Mardi 11 Mars 2025
virus rootkit gen [Résolu] • page 3

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus.
Re: virus rootkit gen

Message le 27 Avr 2010 18:59


Possible qu'une des clef de registre infectieuse essais d'ouvrir un fichier infectieux qui n'est pas ou plus présent, ce qui expliquerait ce message d'erreur.

tu veux dire que tu ne peux pas explorer le contenu de la clef ?

est ce que cela se produit sur les deux PC ou bien juste sur celui qui est infecté ?
Re: virus rootkit gen

Message le 27 Avr 2010 19:34

et bien avant la suppression du rootkit quand je mettai la cle une fenetre automatique s'ouvrait maintenant il faut que j'aille dans poste de travail clic droit explorer et ca a marché sur le pc de bureau ca fait un moment que je fais comme cela
Re: virus rootkit gen

Message le 27 Avr 2010 19:45


ce n'est pas grave, tu doit avoir un fichier caché autorun.inf infectieux à la racine de ta clef, mais USBFix le remplacera :wink:

dès que tu as sauvegardé tes documents important de la clef, balance la procédure USBFIx :wink:
Re: virus rootkit gen

Message le 27 Avr 2010 19:47

bon j'ai sauvegardé je fais ta procé"dure
Re: virus rootkit gen

Message le 27 Avr 2010 20:07

je t'écris de mon autre pc, j'ai fait la procédure, le portable a redémarré mais je suis bloquée, voila ce que je vois

intel undi ect
en dessous copyriht...
for realteck rtl ect
client mac addr avec des chiffres à coté des numéro ensuite guid des numéro
en dessous pxe-e51 no dhcp or proxydhcp offers were receveived
pxe-mof : exiting pxe rom
missing operating system

je fais un arret sauvage ?
Re: virus rootkit gen

Message le 27 Avr 2010 20:13


missing operating system

bizarre ce message
oui, arrête le et redémarre le PC et redémarre le...
Re: virus rootkit gen

Message le 27 Avr 2010 20:17

meme punition, je vais enlever les cles usb cette fois ci
Re: virus rootkit gen

Message le 27 Avr 2010 20:31

j'ai enlevé les cles pour redémarrer il l' a fait mais plus d'antivirus ??????????????????????
Re: virus rootkit gen

Message le 27 Avr 2010 20:38

Apriori USBFIX bloquait sur une suppression :-?

Pour l'anti-virus, les services de démarrages on due se faire manger par le rootkit :-?

Mais c'est pas grave, on le réinstallera....

peux tu me poster un rapport OTL comme tu l'as fais la première fois , cela me permettra de voir si USBFix à fait les suppression qu'il aurait due faire
la même procédure que celle là virus-rootkit-gen-vt-50830.html#p375458
Re: virus rootkit gen

Message le 27 Avr 2010 21:10

ok je le fais
Re: virus rootkit gen

Message le 27 Avr 2010 21:30

la procédure est en cours, par contre je suis allée dans le dossier d'avira et j'ai fait un sétup et la l'antivirus c'est remis
Re: virus rootkit gen

Message le 27 Avr 2010 21:47

OTL logfile created on: 27/04/2010 22:25:02 - Run 2
OTL by OldTimer - Version Folder = C:\Users\amandine\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 209,95 Gb Free Space | 73,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-AMANDINE
Current User Name: amandine
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\amandine\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
PRC - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe (France Telecom SA)
PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\drivers\o2flash.exe (O2Micro International)
PRC - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe ()
PRC - C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
PRC - C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
PRC - C:\Program Files\SpywareGuard\sgmain.exe ()
PRC - C:\Program Files\SpywareGuard\sgbhp.exe ()

========== Modules (SafeList) ==========

MOD - C:\Users\amandine\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\guard32.dll (COMODO)
MOD - C:\Windows\winsxs\\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe ()
SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe (COMODO)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (FTRTSVC) -- C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
SRV - (o2flash) -- C:\Windows\System32\drivers\o2flash.exe (O2Micro International)
SRV - (ETService) -- C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()

========== Driver Services (SafeList) ==========

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (pctNDIS) -- C:\Windows\System32\drivers\pctNdis.sys (PC Tools)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro )
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (PCAMp50) -- C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) -- C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro )
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\CyberLink\PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (RTL8187B) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation )
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ... ynote_ml65
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ... ynote_ml65
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ... r&ie=UTF-8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/11 15:22:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/19 12:04:41 | 000,000,000 | ---D | M]

[2010/04/11 15:23:05 | 000,000,000 | ---D | M] -- C:\Users\amandine\AppData\Roaming\mozilla\Extensions
[2010/04/26 18:16:40 | 000,000,000 | ---D | M] -- C:\Users\amandine\AppData\Roaming\mozilla\Firefox\Profiles\7egagw4q.default\extensions
[2010/04/11 15:23:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\amandine\AppData\Roaming\mozilla\Firefox\Profiles\7egagw4q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/25 09:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\amandine\AppData\Roaming\mozilla\Firefox\Profiles\7egagw4q.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/04/11 15:22:22 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe (France Telecom SA)
O4 - HKLM..\Run: [CardDetectorHUAWEI160] C:\Program Files\CardDetector\HUAWEI160\CardDetector.exe (France Telecom SA)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\PowerCinema\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\CyberLink\PowerCinema\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\CyberLink\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetupMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\amandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\progra~1\google\google~1\goec62~1.dll (Google)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\amandine\csrss.exe) - C:\Users\amandine\csrss.exe File not found
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\amandine\AppData\Roaming\nisgw.exe) - C:\Users\amandine\AppData\Roaming\nisgw.exe File not found
O24 - Desktop WallPaper: C:\Users\amandine\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\amandine\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/04/27 21:23:09 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\ [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/10/27 23:18:52 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

========== Files/Folders - Created Within 30 Days ==========

[2010/04/27 21:23:09 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/04/27 20:49:53 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/04/27 18:56:08 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/04/26 22:56:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/04/25 16:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag
[2010/04/25 15:02:19 | 000,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/04/25 15:02:19 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/04/25 15:02:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/04/25 15:02:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/04/25 15:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/04/25 14:38:17 | 000,162,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/04/25 14:38:17 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/04/25 14:38:17 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/04/25 14:38:16 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/04/25 14:38:15 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/04/25 14:37:53 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/04/25 14:37:53 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/04/25 14:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/04/25 12:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/04/25 09:44:37 | 000,000,000 | ---D | C] -- C:\Users\amandine\AppData\Roaming\QuickScan
[2010/04/22 18:16:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/04/22 18:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/04/22 18:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/04/22 18:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareGuard
[2010/04/22 17:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/04/22 03:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/04/22 03:03:17 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2010/04/22 03:03:17 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2010/04/22 03:03:16 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2010/04/22 03:02:55 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2010/04/22 03:02:54 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010/04/22 03:02:54 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2010/04/22 03:02:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2010/04/22 03:02:53 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2010/04/22 03:02:53 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010/04/22 03:02:53 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2010/04/22 03:02:53 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2010/04/22 03:02:53 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010/04/22 03:02:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2010/04/22 03:02:53 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2010/04/22 03:02:53 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2010/04/22 03:02:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010/04/22 03:02:52 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2010/04/22 03:02:52 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010/04/22 03:02:52 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2010/04/22 03:02:52 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010/04/22 03:02:52 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2010/04/22 03:02:52 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2010/04/22 03:02:52 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2010/04/22 03:02:52 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2010/04/22 03:02:52 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010/04/22 03:02:52 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2010/04/22 03:02:52 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2010/04/22 03:02:51 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2010/04/22 03:02:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2010/04/22 03:02:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2010/04/22 03:02:20 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2010/04/22 03:02:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2010/04/22 03:02:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2010/04/22 03:02:17 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2010/04/22 03:02:17 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2010/04/22 03:02:17 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2010/04/22 03:02:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2010/04/22 03:02:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2010/04/22 03:02:17 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2010/04/22 03:02:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2010/04/22 03:01:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/04/22 03:01:27 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2010/04/22 00:18:57 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/04/22 00:18:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/04/22 00:18:54 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/04/21 08:01:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2010/04/21 08:01:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2010/04/21 08:01:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2010/04/20 22:03:23 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/04/20 21:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2010/04/20 21:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2010/04/20 21:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2010/04/20 20:17:53 | 000,000,000 | ---D | C] -- C:\Users\amandine\AppData\Roaming\Nero
[2010/04/17 16:44:19 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/17 16:44:08 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/17 16:44:07 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/17 16:43:58 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010/04/17 16:43:58 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010/04/17 16:37:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/04/11 15:22:33 | 000,000,000 | ---D | C] -- C:\Users\amandine\AppData\Roaming\Mozilla
[2010/04/11 15:22:33 | 000,000,000 | ---D | C] -- C:\Users\amandine\AppData\Local\Mozilla
[2010/04/11 15:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/04/11 14:22:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2010/04/11 12:56:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sunbelt
[2010/04/11 12:52:35 | 015,165,792 | ---- | C] (Sunbelt Software ) -- C:\Users\amandine\Desktop\counterspy.exe
[2010/04/11 12:47:10 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2010/04/11 12:47:07 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2010/04/11 12:47:04 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2010/04/11 12:47:04 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2010/04/11 12:47:02 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2010/04/11 12:47:00 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2010/04/11 12:46:58 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2010/04/11 12:46:58 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2010/04/11 12:46:57 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2010/04/11 12:46:56 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2010/04/11 12:46:54 | 002,241,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/04/11 12:46:53 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2010/04/11 12:46:52 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2010/04/11 12:46:52 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2010/04/11 12:46:51 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2010/04/11 12:46:50 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
[2010/04/11 12:46:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2010/04/11 12:46:48 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2010/04/11 12:46:48 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2010/04/11 12:46:47 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2010/04/11 12:46:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2010/04/11 12:46:45 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2010/04/11 12:46:45 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2010/04/11 12:46:45 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2010/04/11 12:46:45 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2010/04/11 12:46:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2010/04/11 12:46:43 | 001,459,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2010/04/11 12:46:43 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2010/04/11 12:46:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2010/04/11 12:46:42 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2010/04/11 12:46:42 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2010/04/11 12:46:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2010/04/11 12:46:41 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
[2010/04/11 12:46:41 | 000,041,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/04/11 12:46:40 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/04/11 12:46:38 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2010/04/11 12:46:37 | 001,381,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2010/04/11 12:46:37 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2010/04/11 12:46:36 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2010/04/11 12:46:36 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2010/04/11 12:46:36 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2010/04/11 12:46:35 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/04/11 12:46:35 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2010/04/11 12:46:34 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2010/04/11 12:46:34 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2010/04/11 12:46:34 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2010/04/11 12:46:34 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2010/04/11 12:46:34 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2010/04/11 12:46:33 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2010/04/11 12:46:33 | 000,466,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2010/04/11 12:46:33 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2010/04/11 12:46:31 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2010/04/11 12:46:31 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/04/11 12:46:31 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spoolss.dll
[2010/04/11 12:46:31 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2010/04/11 12:46:30 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2010/04/11 12:46:29 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2010/04/11 12:46:29 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2010/04/11 12:46:29 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp60.dll
[2010/04/11 12:46:29 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2010/04/11 12:46:29 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2010/04/11 12:46:28 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2010/04/11 12:46:28 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2010/04/11 12:46:27 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2010/04/11 12:46:27 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2010/04/11 12:46:27 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2010/04/11 12:46:26 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2010/04/11 12:46:26 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comsvcs.dll
[2010/04/11 12:46:26 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2010/04/11 12:46:25 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2010/04/11 12:46:24 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2010/04/11 12:46:24 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2010/04/11 12:46:24 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2010/04/11 12:46:24 | 000,323,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/04/11 12:46:23 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/04/11 12:46:23 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2010/04/11 12:46:23 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2010/04/11 12:46:23 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2010/04/11 12:46:22 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2010/04/11 12:46:21 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2010/04/11 12:46:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2010/04/11 12:46:20 | 001,135,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2010/04/11 12:46:20 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2010/04/11 12:46:20 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2010/04/11 12:46:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2010/04/11 12:46:19 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2010/04/11 12:46:19 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2010/04/11 12:46:19 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2010/04/11 12:46:16 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2010/04/11 12:46:16 | 000,483,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2010/04/11 12:46:16 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2010/04/11 12:46:15 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2010/04/11 12:46:15 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2010/04/11 12:46:14 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2010/04/11 12:46:14 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2010/04/11 12:46:13 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2010/04/11 12:46:12 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010/04/11 12:46:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2010/04/11 12:46:10 | 001,160,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2010/04/11 12:46:10 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2010/04/11 12:46:10 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2010/04/11 12:46:10 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2010/04/11 12:46:10 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2010/04/11 12:46:09 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/04/11 12:46:09 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010/04/11 12:46:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2010/04/11 12:46:07 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2010/04/11 12:46:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2010/04/11 12:46:07 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2010/04/11 12:46:05 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2010/04/11 12:46:04 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2010/04/11 12:46:04 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2010/04/11 12:46:04 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2010/04/11 12:46:04 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfp.dll
[2010/04/11 12:46:04 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2010/04/11 12:46:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2010/04/11 12:46:03 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2010/04/11 12:46:03 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2010/04/11 12:46:03 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
[2010/04/11 12:46:03 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2010/04/11 12:46:02 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2010/04/11 12:46:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2010/04/11 12:46:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2010/04/11 12:46:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2010/04/11 12:46:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2010/04/11 12:46:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2010/04/11 12:46:01 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2010/04/11 12:46:01 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2010/04/11 12:46:01 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2010/04/11 12:46:00 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2010/04/11 12:46:00 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2010/04/11 12:46:00 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2010/04/11 12:46:00 | 000,323,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2010/04/11 12:46:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2010/04/11 12:46:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2010/04/11 12:46:00 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2010/04/11 12:45:59 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2010/04/11 12:45:59 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2010/04/11 12:45:59 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2010/04/11 12:45:58 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2010/04/11 12:45:58 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2010/04/11 12:45:58 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2010/04/11 12:45:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2010/04/11 12:45:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2010/04/11 12:45:57 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/04/11 12:45:57 | 000,241,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
[2010/04/11 12:45:57 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2010/04/11 12:45:57 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2010/04/11 12:45:57 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2010/04/11 12:45:56 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2010/04/11 12:45:56 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2010/04/11 12:45:56 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2010/04/11 12:45:56 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2010/04/11 12:45:56 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2010/04/11 12:45:55 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/04/11 12:45:54 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2010/04/11 12:45:54 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2010/04/11 12:45:54 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2010/04/11 12:45:53 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2010/04/11 12:45:53 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2010/04/11 12:45:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2010/04/11 12:45:53 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2010/04/11 12:45:53 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2010/04/11 12:45:52 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2010/04/11 12:45:52 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2010/04/11 12:45:52 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2010/04/11 12:45:51 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2010/04/11 12:45:51 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2010/04/11 12:45:51 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2010/04/11 12:45:51 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2010/04/11 12:45:50 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2010/04/11 12:45:50 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2010/04/11 12:45:50 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/04/11 12:45:50 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2010/04/11 12:45:49 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2010/04/11 12:45:48 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2010/04/11 12:45:48 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2010/04/11 12:45:48 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2010/04/11 12:45:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2010/04/11 12:45:48 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2010/04/11 12:45:48 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2010/04/11 12:45:48 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2010/04/11 12:45:47 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2010/04/11 12:45:47 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/04/11 12:45:47 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wisptis.exe
[2010/04/11 12:45:47 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2010/04/11 12:45:47 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/04/11 12:45:46 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2010/04/11 12:45:46 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2010/04/11 12:45:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2010/04/11 12:45:45 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2010/04/11 12:45:45 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2010/04/11 12:45:45 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2010/04/11 12:45:45 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2010/04/11 12:45:45 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2010/04/11 12:45:45 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2010/04/11 12:45:45 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2010/04/11 12:45:44 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2010/04/11 12:45:44 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2010/04/11 12:45:44 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2010/04/11 12:45:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2010/04/11 12:45:43 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2010/04/11 12:45:43 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2010/04/11 12:45:43 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2010/04/11 12:45:43 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2010/04/11 12:45:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2010/04/11 12:45:41 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2010/04/11 12:45:41 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2010/04/11 12:45:41 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2010/04/11 12:45:41 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2010/04/11 12:45:41 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2010/04/11 12:45:40 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2010/04/11 12:45:40 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2010/04/11 12:45:40 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2010/04/11 12:45:40 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2010/04/11 12:45:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2010/04/11 12:45:40 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2010/04/11 12:45:40 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2010/04/11 12:45:40 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2010/04/11 12:45:39 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2010/04/11 12:45:39 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2010/04/11 12:45:39 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2010/04/11 12:45:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2010/04/11 12:45:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2010/04/11 12:45:39 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2010/04/11 12:45:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2010/04/11 12:45:38 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2010/04/11 12:45:38 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2010/04/11 12:45:38 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2010/04/11 12:45:38 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2010/04/11 12:45:38 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2010/04/11 12:45:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2010/04/11 12:45:38 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2010/04/11 12:45:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2010/04/11 12:45:37 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2010/04/11 12:45:37 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
[2010/04/11 12:45:37 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2010/04/11 12:45:37 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2010/04/11 12:45:36 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2010/04/11 12:45:36 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2010/04/11 12:45:36 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2010/04/11 12:45:36 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2010/04/11 12:45:36 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2010/04/11 12:45:35 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2010/04/11 12:45:35 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2010/04/11 12:45:35 | 000,825,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdlg.dll
[2010/04/11 12:45:35 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2010/04/11 12:45:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2010/04/11 12:45:34 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2010/04/11 12:45:34 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2010/04/11 12:45:34 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2010/04/11 12:45:34 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2010/04/11 12:45:34 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
[2010/04/11 12:45:34 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstlsapi.dll
[2010/04/11 12:45:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2010/04/11 12:45:34 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2010/04/11 12:45:33 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2010/04/11 12:45:33 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2010/04/11 12:45:33 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2010/04/11 12:45:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/04/11 12:45:33 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2010/04/11 12:45:32 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2010/04/11 12:45:32 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2010/04/11 12:45:32 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2010/04/11 12:45:32 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2010/04/11 12:45:32 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2010/04/11 12:45:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2010/04/11 12:45:31 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2010/04/11 12:45:31 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2010/04/11 12:45:31 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2010/04/11 12:45:31 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2010/04/11 12:45:31 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2010/04/11 12:45:31 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2010/04/11 12:45:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2010/04/11 12:45:31 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2010/04/11 12:45:30 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2010/04/11 12:45:30 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2010/04/11 12:45:30 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2010/04/11 12:45:30 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/04/11 12:45:30 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2010/04/11 12:45:30 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2010/04/11 12:45:30 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2010/04/11 12:45:30 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2010/04/11 12:45:30 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2010/04/11 12:45:29 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2010/04/11 12:45:29 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010/04/11 12:45:29 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2010/04/11 12:45:29 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2010/04/11 12:45:29 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2010/04/11 12:45:29 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2010/04/11 12:45:29 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2010/04/11 12:45:29 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2010/04/11 12:45:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2010/04/11 12:45:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2010/04/11 12:45:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfdisk.dll
[2010/04/11 12:45:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2010/04/11 12:45:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2010/04/11 12:45:28 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2010/04/11 12:45:28 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2010/04/11 12:45:28 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2010/04/11 12:45:28 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2010/04/11 12:45:28 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2010/04/11 12:45:28 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2010/04/11 12:45:28 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2010/04/11 12:45:28 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2010/04/11 12:45:28 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2010/04/11 12:45:27 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2010/04/11 12:45:27 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2010/04/11 12:45:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpmon.dll
[2010/04/11 12:45:27 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2010/04/11 12:45:27 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2010/04/11 12:45:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2010/04/11 12:45:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2010/04/11 12:45:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2010/04/11 12:45:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2010/04/11 12:45:26 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2010/04/11 12:45:26 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2010/04/11 12:45:26 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2010/04/11 12:45:26 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2010/04/11 12:45:26 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2010/04/11 12:45:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2010/04/11 12:45:25 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2010/04/11 12:45:25 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2010/04/11 12:45:25 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2010/04/11 12:45:25 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2010/04/11 12:45:25 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2010/04/11 12:45:25 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2010/04/11 12:45:25 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2010/04/11 12:45:25 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2010/04/11 12:45:24 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2010/04/11 12:45:24 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2010/04/11 12:45:24 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2010/04/11 12:45:24 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2010/04/11 12:45:24 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2010/04/11 12:45:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2010/04/11 12:45:24 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2010/04/11 12:45:23 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2010/04/11 12:45:23 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2010/04/11 12:45:23 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2010/04/11 12:45:23 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2010/04/11 12:45:23 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2010/04/11 12:45:23 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2010/04/11 12:45:22 | 002,226,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
[2010/04/11 12:45:22 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2010/04/11 12:45:22 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2010/04/11 12:45:22 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2010/04/11 12:45:22 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2010/04/11 12:45:22 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2010/04/11 12:45:22 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2010/04/11 12:45:22 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2010/04/11 12:45:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2010/04/11 12:45:22 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2010/04/11 12:45:21 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2010/04/11 12:45:21 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2010/04/11 12:45:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2010/04/11 12:45:21 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2010/04/11 12:45:21 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2010/04/11 12:45:21 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2010/04/11 12:45:21 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2010/04/11 12:45:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2010/04/11 12:45:20 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2010/04/11 12:45:20 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2010/04/11 12:45:20 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2010/04/11 12:45:20 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2010/04/11 12:45:20 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2010/04/11 12:45:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010/04/11 12:45:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2010/04/11 12:45:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2010/04/11 12:45:19 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2010/04/11 12:45:19 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2010/04/11 12:45:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2010/04/11 12:45:19 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2010/04/11 12:45:19 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2010/04/11 12:45:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2010/04/11 12:45:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2010/04/11 12:45:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
[2010/04/11 12:45:19 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2010/04/11 12:45:19 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2010/04/11 12:45:19 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2010/04/11 12:45:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
[2010/04/11 12:45:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2010/04/11 12:45:18 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2010/04/11 12:45:18 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2010/04/11 12:45:18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2010/04/11 12:45:18 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2010/04/11 12:45:18 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2010/04/11 12:45:18 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2010/04/11 12:45:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2010/04/11 12:45:18 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2010/04/11 12:45:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2010/04/11 12:45:18 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2010/04/11 12:45:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2010/04/11 12:45:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2010/04/11 12:45:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2010/04/11 12:45:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2010/04/11 12:45:17 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2010/04/11 12:45:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2010/04/11 12:45:17 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2010/04/11 12:45:17 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2010/04/11 12:45:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2010/04/11 12:45:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2010/04/11 12:45:16 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2010/04/11 12:45:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2010/04/11 12:45:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2010/04/11 12:45:16 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2010/04/11 12:45:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2010/04/11 12:45:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2010/04/11 12:45:14 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2010/04/11 12:45:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2010/04/11 12:45:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/04/11 12:45:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2010/04/11 12:45:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2010/04/11 12:45:14 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2010/04/11 12:45:13 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2010/04/11 12:45:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2010/04/11 12:45:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2010/04/11 12:45:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2010/04/11 12:45:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/04/11 12:44:49 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2010/04/11 12:44:45 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2010/04/11 12:44:45 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2010/04/11 12:44:34 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2010/04/09 01:26:12 | 000,277,240 | ---- | C] (COMODO) -- C:\Windows\System32\guard32.dll
[2010/04/09 01:25:30 | 000,074,408 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2010/04/09 01:25:30 | 000,030,112 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2010/04/09 01:25:28 | 000,218,560 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2010/04/09 01:25:28 | 000,016,744 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2010/04/04 13:05:27 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/04/04 13:05:26 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/04/04 13:05:26 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/04/04 13:05:26 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/04/04 13:05:26 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/04/04 13:05:26 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/04/04 13:05:26 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/04/04 13:05:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/04/04 13:05:25 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/04/04 13:05:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/04/04 13:05:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/04/04 13:05:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/04/04 13:05:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/04/04 13:05:22 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/04/04 13:05:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

========== Files - Modified Within 30 Days ==========

[2010/04/27 22:27:34 | 003,407,872 | -HS- | M] () -- C:\Users\amandine\ntuser.dat
[2010/04/27 22:25:16 | 001,478,524 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/27 22:25:16 | 000,672,322 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/04/27 22:25:16 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/27 22:25:16 | 000,124,434 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/04/27 22:25:16 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/27 22:24:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{56CA4230-6402-45A7-8621-4A439EC0607B}.job
[2010/04/27 22:19:08 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/27 22:18:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 22:18:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 22:18:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/04/27 22:18:30 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/27 22:18:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/27 22:18:23 | 3215,560,704 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/27 22:17:15 | 000,524,288 | -HS- | M] () -- C:\Users\amandine\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/04/27 22:17:15 | 000,065,536 | -HS- | M] () -- C:\Users\amandine\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/04/27 22:17:13 | 002,414,682 | -H-- | M] () -- C:\Users\amandine\AppData\Local\IconCache.db
[2010/04/27 22:11:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/27 21:23:10 | 000,001,530 | ---- | M] () -- C:\
[2010/04/27 18:33:26 | 000,731,136 | ---- | M] () -- C:\Users\amandine\Desktop\avenger.exe
[2010/04/27 07:53:03 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/04/25 15:02:27 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/25 14:42:20 | 241,658,792 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/04/25 14:38:17 | 000,001,842 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/04/25 14:38:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/04/24 08:39:59 | 000,038,270 | ---- | M] () -- C:\Users\amandine\Documents\cc_20100424_083946.reg
[2010/04/23 18:04:02 | 000,001,356 | ---- | M] () -- C:\Users\amandine\AppData\Local\d3d9caps.dat
[2010/04/22 18:13:08 | 000,035,840 | ---- | M] () -- C:\Users\amandine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/22 18:10:38 | 000,000,798 | ---- | M] () -- C:\Users\amandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/04/22 18:10:38 | 000,000,794 | ---- | M] () -- C:\Users\amandine\Desktop\SpywareGuard LiveUpdate.lnk
[2010/04/22 18:10:38 | 000,000,762 | ---- | M] () -- C:\Users\amandine\Desktop\SpywareGuard.lnk
[2010/04/22 17:50:50 | 000,001,672 | ---- | M] () -- C:\Users\amandine\Desktop\CCleaner.lnk
[2010/04/22 03:19:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/04/22 03:18:44 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/04/21 08:04:49 | 000,384,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/20 21:15:28 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010/04/19 12:04:42 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/14 18:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr
[2010/04/14 18:47:03 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2010/04/14 18:35:47 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/04/14 18:35:25 | 000,162,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/04/14 18:31:39 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/04/14 18:31:23 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/04/14 18:31:01 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/04/11 15:22:59 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/04/11 15:22:24 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/11 12:52:37 | 015,165,792 | ---- | M] (Sunbelt Software ) -- C:\Users\amandine\Desktop\counterspy.exe
[2010/04/11 11:16:12 | 000,000,036 | ---- | M] () -- C:\Users\amandine\AppData\Local\housecall.guid.cache
[2010/04/09 01:26:12 | 000,277,240 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2010/04/09 01:25:30 | 000,074,408 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2010/04/09 01:25:30 | 000,030,112 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2010/04/09 01:25:28 | 000,218,560 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdGuard.sys
[2010/04/09 01:25:28 | 000,016,744 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/30 00:45:52 | 000,020,824 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2010/04/27 21:23:10 | 000,001,530 | ---- | C] () -- C:\
[2010/04/25 15:02:27 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/04/25 14:42:20 | 241,658,792 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/04/25 14:38:17 | 000,001,842 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/04/25 14:33:43 | 3215,560,704 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/24 08:39:52 | 000,038,270 | ---- | C] () -- C:\Users\amandine\Documents\cc_20100424_083946.reg
[2010/04/22 18:10:38 | 000,000,798 | ---- | C] () -- C:\Users\amandine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk
[2010/04/22 18:10:38 | 000,000,794 | ---- | C] () -- C:\Users\amandine\Desktop\SpywareGuard LiveUpdate.lnk
[2010/04/22 18:10:38 | 000,000,762 | ---- | C] () -- C:\Users\amandine\Desktop\SpywareGuard.lnk
[2010/04/22 17:50:50 | 000,001,672 | ---- | C] () -- C:\Users\amandine\Desktop\CCleaner.lnk
[2010/04/22 03:19:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/04/22 03:18:44 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/04/20 21:15:28 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2010/04/11 15:22:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/04/11 15:22:24 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/11 12:46:33 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2010/04/11 12:46:30 | 000,009,239 | ---- | C] () -- C:\Windows\System32\
[2010/04/11 12:46:23 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2010/04/11 12:46:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/04/11 12:46:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/04/11 12:46:16 | 003,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2010/04/11 12:46:16 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2010/04/11 12:46:10 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2010/04/11 12:45:54 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2010/04/11 12:45:52 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2010/04/11 12:45:14 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2010/04/11 11:16:12 | 000,000,036 | ---- | C] () -- C:\Users\amandine\AppData\Local\housecall.guid.cache
[2009/09/20 13:26:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/03/03 05:56:17 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/12/23 14:07:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/12/23 14:06:36 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/12/23 06:13:31 | 000,000,144 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/12/05 13:04:59 | 000,000,000 | ---D | M] -- C:\Users\amandine\AppData\Roaming\LG Electronics
[2009/10/30 20:57:56 | 000,000,000 | ---D | M] -- C:\Users\amandine\AppData\Roaming\PeerNetworking
[2010/04/25 17:16:43 | 000,000,000 | ---D | M] -- C:\Users\amandine\AppData\Roaming\QuickScan
[2010/04/27 22:17:16 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/04/27 22:24:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{56CA4230-6402-45A7-8621-4A439EC0607B}.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\agp440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:32:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008/05/28 20:47:08 | 000,171,016 | R--- | M] (AMD Technologies Inc.) MD5=9879FF9F6A04D660BC245788E1881B00 -- C:\ACER\Preload\Autorun\DRV\ATI VGA M82.MPE.M86.ME\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2008/04/15 18:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008/04/15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008/04/15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\drivers\iaStor.sys
[2008/04/15 18:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_77c04a30\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:32:49 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:33:41 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: RASACD.SYS >
[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:34:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/07/04 05:37:48 | 000,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009/03/08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:C31F31E6
< End of report >
Re: virus rootkit gen

Message le 28 Avr 2010 19:03


ça à l'air pas mal tous ça...tu ne devrais plus avoir d'alerte concernant ce foutu rootkit :wink:

on va désinstaller proprement Antivir pour réinstaller la dernière version

pour cela, dans l'ordre...
  • Télécharge la dernière version >>> ICI <<<
  • Désinstalle Antivir via Ajout/suppression de programme
  • Redémarre ton pc
  • Installe la version d'Antivir que tu as téléchargé
  • Regarde >> ce tuto Vidéo de Bobette Marlow << pour le configurer correctement

Ensuite fait un scan complet pour voir si le rapport révèle des soucis, et poste le rapport :wink:

PS:Ne t'inquiète pas si tu as des détections dans les différentes zones de quarantaines (dossier Quarantine) ou dans les points de restauration système (System Volume Information)

Re: virus rootkit gen

Message le 28 Avr 2010 19:47


je vais faire votre manip merci à tout à l'heure
Re: virus rootkit gen

Message le 28 Avr 2010 22:49

voila le dernier rapport
eur d'amorçage 'C:\'
[INFO] Aucun virus trouvé !

La recherche sur les renvois aux fichiers exécutables (registre) commence :
Le registre a été contrôlé ( '47' fichiers).

La recherche sur les fichiers sélectionnés commence :

Recherche débutant dans 'C:\' <OS>
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.
[AVERTISSEMENT] Impossible d'ouvrir le fichier !
[REMARQUE] Ce fichier est un fichier système Windows.
[REMARQUE] Il est correct que ce fichier ne puisse pas être ouvert pour la recherche.

Fin de la recherche : mercredi 28 avril 2010 23:34
Temps nécessaire: 1:05:21 Heure(s)

La recherche a été effectuée intégralement

24094 Les répertoires ont été contrôlés
302156 Des fichiers ont été contrôlés
0 Des virus ou programmes indésirables ont été trouvés
0 Des fichiers ont été classés comme suspects
0 Des fichiers ont été supprimés
0 Des virus ou programmes indésirables ont été réparés
0 Les fichiers ont été déplacés dans la quarantaine
0 Les fichiers ont été renommés
2 Impossible de contrôler des fichiers
302154 Fichiers non infectés
3323 Les archives ont été contrôlées
2 Avertissements
2 Consignes
100721 Des objets ont été contrôlés lors du Rootkitscan
0 Des objets cachés ont été trouvés
