Tom's Guide > Forum > Sécurité - Virus > Pages qui souvre toute seul cdi

Pages qui souvre toute seul cdi

Forum Sécurité - Virus : Pages qui souvre toute seul cdi

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !

Créer un nouveau sujet Répondre

Bas de page Chercher dans ce sujet

bonjour

j'ai un petit probleme avec mon pc, j'ai des pages qui s'ouvrent seules et sans arrêt!!

si quelqu'un peut m'aider.
un grand merci d'avance.

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
Double-clique sur RSIT.exe afin de lancer le programme.

(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

Clique sur Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.

Répondre à Destrio5

[quote]Logfile of random's system information tool 1.06 (written by random/random)
Run by isa at 2009-10-19 22:48:11
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 10 GB (14%) free of 71 GB
Total RAM: 3066 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:14, on 19/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Users\isa\Desktop\RSIT.exe
C:\Program Files\trend micro\isa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [lessextra] "C:\ProgramData\dentanteante.l71ly01"
O4 - HKCU\..\Run: [memo site kind that] "C:\ProgramData\OKAY REAL ONLINE.l58a6p"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.bellapix.com/ImageUploader5.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/Mess [...] E_UNO1.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52FB6713-E604-4868-9EB9-6605EB7E0428}: NameServer = 212.27.40.241,212.27.40.240
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

--
End of file - 11112 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-29 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-08 6273568]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-24 39408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"lessextra"=C:\ProgramData\dentanteante.l71ly01 [2009-10-16 303120]
"memo site kind that"=C:\ProgramData\OKAY REAL ONLINE.l58a6p [2009-10-15 172048]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}]
shell\AutoRun\command - F:\setup\rsrc\Autorun.exe
shell\dinstall\command - F:\Directx\dxsetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d6478d-1448-11de-915d-001377ad94ba}]
shell\1\command - I:\.\RECYCLER\RECYCLER.exe
shell\2\command - I:\.\RECYCLER\RECYCLER.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\.\RECYCLER\RECYCLER.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-19 22:37:47 ----D---- C:\rsit
2009-10-16 10:04:49 ----D---- C:\Windows\system32\eu-ES
2009-10-16 10:04:49 ----D---- C:\Windows\system32\ca-ES
2009-10-16 10:04:44 ----D---- C:\Windows\system32\vi-VN
2009-10-16 09:51:17 ----A---- C:\Windows\system32\jscript.dll
2009-10-16 09:13:48 ----D---- C:\Windows\system32\EventProviders
2009-10-16 08:18:48 ----A---- C:\Windows\system32\occache.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\iepeers.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\wininet.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\ieui.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\iesetup.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\iernonce.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\urlmon.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-16 08:18:46 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iertutil.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-16 08:18:45 ----A---- C:\Windows\system32\ieframe.dll
2009-10-16 08:18:44 ----A---- C:\Windows\system32\mshtml.dll
2009-10-16 08:17:41 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\msls31.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\ieakeng.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\icardie.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\corpol.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\admparse.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\licmgr10.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\inseng.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\imgutil.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-10-16 08:17:38 ----A---- C:\Windows\system32\wextract.exe
2009-10-16 08:17:38 ----A---- C:\Windows\system32\webcheck.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\mstime.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\msrating.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\ieakui.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\advpack.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\vbscript.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\url.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetDepNx.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\PDMSetup.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\mshta.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\iexpress.exe
2009-10-16 07:00:08 ----D---- C:\Windows\SQL9_KB970892_ENU
2009-10-15 20:13:06 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-15 20:12:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-15 20:12:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-15 20:11:36 ----A---- C:\Windows\system32\msasn1.dll
2009-10-15 20:11:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-15 17:56:53 ----D---- C:\Users\isa\AppData\Roaming\ESET
2009-10-15 17:41:06 ----D---- C:\ProgramData\Grid Blue Memo Site
2009-10-15 17:40:47 ----D---- C:\ProgramData\Browse Defy
2009-10-15 17:40:40 ----D---- C:\Program Files\Torrent101
2009-10-12 07:27:49 ----A---- C:\Windows\system32\d3dx9.dll
2009-10-12 07:27:49 ----A---- C:\Windows\system32\D3DX81ab.dll
2009-10-12 07:27:46 ----D---- C:\Program Files\Cheat Engine
2009-10-09 08:18:03 ----D---- C:\ProgramData\Office Genuine Advantage
2009-10-08 22:21:35 ----A---- C:\Windows\system32\lsasrv.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\wdigest.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\schannel.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\kerberos.dll
2009-10-08 22:21:33 ----A---- C:\Windows\system32\secur32.dll
2009-10-08 22:21:33 ----A---- C:\Windows\system32\lsass.exe
2009-10-08 21:18:45 ----D---- C:\ProgramData\NOS
2009-10-08 21:18:45 ----D---- C:\Program Files\NOS
2009-10-08 21:16:03 ----D---- C:\Program Files\Mozilla Firefox
2009-10-06 07:21:36 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 07:21:36 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 07:21:34 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 07:21:34 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wups.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuapp.exe
2009-10-03 14:37:36 ----D---- C:\Users\isa\AppData\Roaming\COWON
2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files\COWON
2009-10-03 14:35:32 ----D---- C:\Program Files\JetAudio
2009-10-03 08:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-24 07:16:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-24 07:16:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-24 07:16:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-24 07:16:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-24 07:16:03 ----A---- C:\Windows\system32\mssrch.dll
2009-09-24 07:16:01 ----A---- C:\Windows\system32\tquery.dll
2009-09-24 07:15:58 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-24 07:15:57 ----A---- C:\Windows\system32\scavenge.dll
2009-09-24 07:15:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-24 07:15:56 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-24 07:15:56 ----A---- C:\Windows\system32\msi.dll
2009-09-24 07:15:55 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-24 07:15:53 ----A---- C:\Windows\system32\sysmain.dll
2009-09-24 07:15:52 ----A---- C:\Windows\system32\icardagt.exe
2009-09-24 07:15:50 ----A---- C:\Windows\system32\spreview.exe
2009-09-24 07:15:50 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-24 07:15:50 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-24 07:15:49 ----A---- C:\Windows\system32\spinstall.exe
2009-09-24 07:15:49 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\spwizui.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\shell32.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\secproc.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-24 07:15:46 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-24 07:15:46 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-24 07:15:46 ----A---- C:\Windows\system32\mssvp.dll
2009-09-24 07:15:44 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-24 07:15:44 ----A---- C:\Windows\system32\mscoree.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssph.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\imapi2.dll
2009-09-24 07:15:42 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-24 07:15:41 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-24 07:15:41 ----A---- C:\Windows\system32\esent.dll
2009-09-24 07:15:41 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\sperror.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-24 07:15:40 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\SLC.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-24 07:15:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\msshsq.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-24 07:15:37 ----A---- C:\Windows\system32\msjet40.dll
2009-09-24 07:15:37 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-24 07:15:36 ----A---- C:\Windows\system32\msxml6.dll
2009-09-24 07:15:35 ----A---- C:\Windows\system32\Query.dll
2009-09-24 07:15:35 ----A---- C:\Windows\system32\qmgr.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\ole32.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\msexch40.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\diagperf.dll
2009-09-24 07:15:33 ----A---- C:\Windows\system32\ntdll.dll
2009-09-24 07:15:32 ----A---- C:\Windows\system32\winload.exe
2009-09-24 07:15:32 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-24 07:15:32 ----A---- C:\Windows\system32\msxml3.dll
2009-09-24 07:15:31 ----A---- C:\Windows\system32\uDWM.dll
2009-09-24 07:15:31 ----A---- C:\Windows\system32\mmc.exe
2009-09-24 07:15:31 ----A---- C:\Windows\system32\mblctr.exe
2009-09-24 07:15:31 ----A---- C:\Windows\system32\EncDec.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\riched20.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\dfsr.exe
2009-09-24 07:15:29 ----A---- C:\Windows\system32\fdBth.dll
2009-09-24 07:15:28 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-24 07:15:27 ----A---- C:\Windows\system32\kernel32.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-24 07:15:26 ----A---- C:\Windows\system32\milcore.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\spoolss.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\gpedit.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-24 07:15:22 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-24 07:15:22 ----A---- C:\Windows\system32\es.dll
2009-09-24 07:15:21 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-24 07:15:21 ----A---- C:\Windows\system32\mstext40.dll
2009-09-24 07:15:21 ----A---- C:\Windows\system32\Magnify.exe
2009-09-24 07:15:21 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-24 07:15:20 ----A---- C:\Windows\system32\advapi32.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\slwmi.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-24 07:15:16 ----A---- C:\Windows\system32\vssapi.dll
2009-09-24 07:15:15 ----A---- C:\Windows\system32\authui.dll
2009-09-24 07:15:14 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-24 07:15:14 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-24 07:15:14 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-24 07:15:13 ----A---- C:\Windows\system32\newdev.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\propsys.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-24 07:15:12 ----A---- C:\Windows\system32\crypt32.dll
2009-09-24 07:15:10 ----A---- C:\Windows\explorer.exe
2009-09-24 07:15:06 ----A---- C:\Windows\system32\setupapi.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\rpcss.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\d3d9.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msltus40.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\mfc42.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\davclnt.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\browseui.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\user32.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\samsrv.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\photowiz.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-24 07:15:03 ----A---- C:\Windows\system32\quartz.dll
2009-09-24 07:15:03 ----A---- C:\Windows\system32\ci.dll
2009-09-24 07:15:02 ----A---- C:\Windows\system32\win32spl.dll
2009-09-24 07:15:01 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-24 07:15:01 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-24 07:14:57 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-24 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-24 07:14:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-24 07:14:56 ----A---- C:\Windows\system32\netshell.dll
2009-09-24 07:14:56 ----A---- C:\Windows\system32\compcln.exe
2009-09-24 07:14:55 ----A---- C:\Windows\system32\winhttp.dll
2009-09-24 07:14:55 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-24 07:14:55 ----A---- C:\Windows\system32\apds.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-24 07:14:54 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\msctf.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\gdi32.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-24 07:14:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\SLUI.exe
2009-09-24 07:14:53 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\eapphost.dll
2009-09-24 07:14:52 ----A---- C:\Windows\system32\winresume.exe
2009-09-24 07:14:52 ----A---- C:\Windows\system32\propdefs.dll
2009-09-24 07:14:52 ----A---- C:\Windows\system32\odbc32.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-24 07:14:51 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\vds.exe
2009-09-24 07:14:50 ----A---- C:\Windows\system32\usp10.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\swprv.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\netlogon.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\msscb.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\msctfp.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\evr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\drvinst.exe
2009-09-24 07:14:49 ----A---- C:\Windows\system32\devmgr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\BFE.DLL
2009-09-24 07:14:49 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\wercon.exe
2009-09-24 07:14:48 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\services.exe
2009-09-24 07:14:48 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\adtschema.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\taskeng.exe
2009-09-24 07:14:47 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\reg.exe
2009-09-24 07:14:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msjter40.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdrm.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\certcli.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\w32time.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\msshooks.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-24 07:14:46 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\certutil.exe
2009-09-24 07:14:46 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-24 07:14:45 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\msstrc.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\msihnd.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\dfshim.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\bthserv.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\netapi32.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\mscories.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\inetpp.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\hidserv.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\fundisc.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\termsrv.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\profsvc.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\msiexec.exe
2009-09-24 07:14:43 ----A---- C:\Windows\system32\imapi.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\wdc.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\rasmans.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\pnidui.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\icardres.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\iassdo.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\wersvc.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-24 07:14:41 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-24 07:14:41 ----A---- C:\Windows\system32\scrrun.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-24 07:14:41 ----A---- C:\Windows\system32\pdh.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\azroles.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\autofmt.exe
2009-09-24 07:14:40 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-24 07:14:40 ----A---- C:\Windows\system32\winlogon.exe
2009-09-24 07:14:40 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-24 07:14:40 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\untfs.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\spp.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\sethc.exe
2009-09-24 07:14:39 ----A---- C:\Windows\system32\scrobj.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\kd1394.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\iassam.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\comuid.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\certmgr.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\wisptis.exe
2009-09-24 07:14:38 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\rtutils.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\printui.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\iasnap.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\dwm.exe
2009-09-24 07:14:38 ----A---- C:\Windows\system32\autochk.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\wow32.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\winsrv.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\userenv.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\onex.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\kdcom.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\cscript.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\basecsp.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\autoconv.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\audiodg.exe
2009-09-24 07:14:36 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\winmm.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\RelMon.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\osk.exe
2009-09-24 07:14:36 ----A---- C:\Windows\system32\mswsock.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\kdusb.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-24 07:14:35 ----A---- C:\Windows\system32\offfilt.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\msftedit.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wsepno.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wscript.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\WerFault.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\Utilman.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\ulib.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\sysclass.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\stobject.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\SndVol.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mscms.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mfplat.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mcmde.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\diskraid.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\apphelp.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\rastapi.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-24 07:14:33 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\dsound.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\cryptui.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\brcpl.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\wusa.exe
2009-09-24 07:14:32 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-24 07:14:32 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\regsvc.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\rastls.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\ntprint.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\mscorier.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\logman.exe
2009-09-24 07:14:32 ----A---- C:\Windows\system32\iasrad.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\gpapi.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\diskpart.exe
2009-09-24 07:14:31 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wshext.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wer.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\themecpl.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\netcenter.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\findstr.exe
2009-09-24 07:14:30 ----A---- C:\Windows\system32\uxsms.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\slcc.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\scansetting.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\msutb.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\iasads.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\powrprof.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\powercpl.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\networkmap.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\mstsc.exe
2009-09-24 07:14:29 ----A---- C:\Windows\system32\iasacct.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\authz.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\usercpl.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\themeui.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\sud.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\samlib.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\qdvd.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\pcaui.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\newdev.exe
2009-09-24 07:14:28 ----A---- C:\Windows\system32\mmci.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\connect.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\autoplay.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\wpcao.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\scksp.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\scesrv.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\regapi.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\oleprn.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-24 07:14:27 ----A---- C:\Windows\system32\mpr.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\feclient.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\sdclt.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\qedit.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\pnpui.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\imm32.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\certreq.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\whealogr.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\srcore.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\scecli.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasplap.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-24 07:14:25 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\conime.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-24 07:14:24 ----A---- C:\Windows\system32\wlanui.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-24 07:14:24 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\rasppp.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\raschap.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-24 07:14:24 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\fontext.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\dsprop.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\shsetup.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\mscandui.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\modemui.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\dataclen.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\blackbox.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\smss.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\msscp.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\logagent.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\InkEd.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\ifmon.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\credui.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\cipher.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\certprop.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\wscapi.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\softkbd.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\sendmail.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\puiapi.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\olepro32.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\msimtf.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\msctfui.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\input.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\gpresult.exe
2009-09-24 07:14:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\cdd.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\wshbth.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\version.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-24 07:14:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\msjint40.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\msisip.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\mprapi.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\fc.exe
2009-09-24 07:14:19 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\dmusic.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\cscapi.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\Storprop.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\slcinst.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdial.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\ftp.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\cscdll.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthci.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\nslookup.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\mmcico.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\csrstub.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\cbsra.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\slwga.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\winrnr.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\midimap.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\inetppui.dll
2009-09-24 07:14:13 ----A---- C:\Windows\system32\msimsg.dll
2009-09-24 07:14:13 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-24 07:13:54 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-24 07:13:52 ----A---- C:\Windows\system32\wdscore.dll
2009-09-24 07:13:52 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-24 07:13:49 ----A---- C:\Windows\system32\drvstore.dll
2009-09-23 22:37:42 ----D---- C:\ProgramData\Babylon
2009-09-23 22:37:41 ----D---- C:\Users\isa\AppData\Roaming\Babylon

======List of files/folders modified in the last 1 months======

2009-10-19 22:48:13 ----D---- C:\Program Files\Trend Micro
2009-10-19 22:48:12 ----D---- C:\Windows\Temp
2009-10-19 22:45:25 ----D---- C:\Windows\Prefetch
2009-10-19 17:26:01 ----D---- C:\Windows\System32
2009-10-19 17:26:00 ----D---- C:\Windows\inf
2009-10-19 17:26:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-19 09:20:58 ----SHD---- C:\System Volume Information
2009-10-17 15:08:51 ----D---- C:\Windows\system32\catroot2
2009-10-16 23:18:53 ----HD---- C:\ProgramData
2009-10-16 23:10:53 ----RD---- C:\Program Files
2009-10-16 23:09:06 ----SHD---- C:\Windows\Installer
2009-10-16 23:03:56 ----D---- C:\Windows\Debug
2009-10-16 23:03:56 ----D---- C:\Windows
2009-10-16 22:55:02 ----D---- C:\Windows\Microsoft.NET
2009-10-16 22:54:52 ----D---- C:\Windows\winsxs
2009-10-16 22:54:26 ----D---- C:\Windows\system32\catroot
2009-10-16 10:25:38 ----D---- C:\Windows\rescache
2009-10-16 10:24:36 ----RSD---- C:\Windows\assembly
2009-10-16 10:13:12 ----D---- C:\ProgramData\NVIDIA
2009-10-16 10:12:01 ----SHD---- C:\Boot
2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Mail
2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Calendar
2009-10-16 10:06:26 ----D---- C:\Program Files\Movie Maker
2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Sidebar
2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Media Player
2009-10-16 10:06:24 ----D---- C:\Program Files\Internet Explorer
2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Journal
2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Collaboration
2009-10-16 10:06:21 ----D---- C:\Program Files\Common Files\System
2009-10-16 10:06:20 ----D---- C:\Program Files\Windows Photo Gallery
2009-10-16 10:06:07 ----D---- C:\Windows\servicing
2009-10-16 10:06:07 ----D---- C:\Program Files\Windows Defender
2009-10-16 10:06:03 ----D---- C:\Windows\ehome
2009-10-16 10:05:52 ----D---- C:\Windows\system32\XPSViewer
2009-10-16 10:05:52 ----D---- C:\Windows\system32\lv-LV
2009-10-16 10:05:52 ----D---- C:\Windows\system32\hr-HR
2009-10-16 10:05:52 ----D---- C:\Windows\system32\et-EE
2009-10-16 10:05:52 ----D---- C:\Windows\system32\da-DK
2009-10-16 10:05:52 ----D---- C:\Windows\IME
2009-10-16 10:05:51 ----D---- C:\Windows\system32\sk-SK
2009-10-16 10:05:51 ----D---- C:\Windows\system32\oobe
2009-10-16 10:05:51 ----D---- C:\Windows\system32\ko-KR
2009-10-16 10:05:51 ----D---- C:\Windows\system32\it-IT
2009-10-16 10:05:51 ----D---- C:\Windows\system32\en-US
2009-10-16 10:05:51 ----D---- C:\Windows\system32\el-GR
2009-10-16 10:05:51 ----D---- C:\Windows\system32\de-DE
2009-10-16 10:05:50 ----D---- C:\Windows\system32\migration
2009-10-16 10:05:50 ----D---- C:\Windows\system32\fr
2009-10-16 10:05:48 ----D---- C:\Windows\system32\ru-RU
2009-10-16 10:05:48 ----D---- C:\Windows\system32\AdvancedInstallers
2009-10-16 10:05:46 ----D---- C:\Windows\system32\fr-FR
2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-TW
2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-CN
2009-10-16 10:05:44 ----D---- C:\Windows\system32\uk-UA
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sv-SE
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sr-Latn-CS
2009-10-16 10:05:44 ----D---- C:\Windows\system32\SLUI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sl-SI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\setup
2009-10-16 10:05:44 ----D---- C:\Windows\system32\pt-PT
2009-10-16 10:05:44 ----D---- C:\Windows\system32\pl-PL
2009-10-16 10:05:44 ----D---- C:\Windows\system32\manifeststore
2009-10-16 10:05:44 ----D---- C:\Windows\system32\ja-JP
2009-10-16 10:05:44 ----D---- C:\Windows\system32\hu-HU
2009-10-16 10:05:44 ----D---- C:\Windows\system32\he-IL
2009-10-16 10:05:44 ----D---- C:\Windows\system32\fi-FI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\es-ES
2009-10-16 10:05:44 ----D---- C:\Windows\system32\cs-CZ
2009-10-16 10:05:44 ----D---- C:\Windows\system32\bg-BG
2009-10-16 10:05:43 ----D---- C:\Windows\system32\th-TH
2009-10-16 10:05:43 ----D---- C:\Windows\system32\ro-RO
2009-10-16 10:05:43 ----D---- C:\Windows\system32\drivers
2009-10-16 10:05:42 ----D---- C:\Windows\system32\tr-TR
2009-10-16 10:05:41 ----D---- C:\Windows\system32\wbem
2009-10-16 10:05:40 ----D---- C:\Windows\system32\nl-NL
2009-10-16 10:05:40 ----D---- C:\Windows\system32\nb-NO
2009-10-16 10:05:40 ----D---- C:\Windows\system32\migwiz
2009-10-16 10:05:40 ----D---- C:\Windows\system32\lt-LT
2009-10-16 10:05:40 ----D---- C:\Windows\system32\ar-SA
2009-10-16 10:05:39 ----D---- C:\Windows\system32\pt-BR
2009-10-16 10:04:56 ----RSD---- C:\Windows\Fonts
2009-10-16 10:04:56 ----D---- C:\Windows\AppPatch
2009-10-16 10:04:44 ----D---- C:\Windows\system32\Boot
2009-10-16 08:26:16 ----D---- C:\Windows\PolicyDefinitions
2009-10-16 07:03:34 ----D---- C:\ProgramData\Microsoft Help
2009-10-16 07:00:35 ----D---- C:\Program Files\Microsoft SQL Server
2009-10-15 22:22:29 ----D---- C:\Program Files\Everest Poker
2009-10-15 18:06:31 ----D---- C:\Program Files\ESET
2009-10-15 17:55:51 ----D---- C:\ProgramData\ESET
2009-10-15 17:40:42 ----D---- C:\Windows\system32\Tasks
2009-10-13 17:27:20 ----D---- C:\Users\isa\AppData\Roaming\uTorrent
2009-10-10 08:57:40 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-10 08:57:18 ----D---- C:\Program Files\Microsoft Works
2009-10-10 08:55:46 ----A---- C:\Windows\win.ini
2009-10-09 06:59:37 ----D---- C:\Windows\system32\zh-HK
2009-10-08 21:16:21 ----D---- C:\Users\isa\AppData\Roaming\Mozilla
2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files
2009-10-03 14:35:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-03 14:32:13 ----D---- C:\Users\isa\AppData\Roaming\dvdcss
2009-10-02 20:01:57 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2008-03-31 73728]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-07 2152088]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-22 51232]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-06-05 242048]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-06-27 303616]
S3 ADDMEM;ADDMEM; \??\C:\Users\isa\AppData\Local\Temp\__Sam

Répondre à shotix

Citation :

info.txt logfile of random's system information tool 1.06 2009-10-19 22:38:27

======Uninstall list======

-->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
3DMark Vantage-->C:\Program Files\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe -runfromtemp -l0x0009 -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
Agere Systems HDA Modem-->agrsmdel
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
Atheros WLAN Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04983D37-2202-4295-94A2-8B547C66133F}\setup.exe" -l0x9
Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cheat Engine 5.5-->"C:\Program Files\Cheat Engine\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Counter-Strike Source LAN Edition-->C:\Windows\Counter-Strike Source LAN Edition Uninstaller.exe
Diamond Drop-->MsiExec.exe /I{B84040B8-AC93-4A6E-94DB-D6643636835A}
Easy Battery Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe" -l0x9 Remove
Easy Display Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly
Easy Network Manager 4.0-->C:\Program Files\InstallShield Installation Information\{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}\setup.exe -runfromtemp -l0x040c
Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
Folderico 3.7.2-->C:\Program Files\Folderico\uninst.exe
Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->C:\Windows\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af}
Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->MsiExec.exe /X{69CA8988-1C6C-4285-B8AF-DB780A6E42AF}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iColorFolder-->C:\Program Files\iColorFolder\uninstall.exe
imagine digital freedom - Samsung-->MsiExec.exe /X{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
jetAudio Basic-->C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe -runfromtemp -l0x0c0c -removeonly
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
La Chaîne Météo-->MsiExec.exe /X{095E78D4-1A02-D0CE-839C-B61734C39116}
Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SOAP Toolkit 2.0 SP2-->MsiExec.exe /I{36BEAD11-8577-49AD-9250-E06A50AE87B0}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{A30179B7-997A-4D47-AA43-57AE59A9C78B}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Monopoly Deluxe-->"C:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Navilog1 3.7.2-->"C:\Program Files\Navilog1\unins000.exe"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NOD32 FiX-->"C:\Users\isa\AppData\Local\Temp\Rar$EX02.039\Obsolete\unins000.exe"
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PlayCamera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}\setup.exe" -l0x40c
PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /uokerStars
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x9 Remove
Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x040c -removeonly
Samsung Update Plus-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1036
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
UltraISO Premium V9.12-->"C:\Program Files\UltraISO\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove
Vimicro UVC Camera-->C:\Program Files\InstallShield Installation Information\{71A51B09-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.6300-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

======Hosts File======

127.0.0.1 localhost

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC-de-isa
Event Code: 15016
Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
Record Number: 84686
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090719192242.622535-000
Event Type: Erreur
User:

Computer Name: PC-de-isa
Event Code: 4001
Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

Record Number: 84673
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090718125020.281800-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-isa
Event Code: 10002
Message: Le module d’extensibilité WLAN s’est arrêté.

Chemin d’accès du module : C:\Windows\system32\athihvs.dll

Record Number: 84672
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20090718125020.281800-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM

Computer Name: PC-de-isa
Event Code: 7000
Message: Le service PLFlash DeviceIoControl Service n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 84579
Source Name: Service Control Manager
Time Written: 20090718072237.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-isa
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 84571
Source Name: Service Control Manager
Time Written: 20090718072237.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-isa
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
Record Number: 1437
Source Name: Microsoft-Windows-WMI
Time Written: 20081130043603.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-isa
Event Code: 10
Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms

Répondre à shotix

bonsoir
merci pour ta réponse rapide,

en espèrant que j'ai fait comme il fallait.

merci d'avance.
isabelle

Répondre à shotix

Tu as une infection Lop/Swizzor mais Lop S&D n'est pas compatible avec ton Vista à cause du SP2 donc on verra après.

Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
Double-clique sur UsbFix pour l'exécuter.
Choisis l'option 1 (Recherche).
Laisse travailler l'outil.
Poste le rapport UsbFix.txt.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.

Répondre à Destrio5

Citation :

############################## | UsbFix V6.042 |

User : isa (Administrateurs) # PC-DE-ISA
Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 06:59:32 | 20/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 69,05 Go (9,28 Go free) # NTFS
D:\ -> Disque fixe local # 70 Go (11,71 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
G:\ -> Disque amovible # 243,88 Mo (211,33 Mo free) [CANON_DC] # FAT
H:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\Program Files\PokerStars\PokerStarsUpdate.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## | Fichiers # Dossiers infectieux |

################## | Registre # Clés Run infectieuses |

################## | Registre # Mountpoints2 |

HKCU\..\..\Explorer\MountPoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}
shell\AutoRun\command =F:\setup\rsrc\Autorun.exe
shell\dinstall\command =F:\Directx\dxsetup.exe

HKCU\..\..\Explorer\MountPoints2\{86d6478d-1448-11de-915d-001377ad94ba}
shell\1\Command =I:\.\RECYCLER\RECYCLER.exe
shell\2\Command =I:\.\RECYCLER\RECYCLER.exe
shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\.\RECYCLER\RECYCLER.exe

################## | ! Fin du rapport # UsbFix V6.042 ! |

bonjour,

voilà le rapport.

isabelle

Répondre à shotix

Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
Choisis l'option 2 (Suppression).
Ton Bureau disparaîtra et le PC redémarrera.
Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

Répondre à Destrio5

voilà le rapport

############################## | UsbFix V6.042 |

User : isa (Administrateurs) # PC-DE-ISA
Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8
Start at: 18:55:50 | 20/10/2009
Website : http://pagesperso-orange.fr/NosTools/index.html

Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Disabled

C:\ -> Disque fixe local # 69,05 Go (9,1 Go free) # NTFS
D:\ -> Disque fixe local # 70 Go (11,71 Go free) # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque CD-ROM
H:\ -> Disque CD-ROM

############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\agrsmsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\WerCon.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PresentationSettings.exe

################## | Fichiers # Dossiers infectieux |

################## | Registre # Clés Run infectieuses |

################## | Registre # Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{86d6478d-1448-11de-915d-001377ad94ba}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/09/2006 23:43|--a------|24] C:\autoexec.bat
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[08/02/2008 11:31|-ra-s----|8192] C:\BOOTSECT.BAK
[08/02/2009 14:32|--a------|3241] C:\cleannavi.txt
[08/02/2009 14:34|--a------|3241] C:\cleannavi1.txt
[18/09/2006 23:43|--a------|10] C:\config.sys
[08/02/2009 13:25|--a------|2971] C:\fixnavi.txt
[?|?|?] C:\hiberfil.sys
[26/10/2008 07:01|-rahs----|0] C:\IO.SYS
[30/11/2008 18:51|--a------|0] C:\log_lobby.txt
[30/11/2008 18:51|--a------|0] C:\log_lobby_dumper.txt
[08/09/2008 04:08|-ra------|352] C:\Marvell0.log
[26/10/2008 07:01|-rahs----|0] C:\MSDOS.SYS
[29/02/2004 17:44|--a------|52576] C:\orange.bmp
[?|?|?] C:\pagefile.sys
[08/09/2008 04:07|--a------|366] C:\RHDSetup.log
[30/11/2008 05:18|--a------|86] C:\Setup.log
[20/10/2009 19:00|--a------|4060] C:\UsbFix.txt
[05/10/2007 11:28|--a------|167936] D:\binkw32.dll
[05/10/2007 11:28|--a------|1105976] D:\cod.bmp
[29/08/2007 03:35|--a------|216358] D:\cod4.ico
[05/10/2007 11:28|--a------|109976] D:\codlogo.bmp
[01/05/2009 21:28|--a------|6804] D:\install.log
[20/06/2008 15:43|--a------|3330048] D:\iw3mp.exe
[06/11/2007 23:33|--a------|3017216] D:\iw3sp.exe
[05/10/2007 11:28|--a------|2857] D:\localization.txt
[05/10/2007 11:28|--a------|434688] D:\mss32.dll
[24/08/2009 14:58|--a------|3139984] D:\servercache.dat
[23/06/2008 17:11|--a------|155] D:\version.inf

################## | Vaccination |

# C:\autorun.inf -> Folder created by UsbFix.
# D:\autorun.inf -> Folder created by UsbFix.

################## | ! Fin du rapport # UsbFix V6.042 ! |

Répondre à shotix

Relance UsbFix puis choisis l'option 5 pour le désinstaller.

Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
Sélectionne Exécuter un examen rapide.
Clique sur Rechercher. L'analyse démarre.
A la fin de l'analyse, un message s'affiche :

Citation :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Répondre à Destrio5

voilà ce qu'il m'a trouvé:

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3000
Windows 6.0.6002 Service Pack 2

20/10/2009 21:22:25
mbam-log-2009-10-20 (21-22-21).txt

Type de recherche: Examen rapide
Eléments examinés: 92292
Temps écoulé: 4 minute(s), 37 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Torrent101 (Trojan.Swizzor) -> No action taken.

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

isabelle

Répondre à shotix

Relance MBAM, va dans Quarantaine et supprime tout.

Désactive l'UAC le temps de la désinfection.
Télécharge Lop S&D (par Eric_71) sur ton Bureau.
Puis double-clique sur Lop S&D présent sur ton Bureau.

(Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)

Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
Patiente jusqu'à la fin du scan.
Poste le rapport généré (C:\lopR.txt).

Répondre à Destrio5

voilà le rapport:

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : Phoenix SecureCore(tm) NB Version 02LK.MP00.20080926.SCY
USER : isa ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:69 Go (Free:10 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:11 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 21/10/2009| 9:55 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[05/12/2008|22:05] C:\Users\isa\AppData\Local\Adobe
[09/02/2009|00:34] C:\Users\isa\AppData\Local\Ahead
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Application Data
[23/09/2009|22:39] C:\Users\isa\AppData\Local\Babylon
[14/10/2009|08:30] C:\Users\isa\AppData\Local\d3d9caps.dat
[17/10/2009|03:02] C:\Users\isa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[21/01/2009|16:47] C:\Users\isa\AppData\Local\eMule
[26/12/2008|23:59] C:\Users\isa\AppData\Local\ESET
[10/10/2009|09:02] C:\Users\isa\AppData\Local\GDIPFONTCACHEV1.DAT
[21/10/2009|09:46] C:\Users\isa\AppData\Local\Google
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Historique
[08/02/2009|14:22] C:\Users\isa\AppData\Local\ibwjealg.bat
[21/10/2009|09:48] C:\Users\isa\AppData\Local\IconCache.db
[20/10/2009|18:57] C:\Users\isa\AppData\Local\Microsoft
[28/02/2009|12:59] C:\Users\isa\AppData\Local\Microsoft Games
[30/11/2008|18:23] C:\Users\isa\AppData\Local\Microsoft Help
[08/10/2009|21:16] C:\Users\isa\AppData\Local\Mozilla
[06/03/2009|17:31] C:\Users\isa\AppData\Local\My Games
[20/10/2009|07:04] C:\Users\isa\AppData\Local\PokerStars
[01/05/2009|21:22] C:\Users\isa\AppData\Local\PunkBuster
[21/10/2009|09:54] C:\Users\isa\AppData\Local\Temp
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Temporary Internet Files
[02/12/2008|18:41] C:\Users\isa\AppData\Local\Thunderbird
[01/05/2009|20:45] C:\Users\isa\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[21/10/2009 09:45][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job
[21/10/2009 09:49][--ah-----] C:\Windows\tasks\SA.DAT
[21/10/2009 09:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[08/09/2008|04:29] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[16/07/2009|12:14] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[09/09/2009|18:07] C:\ProgramData\Avira
[30/09/2009|19:11] C:\ProgramData\Babylon
[16/10/2009|23:17] C:\ProgramData\Browse Defy
[30/11/2008|05:16] C:\ProgramData\Bureau
[15/10/2009|17:40] C:\ProgramData\dentanteante.8gc64
[16/10/2009|23:18] C:\ProgramData\dentanteante.l71ly01
[15/10/2009|17:40] C:\ProgramData\dentanteante.yzw8qb
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/01/2009|16:47] C:\ProgramData\eMule
[15/10/2009|17:55] C:\ProgramData\ESET
[30/11/2008|05:16] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[17/03/2009|17:12] C:\ProgramData\GameHouse
[24/01/2009|23:48] C:\ProgramData\Google
[15/10/2009|17:41] C:\ProgramData\Grid Blue Memo Site
[08/09/2008|04:08] C:\ProgramData\Intel
[04/03/2009|10:17] C:\ProgramData\Kaspersky Lab
[04/03/2009|00:09] C:\ProgramData\Kaspersky Lab Setup Files
[08/02/2009|17:16] C:\ProgramData\Malwarebytes
[30/11/2008|17:42] C:\ProgramData\McAfee
[30/11/2008|05:16] C:\ProgramData\Menu D‚marrer
[28/08/2009|19:33] C:\ProgramData\Microsoft
[16/10/2009|07:03] C:\ProgramData\Microsoft Help
[30/11/2008|05:16] C:\ProgramData\ModŠles
[27/12/2008|00:17] C:\ProgramData\MumboJumbo
[03/03/2009|19:48] C:\ProgramData\Nero
[08/10/2009|21:18] C:\ProgramData\NOS
[16/10/2009|10:10] C:\ProgramData\ntuser.pol
[16/10/2009|10:13] C:\ProgramData\NVIDIA
[21/10/2009|09:50] C:\ProgramData\nvModes.001
[21/10/2009|09:50] C:\ProgramData\nvModes.dat
[09/10/2009|08:18] C:\ProgramData\Office Genuine Advantage
[15/10/2009|17:41] C:\ProgramData\OKAY REAL ONLINE.l58a6p
[08/09/2008|04:09] C:\ProgramData\Roaming
[03/03/2009|18:52] C:\ProgramData\Simply Super Software
[02/11/2006|15:02] C:\ProgramData\Start Menu
[03/03/2009|19:39] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[30/11/2008|03:27] C:\ProgramData\WLInstaller
[20/03/2009|20:25] C:\ProgramData\Zylom

--------------------\\ Listing des dossiers dans C:\Program Files

[08/09/2008|04:29] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/01/2009|21:47] C:\Program Files\Adobe
[08/01/2009|22:23] C:\Program Files\adslTV
[21/04/2009|18:07] C:\Program Files\AGEIA Technologies
[02/03/2009|13:20] C:\Program Files\Alwil Software
[03/03/2009|19:45] C:\Program Files\AskTBar
[08/09/2008|04:09] C:\Program Files\Atheros WLAN Client
[07/02/2009|22:40] C:\Program Files\CCleaner
[14/10/2009|21:52] C:\Program Files\Cheat Engine
[08/09/2008|04:08] C:\Program Files\Cisco
[03/10/2009|14:35] C:\Program Files\Common Files
[30/11/2008|18:12] C:\Program Files\DAEMON Tools Lite
[21/01/2009|16:47] C:\Program Files\eMule
[15/10/2009|18:06] C:\Program Files\ESET
[15/10/2009|22:22] C:\Program Files\Everest Poker
[30/11/2008|05:16] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/12/2008|21:47] C:\Program Files\Folderico
[31/12/2008|21:26] C:\Program Files\Futuremark
[19/09/2009|12:10] C:\Program Files\Google
[28/12/2008|18:55] C:\Program Files\iColorFolder
[03/10/2009|14:35] C:\Program Files\InstallShield Installation Information
[08/09/2008|04:14] C:\Program Files\Intel
[16/10/2009|10:06] C:\Program Files\Internet Explorer
[29/08/2009|11:47] C:\Program Files\Java
[03/10/2009|14:35] C:\Program Files\JetAudio
[01/06/2009|13:23] C:\Program Files\JRE
[21/08/2009|21:09] C:\Program Files\La ChaŒne M‚t‚o
[20/10/2009|21:22] C:\Program Files\Malwarebytes' Anti-Malware
[08/09/2008|04:07] C:\Program Files\Marvell
[24/06/2009|00:13] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[08/09/2008|04:32] C:\Program Files\Microsoft Office
[10/09/2009|08:14] C:\Program Files\Microsoft Silverlight
[08/09/2008|04:32] C:\Program Files\Microsoft Small Business
[16/10/2009|07:00] C:\Program Files\Microsoft SQL Server
[24/06/2009|00:13] C:\Program Files\Microsoft SQL Server Compact Edition
[24/06/2009|00:14] C:\Program Files\Microsoft Sync Framework
[08/09/2008|04:28] C:\Program Files\Microsoft Visual Studio
[30/11/2008|18:23] C:\Program Files\Microsoft Visual Studio 8
[10/10/2009|08:57] C:\Program Files\Microsoft Works
[08/09/2008|04:31] C:\Program Files\Microsoft.NET
[16/10/2009|10:06] C:\Program Files\Movie Maker
[20/10/2009|21:12] C:\Program Files\Mozilla Firefox
[22/08/2009|12:27] C:\Program Files\Mozilla Thunderbird
[30/11/2008|18:27] C:\Program Files\MSBuild
[23/06/2009|22:36] C:\Program Files\MSN Toolbar
[08/09/2008|04:19] C:\Program Files\MSSOAP
[09/02/2009|23:03] C:\Program Files\MSXML 4.0
[08/02/2009|14:32] C:\Program Files\Navilog1
[09/02/2009|00:18] C:\Program Files\Nero
[08/10/2009|21:18] C:\Program Files\NOS
[01/06/2009|13:23] C:\Program Files\OpenOffice.org 3
[23/04/2009|21:17] C:\Program Files\PokerStars
[08/09/2008|04:06] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[30/11/2008|05:17] C:\Program Files\Samsung
[21/12/2008|23:50] C:\Program Files\SDLL
[08/09/2008|04:13] C:\Program Files\Synaptics
[20/10/2009|18:52] C:\Program Files\Trend Micro
[03/03/2009|18:58] C:\Program Files\Trojan Remover
[13/12/2008|23:15] C:\Program Files\Ubisoft
[09/05/2009|09:52] C:\Program Files\UltraISO
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/11/2008|22:18] C:\Program Files\uTorrent
[03/12/2008|22:24] C:\Program Files\VideoLAN
[08/09/2008|04:13] C:\Program Files\Vimicro Corporation
[08/09/2008|04:11] C:\Program Files\WIDCOMM
[16/10/2009|10:06] C:\Program Files\Windows Calendar
[16/10/2009|10:06] C:\Program Files\Windows Collaboration
[16/10/2009|10:06] C:\Program Files\Windows Defender
[16/10/2009|10:06] C:\Program Files\Windows Journal
[24/06/2009|00:14] C:\Program Files\Windows Live
[20/07/2009|22:40] C:\Program Files\Windows Live Safety Center
[12/01/2009|14:09] C:\Program Files\Windows Live SkyDrive
[16/10/2009|10:06] C:\Program Files\Windows Mail
[16/10/2009|10:06] C:\Program Files\Windows Media Player
[30/11/2008|05:16] C:\Program Files\Windows NT
[16/10/2009|10:06] C:\Program Files\Windows Photo Gallery
[16/10/2009|10:06] C:\Program Files\Windows Sidebar
[15/12/2008|01:02] C:\Program Files\WinRAR
[13/03/2009|23:24] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[15/01/2009|21:47] C:\Program Files\Common Files\Adobe
[16/07/2009|12:14] C:\Program Files\Common Files\Adobe AIR
[03/10/2009|14:35] C:\Program Files\Common Files\COWON
[08/09/2008|04:28] C:\Program Files\Common Files\DESIGNER
[09/05/2009|09:52] C:\Program Files\Common Files\EZB Systems
[31/12/2008|21:27] C:\Program Files\Common Files\Futuremark Shared
[08/09/2008|04:18] C:\Program Files\Common Files\InstallShield
[08/09/2008|04:08] C:\Program Files\Common Files\Intel
[10/10/2009|08:57] C:\Program Files\Common Files\microsoft shared
[08/09/2008|04:19] C:\Program Files\Common Files\MSSoap
[03/03/2009|19:48] C:\Program Files\Common Files\Nero
[27/05/2009|22:13] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[16/10/2009|10:06] C:\Program Files\Common Files\System
[12/01/2009|12:50] C:\Program Files\Common Files\Windows Live
[30/11/2008|03:36] C:\Program Files\Common Files\WindowsLiveInstaller
[21/04/2009|18:07] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 76 Processes )

iexplore.exe ~ [PID:3836]
iexplore.exe ~ [PID:2980]
iexplore.exe ~ [PID:1964]
iexplore.exe ~ [PID:4420]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\dentanteante.8gc64
C:\ProgramData\dentanteante.yzw8qb
C:\ProgramData\OKAY REAL ONLINE.l58a6p
C:\ProgramData\dentanteante.l71ly01

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Grid Blue Memo Site
C:\ProgramData\Grid Blue Memo Site\32 Program.dat
C:\ProgramData\Grid Blue Memo Site\32 Program.exe
C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@advertising[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lessextra"="\"C:\\ProgramData\\dentanteante.l71ly01\""
"memo site kind that"="\"C:\\ProgramData\\OKAY REAL ONLINE.l58a6p\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 09:55:20
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\Windows\System32\wbem\Performance\WmiApRpl_new.ini 41898 bytes
C:\Users\isa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPF3TMHX\ajax[2].htm
scan completed successfully
hidden processes: 0
hidden files: 928

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\isa\AppData\Roaming\uTorrent\Crackwhore Confessions.torrent
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.001
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.sfv
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cod4.nfo
C:\Users\isa\Downloads\eMule\Incoming\nod 32 2.70.39 fr + crack + pass.rar

[F:11][D:21]-> C:\Users\isa\AppData\Local\Temp
[F:318][D:1]-> C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1135][D:5]-> C:\Users\isa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009| 9:59 - Option : [1]

--------------------\\ Fin du rapport a 9:59:50
[ UAC => 1 ]

merci pour ton aide

isabelle

Répondre à shotix

Impeccable, Lop S&D fonctionne avec Vista SP2.

Relance Lop S&D.

(Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)

Choisis cette fois-ci l'option 2 (Suppression).
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré (C:\lopR.txt).

(Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Répondre à Destrio5

voici le raport.

Citation :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
BIOS : Phoenix SecureCore(tm) NB Version 02LK.MP00.20080926.SCY
USER : isa ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:69 Go (Free:15 Go)
D:\ (Local Disk) - NTFS - Total:69 Go (Free:11 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
H:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 21/10/2009|18:15 )

[ UAC => 1 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\ProgramData\Grid Blue Memo Site\32 Program.dat
Supprime! - C:\ProgramData\Grid Blue Memo Site\32 Program.exe
Supprime! - C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@advertising[2].txt
Supprime! - C:\ProgramData\dentanteante.8gc64
Supprime! - C:\ProgramData\dentanteante.yzw8qb
Supprime! - C:\ProgramData\OKAY REAL ONLINE.l58a6p
Supprime! - C:\ProgramData\dentanteante.l71ly01
Supprime! - C:\ProgramData\Grid Blue Memo Site

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans Local

[05/12/2008|22:05] C:\Users\isa\AppData\Local\Adobe
[09/02/2009|00:34] C:\Users\isa\AppData\Local\Ahead
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Application Data
[23/09/2009|22:39] C:\Users\isa\AppData\Local\Babylon
[14/10/2009|08:30] C:\Users\isa\AppData\Local\d3d9caps.dat
[17/10/2009|03:02] C:\Users\isa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[21/01/2009|16:47] C:\Users\isa\AppData\Local\eMule
[26/12/2008|23:59] C:\Users\isa\AppData\Local\ESET
[10/10/2009|09:02] C:\Users\isa\AppData\Local\GDIPFONTCACHEV1.DAT
[21/10/2009|09:46] C:\Users\isa\AppData\Local\Google
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Historique
[08/02/2009|14:22] C:\Users\isa\AppData\Local\ibwjealg.bat
[21/10/2009|09:48] C:\Users\isa\AppData\Local\IconCache.db
[20/10/2009|18:57] C:\Users\isa\AppData\Local\Microsoft
[28/02/2009|12:59] C:\Users\isa\AppData\Local\Microsoft Games
[30/11/2008|18:23] C:\Users\isa\AppData\Local\Microsoft Help
[08/10/2009|21:16] C:\Users\isa\AppData\Local\Mozilla
[06/03/2009|17:31] C:\Users\isa\AppData\Local\My Games
[20/10/2009|07:04] C:\Users\isa\AppData\Local\PokerStars
[01/05/2009|21:22] C:\Users\isa\AppData\Local\PunkBuster
[21/10/2009|18:15] C:\Users\isa\AppData\Local\Temp
[30/11/2008|05:17] C:\Users\isa\AppData\Local\Temporary Internet Files
[02/12/2008|18:41] C:\Users\isa\AppData\Local\Thunderbird
[01/05/2009|20:45] C:\Users\isa\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[21/10/2009 12:03][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job
[21/10/2009 09:49][--ah-----] C:\Windows\tasks\SA.DAT
[21/10/2009 09:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[08/09/2008|04:29] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[16/07/2009|12:14] C:\ProgramData\Adobe
[02/11/2006|15:02] C:\ProgramData\Application Data
[09/09/2009|18:07] C:\ProgramData\Avira
[30/09/2009|19:11] C:\ProgramData\Babylon
[16/10/2009|23:17] C:\ProgramData\Browse Defy
[30/11/2008|05:16] C:\ProgramData\Bureau
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[21/01/2009|16:47] C:\ProgramData\eMule
[15/10/2009|17:55] C:\ProgramData\ESET
[30/11/2008|05:16] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[17/03/2009|17:12] C:\ProgramData\GameHouse
[24/01/2009|23:48] C:\ProgramData\Google
[08/09/2008|04:08] C:\ProgramData\Intel
[04/03/2009|10:17] C:\ProgramData\Kaspersky Lab
[04/03/2009|00:09] C:\ProgramData\Kaspersky Lab Setup Files
[08/02/2009|17:16] C:\ProgramData\Malwarebytes
[30/11/2008|17:42] C:\ProgramData\McAfee
[30/11/2008|05:16] C:\ProgramData\Menu D‚marrer
[28/08/2009|19:33] C:\ProgramData\Microsoft
[16/10/2009|07:03] C:\ProgramData\Microsoft Help
[30/11/2008|05:16] C:\ProgramData\ModŠles
[27/12/2008|00:17] C:\ProgramData\MumboJumbo
[03/03/2009|19:48] C:\ProgramData\Nero
[08/10/2009|21:18] C:\ProgramData\NOS
[16/10/2009|10:10] C:\ProgramData\ntuser.pol
[16/10/2009|10:13] C:\ProgramData\NVIDIA
[21/10/2009|09:50] C:\ProgramData\nvModes.001
[21/10/2009|09:50] C:\ProgramData\nvModes.dat
[09/10/2009|08:18] C:\ProgramData\Office Genuine Advantage
[08/09/2008|04:09] C:\ProgramData\Roaming
[03/03/2009|18:52] C:\ProgramData\Simply Super Software
[02/11/2006|15:02] C:\ProgramData\Start Menu
[03/03/2009|19:39] C:\ProgramData\TEMP
[02/11/2006|15:02] C:\ProgramData\Templates
[30/11/2008|03:27] C:\ProgramData\WLInstaller
[20/03/2009|20:25] C:\ProgramData\Zylom

--------------------\\ Listing des dossiers dans C:\Program Files

[08/09/2008|04:29] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[15/01/2009|21:47] C:\Program Files\Adobe
[08/01/2009|22:23] C:\Program Files\adslTV
[21/04/2009|18:07] C:\Program Files\AGEIA Technologies
[02/03/2009|13:20] C:\Program Files\Alwil Software
[03/03/2009|19:45] C:\Program Files\AskTBar
[08/09/2008|04:09] C:\Program Files\Atheros WLAN Client
[07/02/2009|22:40] C:\Program Files\CCleaner
[14/10/2009|21:52] C:\Program Files\Cheat Engine
[08/09/2008|04:08] C:\Program Files\Cisco
[03/10/2009|14:35] C:\Program Files\Common Files
[30/11/2008|18:12] C:\Program Files\DAEMON Tools Lite
[21/01/2009|16:47] C:\Program Files\eMule
[15/10/2009|18:06] C:\Program Files\ESET
[15/10/2009|22:22] C:\Program Files\Everest Poker
[30/11/2008|05:16] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/12/2008|21:47] C:\Program Files\Folderico
[31/12/2008|21:26] C:\Program Files\Futuremark
[19/09/2009|12:10] C:\Program Files\Google
[28/12/2008|18:55] C:\Program Files\iColorFolder
[03/10/2009|14:35] C:\Program Files\InstallShield Installation Information
[08/09/2008|04:14] C:\Program Files\Intel
[16/10/2009|10:06] C:\Program Files\Internet Explorer
[29/08/2009|11:47] C:\Program Files\Java
[03/10/2009|14:35] C:\Program Files\JetAudio
[01/06/2009|13:23] C:\Program Files\JRE
[21/08/2009|21:09] C:\Program Files\La ChaŒne M‚t‚o
[20/10/2009|21:22] C:\Program Files\Malwarebytes' Anti-Malware
[08/09/2008|04:07] C:\Program Files\Marvell
[24/06/2009|00:13] C:\Program Files\Microsoft
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[08/09/2008|04:32] C:\Program Files\Microsoft Office
[10/09/2009|08:14] C:\Program Files\Microsoft Silverlight
[08/09/2008|04:32] C:\Program Files\Microsoft Small Business
[16/10/2009|07:00] C:\Program Files\Microsoft SQL Server
[24/06/2009|00:13] C:\Program Files\Microsoft SQL Server Compact Edition
[24/06/2009|00:14] C:\Program Files\Microsoft Sync Framework
[08/09/2008|04:28] C:\Program Files\Microsoft Visual Studio
[30/11/2008|18:23] C:\Program Files\Microsoft Visual Studio 8
[10/10/2009|08:57] C:\Program Files\Microsoft Works
[08/09/2008|04:31] C:\Program Files\Microsoft.NET
[16/10/2009|10:06] C:\Program Files\Movie Maker
[21/10/2009|11:04] C:\Program Files\Mozilla Firefox
[22/08/2009|12:27] C:\Program Files\Mozilla Thunderbird
[30/11/2008|18:27] C:\Program Files\MSBuild
[23/06/2009|22:36] C:\Program Files\MSN Toolbar
[08/09/2008|04:19] C:\Program Files\MSSOAP
[09/02/2009|23:03] C:\Program Files\MSXML 4.0
[08/02/2009|14:32] C:\Program Files\Navilog1
[09/02/2009|00:18] C:\Program Files\Nero
[08/10/2009|21:18] C:\Program Files\NOS
[01/06/2009|13:23] C:\Program Files\OpenOffice.org 3
[23/04/2009|21:17] C:\Program Files\PokerStars
[08/09/2008|04:06] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[30/11/2008|05:17] C:\Program Files\Samsung
[21/12/2008|23:50] C:\Program Files\SDLL
[08/09/2008|04:13] C:\Program Files\Synaptics
[20/10/2009|18:52] C:\Program Files\Trend Micro
[03/03/2009|18:58] C:\Program Files\Trojan Remover
[13/12/2008|23:15] C:\Program Files\Ubisoft
[09/05/2009|09:52] C:\Program Files\UltraISO
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[30/11/2008|22:18] C:\Program Files\uTorrent
[03/12/2008|22:24] C:\Program Files\VideoLAN
[08/09/2008|04:13] C:\Program Files\Vimicro Corporation
[08/09/2008|04:11] C:\Program Files\WIDCOMM
[16/10/2009|10:06] C:\Program Files\Windows Calendar
[16/10/2009|10:06] C:\Program Files\Windows Collaboration
[16/10/2009|10:06] C:\Program Files\Windows Defender
[16/10/2009|10:06] C:\Program Files\Windows Journal
[24/06/2009|00:14] C:\Program Files\Windows Live
[20/07/2009|22:40] C:\Program Files\Windows Live Safety Center
[12/01/2009|14:09] C:\Program Files\Windows Live SkyDrive
[16/10/2009|10:06] C:\Program Files\Windows Mail
[16/10/2009|10:06] C:\Program Files\Windows Media Player
[30/11/2008|05:16] C:\Program Files\Windows NT
[16/10/2009|10:06] C:\Program Files\Windows Photo Gallery
[16/10/2009|10:06] C:\Program Files\Windows Sidebar
[15/12/2008|01:02] C:\Program Files\WinRAR
[13/03/2009|23:24] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[15/01/2009|21:47] C:\Program Files\Common Files\Adobe
[16/07/2009|12:14] C:\Program Files\Common Files\Adobe AIR
[03/10/2009|14:35] C:\Program Files\Common Files\COWON
[08/09/2008|04:28] C:\Program Files\Common Files\DESIGNER
[09/05/2009|09:52] C:\Program Files\Common Files\EZB Systems
[31/12/2008|21:27] C:\Program Files\Common Files\Futuremark Shared
[08/09/2008|04:18] C:\Program Files\Common Files\InstallShield
[08/09/2008|04:08] C:\Program Files\Common Files\Intel
[10/10/2009|08:57] C:\Program Files\Common Files\microsoft shared
[08/09/2008|04:19] C:\Program Files\Common Files\MSSoap
[03/03/2009|19:48] C:\Program Files\Common Files\Nero
[27/05/2009|22:13] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[16/10/2009|10:06] C:\Program Files\Common Files\System
[12/01/2009|12:50] C:\Program Files\Common Files\Windows Live
[30/11/2008|03:36] C:\Program Files\Common Files\WindowsLiveInstaller
[21/04/2009|18:07] C:\Program Files\Common Files\Wise Installation Wizard

--------------------\\ Process

( 69 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@cotedazurpalace[1].txt
C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@serve.cotedazurpalace[1].txt
C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@www.cotedazurpalace[1].txt
C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@serve.32vegas[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 18:15:20
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 926

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\isa\AppData\Roaming\uTorrent\Crackwhore Confessions.torrent
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.001
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.sfv
C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cod4.nfo
C:\Users\isa\Downloads\eMule\Incoming\nod 32 2.70.39 fr + crack + pass.rar

[F:8][D:21]-> C:\Users\isa\AppData\Local\Temp
[F:355][D:1]-> C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2652][D:5]-> C:\Users\isa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:1][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009| 9:59 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 21/10/2009|18:18 - Option : [2]

--------------------\\ Fin du rapport a 18:18:17
[ UAC => 1 ]

merci

isabelle

Répondre à shotix

J'ai un doute sur un dossier.

Télécharge SystemLook sur ton Bureau.
Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.
Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

:dir
C:\ProgramData\Browse Defy

Clique sur le bouton Look pour démarrer l'examen.
A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.

Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt

Répondre à Destrio5

voilà:

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 21:23 on 21/10/2009 by isa (Administrator - Elevation successful)

========== dir ==========

C:\ProgramData\Browse Defy - Parameters: "(none)"

---Files---
tflifaum.exe --a--- 724992 bytes [15:41 15/10/2009] [15:41 15/10/2009]

---Folders---
None found.

-=End Of File=-

Répondre à shotix

C'est bien un dossier Lop.

Refais un scan RSIT et poste le rapport log.

Répondre à Destrio5

voilà:

Logfile of random's system information tool 1.06 (written by random/random)
Run by isa at 2009-10-21 22:40:53
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 16 GB (23%) free of 71 GB
Total RAM: 3066 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41:01, on 21/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Windows\system32\conime.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\isa\Desktop\RSIT.exe
C:\Program Files\trend micro\isa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52FB6713-E604-4868-9EB9-6605EB7E0428}: NameServer = 212.27.40.241,212.27.40.240
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

--
End of file - 9581 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-20 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-08 6273568]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-24 39408]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=1
"EnableUIADesktopToggle"=0
"UacDisableNotify"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-21 09:55:07 ----A---- C:\lopR.txt
2009-10-21 09:54:49 ----D---- C:\Lop SD
2009-10-21 09:45:34 ----SHD---- C:\Config.Msi
2009-10-20 21:16:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-20 19:00:54 ----RASHD---- C:\autorun.inf
2009-10-20 06:59:02 ----D---- C:\UsbFix
2009-10-19 22:37:47 ----D---- C:\rsit
2009-10-16 10:04:49 ----D---- C:\Windows\system32\eu-ES
2009-10-16 10:04:49 ----D---- C:\Windows\system32\ca-ES
2009-10-16 10:04:44 ----D---- C:\Windows\system32\vi-VN
2009-10-16 09:51:17 ----A---- C:\Windows\system32\jscript.dll
2009-10-16 09:13:48 ----D---- C:\Windows\system32\EventProviders
2009-10-16 08:18:48 ----A---- C:\Windows\system32\occache.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-16 08:18:48 ----A---- C:\Windows\system32\iepeers.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\wininet.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\ieui.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\iesetup.dll
2009-10-16 08:18:47 ----A---- C:\Windows\system32\iernonce.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\urlmon.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-16 08:18:46 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iertutil.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-16 08:18:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-16 08:18:45 ----A---- C:\Windows\system32\ieframe.dll
2009-10-16 08:18:44 ----A---- C:\Windows\system32\mshtml.dll
2009-10-16 08:17:41 ----A---- C:\Windows\system32\mshtmled.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\msls31.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\mshtmler.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\ieakeng.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\icardie.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\corpol.dll
2009-10-16 08:17:40 ----A---- C:\Windows\system32\admparse.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\licmgr10.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\inseng.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\imgutil.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\ieaksie.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtrans.dll
2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtmsft.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-10-16 08:17:38 ----A---- C:\Windows\system32\wextract.exe
2009-10-16 08:17:38 ----A---- C:\Windows\system32\webcheck.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\pngfilt.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\mstime.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\msrating.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\ieakui.dll
2009-10-16 08:17:38 ----A---- C:\Windows\system32\advpack.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\vbscript.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\url.dll
2009-10-16 08:17:37 ----A---- C:\Windows\system32\ieapfltr.dll
2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetDepNx.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\PDMSetup.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\mshta.exe
2009-10-16 08:17:36 ----A---- C:\Windows\system32\iexpress.exe
2009-10-16 07:00:08 ----D---- C:\Windows\SQL9_KB970892_ENU
2009-10-15 20:13:06 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-15 20:12:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-15 20:12:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-15 20:11:36 ----A---- C:\Windows\system32\msasn1.dll
2009-10-15 20:11:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-15 17:56:53 ----D---- C:\Users\isa\AppData\Roaming\ESET
2009-10-15 17:40:47 ----D---- C:\ProgramData\Browse Defy
2009-10-12 07:27:49 ----A---- C:\Windows\system32\d3dx9.dll
2009-10-12 07:27:49 ----A---- C:\Windows\system32\D3DX81ab.dll
2009-10-12 07:27:46 ----D---- C:\Program Files\Cheat Engine
2009-10-09 08:18:03 ----D---- C:\ProgramData\Office Genuine Advantage
2009-10-08 22:21:35 ----A---- C:\Windows\system32\lsasrv.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\wdigest.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\schannel.dll
2009-10-08 22:21:34 ----A---- C:\Windows\system32\kerberos.dll
2009-10-08 22:21:33 ----A---- C:\Windows\system32\secur32.dll
2009-10-08 22:21:33 ----A---- C:\Windows\system32\lsass.exe
2009-10-08 21:18:45 ----D---- C:\ProgramData\NOS
2009-10-08 21:18:45 ----D---- C:\Program Files\NOS
2009-10-08 21:16:03 ----D---- C:\Program Files\Mozilla Firefox
2009-10-06 07:21:36 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 07:21:36 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 07:21:34 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 07:21:34 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wups.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 07:21:19 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuapp.exe
2009-10-03 14:37:36 ----D---- C:\Users\isa\AppData\Roaming\COWON
2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files\COWON
2009-10-03 14:35:32 ----D---- C:\Program Files\JetAudio
2009-10-03 08:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-24 07:16:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-24 07:16:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-24 07:16:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-24 07:16:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-24 07:16:03 ----A---- C:\Windows\system32\mssrch.dll
2009-09-24 07:16:01 ----A---- C:\Windows\system32\tquery.dll
2009-09-24 07:15:58 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-24 07:15:57 ----A---- C:\Windows\system32\scavenge.dll
2009-09-24 07:15:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-24 07:15:56 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-24 07:15:56 ----A---- C:\Windows\system32\msi.dll
2009-09-24 07:15:55 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-24 07:15:54 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-24 07:15:53 ----A---- C:\Windows\system32\sysmain.dll
2009-09-24 07:15:52 ----A---- C:\Windows\system32\icardagt.exe
2009-09-24 07:15:50 ----A---- C:\Windows\system32\spreview.exe
2009-09-24 07:15:50 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-24 07:15:50 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-24 07:15:49 ----A---- C:\Windows\system32\spinstall.exe
2009-09-24 07:15:49 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\spwizui.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\shell32.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\secproc.dll
2009-09-24 07:15:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-24 07:15:46 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-24 07:15:46 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-24 07:15:46 ----A---- C:\Windows\system32\mssvp.dll
2009-09-24 07:15:44 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-09-24 07:15:44 ----A---- C:\Windows\system32\mscoree.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssph.dll
2009-09-24 07:15:43 ----A---- C:\Windows\system32\imapi2.dll
2009-09-24 07:15:42 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-24 07:15:41 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-24 07:15:41 ----A---- C:\Windows\system32\esent.dll
2009-09-24 07:15:41 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\sperror.dll
2009-09-24 07:15:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-24 07:15:40 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\SLC.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-24 07:15:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\msshsq.dll
2009-09-24 07:15:39 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-24 07:15:37 ----A---- C:\Windows\system32\msjet40.dll
2009-09-24 07:15:37 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-24 07:15:36 ----A---- C:\Windows\system32\msxml6.dll
2009-09-24 07:15:35 ----A---- C:\Windows\system32\Query.dll
2009-09-24 07:15:35 ----A---- C:\Windows\system32\qmgr.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\ole32.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\msexch40.dll
2009-09-24 07:15:34 ----A---- C:\Windows\system32\diagperf.dll
2009-09-24 07:15:33 ----A---- C:\Windows\system32\ntdll.dll
2009-09-24 07:15:32 ----A---- C:\Windows\system32\winload.exe
2009-09-24 07:15:32 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-24 07:15:32 ----A---- C:\Windows\system32\msxml3.dll
2009-09-24 07:15:31 ----A---- C:\Windows\system32\uDWM.dll
2009-09-24 07:15:31 ----A---- C:\Windows\system32\mmc.exe
2009-09-24 07:15:31 ----A---- C:\Windows\system32\mblctr.exe
2009-09-24 07:15:31 ----A---- C:\Windows\system32\EncDec.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\riched20.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-24 07:15:30 ----A---- C:\Windows\system32\dfsr.exe
2009-09-24 07:15:29 ----A---- C:\Windows\system32\fdBth.dll
2009-09-24 07:15:28 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-24 07:15:27 ----A---- C:\Windows\system32\kernel32.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-24 07:15:26 ----A---- C:\Windows\system32\milcore.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-24 07:15:26 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\spoolss.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-24 07:15:25 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\gpedit.dll
2009-09-24 07:15:24 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-24 07:15:22 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-24 07:15:22 ----A---- C:\Windows\system32\es.dll
2009-09-24 07:15:21 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-24 07:15:21 ----A---- C:\Windows\system32\mstext40.dll
2009-09-24 07:15:21 ----A---- C:\Windows\system32\Magnify.exe
2009-09-24 07:15:21 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-24 07:15:20 ----A---- C:\Windows\system32\advapi32.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-24 07:15:18 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\slwmi.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-24 07:15:17 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-24 07:15:16 ----A---- C:\Windows\system32\vssapi.dll
2009-09-24 07:15:15 ----A---- C:\Windows\system32\authui.dll
2009-09-24 07:15:14 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-24 07:15:14 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-24 07:15:14 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-24 07:15:13 ----A---- C:\Windows\system32\newdev.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\propsys.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-24 07:15:12 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-24 07:15:12 ----A---- C:\Windows\system32\crypt32.dll
2009-09-24 07:15:10 ----A---- C:\Windows\explorer.exe
2009-09-24 07:15:06 ----A---- C:\Windows\system32\setupapi.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\rpcss.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-24 07:15:06 ----A---- C:\Windows\system32\d3d9.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msltus40.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\mfc42.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\davclnt.dll
2009-09-24 07:15:05 ----A---- C:\Windows\system32\browseui.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\user32.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\samsrv.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\photowiz.dll
2009-09-24 07:15:04 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-24 07:15:03 ----A---- C:\Windows\system32\quartz.dll
2009-09-24 07:15:03 ----A---- C:\Windows\system32\ci.dll
2009-09-24 07:15:02 ----A---- C:\Windows\system32\win32spl.dll
2009-09-24 07:15:01 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-24 07:15:01 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-24 07:14:57 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-24 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-24 07:14:57 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-24 07:14:56 ----A---- C:\Windows\system32\netshell.dll
2009-09-24 07:14:56 ----A---- C:\Windows\system32\compcln.exe
2009-09-24 07:14:55 ----A---- C:\Windows\system32\winhttp.dll
2009-09-24 07:14:55 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-24 07:14:55 ----A---- C:\Windows\system32\apds.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-24 07:14:54 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\msctf.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\gdi32.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-24 07:14:54 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-24 07:14:53 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\SLUI.exe
2009-09-24 07:14:53 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-24 07:14:53 ----A---- C:\Windows\system32\eapphost.dll
2009-09-24 07:14:52 ----A---- C:\Windows\system32\winresume.exe
2009-09-24 07:14:52 ----A---- C:\Windows\system32\propdefs.dll
2009-09-24 07:14:52 ----A---- C:\Windows\system32\odbc32.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-24 07:14:51 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-24 07:14:51 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\vds.exe
2009-09-24 07:14:50 ----A---- C:\Windows\system32\usp10.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\swprv.dll
2009-09-24 07:14:50 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\netlogon.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\msscb.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\msctfp.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\evr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\drvinst.exe
2009-09-24 07:14:49 ----A---- C:\Windows\system32\devmgr.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-24 07:14:49 ----A---- C:\Windows\system32\BFE.DLL
2009-09-24 07:14:49 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-24 07:14:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\wercon.exe
2009-09-24 07:14:48 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\services.exe
2009-09-24 07:14:48 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-24 07:14:48 ----A---- C:\Windows\system32\adtschema.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\taskeng.exe
2009-09-24 07:14:47 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\reg.exe
2009-09-24 07:14:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msjter40.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdrm.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-24 07:14:47 ----A---- C:\Windows\system32\certcli.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\w32time.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\msshooks.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-24 07:14:46 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-24 07:14:46 ----A---- C:\Windows\system32\certutil.exe
2009-09-24 07:14:46 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-24 07:14:45 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\msstrc.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\msihnd.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\dfshim.dll
2009-09-24 07:14:45 ----A---- C:\Windows\system32\bthserv.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\netapi32.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\mscories.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\inetpp.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\hidserv.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\fundisc.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-24 07:14:44 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\termsrv.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\profsvc.dll
2009-09-24 07:14:43 ----A---- C:\Windows\system32\msiexec.exe
2009-09-24 07:14:43 ----A---- C:\Windows\system32\imapi.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\wdc.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\rasmans.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\pnidui.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\icardres.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\iassdo.dll
2009-09-24 07:14:42 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\wersvc.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-24 07:14:41 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-24 07:14:41 ----A---- C:\Windows\system32\scrrun.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-24 07:14:41 ----A---- C:\Windows\system32\pdh.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\azroles.dll
2009-09-24 07:14:41 ----A---- C:\Windows\system32\autofmt.exe
2009-09-24 07:14:40 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-24 07:14:40 ----A---- C:\Windows\system32\winlogon.exe
2009-09-24 07:14:40 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-24 07:14:40 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\untfs.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\spp.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\sethc.exe
2009-09-24 07:14:39 ----A---- C:\Windows\system32\scrobj.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\kd1394.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\iassam.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\comuid.dll
2009-09-24 07:14:39 ----A---- C:\Windows\system32\certmgr.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\wisptis.exe
2009-09-24 07:14:38 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\rtutils.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\printui.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\iasnap.dll
2009-09-24 07:14:38 ----A---- C:\Windows\system32\dwm.exe
2009-09-24 07:14:38 ----A---- C:\Windows\system32\autochk.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\wow32.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\winsrv.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\userenv.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\onex.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\kdcom.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\cscript.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\basecsp.dll
2009-09-24 07:14:37 ----A---- C:\Windows\system32\autoconv.exe
2009-09-24 07:14:37 ----A---- C:\Windows\system32\audiodg.exe
2009-09-24 07:14:36 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\winmm.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\RelMon.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\osk.exe
2009-09-24 07:14:36 ----A---- C:\Windows\system32\mswsock.dll
2009-09-24 07:14:36 ----A---- C:\Windows\system32\kdusb.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-24 07:14:35 ----A---- C:\Windows\system32\offfilt.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\msftedit.dll
2009-09-24 07:14:35 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wsepno.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wscript.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\WerFault.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\Utilman.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\ulib.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\sysclass.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\stobject.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\SndVol.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mscms.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mfplat.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\mcmde.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\diskraid.exe
2009-09-24 07:14:34 ----A---- C:\Windows\system32\apphelp.dll
2009-09-24 07:14:34 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\rastapi.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-24 07:14:33 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\dsound.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\cryptui.dll
2009-09-24 07:14:33 ----A---- C:\Windows\system32\brcpl.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\wusa.exe
2009-09-24 07:14:32 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-24 07:14:32 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\regsvc.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\rastls.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\ntprint.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\mscorier.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\logman.exe
2009-09-24 07:14:32 ----A---- C:\Windows\system32\iasrad.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\gpapi.dll
2009-09-24 07:14:32 ----A---- C:\Windows\system32\diskpart.exe
2009-09-24 07:14:31 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wshext.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wpccpl.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\wer.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\themecpl.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\netcenter.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-24 07:14:31 ----A---- C:\Windows\system32\findstr.exe
2009-09-24 07:14:30 ----A---- C:\Windows\system32\uxsms.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\slcc.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\scansetting.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\msutb.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-24 07:14:30 ----A---- C:\Windows\system32\iasads.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\powrprof.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\powercpl.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\networkmap.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\mstsc.exe
2009-09-24 07:14:29 ----A---- C:\Windows\system32\iasacct.dll
2009-09-24 07:14:29 ----A---- C:\Windows\system32\authz.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\usercpl.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\themeui.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\sud.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\samlib.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\qdvd.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\pcaui.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\newdev.exe
2009-09-24 07:14:28 ----A---- C:\Windows\system32\mmci.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\connect.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\autoplay.dll
2009-09-24 07:14:28 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\wpcao.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\scksp.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\scesrv.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\regapi.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\oleprn.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-24 07:14:27 ----A---- C:\Windows\system32\mpr.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\feclient.dll
2009-09-24 07:14:27 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\sdclt.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\qedit.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\pnpui.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\imm32.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-24 07:14:26 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-24 07:14:26 ----A---- C:\Windows\system32\certreq.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\whealogr.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\srcore.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\scecli.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasplap.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-24 07:14:25 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-24 07:14:25 ----A---- C:\Windows\system32\conime.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-24 07:14:24 ----A---- C:\Windows\system32\wlanui.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-24 07:14:24 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\rasppp.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\raschap.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-24 07:14:24 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\fontext.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\dsprop.dll
2009-09-24 07:14:24 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\shsetup.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\mscandui.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\modemui.dll
2009-09-24 07:14:23 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\dataclen.dll
2009-09-24 07:14:22 ----A---- C:\Windows\system32\blackbox.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\wpcsvc.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\smss.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\msscp.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\logagent.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\InkEd.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\ifmon.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\credui.dll
2009-09-24 07:14:21 ----A---- C:\Windows\system32\cipher.exe
2009-09-24 07:14:21 ----A---- C:\Windows\system32\certprop.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\wscapi.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\softkbd.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\sendmail.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\puiapi.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\olepro32.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\msimtf.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\msctfui.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\input.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\gpresult.exe
2009-09-24 07:14:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-24 07:14:20 ----A---- C:\Windows\system32\cdd.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\wshbth.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\version.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-24 07:14:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\msjint40.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\msisip.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\mprapi.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\fc.exe
2009-09-24 07:14:19 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\dmusic.dll
2009-09-24 07:14:19 ----A---- C:\Windows\system32\cscapi.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\Storprop.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\slcinst.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdial.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\ftp.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\cscdll.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthci.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\nslookup.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\mmcico.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-24 07:14:17 ----A---- C:\Windows\system32\csrstub.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\cbsra.exe
2009-09-24 07:14:17 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\slwga.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-24 07:14:16 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\winrnr.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\midimap.dll
2009-09-24 07:14:15 ----A---- C:\Windows\system32\inetppui.dll
2009-09-24 07:14:13 ----A---- C:\Windows\system32\msimsg.dll
2009-09-24 07:14:13 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-24 07:13:54 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-24 07:13:52 ----A---- C:\Windows\system32\wdscore.dll
2009-09-24 07:13:52 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-24 07:13:49 ----A---- C:\Windows\system32\drvstore.dll
2009-09-23 22:37:42 ----D---- C:\ProgramData\Babylon
2009-09-23 22:37:41 ----D---- C:\Users\isa\AppData\Roaming\Babylon

======List of files/folders modified in the last 1 months======

2009-10-21 22:41:01 ----D---- C:\Windows\Prefetch
2009-10-21 22:40:58 ----D---- C:\Windows\Temp
2009-10-21 22:40:57 ----D---- C:\Program Files\Trend Micro
2009-10-21 21:21:52 ----D---- C:\Users\isa\AppData\Roaming\uTorrent
2009-10-21 18:15:10 ----HD---- C:\ProgramData
2009-10-21 15:25:47 ----SHD---- C:\System Volume Information
2009-10-21 10:38:20 ----D---- C:\Windows
2009-10-21 09:56:53 ----D---- C:\Windows\System32
2009-10-21 09:56:53 ----D---- C:\Windows\inf
2009-10-21 09:56:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-21 09:45:45 ----SHD---- C:\Windows\Installer
2009-10-20 21:26:04 ----RD---- C:\Program Files
2009-10-20 21:16:21 ----D---- C:\Windows\system32\drivers
2009-10-20 19:00:50 ----SD---- C:\Windows\Downloaded Program Files
2009-10-20 18:57:16 ----SHD---- C:\$Recycle.Bin
2009-10-17 15:08:51 ----D---- C:\Windows\system32\catroot2
2009-10-16 23:03:56 ----D---- C:\Windows\Debug
2009-10-16 22:55:02 ----D---- C:\Windows\Microsoft.NET
2009-10-16 22:54:52 ----D---- C:\Windows\winsxs
2009-10-16 22:54:26 ----D---- C:\Windows\system32\catroot
2009-10-16 10:25:38 ----D---- C:\Windows\rescache
2009-10-16 10:24:36 ----RSD---- C:\Windows\assembly
2009-10-16 10:13:12 ----D---- C:\ProgramData\NVIDIA
2009-10-16 10:12:01 ----SHD---- C:\Boot
2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Mail
2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Calendar
2009-10-16 10:06:26 ----D---- C:\Program Files\Movie Maker
2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Sidebar
2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Media Player
2009-10-16 10:06:24 ----D---- C:\Program Files\Internet Explorer
2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Journal
2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Collaboration
2009-10-16 10:06:21 ----D---- C:\Program Files\Common Files\System
2009-10-16 10:06:20 ----D---- C:\Program Files\Windows Photo Gallery
2009-10-16 10:06:07 ----D---- C:\Windows\servicing
2009-10-16 10:06:07 ----D---- C:\Program Files\Windows Defender
2009-10-16 10:06:03 ----D---- C:\Windows\ehome
2009-10-16 10:05:52 ----D---- C:\Windows\system32\XPSViewer
2009-10-16 10:05:52 ----D---- C:\Windows\system32\lv-LV
2009-10-16 10:05:52 ----D---- C:\Windows\system32\hr-HR
2009-10-16 10:05:52 ----D---- C:\Windows\system32\et-EE
2009-10-16 10:05:52 ----D---- C:\Windows\system32\da-DK
2009-10-16 10:05:52 ----D---- C:\Windows\IME
2009-10-16 10:05:51 ----D---- C:\Windows\system32\sk-SK
2009-10-16 10:05:51 ----D---- C:\Windows\system32\oobe
2009-10-16 10:05:51 ----D---- C:\Windows\system32\ko-KR
2009-10-16 10:05:51 ----D---- C:\Windows\system32\it-IT
2009-10-16 10:05:51 ----D---- C:\Windows\system32\en-US
2009-10-16 10:05:51 ----D---- C:\Windows\system32\el-GR
2009-10-16 10:05:51 ----D---- C:\Windows\system32\de-DE
2009-10-16 10:05:50 ----D---- C:\Windows\system32\migration
2009-10-16 10:05:50 ----D---- C:\Windows\system32\fr
2009-10-16 10:05:48 ----D---- C:\Windows\system32\ru-RU
2009-10-16 10:05:48 ----D---- C:\Windows\system32\AdvancedInstallers
2009-10-16 10:05:46 ----D---- C:\Windows\system32\fr-FR
2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-TW
2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-CN
2009-10-16 10:05:44 ----D---- C:\Windows\system32\uk-UA
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sv-SE
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sr-Latn-CS
2009-10-16 10:05:44 ----D---- C:\Windows\system32\SLUI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\sl-SI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\setup
2009-10-16 10:05:44 ----D---- C:\Windows\system32\pt-PT
2009-10-16 10:05:44 ----D---- C:\Windows\system32\pl-PL
2009-10-16 10:05:44 ----D---- C:\Windows\system32\manifeststore
2009-10-16 10:05:44 ----D---- C:\Windows\system32\ja-JP
2009-10-16 10:05:44 ----D---- C:\Windows\system32\hu-HU
2009-10-16 10:05:44 ----D---- C:\Windows\system32\he-IL
2009-10-16 10:05:44 ----D---- C:\Windows\system32\fi-FI
2009-10-16 10:05:44 ----D---- C:\Windows\system32\es-ES
2009-10-16 10:05:44 ----D---- C:\Windows\system32\cs-CZ
2009-10-16 10:05:44 ----D---- C:\Windows\system32\bg-BG
2009-10-16 10:05:43 ----D---- C:\Windows\system32\th-TH
2009-10-16 10:05:43 ----D---- C:\Windows\system32\ro-RO
2009-10-16 10:05:42 ----D---- C:\Windows\system32\tr-TR
2009-10-16 10:05:41 ----D---- C:\Windows\system32\wbem
2009-10-16 10:05:40 ----D---- C:\Windows\system32\nl-NL
2009-10-16 10:05:40 ----D---- C:\Windows\system32\nb-NO
2009-10-16 10:05:40 ----D---- C:\Windows\system32\migwiz
2009-10-16 10:05:40 ----D---- C:\Windows\system32\lt-LT
2009-10-16 10:05:40 ----D---- C:\Windows\system32\ar-SA
2009-10-16 10:05:39 ----D---- C:\Windows\system32\pt-BR
2009-10-16 10:04:56 ----RSD---- C:\Windows\Fonts
2009-10-16 10:04:56 ----D---- C:\Windows\AppPatch
2009-10-16 10:04:44 ----D---- C:\Windows\system32\Boot
2009-10-16 08:26:16 ----D---- C:\Windows\PolicyDefinitions
2009-10-16 07:03:34 ----D---- C:\ProgramData\Microsoft Help
2009-10-16 07:00:35 ----D---- C:\Program Files\Microsoft SQL Server
2009-10-15 22:22:29 ----D---- C:\Program Files\Everest Poker
2009-10-15 18:06:31 ----D---- C:\Program Files\ESET
2009-10-15 17:55:51 ----D---- C:\ProgramData\ESET
2009-10-15 17:40:42 ----D---- C:\Windows\system32\Tasks
2009-10-10 08:57:40 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-10 08:57:18 ----D---- C:\Program Files\Microsoft Works
2009-10-10 08:55:46 ----A---- C:\Windows\win.ini
2009-10-09 06:59:37 ----D---- C:\Windows\system32\zh-HK
2009-10-08 21:16:21 ----D---- C:\Users\isa\AppData\Roaming\Mozilla
2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files
2009-10-03 14:35:30 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-03 14:32:13 ----D---- C:\Users\isa\AppData\Roaming\dvdcss
2009-10-02 20:01:57 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2008-03-31 73728]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-07 2152088]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-22 51232]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-06-05 242048]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-06-27 303616]
S3 acu4y1nu;acu4y1nu; C:\Windows\system32\drivers\acu4y1nu.sys []
S3 ADDMEM;ADDMEM; \??\C:\Users\isa\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS []
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw

Répondre à shotix

C'est mieux.

Télécharge OTM (OldTimer) sur ton Bureau.
Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
Copie (Ctrl+C) le texte suivant ci-dessous :

:processes
explorer.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

:files
C:\ProgramData\Browse Defy
C:\Program Files\AskTBar

:commands
[purity]
[emptytemp]
[reboot]

Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\

---> Le nom du rapport correspond au moment de sa création : date_heure.log

Répondre à Destrio5

oh lala cette galère j'espère que je vais m'en sortir.
voilà le rapport:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
========== FILES ==========
C:\ProgramData\Browse Defy moved successfully.
C:\Program Files\AskTBar\bar\Settings moved successfully.
C:\Program Files\AskTBar\bar\History moved successfully.
C:\Program Files\AskTBar\bar\Cache moved successfully.
C:\Program Files\AskTBar\bar moved successfully.
C:\Program Files\AskTBar moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: isa
->Temp folder emptied: 36328062 bytes
->Temporary Internet Files folder emptied: 106853900 bytes
->Java cache emptied: 27268979 bytes
->FireFox cache emptied: 63145287 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 83811 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 222,89 mb

OTM by OldTimer - Version 3.0.0.6 log created on 10212009_232023

Files moved on Reboot...

Registry entries deleted on Reboot...

Répondre à shotix

Désinstalle Java 6 Update 15.

Mets à jour Java.

Mets à jour Adobe Reader.

Plus de souci ?

Répondre à Destrio5

merci beaucoup pour ton aide, c'est sure que seule je n'aurais jamais pu faire tout ca!

pour l'instant ca a l'air d'aller, par contre j'ai pu d'antivirus, en as tu un a me conseiller?
il me semble que c'était ca qui déconner car c'est quand je l'ai installé, d'ailleurs il ne se désinstalle pas, j'ai nod32.

bonne journée.
isabelle

Répondre à shotix

Citation :

d'ailleurs il ne se désinstalle pas, j'ai nod32.

--> http://www.commentcamarche.net/faq [...] uces#nod32

Installe AntiVir et mets-le à jour.
Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
Dans AntiVir, choisis Outils puis Configuration.
Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

Tutoriel : Scanner le(s) disque(s) dur(s)

Répondre à Destrio5

merci beaucoup pour ton aide, rien a déclarer depuis hier, tout fonctionne!!

merci encore et à bientôt
isabelle

Répondre à shotix

Tu as réussi à retirer NOD32 ?

Répondre à Destrio5

Créer un nouveau sujet Répondre

Tom's Guide > Forum > Sécurité - Virus > Pages qui souvre toute seul cdi

Aller à :

Aide |
Règles du forum

Il y a 2378 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Page générée en 0,472 secondes

Liens