infection Pc [resolu]

gillou66 · Message par **gillou66** » 03 déc. 2009, 21:46

Bonjour..

le retour...sur la 2 eme machine
infection trouvée sur rapport suivant

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2775
Windows 5.1.2600 Service Pack 3

03/12/2009 18:04:17
mbam-log-2009-12-03 (18-04-13).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 133157
Temps écoulé: 25 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\pbfrv2.pbfrv2 (Adware.2020search) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020search) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

et sur avira detection et mise en quarantaine du trojan suivant

Evénements exportés :

03/12/2009 13:32 [Scanner] Logiciel malveillant détecté
Le fichier 'C:\System Volume
Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP9\A0005856.dll'
contenait un virus ou un programme indésirable 'ADSPY/Toolbar.P.c.3' [adware].
Action(s) exécutée(s) :
Le fichier a été déplacé dans le répertoire de quarantaine sous le nom
'4b47b005.qua' !

merci @+

gillou66 · Message par **gillou66** » 04 déc. 2009, 11:51

Slt

a defaut de yop!!!!! up

bernard53 · Message par **bernard53** » 04 déc. 2009, 13:06

bonjour

Fait ceci avant ta suppression avec MalwaresBytes.

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau:

Double clique sur RSIT.exe qui se trouve sur ton bureau pour le lancer:
Pour VISTA :
Clic-droit et choisis "Exécuter en tant qu'administrateur".
Ensuite :
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Le rapport va se créer. Pour le mettre sur le forum.

Tout sélectionner : CRTL+ A
Tout copier : CRTL+ C
Tout coller : CRTL+ V

Vous pouvez, une fois posté, le fermer. Ce rapport s’appelle.log.txt

Le rapport est sauvegardé à la racine du disque: C:\rsit\info.txt et C:\rsit\log.txt

Message par **nardino** » 04 déc. 2009, 13:42

Bonjour.
Télécharge Toolbar-S&D de Eric_71
http://eric.71.mespages.googlepages.com/ToolBarSD.exe
http://eric71.geekstogo.com/tools/ToolBarSD.exe
Sur ton bureau, impératif.
Double clique sur l'icône ToolBar SD.exe.

http://i85.servimg.com/u/f85/11/05/93/83/tbsd110.jpg

(Sous Vista, faire un clic droit sur cette icône, Exécuter en tant qu'administrateur (Elévation des privilèges.), puis Continuer.)

Dans la fenêtre DOS bleue, Tape F, puis Entrer.
Ensuite tape 1 et Entrer.
Le système va redémarrer et le scan prendra quelques minutes.
Une fois terminé un rapport TB.txt va s'ouvrir.
Tu le postes
Tu fermes le rapport sur ton bureau et tu attends les résultats de l'analyse.
Ce rapport sera enregistré à la racine du système : C:\TB.txt
@+

gillou66 · Message par **gillou66** » 04 déc. 2009, 13:50

slt
si les deux Bernard si mettent

Logfile of random's system information tool 1.06 (written by random/random)
Run by G at 2009-12-04 13:36:31
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 139 GB (94%) free of 148 GB
Total RAM: 447 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:36:51, on 04/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Mozilla Firefox 3.6 Beta 4\firefox.exe
C:\Documents and Settings\G\Mes documents\Téléchargements\RSIT.exe
C:\Program Files\trend micro\G.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/r ... key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 5615 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\HDReg.job
C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
C:\WINDOWS\tasks\Rappel d'enregistrement 3.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}]
PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - PBFRV2 - C:\WINDOWS\system32\pbfrv2.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-05 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-05 455168]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-03-26 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe [2004-06-03 32881]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-05-14 67072]
"PCMService"=c:\Apps\Powercinema\PCMService.exe [2004-10-08 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-12-04 289584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%ProgramFiles%\AOL 9.0\aol.exe"="%ProgramFiles%\AOL 9.0\aol.exe:*:Enabled:AOL"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\logo_ubi.exe:*:Enabled:SPLINTER CELL PANDORA"
"%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe"="%ProgramFiles%\UBISOFT\Splinter Cell Pandora Tomorrow\pandora.exe:*:Enabled:PANDORA"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\APPS\Inventime\my.exe"="C:\APPS\Inventime\my.exe:*:Enabled:INVENTIME"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Documents and Settings\G\Local Settings\Temp\7zS1.tmp\SymNRT.exe"="C:\Documents and Settings\G\Local Settings\Temp\7zS1.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-12-04 13:36:32 ----D---- C:\Program Files\trend micro
2009-12-04 13:36:31 ----D---- C:\rsit
2009-12-04 13:07:46 ----D---- C:\Program Files\uTorrent
2009-12-04 13:06:59 ----D---- C:\Documents and Settings\G\Application Data\uTorrent
2009-12-04 11:51:53 ----D---- C:\Program Files\Microsoft
2009-12-04 11:51:36 ----D---- C:\Program Files\Windows Live SkyDrive
2009-12-04 11:51:13 ----D---- C:\Program Files\Windows Live
2009-12-04 11:32:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-12-04 11:08:45 ----D---- C:\Program Files\Mozilla Firefox 3.6 Beta 4
2009-12-03 19:00:40 ----D---- C:\Program Files\SIW
2009-12-03 17:02:16 ----D---- C:\Documents and Settings\G\Application Data\Malwarebytes
2009-12-03 17:02:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-03 17:02:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-12-03 16:30:49 ----D---- C:\Program Files\CCleaner
2009-12-03 16:14:12 ----D---- C:\WINDOWS\ie8updates
2009-12-03 16:13:32 ----D---- C:\WINDOWS\WBEM
2009-12-03 16:12:30 ----HDC---- C:\WINDOWS\ie8
2009-12-03 16:06:15 ----D---- C:\WINDOWS\Prefetch
2009-12-03 16:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-03 16:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-03 16:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-03 16:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2009-12-03 16:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-03 16:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-03 16:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-03 16:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-03 16:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-03 16:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-03 16:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-03 16:00:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-03 16:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-03 15:59:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-03 15:59:35 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-03 15:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-03 15:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-03 15:59:16 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-03 15:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-03 15:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-03 15:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-03 15:58:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-03 15:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-03 15:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-03 15:58:31 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-03 15:58:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-03 15:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-03 15:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-03 15:58:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-03 15:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-03 15:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-03 15:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-03 15:57:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2009-12-03 15:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-03 15:57:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-03 15:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-03 15:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-03 15:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-03 15:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-03 15:56:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-03 15:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-03 15:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-03 15:56:37 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-03 15:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-03 15:53:48 ----D---- C:\Documents and Settings\G\Application Data\Macromedia
2009-12-03 15:53:47 ----D---- C:\Documents and Settings\G\Application Data\Adobe
2009-12-03 15:52:47 ----D---- C:\WINDOWS\system32\fr-fr
2009-12-03 15:52:46 ----D---- C:\WINDOWS\system32\fr
2009-12-03 15:52:46 ----D---- C:\WINDOWS\l2schemas
2009-12-03 15:52:45 ----D---- C:\WINDOWS\system32\bits
2009-12-03 15:47:19 ----D---- C:\WINDOWS\network diagnostic
2009-12-03 15:43:34 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-03 15:43:32 ----D---- C:\WINDOWS\EHome
2009-12-03 15:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-12-03 13:09:29 ----D---- C:\WINDOWS\pss
2009-12-03 12:25:58 ----HD---- C:\WINDOWS\PIF
2009-12-03 11:45:18 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-03 11:45:17 ----D---- C:\78915c1e7b5f6525d1
2009-12-03 11:30:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-12-03 11:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-12-03 11:30:37 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2009-12-03 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-12-03 11:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-12-03 11:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2009-12-03 11:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974455_0$
2009-12-03 11:29:52 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2009-12-03 11:29:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2_0$
2009-12-03 11:29:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-12-03 11:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2009-12-03 11:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971557_0$
2009-12-03 11:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2009-12-03 11:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2009-12-03 11:29:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2009-12-03 11:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971633_0$
2009-12-03 11:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2009-12-03 11:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-12-03 11:28:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-12-03 11:28:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2009-12-03 11:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB901190$
2009-12-03 11:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2009-12-03 11:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-12-03 11:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-12-03 11:28:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2009-12-03 11:28:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-12-03 11:27:52 ----HDC---- C:\WINDOWS\$NtUninstallKB969947_0$
2009-12-03 11:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-03 11:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-03 11:00:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2009-12-03 11:00:06 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-03 10:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2009-12-03 10:59:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2009-12-03 10:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-03 10:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-12-03 10:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2009-12-03 10:59:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-12-03 10:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2009-12-03 10:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2009-12-03 10:58:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2009-12-03 10:58:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2009-12-03 10:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-12-03 10:58:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-12-03 10:58:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-12-03 10:58:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-12-03 10:58:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973354_0$
2009-12-03 10:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-12-03 10:58:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-03 10:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971486_0$
2009-12-03 10:57:26 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-03 10:57:22 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-12-03 10:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2009-12-03 10:55:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-03 10:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-12-03 10:54:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-12-03 10:54:46 ----D---- C:\Program Files\MSXML 4.0
2009-12-03 10:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2009-12-03 10:49:03 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-12-03 10:42:55 ----D---- C:\Program Files\Avira
2009-12-03 10:42:55 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-12-03 10:24:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-03 10:23:26 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-12-03 10:23:26 ----D---- C:\Program Files\Adobe
2009-12-03 10:17:00 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
2009-12-03 10:16:38 ----D---- C:\Program Files\NOS
2009-12-03 10:16:38 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-12-03 10:12:45 ----D---- C:\Program Files\ma-config.com
2009-12-03 10:12:45 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-12-03 10:07:58 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-03 10:07:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-03 10:07:55 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-03 10:07:55 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-03 10:07:39 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-03 10:07:32 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-03 10:04:28 ----D---- C:\Program Files\VS Revo Group
2009-12-03 10:02:24 ----D---- C:\Documents and Settings\G\Application Data\Mozilla
2009-12-03 10:02:13 ----D---- C:\Program Files\Mozilla Firefox
2009-12-03 09:59:04 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-01 01:24:24 ----SHD---- C:\WINDOWS\Installer
2009-12-01 01:24:24 ----SHD---- C:\RECYCLER
2009-12-01 01:24:24 ----SHD---- C:\DRIVERS
2009-12-01 01:24:24 ----SD---- C:\WINDOWS\Tasks
2009-12-01 01:24:24 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-01 01:24:24 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-01 01:24:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-01 01:24:24 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-01 01:24:24 ----RSHD---- C:\cmdcons
2009-12-01 01:24:24 ----RSD---- C:\WINDOWS\Fonts
2009-12-01 01:24:24 ----RSD---- C:\WINDOWS\assembly
2009-12-01 01:24:24 ----RHD---- C:\MSOCache
2009-12-01 01:24:24 ----RD---- C:\WINDOWS\Web
2009-12-01 01:24:24 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-01 01:24:24 ----RD---- C:\Program Files
2009-12-01 01:24:24 ----HD---- C:\WINDOWS\inf
2009-12-01 01:24:24 ----HD---- C:\WINDOWS\I386
2009-12-01 01:24:24 ----HD---- C:\Program Files\WindowsUpdate
2009-12-01 01:24:24 ----HD---- C:\Program Files\Uninstall Information
2009-12-01 01:24:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-01 01:24:24 ----HD---- C:\PNP
2009-12-01 01:24:24 ----HD---- C:\DIVTOOLS
2009-12-01 01:24:24 ----D---- C:\WINDOWS\WinSxS
2009-12-01 01:24:24 ----D---- C:\WINDOWS\twain_32
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Temp
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\xircom
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\wins
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\wbem
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\usmt
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\URTTemp
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\spool
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\Setup
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\Restore
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\ras
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\QuickTime
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\oobe
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\npp
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\mui
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\Macromed
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\IME
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\icsxml
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\ias
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\export
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\drivers
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\DirectX
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\dhcp
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\config
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\Com
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\3076
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\2052
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1054
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1042
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1041
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1037
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1036
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1033
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1031
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1028
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32\1025
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system32
2009-12-01 01:24:24 ----D---- C:\WINDOWS\system
2009-12-01 01:24:24 ----D---- C:\WINDOWS\srchasst
2009-12-01 01:24:24 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-01 01:24:24 ----D---- C:\WINDOWS\SHELLNEW
2009-12-01 01:24:24 ----D---- C:\WINDOWS\security
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Resources
2009-12-01 01:24:24 ----D---- C:\WINDOWS\REPAIR
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Registration
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Provisioning
2009-12-01 01:24:24 ----D---- C:\WINDOWS\PeerNet
2009-12-01 01:24:24 ----D---- C:\WINDOWS\pchealth
2009-12-01 01:24:24 ----D---- C:\WINDOWS\occache
2009-12-01 01:24:24 ----D---- C:\WINDOWS\mui
2009-12-01 01:24:24 ----D---- C:\WINDOWS\msapps
2009-12-01 01:24:24 ----D---- C:\WINDOWS\msagent
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Modio
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Media
2009-12-01 01:24:24 ----D---- C:\WINDOWS\ime
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Help
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Driver Cache
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Debug
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Cursors
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Connection Wizard
2009-12-01 01:24:24 ----D---- C:\WINDOWS\Config
2009-12-01 01:24:24 ----D---- C:\WINDOWS\AppPatch
2009-12-01 01:24:24 ----D---- C:\WINDOWS\addins
2009-12-01 01:24:24 ----D---- C:\WINDOWS
2009-12-01 01:24:24 ----D---- C:\Program Files\xerox
2009-12-01 01:24:24 ----D---- C:\Program Files\Windows NT
2009-12-01 01:24:24 ----D---- C:\Program Files\Windows Media Player
2009-12-01 01:24:24 ----D---- C:\Program Files\Viewpoint
2009-12-01 01:24:24 ----D---- C:\Program Files\Services en ligne
2009-12-01 01:24:24 ----D---- C:\Program Files\S3Inc
2009-12-01 01:24:24 ----D---- C:\Program Files\Real
2009-12-01 01:24:24 ----D---- C:\Program Files\QuickTime
2009-12-01 01:24:24 ----D---- C:\Program Files\Outlook Express
2009-12-01 01:24:24 ----D---- C:\Program Files\Online Services
2009-12-01 01:24:24 ----D---- C:\Program Files\NetMeeting
2009-12-01 01:24:24 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-01 01:24:24 ----D---- C:\Program Files\MSN
2009-12-01 01:24:24 ----D---- C:\Program Files\Movie Maker
2009-12-01 01:24:24 ----D---- C:\Program Files\Microsoft.NET
2009-12-01 01:24:24 ----D---- C:\Program Files\Microsoft Works
2009-12-01 01:24:24 ----D---- C:\Program Files\microsoft office
2009-12-01 01:24:24 ----D---- C:\Program Files\microsoft frontpage
2009-12-01 01:24:24 ----D---- C:\Program Files\Messenger
2009-12-01 01:24:24 ----D---- C:\Program Files\Learn2.com
2009-12-01 01:24:24 ----D---- C:\Program Files\Java
2009-12-01 01:24:24 ----D---- C:\Program Files\Internet Explorer
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\xing shared
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\System
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\Services
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\Real
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\Nullsoft
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\Java
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\aolshare
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs\AOL
2009-12-01 01:24:24 ----D---- C:\Program Files\Fichiers communs
2009-12-01 01:24:24 ----D---- C:\Program Files\CyberLink
2009-12-01 01:24:24 ----D---- C:\Program Files\ComPlus Applications
2009-12-01 01:24:24 ----D---- C:\Program Files\AOL Compagnon
2009-12-01 01:24:24 ----D---- C:\Program Files\AOL 9.0
2009-12-01 01:24:24 ----D---- C:\mysql
2009-12-01 01:24:24 ----D---- C:\My Music
2009-12-01 01:24:24 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-12-01 01:24:24 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI
2009-12-01 01:24:24 ----D---- C:\Documents and Settings\All Users\Application Data\QuickTime
2009-12-01 01:24:24 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-12-01 01:24:24 ----D---- C:\Documents and Settings
2009-12-01 01:24:23 ----D---- C:\APPS
2009-12-01 01:24:22 ----SHD---- C:\System Volume Information
2009-11-30 18:24:30 ----D---- C:\$WINDOWS.~LS
2009-11-30 18:22:08 ----D---- C:\$WINDOWS.~BT
2009-11-30 17:42:38 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-11-30 17:42:08 ----ASH---- C:\Documents and Settings\G\Application Data\desktop.ini
2009-11-30 17:42:07 ----SD---- C:\Documents and Settings\G\Application Data\Microsoft
2009-11-30 17:42:07 ----D---- C:\Documents and Settings\G\Application Data\You've Got Pictures Screensaver
2009-11-30 17:42:07 ----D---- C:\Documents and Settings\G\Application Data\Sun
2009-11-30 17:42:07 ----D---- C:\Documents and Settings\G\Application Data\Real
2009-11-30 17:42:07 ----D---- C:\Documents and Settings\G\Application Data\Identities

======List of files/folders modified in the last 1 months======

2009-12-04 13:11:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-03 16:14:29 ----A---- C:\WINDOWS\imsins.BAK
2009-12-03 16:08:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-03 16:07:15 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-03 16:06:20 ----A---- C:\WINDOWS\setuplog.txt
2009-12-03 13:50:43 ----RASH---- C:\BOOT.INI
2009-12-03 13:50:43 ----A---- C:\WINDOWS\win.ini
2009-12-03 13:50:43 ----A---- C:\WINDOWS\system.ini
2009-11-30 17:39:46 ----A---- C:\WINDOWS\HDReg.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Pilote de processeur AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41856]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-05-14 622172]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-11 41984]
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2003-02-16 210128]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2003-02-16 516616]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2003-01-17 39348]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-05-05 142976]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2003-02-16 1293192]
S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2003-02-05 162136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2003-02-16 85520]
S3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-02-25 1123440]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2003-01-17 45056]
S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]
S3 MysqlInventime;MysqlInventime; c:\mysql\bin\mysqld-nt MysqlInventime []
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

gillou66 · Message par **gillou66** » 04 déc. 2009, 13:59

et voila pour Nardino

-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : G ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.32 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:144 Go (Free:135 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 04/12/2009|13:47 )

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Page"="http://www.microsoft.com/isapi/redir.dl ... r=iesearch"
"Search Bar"="http://format.packardbell.com/cgi-bin/r ... key=SEARCH"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 04/12/2009|13:47 - Option : [1]

-----------\\ Fin du rapport a 13:47:38,78

bernard53 · Message par **bernard53** » 04 déc. 2009, 17:06

Bon ceci à suivre..

Relance HijackThis >puis : Do a system scan only > coche ces lignes: ensuite valides sur Fix checked

O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll

Ensuite ceci pour mettre Java à jour.

** Télécharge JavaRA

**Aide en images
Pour Vista : Clic-droit sur setup et choisis "Exécuter en tant qu'administrateur".

Ensuite tu pourras tout supprimer ce que "Malewarebytes" a trouvé.

Ensuite et puisque tout va bien, tu as une autre détection dans la restauration du système donc fait ceci pour résoudre cela.

Bon maintenant on va mettre la restauration du système propre.
Pour cela:
1- Valides les touches Windows et Pause en même temps.

Puis cela:

Sur cette fenêtre décoche cette case et Valides :

[:fml:8] Toujours sur cette même fenêtre :
Il te faut donc maintenant recrée un nouveau point de restauration.
Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »

Puis ceci :

Ensuite création de ce point de restauration.

Et Confirmation.

Vous pouvez maintenant fermer toutes les fenêtres.

Voila tu doit être tranquille maintenant.

PS : Rapport ok de "ToolBarSD" demandé par nardino

gillou66 · Message par **gillou66** » 04 déc. 2009, 19:25

Bonsoir Bernard 53

Bon j'ai effectué ce que tu m'as dit sur mon XP.
Et j'en ai profité pour passer un coup sur ma machine vista, serait ce abuser de te demander de jeter un œil ? mais pas les deux....

sur le rapport qui suit.
Merci a toi

Logfile of random's system information tool 1.06 (written by random/random)
Run by gilles at 2009-12-04 19:05:49
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 175 GB (77%) free of 229 GB
Total RAM: 3068 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:12, on 04/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\gilles\Downloads\RSIT.exe
C:\Program Files\trend micro\gilles.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe (file missing)
O23 - Service: Service Google Update (gupdate1ca733027427660) (gupdate1ca733027427660) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe

--
End of file - 5799 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{7F3E42C1-9B85-4FE9-8B23-A2600A08FD54}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-14 92704]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-04 19:05:49 ----D---- C:\rsit
2009-12-04 19:05:49 ----D---- C:\Program Files\trend micro
2009-12-04 17:28:52 ----D---- C:\ProgramData\HP Product Assistant
2009-12-04 17:28:14 ----HD---- C:\Config.Msi
2009-12-04 17:24:14 ----D---- C:\Users\gilles\AppData\Roaming\HpUpdate
2009-12-04 17:24:13 ----D---- C:\Windows\Hewlett-Packard
2009-12-04 17:09:53 ----D---- C:\Windows\pss
2009-12-04 16:04:23 ----A---- C:\Windows\ntbtlog.txt
2009-12-04 14:12:51 ----RASH---- C:\BOOTSECT.BAK
2009-12-03 17:11:29 ----D---- C:\Program Files\SIW
2009-12-02 10:16:33 ----D---- C:\Program Files\Google
2009-11-28 13:09:19 ----D---- C:\Windows\system32\SRSLabs
2009-11-28 10:41:11 ----D---- C:\Program Files\Micro Application
2009-11-28 01:16:31 ----D---- C:\Users\gilles\AppData\Roaming\WinRAR
2009-11-28 01:15:35 ----D---- C:\Program Files\WinRAR
2009-11-28 00:17:14 ----D---- C:\Program Files\ISO Recorder
2009-11-26 16:34:20 ----D---- C:\ProgramData\Google
2009-11-26 13:41:54 ----D---- C:\Program Files\SlySoft
2009-11-26 03:00:45 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 08:18:40 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 08:18:40 ----A---- C:\Windows\system32\msxml3.dll
2009-11-20 11:55:54 ----D---- C:\ProgramData\ma-config.com
2009-11-20 11:55:54 ----D---- C:\Program Files\ma-config.com
2009-11-16 18:34:59 ----D---- C:\Users\gilles\AppData\Roaming\SolidDocuments
2009-11-16 14:01:49 ----D---- C:\ProgramData\WEBREG
2009-11-16 13:49:20 ----D---- C:\Users\gilles\AppData\Roaming\HP
2009-11-16 13:41:33 ----A---- C:\Windows\system32\hpzids01.dll
2009-11-16 13:41:26 ----A---- C:\Windows\system32\hpz3l696.dll
2009-11-16 13:41:21 ----A---- C:\Windows\system32\hppldcoi.dll
2009-11-16 13:41:21 ----A---- C:\Windows\system32\hposwia_p01a.dll
2009-11-16 13:41:21 ----A---- C:\Windows\system32\hpost_p01a.dll
2009-11-16 13:41:21 ----A---- C:\Windows\system32\hposc_p01a.dll
2009-11-16 13:41:21 ----A---- C:\Windows\system32\difxapi.dll
2009-11-16 13:40:59 ----D---- C:\Program Files\Common Files\HP
2009-11-16 13:40:58 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-11-16 13:37:58 ----D---- C:\ProgramData\HP
2009-11-15 22:17:20 ----D---- C:\Program Files\Alex Feinman
2009-11-15 21:47:20 ----D---- C:\ProgramData\Seagate
2009-11-15 21:44:32 ----D---- C:\Program Files\Seagate
2009-11-15 21:44:32 ----D---- C:\Program Files\Common Files\Seagate
2009-11-15 19:24:19 ----D---- C:\Users\gilles\AppData\Roaming\OpenOffice.org
2009-11-15 19:22:32 ----D---- C:\Program Files\JRE
2009-11-15 19:21:41 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-15 19:20:35 ----A---- C:\Windows\system32\javaws.exe
2009-11-15 19:20:35 ----A---- C:\Windows\system32\javaw.exe
2009-11-15 19:20:35 ----A---- C:\Windows\system32\java.exe
2009-11-15 19:20:35 ----A---- C:\Windows\system32\deploytk.dll
2009-11-15 02:16:09 ----A---- C:\cleannavi.txt
2009-11-15 01:39:46 ----A---- C:\TB.txt
2009-11-14 21:51:36 ----D---- C:\ToolBar SD
2009-11-14 21:33:01 ----D---- C:\Program Files\QuickTime
2009-11-14 21:33:00 ----D---- C:\ProgramData\Apple Computer
2009-11-14 21:32:19 ----D---- C:\Program Files\Common Files\Apple
2009-11-14 21:32:09 ----D---- C:\ProgramData\Apple
2009-11-14 17:59:18 ----D---- C:\Program Files\VideoLAN
2009-11-14 13:35:00 ----D---- C:\Program Files\Common Files\Adobe
2009-11-14 13:35:00 ----D---- C:\Program Files\Adobe
2009-11-13 17:07:14 ----HDC---- C:\ProgramData\{CC51AE54-B346-4954-ADDB-30BD4F138CF2}
2009-11-13 16:38:35 ----D---- C:\Program Files\Elaborate Bytes
2009-11-13 14:01:52 ----A---- C:\Windows\avisplitter.ini
2009-11-13 14:01:51 ----A---- C:\Windows\system32\yv12vfw.dll
2009-11-13 14:01:51 ----A---- C:\Windows\system32\xvidvfw.dll
2009-11-13 14:01:51 ----A---- C:\Windows\system32\xvidcore.dll
2009-11-13 14:01:49 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2009-11-13 14:01:49 ----A---- C:\Windows\system32\ff_vfw.dll
2009-11-13 14:01:47 ----D---- C:\Program Files\K-Lite Codec Pack
2009-11-13 00:19:45 ----A---- C:\Windows\system32\mshtml.dll
2009-11-13 00:19:40 ----A---- C:\Windows\system32\jscript.dll
2009-11-13 00:15:09 ----A---- C:\Windows\system32\wups2.dll
2009-11-13 00:15:09 ----A---- C:\Windows\system32\wucltux.dll
2009-11-13 00:15:09 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-13 00:15:09 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-13 00:14:49 ----A---- C:\Windows\system32\wups.dll
2009-11-13 00:14:49 ----A---- C:\Windows\system32\wudriver.dll
2009-11-13 00:14:49 ----A---- C:\Windows\system32\wuapi.dll
2009-11-13 00:14:43 ----A---- C:\Windows\system32\wuwebv.dll
2009-11-13 00:14:43 ----A---- C:\Windows\system32\wuapp.exe
2009-11-13 00:02:18 ----D---- C:\Windows\system32\eu-ES
2009-11-13 00:02:18 ----D---- C:\Windows\system32\ca-ES
2009-11-13 00:02:16 ----D---- C:\Windows\system32\vi-VN
2009-11-12 23:29:33 ----D---- C:\Windows\system32\SPReview
2009-11-12 23:17:43 ----A---- C:\Windows\system32\scavenge.dll
2009-11-12 23:17:39 ----A---- C:\Windows\system32\compcln.exe
2009-11-12 23:16:54 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-11-12 23:16:54 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-11-12 23:16:54 ----A---- C:\Windows\system32\secproc_isv.dll
2009-11-12 23:16:54 ----A---- C:\Windows\system32\secproc.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\sdohlp.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\sdclt.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\samlib.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\rtutils.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\rtffilt.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\rsaenh.dll
2009-11-12 23:16:53 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\RMActivate.exe
2009-11-12 23:16:53 ----A---- C:\Windows\system32\riched20.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scrrun.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scrobj.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scksp.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\schedsvc.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scesrv.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scecli.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\SCardSvr.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\scansetting.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\samsrv.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\rpcss.dll
2009-11-12 23:16:52 ----A---- C:\Windows\system32\rpchttp.dll
2009-11-12 23:16:51 ----A---- C:\Windows\system32\pdh.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\PnPutil.exe
2009-11-12 23:16:50 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-11-12 23:16:50 ----A---- C:\Windows\system32\pnpui.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\pnpsetup.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\pnidui.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\perfdisk.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\pcaui.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\p2psvc.dll
2009-11-12 23:16:50 ----A---- C:\Windows\system32\P2PGraph.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\powercpl.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\PkgMgr.exe
2009-11-12 23:16:49 ----A---- C:\Windows\system32\pidgenx.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\photowiz.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\ntdll.dll
2009-11-12 23:16:49 ----A---- C:\Windows\system32\nslookup.exe
2009-11-12 23:16:49 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\osk.exe
2009-11-12 23:16:48 ----A---- C:\Windows\system32\oobefldr.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\onex.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\olepro32.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\oleprn.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\oleaut32.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\ole32.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\offfilt.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\odbccp32.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\odbcconf.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\odbc32.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-11-12 23:16:48 ----A---- C:\Windows\system32\nlhtml.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\RelMon.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rekeywiz.exe
2009-11-12 23:16:47 ----A---- C:\Windows\system32\regsvc.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rastls.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rastapi.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasppp.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasplap.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasmontr.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasmans.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasgcw.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasdlg.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasdial.exe
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasdiag.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\raschap.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\rasapi32.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\RacEngn.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\Query.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\quartz.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\qmgr.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\qedit.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\ocsetup.exe
2009-11-12 23:16:47 ----A---- C:\Windows\system32\ntprint.dll
2009-11-12 23:16:47 ----A---- C:\Windows\system32\ntmarta.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\regapi.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\reg.exe
2009-11-12 23:16:46 ----A---- C:\Windows\system32\rdpwsx.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\rdpencom.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\prnntfy.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\printui.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-11-12 23:16:46 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-11-12 23:16:46 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\PresentationHost.exe
2009-11-12 23:16:46 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-11-12 23:16:46 ----A---- C:\Windows\system32\powrprof.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\qdvd.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-11-12 23:16:45 ----A---- C:\Windows\system32\puiapi.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\psisdecd.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\PSHED.DLL
2009-11-12 23:16:45 ----A---- C:\Windows\system32\propsys.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\propdefs.dll
2009-11-12 23:16:45 ----A---- C:\Windows\system32\profsvc.dll
2009-11-12 23:16:43 ----A---- C:\Windows\system32\shlwapi.dll
2009-11-12 23:16:43 ----A---- C:\Windows\system32\shell32.dll
2009-11-12 23:16:43 ----A---- C:\Windows\system32\shdocvw.dll
2009-11-12 23:16:43 ----A---- C:\Windows\system32\setupapi.dll
2009-11-12 23:16:43 ----A---- C:\Windows\system32\sethc.exe
2009-11-12 23:16:43 ----A---- C:\Windows\system32\services.exe
2009-11-12 23:16:43 ----A---- C:\Windows\system32\sendmail.dll
2009-11-12 23:16:40 ----A---- C:\Windows\system32\eapphost.dll
2009-11-12 23:16:40 ----A---- C:\Windows\system32\eappgnui.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\evr.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\eudcedit.exe
2009-11-12 23:16:39 ----A---- C:\Windows\system32\esent.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\es.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\EncDec.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\emdmgmt.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\EhStorShell.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\eappcfg.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\eapp3hst.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\dwm.exe
2009-11-12 23:16:39 ----A---- C:\Windows\system32\dsprop.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\dsound.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\diskraid.exe
2009-11-12 23:16:39 ----A---- C:\Windows\system32\diskpart.exe
2009-11-12 23:16:39 ----A---- C:\Windows\system32\dimsroam.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\diagperf.dll
2009-11-12 23:16:39 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-11-12 23:16:39 ----A---- C:\Windows\explorer.exe
2009-11-12 23:16:38 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-11-12 23:16:38 ----A---- C:\Windows\system32\dfsr.exe
2009-11-12 23:16:38 ----A---- C:\Windows\system32\dfshim.dll
2009-11-12 23:16:38 ----A---- C:\Windows\system32\devmgr.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\drvstore.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\drvinst.exe
2009-11-12 23:16:37 ----A---- C:\Windows\system32\drmv2clt.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\dpapimig.exe
2009-11-12 23:16:37 ----A---- C:\Windows\system32\dot3svc.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\dot3msm.dll
2009-11-12 23:16:37 ----A---- C:\Windows\system32\dot3cfg.dll
2009-11-12 23:16:36 ----A---- C:\Windows\system32\hbaapi.dll
2009-11-12 23:16:36 ----A---- C:\Windows\system32\gpresult.exe
2009-11-12 23:16:36 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-11-12 23:16:36 ----A---- C:\Windows\system32\dnsapi.dll
2009-11-12 23:16:36 ----A---- C:\Windows\system32\dmusic.dll
2009-11-12 23:16:36 ----A---- C:\Windows\system32\dmsynth.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\iasnap.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\IasMigReader.exe
2009-11-12 23:16:35 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\iashlpr.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\iasdatastore.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\iasads.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\iasacct.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\hidserv.dll
2009-11-12 23:16:35 ----A---- C:\Windows\system32\hdwwiz.exe
2009-11-12 23:16:35 ----A---- C:\Windows\system32\gpupdate.exe
2009-11-12 23:16:35 ----A---- C:\Windows\system32\gpsvc.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\gpedit.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\gpapi.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\gdi32.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fundisc.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\ftp.exe
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fontext.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\findstr.exe
2009-11-12 23:16:34 ----A---- C:\Windows\system32\feclient.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdWSD.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdWCN.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdSSDP.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdProxy.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdeploy.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fdBth.dll
2009-11-12 23:16:34 ----A---- C:\Windows\system32\fc.exe
2009-11-12 23:16:34 ----A---- C:\Windows\system32\Faultrep.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\gameux.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-11-12 23:16:33 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\autoplay.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\autofmt.exe
2009-11-12 23:16:33 ----A---- C:\Windows\system32\autoconv.exe
2009-11-12 23:16:33 ----A---- C:\Windows\system32\autochk.exe
2009-11-12 23:16:33 ----A---- C:\Windows\system32\authz.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\authui.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\audiosrv.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\AudioSes.dll
2009-11-12 23:16:33 ----A---- C:\Windows\system32\audiodg.exe
2009-11-12 23:16:32 ----A---- C:\Windows\system32\bthci.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\browseui.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\brcpl.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\blackbox.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\bitsigd.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\BFE.DLL
2009-11-12 23:16:32 ----A---- C:\Windows\system32\bcrypt.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\basecsp.dll
2009-11-12 23:16:32 ----A---- C:\Windows\system32\azroles.dll
2009-11-12 23:16:31 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-11-12 23:16:30 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-11-12 23:16:30 ----A---- C:\Windows\system32\apphelp.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\dbgeng.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\davclnt.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\d3d9.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\crypt32.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\credui.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\connect.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\conime.exe
2009-11-12 23:16:29 ----A---- C:\Windows\system32\comuid.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\comsvcs.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\comdlg32.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\cmmon32.exe
2009-11-12 23:16:29 ----A---- C:\Windows\system32\cmdial32.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\apds.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\advapi32.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\adtschema.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\adsmsext.dll
2009-11-12 23:16:29 ----A---- C:\Windows\system32\adsldpc.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\DevicePairing.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\DeviceEject.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\dataclen.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\csrstub.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cscript.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cscdll.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cscapi.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cryptui.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cryptsvc.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cipher.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\ci.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\chtbrkr.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\chsbrkr.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\certmgr.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\certcli.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cdd.dll
2009-11-12 23:16:28 ----A---- C:\Windows\system32\cbsra.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\bthudtask.exe
2009-11-12 23:16:28 ----A---- C:\Windows\system32\bthserv.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msihnd.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msiexec.exe
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msi.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msftedit.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msexcl40.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msexch40.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\msdtctm.dll
2009-11-12 23:16:27 ----A---- C:\Windows\system32\certutil.exe
2009-11-12 23:16:27 ----A---- C:\Windows\system32\certreq.exe
2009-11-12 23:16:27 ----A---- C:\Windows\system32\certprop.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msimsg.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msdtcprx.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msdrm.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msctfui.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msctfp.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\msctf.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\MPSSVC.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\mprapi.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\mpr.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\modemui.dll
2009-11-12 23:16:26 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\netcenter.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\netapi32.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\ncryptui.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\ncrypt.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\mscories.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\mscorier.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\mscoree.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\mscms.dll
2009-11-12 23:16:25 ----A---- C:\Windows\system32\mscandui.dll
2009-11-12 23:16:24 ----A---- C:\Windows\system32\NetProjW.dll
2009-11-12 23:16:24 ----A---- C:\Windows\system32\netplwiz.dll
2009-11-12 23:16:24 ----A---- C:\Windows\system32\netlogon.dll
2009-11-12 23:16:24 ----A---- C:\Windows\system32\NcdProp.dll
2009-11-12 23:16:24 ----A---- C:\Windows\system32\mtxclu.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\newdev.exe
2009-11-12 23:16:23 ----A---- C:\Windows\system32\newdev.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\networkmap.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\networkexplorer.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\netshell.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\msscntrs.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\msscb.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\msrepl40.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\msnetobj.dll
2009-11-12 23:16:23 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-11-12 23:16:23 ----A---- C:\Windows\system32\msltus40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msxbde40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mswstr10.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mswsock.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mswdat10.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msvcrt.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msvcp60.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msutb.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mstsc.exe
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mstlsapi.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mstext40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssvp.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msstrc.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssrch.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssprxy.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssphtb.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssph.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mssitlb.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msshsq.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msshooks.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msscp.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msrd3x40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msrd2x40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\mspbde40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msjtes40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msjter40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msjint40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msjet40.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msisip.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msinfo32.exe
2009-11-12 23:16:22 ----A---- C:\Windows\system32\msimtf.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\InkEd.dll
2009-11-12 23:16:22 ----A---- C:\Windows\system32\inetcomm.dll
2009-11-12 23:16:21 ----A---- C:\Windows\system32\infocardapi.dll
2009-11-12 23:16:18 ----A---- C:\Windows\system32\imm32.dll
2009-11-12 23:16:17 ----A---- C:\Windows\system32\iscsilog.dll
2009-11-12 23:16:17 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-11-12 23:16:17 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-11-12 23:16:16 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-11-12 23:16:16 ----A---- C:\Windows\system32\input.dll
2009-11-12 23:16:15 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-11-12 23:16:15 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-11-12 23:16:15 ----A---- C:\Windows\system32\ipconfig.exe
2009-11-12 23:16:12 ----A---- C:\Windows\system32\ifmon.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\icardres.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\icardagt.exe
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iassvcs.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iassdo.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iassam.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iasrecst.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iasrad.dll
2009-11-12 23:16:12 ----A---- C:\Windows\system32\iaspolcy.dll
2009-11-12 23:16:11 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-11-12 23:16:09 ----A---- C:\Windows\system32\imapi2.dll
2009-11-12 23:16:09 ----A---- C:\Windows\system32\imapi.dll
2009-11-12 23:16:08 ----A---- C:\Windows\system32\imapi2fs.dll
2009-11-12 23:16:08 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-11-12 23:16:04 ----A---- C:\Windows\system32\mimefilt.dll
2009-11-12 23:16:04 ----A---- C:\Windows\system32\milcore.dll
2009-11-12 23:16:04 ----A---- C:\Windows\system32\mfplat.dll
2009-11-12 23:16:04 ----A---- C:\Windows\system32\mfc42u.dll
2009-11-12 23:16:04 ----A---- C:\Windows\system32\mfc42.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mmcico.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mmci.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mmc.exe
2009-11-12 23:16:03 ----A---- C:\Windows\system32\midimap.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mcmde.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\mblctr.exe
2009-11-12 23:16:03 ----A---- C:\Windows\system32\logman.exe
2009-11-12 23:16:03 ----A---- C:\Windows\system32\logagent.exe
2009-11-12 23:16:03 ----A---- C:\Windows\system32\l2nacp.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\korwbrkr.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\kernel32.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\kdusb.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\kdcom.dll
2009-11-12 23:16:03 ----A---- C:\Windows\system32\kd1394.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\winhttp.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\wercon.exe
2009-11-12 23:16:02 ----A---- C:\Windows\system32\wer.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\WebClnt.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\wdscore.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\wdc.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\shsetup.dll
2009-11-12 23:16:02 ----A---- C:\Windows\system32\Magnify.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\WSDMon.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wsdchngr.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wscript.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wscisvif.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\WscEapPr.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wscapi.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\win32spl.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wiaservc.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wiaaut.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\whealogr.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wevtutil.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wevtsvc.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wevtapi.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wersvc.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\WerFault.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wcnwiz.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\wcncsvc.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\w32time.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\VSSVC.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\vssapi.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\version.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\vdsutil.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\vdsdyn.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\vds.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\vdmdbg.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\uxsms.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\Utilman.exe
2009-11-12 23:16:01 ----A---- C:\Windows\system32\usp10.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\userenv.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\usercpl.dll
2009-11-12 23:16:01 ----A---- C:\Windows\system32\user32.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\xmlfilter.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wusa.exe
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wsnmp32.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\WsmSvc.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wshext.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wshbth.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wsepno.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wscsvc.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wscntfy.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wpcsvc.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wpccpl.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wpcao.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wow32.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-11-12 23:16:00 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-11-12 23:16:00 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\Wldap32.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wlanui.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wlanpref.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wlangpui.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\wisptis.exe
2009-11-12 23:16:00 ----A---- C:\Windows\system32\WinSCard.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\winrnr.dll
2009-11-12 23:16:00 ----A---- C:\Windows\system32\winresume.exe
2009-11-12 23:15:59 ----A---- C:\Windows\system32\wmpmde.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\WMPhoto.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\wmpeffects.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\winsrv.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\WinSAT.exe
2009-11-12 23:15:59 ----A---- C:\Windows\system32\winmm.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\winlogon.exe
2009-11-12 23:15:59 ----A---- C:\Windows\system32\winload.exe
2009-11-12 23:15:59 ----A---- C:\Windows\system32\sud.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\Storprop.dll
2009-11-12 23:15:59 ----A---- C:\Windows\system32\stobject.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\sysmain.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\sysclass.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\SyncCenter.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\swprv.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\srvsvc.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\srcore.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\srchadmin.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\smss.exe
2009-11-12 23:15:58 ----A---- C:\Windows\system32\SmiEngine.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\slwmi.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\slcc.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\SLC.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\shwebsvc.dll
2009-11-12 23:15:58 ----A---- C:\Windows\system32\shsvcs.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\spp.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\spoolsv.exe
2009-11-12 23:15:57 ----A---- C:\Windows\system32\spoolss.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\spinstall.exe
2009-11-12 23:15:57 ----A---- C:\Windows\system32\spcmsg.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\slwga.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLUINotify.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLUI.exe
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLsvc.exe
2009-11-12 23:15:57 ----A---- C:\Windows\system32\slmgr.vbs
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLLUA.exe
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\slcinst.dll
2009-11-12 23:15:57 ----A---- C:\Windows\system32\SLCExt.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-11-12 23:15:56 ----A---- C:\Windows\system32\TSTheme.exe
2009-11-12 23:15:56 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\spwizui.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\spwinsat.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\spreview.exe
2009-11-12 23:15:56 ----A---- C:\Windows\system32\sperror.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\softkbd.dll
2009-11-12 23:15:56 ----A---- C:\Windows\system32\SnippingTool.exe
2009-11-12 23:15:56 ----A---- C:\Windows\system32\SndVol.exe
2009-11-12 23:15:55 ----A---- C:\Windows\system32\tscupgrd.exe
2009-11-12 23:15:53 ----A---- C:\Windows\system32\zipfldr.dll
2009-11-12 23:15:53 ----A---- C:\Windows\system32\untfs.dll
2009-11-12 23:15:52 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-11-12 23:15:52 ----A---- C:\Windows\system32\ulib.dll
2009-11-12 23:15:52 ----A---- C:\Windows\system32\uDWM.dll
2009-11-12 23:15:52 ----A---- C:\Windows\system32\systemcpl.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\tsbyuv.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\tquery.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\themeui.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\themecpl.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\thawbrkr.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\termsrv.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\tcpmon.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\taskeng.exe
2009-11-12 23:15:51 ----A---- C:\Windows\system32\taskcomp.dll
2009-11-12 23:15:51 ----A---- C:\Windows\system32\tapisrv.dll
2009-11-12 21:34:37 ----D---- C:\Users\gilles\AppData\Roaming\Media Player Classic
2009-11-12 21:26:58 ----A---- C:\Windows\system32\unrar.dll
2009-11-12 18:30:20 ----A---- C:\Windows\system32\GIF89.DLL
2009-11-12 18:30:13 ----A---- C:\Windows\system32\WMAFile.dll
2009-11-12 18:30:12 ----A---- C:\Windows\system32\AudioInfos.dll
2009-11-12 18:30:11 ----A---- C:\Windows\system32\VB6STKIT.DLL
2009-11-12 18:30:11 ----A---- C:\Windows\system32\VB6FR.DLL
2009-11-12 18:30:11 ----A---- C:\Windows\system32\SSubTmr6.dll
2009-11-12 18:30:11 ----A---- C:\Windows\system32\inetfr.DLL
2009-11-12 18:30:11 ----A---- C:\Windows\system32\AudFile.dll
2009-11-12 18:30:09 ----A---- C:\Windows\system32\MSCMCFR.DLL
2009-11-12 18:30:09 ----A---- C:\Windows\system32\CMDLGFR.DLL
2009-11-12 18:30:07 ----A---- C:\Windows\system32\lame_enc.dll
2009-11-12 18:30:06 ----A---- C:\Windows\system32\msvcr70.dll
2009-11-12 18:20:30 ----D---- C:\Program Files\Microsoft
2009-11-12 18:13:59 ----D---- C:\Users\gilles\AppData\Roaming\Malwarebytes
2009-11-12 18:13:52 ----D---- C:\ProgramData\Malwarebytes
2009-11-12 18:13:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-11-12 17:47:39 ----D---- C:\Program Files\CCleaner
2009-11-12 17:34:47 ----D---- C:\ProgramData\Avira
2009-11-12 17:34:47 ----D---- C:\Program Files\Avira
2009-11-12 16:54:26 ----N---- C:\Windows\system32\MpSigStub.exe
2009-11-12 16:49:13 ----A---- C:\Windows\system32\occache.dll
2009-11-12 16:49:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-11-12 16:49:13 ----A---- C:\Windows\system32\msfeeds.dll
2009-11-12 16:49:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-11-12 16:49:13 ----A---- C:\Windows\system32\ieui.dll
2009-11-12 16:49:13 ----A---- C:\Windows\system32\iepeers.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\wininet.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\msfeedssync.exe
2009-11-12 16:49:12 ----A---- C:\Windows\system32\ieUnatt.exe
2009-11-12 16:49:12 ----A---- C:\Windows\system32\iesysprep.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\iesetup.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\iertutil.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\iernonce.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\iedkcs32.dll
2009-11-12 16:49:12 ----A---- C:\Windows\system32\ie4uinit.exe
2009-11-12 16:49:11 ----A---- C:\Windows\system32\urlmon.dll
2009-11-12 16:49:11 ----A---- C:\Windows\system32\ieframe.dll
2009-11-12 16:47:00 ----A---- C:\Windows\system32\msls31.dll
2009-11-12 16:47:00 ----A---- C:\Windows\system32\mshtmler.dll
2009-11-12 16:47:00 ----A---- C:\Windows\system32\mshtmled.dll
2009-11-12 16:47:00 ----A---- C:\Windows\system32\icardie.dll
2009-11-12 16:47:00 ----A---- C:\Windows\system32\admparse.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\licmgr10.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\inseng.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\imgutil.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\ieaksie.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\ieakeng.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\dxtrans.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\dxtmsft.dll
2009-11-12 16:46:59 ----A---- C:\Windows\system32\corpol.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-11-12 16:46:58 ----A---- C:\Windows\system32\wextract.exe
2009-11-12 16:46:58 ----A---- C:\Windows\system32\webcheck.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\pngfilt.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\mstime.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\msrating.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\ieakui.dll
2009-11-12 16:46:58 ----A---- C:\Windows\system32\advpack.dll
2009-11-12 16:46:57 ----A---- C:\Windows\system32\vbscript.dll
2009-11-12 16:46:57 ----A---- C:\Windows\system32\url.dll
2009-11-12 16:46:57 ----A---- C:\Windows\system32\ieapfltr.dll
2009-11-12 16:46:56 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-11-12 16:46:56 ----A---- C:\Windows\system32\SetDepNx.exe
2009-11-12 16:46:56 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-11-12 16:46:56 ----A---- C:\Windows\system32\PDMSetup.exe
2009-11-12 16:46:56 ----A---- C:\Windows\system32\mshta.exe
2009-11-12 16:46:56 ----A---- C:\Windows\system32\iexpress.exe
2009-11-12 16:23:28 ----A---- C:\Windows\system32\netfxperf.dll
2009-11-12 16:15:43 ----A---- C:\Windows\system32\lsasrv.dll
2009-11-12 16:15:42 ----A---- C:\Windows\system32\wdigest.dll
2009-11-12 16:15:42 ----A---- C:\Windows\system32\kerberos.dll
2009-11-12 16:15:40 ----A---- C:\Windows\system32\schannel.dll
2009-11-12 16:15:39 ----A---- C:\Windows\system32\secur32.dll
2009-11-12 16:15:39 ----A---- C:\Windows\system32\lsass.exe
2009-11-12 16:14:04 ----D---- C:\Users\gilles\AppData\Roaming\Mozilla
2009-11-12 16:13:50 ----D---- C:\Program Files\Mozilla Firefox
2009-11-12 16:10:06 ----A---- C:\Windows\system32\localspl.dll
2009-11-12 16:09:18 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-11-12 16:09:18 ----A---- C:\Windows\system32\ROUTE.EXE
2009-11-12 16:09:18 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-11-12 16:09:18 ----A---- C:\Windows\system32\netiohlp.dll
2009-11-12 16:09:18 ----A---- C:\Windows\system32\netevent.dll
2009-11-12 16:09:18 ----A---- C:\Windows\system32\MRINFO.EXE
2009-11-12 16:09:18 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-11-12 16:09:18 ----A---- C:\Windows\system32\finger.exe
2009-11-12 16:09:18 ----A---- C:\Windows\system32\ARP.EXE
2009-11-12 16:09:00 ----A---- C:\Windows\system32\wmp.dll
2009-11-12 16:08:57 ----A---- C:\Windows\system32\wmpdxm.dll
2009-11-12 16:08:56 ----A---- C:\Windows\system32\wmploc.DLL
2009-11-12 16:08:56 ----A---- C:\Windows\system32\spwmp.dll
2009-11-12 16:08:56 ----A---- C:\Windows\system32\dxmasf.dll
2009-11-12 16:08:48 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-11-12 16:08:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-11-12 16:08:42 ----A---- C:\Windows\system32\tsgqec.dll
2009-11-12 16:08:42 ----A---- C:\Windows\system32\mstscax.dll
2009-11-12 16:08:42 ----A---- C:\Windows\system32\aaclient.dll
2009-11-12 16:08:38 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-11-12 16:08:38 ----A---- C:\Windows\system32\mf.dll
2009-11-12 16:08:37 ----A---- C:\Windows\system32\rrinstaller.exe
2009-11-12 16:08:37 ----A---- C:\Windows\system32\mfps.dll
2009-11-12 16:08:37 ----A---- C:\Windows\system32\mfpmp.exe
2009-11-12 16:08:36 ----A---- C:\Windows\system32\mferror.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\wlansvc.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\wlansec.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\wlanmsm.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\wlanhlp.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\wlanapi.dll
2009-11-12 16:08:29 ----A---- C:\Windows\system32\L2SecHC.dll
2009-11-12 16:08:25 ----A---- C:\Windows\system32\msv1_0.dll
2009-11-12 16:08:14 ----A---- C:\Windows\system32\rpcrt4.dll
2009-11-12 16:08:10 ----A---- C:\Windows\system32\atmfd.dll
2009-11-12 16:08:09 ----A---- C:\Windows\system32\t2embed.dll
2009-11-12 16:08:09 ----A---- C:\Windows\system32\lpk.dll
2009-11-12 16:08:09 ----A---- C:\Windows\system32\fontsub.dll
2009-11-12 16:08:09 ----A---- C:\Windows\system32\dciman32.dll
2009-11-12 16:08:09 ----A---- C:\Windows\system32\atmlib.dll
2009-11-12 16:08:07 ----A---- C:\Windows\system32\avifil32.dll
2009-11-12 16:08:04 ----A---- C:\Windows\system32\atl.dll
2009-11-12 16:08:02 ----A---- C:\Windows\system32\wkssvc.dll
2009-11-12 16:07:41 ----A---- C:\Windows\system32\msasn1.dll
2009-11-12 16:06:39 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-12 16:01:12 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-11-12 14:43:00 ----D---- C:\Program Files\Microsoft Works
2009-11-12 14:31:45 ----D---- C:\Program Files\MSXML 4.0
2009-11-12 13:52:52 ----D---- C:\Program Files\Free Easy Burner
2009-11-12 12:44:55 ----D---- C:\Program Files\Windows Live(317)
2009-11-12 12:44:44 ----D---- C:\Windows\PCHEALTH
2009-11-12 12:02:00 ----D---- C:\Program Files\Windows Live SkyDrive
2009-11-12 12:01:43 ----D---- C:\Program Files\Windows Live
2009-11-12 11:57:55 ----D---- C:\Program Files\Common Files\Windows Live
2009-11-12 11:39:25 ----D---- C:\Windows\system32\EventProviders
2009-11-12 10:59:49 ----D---- C:\Program Files\uTorrent
2009-11-12 07:40:57 ----SHD---- C:\System Volume Information
2009-11-12 01:22:38 ----D---- C:\Users\gilles\AppData\Roaming\uTorrent
2009-11-12 00:02:02 ----D---- C:\Program Files\VS Revo Group
2009-11-11 23:44:15 ----D---- C:\Users\gilles\AppData\Roaming\Symantec
2009-11-11 23:43:43 ----D---- C:\Users\gilles\AppData\Roaming\Identities
2009-11-11 23:41:52 ----D---- C:\Users\gilles\AppData\Roaming\Macromedia
2009-11-11 23:41:38 ----A---- C:\ProgramData\MobileTV.exe
2009-11-11 23:41:38 ----A---- C:\ProgramData\DVD.exe
2009-11-11 23:41:37 ----A---- C:\ProgramData\MPV.exe
2009-11-11 23:41:37 ----A---- C:\ProgramData\Karaoke.exe
2009-11-11 23:41:36 ----D---- C:\ProgramData\FRA
2009-11-11 23:41:36 ----A---- C:\ProgramData\hpqp.txt
2009-11-11 23:41:36 ----A---- C:\ProgramData\Games.exe
2009-11-11 23:41:25 ----D---- C:\Users\gilles\AppData\Roaming\Adobe
2009-11-11 23:41:16 ----D---- C:\Users\gilles\AppData\Roaming\Hewlett-Packard
2009-11-11 23:38:15 ----SD---- C:\Users\gilles\AppData\Roaming\Microsoft
2009-11-11 23:38:15 ----D---- C:\Users\gilles\AppData\Roaming\Media Center Programs
2009-11-11 23:33:45 ----SHD---- C:\ProgramData\Modèles
2009-11-11 23:33:45 ----SHD---- C:\ProgramData\Menu Démarrer
2009-11-11 23:33:45 ----SHD---- C:\ProgramData\Favoris
2009-11-11 23:33:45 ----SHD---- C:\ProgramData\Bureau
2009-11-11 23:33:45 ----SHD---- C:\Program Files\Fichiers communs
2009-11-11 22:11:31 ----SHD---- C:\$RECYCLE.BIN
2009-11-11 22:11:31 ----D---- C:\ProgramData\NVIDIA
2009-11-11 22:10:51 ----A---- C:\ProgramData\hpqp.ini
2009-11-11 22:10:49 ----D---- C:\ProgramData\CyberLink
2009-11-11 22:03:26 ----A---- C:\Windows\system32\aestecap.dll
2009-11-11 22:03:26 ----A---- C:\Windows\system32\aestaren.dll
2009-11-11 22:03:25 ----A---- C:\Windows\system32\stlang.dll
2009-11-11 22:03:25 ----A---- C:\Windows\system32\idtmini1.exe
2009-11-11 22:03:25 ----A---- C:\Windows\system32\AESTCom.dll
2009-11-11 22:03:25 ----A---- C:\Windows\system32\aestacap.dll
2009-11-11 22:03:25 ----A---- C:\Windows\sttray.exe
2009-11-11 22:02:46 ----A---- C:\Windows\system32\staco.dll
2009-11-11 22:02:32 ----A---- C:\Windows\system32\stapo.dll
2009-11-11 22:02:32 ----A---- C:\Windows\system32\stapi32.dll
2009-11-11 22:02:30 ----D---- C:\Program Files\IDT
2009-11-11 22:02:26 ----A---- C:\Windows\xUninstall.bat
2009-11-11 21:59:53 ----D---- C:\Program Files\Synaptics
2009-11-11 21:59:49 ----A---- C:\Windows\system32\JmCrIcon.dll
2009-11-11 21:59:48 ----D---- C:\Windows\JMCR_DIR
2009-11-11 21:59:28 ----A---- C:\Windows\system32\WdfCoInstaller01000.dll
2009-11-11 21:59:25 ----A---- C:\Windows\system32\SynTPCo4.dll
2009-11-11 21:59:25 ----A---- C:\Windows\system32\SynTPAPI.dll
2009-11-11 21:59:24 ----A---- C:\Windows\system32\SynCtrl.dll
2009-11-11 21:59:24 ----A---- C:\Windows\system32\SynCOM.dll
2009-11-11 21:58:37 ----D---- C:\Program Files\Realtek
2009-11-11 21:58:19 ----D---- C:\Windows\system32\HPMDP
2009-11-11 21:57:58 ----A---- C:\Windows\system32\nvexpbar.dll
2009-11-11 21:57:58 ----A---- C:\Windows\system32\nvcpluir.dll
2009-11-11 21:57:58 ----A---- C:\Windows\system32\nvcplui.exe
2009-11-11 21:56:49 ----A---- C:\Windows\system32\NVUNINST.EXE
2009-11-11 21:55:07 ----A---- C:\Windows\system32\CSVer.dll
2009-11-11 21:55:06 ----D---- C:\Program Files\Intel
2009-11-11 21:54:50 ----D---- C:\Intel
2009-11-11 21:54:12 ----A---- C:\Windows\system32\bcmwlcoi.dll
2009-11-11 21:54:12 ----A---- C:\Windows\system32\bcmihvui.dll
2009-11-11 21:54:12 ----A---- C:\Windows\system32\bcmihvsrv.dll
2009-11-11 21:54:11 ----D---- C:\Program Files\Broadcom
2009-11-11 21:48:17 ----D---- C:\Windows\SoftwareDistribution
2009-11-11 21:43:27 ----D---- C:\Windows\Prefetch

======List of files/folders modified in the last 1 months======

2009-12-04 19:05:54 ----D---- C:\Windows\Temp
2009-12-04 19:05:49 ----RD---- C:\Program Files
2009-12-04 17:29:09 ----SHD---- C:\Windows\Installer
2009-12-04 17:29:05 ----RSD---- C:\Windows\Fonts
2009-12-04 17:28:52 ----HD---- C:\ProgramData
2009-12-04 17:28:09 ----AD---- C:\WINDOWS
2009-12-04 17:28:07 ----D---- C:\Windows\winsxs
2009-12-04 17:24:23 ----D---- C:\Program Files\HP
2009-12-04 17:18:57 ----D---- C:\Windows\System32
2009-12-04 17:18:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-04 17:18:56 ----D---- C:\Windows\inf
2009-12-04 14:12:49 ----SHD---- C:\boot
2009-12-04 13:25:25 ----D---- C:\Windows\system32\catroot2
2009-12-02 10:27:40 ----D---- C:\Windows\Tasks
2009-12-02 10:27:38 ----D---- C:\Windows\system32\Tasks
2009-11-29 11:13:00 ----D---- C:\Windows\system32\NDF
2009-11-28 20:42:55 ----D---- C:\Windows\system32\wbem
2009-11-28 20:41:13 ----D---- C:\Windows\system32\spool
2009-11-28 20:41:13 ----D---- C:\Windows\system32\drivers
2009-11-28 20:41:13 ----D---- C:\Windows\system32\CodeIntegrity
2009-11-28 20:41:12 ----D---- C:\Windows\registration
2009-11-28 13:09:14 ----D---- C:\Windows\system32\catroot
2009-11-28 00:39:30 ----D---- C:\Windows\system32\Msdtc
2009-11-28 00:37:58 ----D---- C:\Windows\system32\config
2009-11-26 19:36:43 ----D---- C:\Windows\system32\WDI
2009-11-26 03:34:52 ----D---- C:\Windows\rescache
2009-11-26 03:01:28 ----D---- C:\Windows\system32\fr-FR
2009-11-20 15:51:26 ----D---- C:\Program Files\Java
2009-11-19 20:20:43 ----D---- C:\Program Files\Common Files
2009-11-16 22:19:48 ----SD---- C:\ProgramData\Microsoft
2009-11-16 13:49:17 ----A---- C:\Windows\win.ini
2009-11-16 13:44:19 ----D---- C:\Windows\twain_32
2009-11-15 19:23:46 ----RSD---- C:\Windows\assembly
2009-11-15 02:23:47 ----HD---- C:\Windows\system32\GroupPolicy
2009-11-14 23:01:14 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-14 22:48:24 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-14 22:48:24 ----D---- C:\Program Files\Hewlett-Packard
2009-11-14 21:34:01 ----D---- C:\Program Files\Internet Explorer
2009-11-14 13:38:19 ----D---- C:\ProgramData\Adobe
2009-11-14 03:02:48 ----D---- C:\Windows\Microsoft.NET
2009-11-13 17:37:22 ----D---- C:\SwSetup
2009-11-13 17:35:32 ----D---- C:\ProgramData\Hewlett-Packard
2009-11-13 11:02:05 ----D---- C:\Windows\Debug
2009-11-13 00:18:04 ----D---- C:\Windows\system32\LogFiles
2009-11-13 00:03:13 ----D---- C:\Program Files\Windows Mail
2009-11-13 00:03:13 ----D---- C:\Program Files\Windows Calendar
2009-11-13 00:03:13 ----D---- C:\Program Files\Movie Maker
2009-11-13 00:03:12 ----D---- C:\Program Files\Windows Sidebar
2009-11-13 00:03:12 ----D---- C:\Program Files\Windows Media Player
2009-11-13 00:03:11 ----D---- C:\Program Files\Windows Journal
2009-11-13 00:03:11 ----D---- C:\Program Files\Windows Collaboration
2009-11-13 00:03:10 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-13 00:03:10 ----D---- C:\Program Files\Common Files\System
2009-11-13 00:03:06 ----D---- C:\Windows\servicing
2009-11-13 00:03:06 ----D---- C:\Windows\ehome
2009-11-13 00:03:06 ----D---- C:\Program Files\Windows Defender
2009-11-13 00:02:56 ----D---- C:\Windows\system32\XPSViewer
2009-11-13 00:02:56 ----D---- C:\Windows\system32\sk-SK
2009-11-13 00:02:56 ----D---- C:\Windows\system32\lv-LV
2009-11-13 00:02:56 ----D---- C:\Windows\system32\ko-KR
2009-11-13 00:02:56 ----D---- C:\Windows\system32\hr-HR
2009-11-13 00:02:56 ----D---- C:\Windows\system32\et-EE
2009-11-13 00:02:56 ----D---- C:\Windows\system32\da-DK
2009-11-13 00:02:56 ----D---- C:\Windows\IME
2009-11-13 00:02:55 ----D---- C:\Windows\system32\oobe
2009-11-13 00:02:55 ----D---- C:\Windows\system32\migration
2009-11-13 00:02:55 ----D---- C:\Windows\system32\it-IT
2009-11-13 00:02:55 ----D---- C:\Windows\system32\fr
2009-11-13 00:02:55 ----D---- C:\Windows\system32\en-US
2009-11-13 00:02:55 ----D---- C:\Windows\system32\el-GR
2009-11-13 00:02:55 ----D---- C:\Windows\system32\de-DE
2009-11-13 00:02:52 ----D---- C:\Windows\system32\ru-RU
2009-11-13 00:02:52 ----D---- C:\Windows\system32\AdvancedInstallers
2009-11-13 00:02:49 ----D---- C:\Windows\system32\sv-SE
2009-11-13 00:02:49 ----D---- C:\Windows\system32\SLUI
2009-11-13 00:02:49 ----D---- C:\Windows\system32\setup
2009-11-13 00:02:49 ----D---- C:\Windows\system32\pt-PT
2009-11-13 00:02:49 ----D---- C:\Windows\system32\hu-HU
2009-11-13 00:02:49 ----D---- C:\Windows\system32\he-IL
2009-11-13 00:02:49 ----D---- C:\Windows\system32\fi-FI
2009-11-13 00:02:49 ----D---- C:\Windows\system32\cs-CZ
2009-11-13 00:02:48 ----D---- C:\Windows\system32\zh-TW
2009-11-13 00:02:48 ----D---- C:\Windows\system32\zh-CN
2009-11-13 00:02:48 ----D---- C:\Windows\system32\uk-UA
2009-11-13 00:02:48 ----D---- C:\Windows\system32\sr-Latn-CS
2009-11-13 00:02:48 ----D---- C:\Windows\system32\sl-SI
2009-11-13 00:02:48 ----D---- C:\Windows\system32\ro-RO
2009-11-13 00:02:48 ----D---- C:\Windows\system32\pl-PL
2009-11-13 00:02:48 ----D---- C:\Windows\system32\manifeststore
2009-11-13 00:02:48 ----D---- C:\Windows\system32\ja-JP
2009-11-13 00:02:48 ----D---- C:\Windows\system32\es-ES
2009-11-13 00:02:48 ----D---- C:\Windows\system32\bg-BG
2009-11-13 00:02:47 ----D---- C:\Windows\system32\tr-TR
2009-11-13 00:02:47 ----D---- C:\Windows\system32\th-TH
2009-11-13 00:02:46 ----D---- C:\Windows\system32\nl-NL
2009-11-13 00:02:46 ----D---- C:\Windows\system32\nb-NO
2009-11-13 00:02:46 ----D---- C:\Windows\system32\lt-LT
2009-11-13 00:02:46 ----D---- C:\Windows\system32\ar-SA
2009-11-13 00:02:45 ----D---- C:\Windows\system32\pt-BR
2009-11-13 00:02:45 ----D---- C:\Windows\system32\migwiz
2009-11-13 00:02:23 ----D---- C:\Windows\AppPatch
2009-11-13 00:02:16 ----D---- C:\Windows\system32\Boot
2009-11-12 19:20:38 ----D---- C:\PerfLogs
2009-11-12 17:11:26 ----D---- C:\Windows\PolicyDefinitions
2009-11-12 15:50:13 ----D---- C:\Windows\system32\sysprep
2009-11-12 15:50:13 ----D---- C:\Windows\system32\ras
2009-11-12 15:50:13 ----D---- C:\Windows\system
2009-11-12 15:50:12 ----D---- C:\Windows\system32\ias
2009-11-12 15:50:11 ----SD---- C:\Windows\Downloaded Program Files
2009-11-12 15:50:11 ----RSD---- C:\Windows\Media
2009-11-12 15:50:11 ----RD---- C:\Windows\Offline Web Pages
2009-11-12 15:50:11 ----D---- C:\Windows\ShellNew
2009-11-12 15:50:06 ----D---- C:\Program Files\Common Files\Services
2009-11-12 15:48:35 ----D---- C:\Windows\system32\WCN
2009-11-12 10:53:45 ----D---- C:\Windows\Logs
2009-11-12 01:53:19 ----D---- C:\Program Files\CyberLink
2009-11-12 01:41:41 ----D---- C:\ProgramData\Microsoft Help
2009-11-12 00:23:55 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-11-12 00:21:29 ----D---- C:\ProgramData\Symantec
2009-11-11 23:43:40 ----D---- C:\Windows\SMINST
2009-11-11 23:41:15 ----RD---- C:\Program Files\Online Services
2009-11-11 23:41:14 ----HD---- C:\HP
2009-11-11 23:40:07 ----HD---- C:\System.sav
2009-11-11 23:40:07 ----D---- C:\Windows\system32\restore
2009-11-11 23:38:14 ----RD---- C:\Users
2009-11-11 23:33:45 ----D---- C:\Program Files\Windows NT
2009-11-11 22:14:18 ----D---- C:\Windows\panther
2009-11-11 21:57:46 ----D---- C:\Windows\Help
2009-11-05 09:36:22 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-11-13 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-13 55656]
R2 tifsfilter;Seagate DiscWizard FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2009-11-15 44384]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-03-27 34664]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-11-11 1207288]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-07-08 96856]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-14 43552]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-14 7443872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-11-11 1207288]
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-09-23 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe [2009-03-02 81920]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-11-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-11-13 185089]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-03-18 19456]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-14 118784]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-26 361808]
R2 SgtSch2Svc;Seagate Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2008-08-22 431384]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [2009-07-21 221266]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-08 148832]
S2 gupdate1ca733027427660;Service Google Update (gupdate1ca733027427660); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-02 133104]
S2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-06-25 292216]
S2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-06-25 116080]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe []
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-09-23 238960]

-----------------EOF-----------------

bernard53 · Message par **bernard53** » 04 déc. 2009, 19:55

Rapport OK sur ton Vista..

Pas penser sur ton XP mais la manière est un peu différentes pour la restauration du système. Je pense que tu as réussi la manip. Sinon demande et on va ta le dire.

gillou66 · Message par **gillou66** » 04 déc. 2009, 20:08

Re
ok et merci pour vista.
Oui j'ai cherché un peu pour la restauration sous XP mais tout est ok.
Je te remercie. @+

bernard53 · Message par **bernard53** » 04 déc. 2009, 20:22

Bonne soirée

Forum-vista : Entraide et dépannage Windows Vista et Windows Seven

infection Pc [resolu]

infection Pc [resolu]

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc

Re: infection Pc [resolu]