system32\Boot
2009-09-12 23:39:18 ----D---- C:\Windows\system32\RTCOM
2009-09-10 15:35:42 ----D---- C:\Program Files\Mozilla Firefox
2009-09-09 12:04:24 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-09 12:04:15 ----D---- C:\ProgramData\Microsoft Help
2009-09-06 19:50:52 ----D---- C:\Program Files\Google
2009-09-06 10:45:56 ----D---- C:\Windows\Tasks
2009-09-06 10:45:32 ----D---- C:\Program Files\HP
2009-09-06 10:42:08 ----D---- C:\Windows\Downloaded Installations

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-09-15 28520]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2007-12-30 278984]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-09-15 55656]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2007-12-30 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\Windows\system32\Drivers\SBKUPNT.SYS [2001-07-13 14976]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2008-11-12 46592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys [2009-07-02 33840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-08-17 9545152]
R3 tapvpn;TAP VPN Adapter; C:\Windows\system32\DRIVERS\tapvpn.sys [2006-10-26 27136]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 abssfk4w;abssfk4w; C:\Windows\system32\drivers\abssfk4w.sys []
S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys [2007-07-23 13696]
S3 atkdisplf;ASUS Kernel Mode Enhanced Driver; C:\Windows\system32\drivers\ATKDispLowFilter.sys [2007-07-23 30848]
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-01 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 gUSBSTOi;gUSBSTOi; \??\C:\Users\DAVIDC~1\AppData\Local\Temp\gUSBSTOi.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-07-07 25544]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2005-01-19 22016]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-11-08 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [2006-01-09 19345]
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [2006-01-09 18003]
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-11-08 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-

Salut scade


Double-clique sur OTM.exe sur le bureau

- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

- Copie le texte qui se trouve en citation et colle le dans le cadre de gauche de OTM nommé Paste Instructions for Items to be Moved



- Clique sur MoveIt! pour lancer la suppression.
- Ferme OTM

Ton PC va redémarrer pour finir la suppression, si il ne le fais pas lui-même, redémarre le.

Poste le rapport de OTMoveIt qui se trouve dans C:\_OTM\MovedFiles.


@++

Et bonsoir!

J'ai fait ce qui a été demandé, et voici donc le rapport d'OTM ^-^

All processes killed
========== PROCESSES ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
File delete failed. C:\Users\Admin\AppData\Local\Temp\etilqs_MhsKnOFN9FLxzZ3HAnE9 scheduled to be deleted on reboot.
->Temp folder emptied: 62622529 bytes
->Temporary Internet Files folder emptied: 38510886 bytes
->Java cache emptied: 25493466 bytes
->FireFox cache emptied: 80994610 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 3758 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 198.01 mb


OTM by OldTimer - Version 3.0.0.6 log created on 10032009_215051

Files moved on Reboot...
File C:\Users\Admin\AppData\Local\Temp\etilqs_MhsKnOFN9FLxzZ3HAnE9 not found!

Registry entries deleted on Reboot...


Bonne soirée!

Salut scade


On va vérifier si rien de caché :

Important Désactive ton Antivirus avant le scan en ligne :
http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm


Faire un scan avec Nod32 en ligne (il faut utiliser Internet Explorer) ici :
http://www.eset-nod32.fr/scanner.html

Dans le bas de la page clique sur Scanner en ligne >




Dans la nouvelle page, coche la case devant OUI, j'accepte les termes du contrat de licence et clique sur Start pour débuter.




Dans la nouvelle page(qui est assez longue a charger) tu auras une alerte pour la barre d'information, clique sur Fermé.

Maintenant faire un clique droit dans la barre d'information en jaune dans le haut de la page, et clique sur Installer le contrôle ActiveX.




Une boite d'information va s'ouvrir, clique sur Installer




Dans la nouvelle page clique en bas sur Démarrer, le téléchargement de la base des signatures de virus va débuter.
Après le scan du PC va débuter, patience le temps du scan, ne pas faire de navigation durant le scan, on a désactivé l'Antivirus.


Une fois le scan fini, cliqué sur Terminé et fermé la page.

Ouvrir l'explorateur Windows et retrouver le rapport qui est dans ce répertoire :

C:\Program Files\ESET\ESET Online Scanner\log.txt

Copie/colle le contenue de ce rapport log.txt


@++

Raaah j'ai mis trois plombes à répondre, vraiment désolé!

Voici le log demandé:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=b243671a0fd5fc409dd91838d83b1cd7
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-10-03 10:02:17
# local_time=2009-10-04 12:02:17 (+0100, Europe de l'Ouest (heure d'été))
# country="Switzerland"
# lang=1036
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 61 100 100 190236194915
# compatibility_mode=5889 61 66 100 538790183373053
# scanned=188828
# found=0
# cleaned=0
# scan_time=2796
# version=6
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6050
# api_version=3.0.2
# EOSSerial=b243671a0fd5fc409dd91838d83b1cd7
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-10-10 09:56:55
# local_time=2009-10-10 11:56:55 (+0100, Europe de l'Ouest (heure d'été))
# country="Switzerland"
# lang=1036
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 61 100 100 607397822876
# compatibility_mode=5889 61 66 100 544402964268065
# scanned=206333
# found=0
# cleaned=0
# scan_time=3259

Bonne journée

Salut scade


Ton rapport est propre, as-tu encore des soucis?


@++

Bonjour.
Je n'ai pu utiliser l'ordi que depuis hier mais pour le moment apparemment tout baigne. Je teste encore quelques jours et je te tiens au courant

Bien l'bonjour!

Problème manifestement résolu, mon curseur s'est montré très obéissant ces derniers jours

Sais-tu d'où venait le problème précisément? Histoire que je puisse éviter qu'il ne se reproduise?

Un très grand merci en tout cas, pour le gros coup de main, et le temps consacré, c'était super sympa ^-^

Salut scade


Tu as installé un logiciel piégé(webmediaplayer), en voici une liste :
http://www.malekal.com/Adware.Magic_Control.php


-----


On va faire un ménage des outils téléchargés pour la désinfection, télécharge Tools Cleaner sur le bureau :

http://pc-system.fr/TC/ToolsCleaner2.exe


- Faire un clique droit sur ToolsCleaner2.exe sur le bureau, et choisi exécuter en tant qu'administrateur
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
- Si des outils restes après le passage de Tools Cleaner, tu pourras les supprimer manuellement ainsi que tous les rapports qui on été généré lors de la désinfection.


-----


Je te donne quelques consignes de sécurité :

- Windows Update parfaitement à jour http://www.windowsupdate.com/ (catégories critique, Services Pack et Services Release)
- pare-feu bien paramétré
- antivirus bien paramétré et mis à jour régulièrement (quotidiennement s'il le faut) avec un scan complet régulier (journalier s'il le faut).
- une attitude prudente vis à vis de la navigation (pas de sites douteux : cracks, warez, sexe...) et vis à vis de la messagerie (fichiers joints aux messages doivent être scannés avant d'être ouverts)
- pas de téléchargement illégal, qui est le principal facteur d’infection (µTorrent, BitTorrent, eMule, Limewire, etc..) Le danger des cracks !
- une attitude vigilante (être à l'affût d'un fonctionnement inhabituel de son système)
- nettoyage hebdomadaire du système (suppression des fichiers inutiles, nettoyage de la base de registre, scandisk, defrag)
- scan hebdomadaire antispyware ( je conseil MalwareByte's Anti-Malware)
- un contrôle régulier de la console JAVA pour s'assurer qu'elle est à jour http://www.java.com/en/download/help/testvm.xml
- faire régulièrement un scan de vulnérabilités afin de vérifier que tes logiciels soit à jour sans failles de sécurités :
http://www.malekal.com/scan_vulnerabilite.php


De bonne lecture si tu veux en savoir plus sur la sécurité et le fonctionnement de Windows :
http://www.malekal.com/menu_windows_general.php
http://www.malekal.com/menu_windows_securite.php


Bonne journée/soirée et bon surf


@++