Bonjour, je suis assez embete depuis hier soir, mon pc affiche que j’ai des spy ware, alors j’ai telecharge spybot mais rien a faire j’ai beau double cliquer dessus, il s’ouvre pas, et je continu a recevoir beaucoup de pub sur firefox, alors mozilla m’a propose de telecharger winifighter, ce que j’ai fait me disant que ca m’aidera du coup ca a desactiver avg et winifighter n’etait pas actif comme je l’ai pas achete, donc j’ai desinstallé winifighter et reactive avg mais depuis mon Center de securite windows arrete pas de me relancer me disant qu’aucun anti virus est actif, et je recois sans cesse des messages sur les cotes de mon ecran me disant que mon pc est infecte par un virus et des spy ware, il me donne deux addresses IP me disant que ce sont 1 virus et 1 voleur de codes et mot de passes ( j’ai pas bien compris ). je sais pas quoi faire pour degager ces spyware comme avg les detecte pas et spybot marche pas . Vous pouvez m’aider ?
:hello:
Télécharge GenProc sur le bureau
- Décompresse le sur le bureau
- Ouvre le dossier créé et lance GenProc.bat
- Enregistre le rapport sur le bureau et poste le ici s’il te plait
voici le premier rapport que l’on me demande de poster dans les instructions, et maintenant je reboot en mode sans echec en suivant les instrcutions.
SmitFraudFix v2.423
Scan done at 0:48:07,79, 18/07/2009
Run from C:\Documents and Settings\Andrea\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\msa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\Andrea\LOCALS~1\Temp\b.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrea\Desktop\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
Voila les rapports :
SmitFraudFix v2.423
Scan done at 0:59:54,50, 18/07/2009
Run from C:\Documents and Settings\Andrea\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri’s WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\system32\msxml71.dll Deleted
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Compact Wireless-G USB Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240
Your computer may be victim of a DNS Hijack: 85.255.x.x detected !
Description: Compact Wireless-G USB Adapter #4 - Packet Scheduler Miniport
DNS Server Search Order: 85.255.112.8
DNS Server Search Order: 85.255.112.156
HKLM\SYSTEM\CCS\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip…{1CB0EA14-90EC-4841-96DE-8BFF08F01FF5}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip…{8A3374D6-4449-4CA6-86C6-86D46038D25B}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip…{DE791148-0ED4-48C5-93DF-391994C4F76D}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}: NameServer=85.255.112.8,85.255.112.156
HKLM\SYSTEM\CS1\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip…{1CB0EA14-90EC-4841-96DE-8BFF08F01FF5}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip…{8A3374D6-4449-4CA6-86C6-86D46038D25B}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip…{DE791148-0ED4-48C5-93DF-391994C4F76D}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}: NameServer=85.255.112.8,85.255.112.156
HKLM\SYSTEM\CS2\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip…{1CB0EA14-90EC-4841-96DE-8BFF08F01FF5}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip…{8A3374D6-4449-4CA6-86C6-86D46038D25B}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip…{DE791148-0ED4-48C5-93DF-391994C4F76D}: NameServer=212.27.40.241,212.27.40.240
HKLM\SYSTEM\CS2\Services\Tcpip…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}: NameServer=85.255.112.8,85.255.112.156
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: NameServer=85.255.112.8,85.255.112.156
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.112.8,85.255.112.156
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: NameServer=85.255.112.8,85.255.112.156
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
»»»»»»»»»»»»»»»»»»»»»»»» RK.2
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
-----------\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon™ 64 X2 Dual Core Processor 4400+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Andrea ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : AVG Anti-Virus Free 8.5 (Activated)
C:\ (Local Disk) - NTFS - Total:19 Go (Free:8 Go)
D:\ (USB)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (Local Disk) - NTFS - Total:124 Go (Free:103 Go)
I:\ (CD or DVD)
J:\ (CD or DVD)
K:\ (CD or DVD)
“C:\ToolBar SD” ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 18/07/2009| 0:58 )
-----------\ SUPPRESSION
Supprime! - C:\Program Files\DAEMON Tools Toolbar
-----------\ Recherche de Fichiers / Dossiers …
-----------\ […\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Local Page”=“C:\WINDOWS\system32\blank.htm”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://google.mini20.com”
“Url”=“http://go.microsoft.com/fwlink/?LinkId=68928”
“Url”=“http://go.microsoft.com/fwlink/?LinkId=68929”
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Search Page”=“http://go.microsoft.com/fwlink/?LinkId=54896”
“Start Page”=“http://www.msn.com/”
--------------------\ Recherche d’autres infections
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
==> WAREOUT <==
--------------------\ Cracks & Keygens …
C:\DOCUME~1\Andrea\Recent\Star.Wars.No-Cd.Jedi_Knight.jedi_Academy.Crack.NoCd.+.Crack.Battle.net[Us,Ge,It,Fr]By.ced{cosmos}.par.lnk
1 - “C:\ToolBar SD\TB_1.txt” - 18/07/2009| 0:59 - Option : [2]
-----------\ Fin du rapport a 0:59:22,92
===== Rapport WareOut Removal Tool =====
version 3.4
analyse effectuée le 18/07/2009 à 1:02:24,93
Résultats de l’analyse :
~~~~ Recherche d’infections dans C:\ ~~~~
~~~~ Recherche d’infections dans C:\Program Files\ ~~~~
~~~~ Recherche d’infections dans C:\WINDOWS\system\ ~~~~
~~~~ Recherche d’infections dans C:\WINDOWS\system32\ ~~~~
~~~~ Recherche d’infections dans C:\WINDOWS\system32\drivers\ ~~~~
~~~~ Recherche d’infections dans C:\Documents and Settings\Andrea\Application Data\ ~~~~
~~~~ Recherche d’infections dans C:\Documents and Settings\Andrea\Bureau\ ~~~~
~~~~ Recherche de détournement de DNS ~~~~
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters]
NameServer REG_SZ 85.255.112.8,85.255.112.156
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces{FDDA66B0-C36B-4498-92C3-F1E64A87A661}]
NameServer REG_SZ 85.255.112.8,85.255.112.156
~~~~ Recherche du Rootkit kd???.exe ~~~~
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
System REG_SZ
~~~~ Recherche d’infections dans C:\DOCUME~1\Andrea\LOCALS~1\Temp\ ~~~~
~~~~ Recherche d’infections dans C:\Documents and Settings\Andrea\Start Menu\Programs\ ~~~~
~~~~ Nettoyage du registre ~~~~
~~~~ Tentative de réparation des entrées suivantes: ~~~~
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] = “System”
[HKLM\SYSTEM\CurrentControlSet\Services\Windows Tribute Service]
[HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_Windows Tribute Service]
~~~~ Vérification: ~~~~
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
System REG_SZ
développé par pc-system.fr…
pour hijackthis, rien a faire c’est comme pour spybot, je peux pas le lancer, je double clique dessus mais le logiciel ne demarre pas.
Re,
Télécharge, mets à jour Malwarebytes Anti-Malware que tu trouveras ici (pour les intimes il se nomme MBAM)
Passe en mode sans échec:
www.inforumatique.fr…
En préférant la méthode F8
Scanne ton ordi avec MBAM (mode complet), supprime tout ce qui est trouvé, enregistre le rapport sur le bureau, poste le dans ton prochain message
MBAM ne se lance pas, comme spybot.
:hello:
relance Genproc et poste son rapport … je ne veux que le rapport pas autre chose puis
Clique [ici](http://images.malwareremoval.com/random/RSIT.exe) pour télécharger random's system information tool (RSIT) par random/random et sauvegarde le sur ton [b]Bureau[/b]
-
Double-clique sur RSIT.exe pour l’exécuter.
-
Clique sur le bouton “Continue” sur la fenêtre d’avertissement.
-
Une fois le scan terminé, tu auras deux rapports qui seront ouverts : log.txt et info.txt (c:\rsit)
-
Poste les dans ta prochaine réponse s’il te plait
Note : un rapport hijackthis est contenu dans le rapport log.txt
Edité le 19/07/2009 à 17:29
voila le rapport de genproc
Rapport GenProc 2.605 [2] - 19/07/2009 à 20:43:06
@ Windows XP Service Pack 3 - Mode normal
@ Mozilla Firefox (3.5.1) [Navigateur par défaut]
~~ INTERRUPTION REQUETES COMPTEURMAX ~~
GenProc n’a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :
Fais scanner le(s) fichier(s) suivant(s) sur ce site www.virustotal.com… :
C:\WINDOWS\10560sz59bota.bin
C:\WINDOWS\1099vir35z5.ocx
C:\WINDOWS\11spambo97zb5.bin
C:\WINDOWS\12955s9amb5z772.cpl
C:\WINDOWS\13967virus1z75.bin
et poste le(s) rapport(s) obtenu(s) dans ta prochaine réponse.
~~~~ INFORMATION COMPLEMENTAIRE ~~~~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:43:36, on 19/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Andrea\Desktop\Jedi Knight 2 Minimizer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cmd.exe
C:\Documents and Settings\Andrea\Desktop\GenProc\GenProc\outil\Andrea_GenProc.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com…
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM…\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [RocketDock] “C:\Program Files\RocketDock\RocketDock.exe”
O4 - HKCU…\Run: [WiniFighter] C:\Program Files\WiniFighter Software\WiniFighter\WiniFighter.exe -min
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [ccleaner] “C:\Program Files\CCleaner\ccleaner.exe” /AUTO
O4 - HKUS\S-1-5-19…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{1CB0EA14-90EC-4841-96DE-8BFF08F01FF5}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{8A3374D6-4449-4CA6-86C6-86D46038D25B}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{DE791148-0ED4-48C5-93DF-391994C4F76D}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
–
End of file - 6954 bytes
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
~~ Fin à 20:43:50 ~~
Voici log.txt :
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Andrea at 2009-07-20 00:21:48
Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (47%) free of 20 GB
Total RAM: 2047 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:21:50, on 20/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Andrea\Desktop\Jedi Knight 2 Minimizer.exe
C:\WINDOWS\system32\ctfmon.exe
H:\Jeux\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andrea\Desktop\RSIT.exe
C:\Program Files\trend micro\Andrea.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com…
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Profiler] C:\Program Files\Saitek\Software\ProfilerU.exe
O4 - HKLM…\Run: [SaiMfd] C:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [RocketDock] “C:\Program Files\RocketDock\RocketDock.exe”
O4 - HKCU…\Run: [WiniFighter] C:\Program Files\WiniFighter Software\WiniFighter\WiniFighter.exe -min
O4 - HKCU…\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [ccleaner] “C:\Program Files\CCleaner\ccleaner.exe” /AUTO
O4 - HKUS\S-1-5-19…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User ‘Default user’)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{1CB0EA14-90EC-4841-96DE-8BFF08F01FF5}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{8A3374D6-4449-4CA6-86C6-86D46038D25B}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{DE791148-0ED4-48C5-93DF-391994C4F76D}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip…{FDDA66B0-C36B-4498-92C3-F1E64A87A661}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip…{0E6D822D-1F9D-4D4D-B787-82671B702A7C}: NameServer = 212.27.40.241,212.27.40.240
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Linksys\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
–
End of file - 7001 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
C:\WINDOWS\tasks{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-06-03 1107224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{500BCA15-57A7-4eaf-8143-8C619470B13D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-16 1004800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-04 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-04 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll [2009-06-16 1004800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
“AVG8_TRAY”=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-12 1948440]
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2009-05-21 17881600]
“Profiler”=C:\Program Files\Saitek\Software\ProfilerU.exe [2006-08-09 184320]
“SaiMfd”=C:\Program Files\Saitek\Software\SaiMfd.exe [2006-08-14 126976]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-04 148888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
“DAEMON Tools Lite”=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
“RocketDock”=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
“WiniFighter”=C:\Program Files\WiniFighter Software\WiniFighter\WiniFighter.exe -min []
“SpybotSD TeaTimer”=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
“ccleaner”=C:\Program Files\CCleaner\ccleaner.exe [2009-06-25 1578736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-10-17 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-06-03 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-30 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“C:\Program Files\ma-config.com\maconfservice.exe”=“C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Disabled:maconfservice”
“C:\WINDOWS\Network Diagnostic\xpnetdiag.exe”=“C:\WINDOWS\Network Diagnostic\xpnetdiag.exe::Disabled:@xpsp3res.dll,-20000"
“C:\WINDOWS\system32\sessmgr.exe”="C:\WINDOWS\system32\sessmgr.exe::Disabled:@xpsp2res.dll,-22019”
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Disabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Disabled:Windows Live Messenger”
“H:\Jeux\Xfire\Xfire.exe”=“H:\Jeux\Xfire\Xfire.exe::Disabled:Xfire"
“H:\Jeux\Microsoft Games\Age of Empires II\EMPIRES2.ICD”="H:\Jeux\Microsoft Games\Age of Empires II\EMPIRES2.ICD::Disabled:Age of Empires II”
“H:\Jeux\Microsoft Games\Age of Empires II\EMPIRES2.EXE”=“H:\Jeux\Microsoft Games\Age of Empires II\EMPIRES2.EXE::Disabled:Age of Empires II"
“H:\Jeux\Steam\steamapps\baptiste215\half-life\hl.exe”="H:\Jeux\Steam\steamapps\baptiste215\half-life\hl.exe::Disabled:Half-Life Launcher”
“H:\Jeux\Steam\steamapps\baptiste215\day of defeat\hl.exe”=“H:\Jeux\Steam\steamapps\baptiste215\day of defeat\hl.exe::Disabled:Half-Life Launcher"
“H:\Jeux\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe”="H:\Jeux\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe::Disabled:Jedi Academy MultiPlayer”
“C:\WINDOWS\system32\dplaysvr.exe”=“C:\WINDOWS\system32\dplaysvr.exe::Disabled:Microsoft DirectPlay Helper"
“C:\WINDOWS\system32\dpvsetup.exe”="C:\WINDOWS\system32\dpvsetup.exe::Disabled:Microsoft DirectPlay Voice Test”
“C:\Program Files\Opera\opera.exe”=“C:\Program Files\Opera\opera.exe::Disabled:Opera"
“H:\Jeux\Starcraft\StarCraft.exe”="H:\Jeux\Starcraft\StarCraft.exe::Disabled:Starcraft”
“C:\Program Files\Xfire\Xfire.exe”=“C:\Program Files\Xfire\Xfire.exe::Disabled:Xfire"
“C:\Program Files\Mozilla Firefox\firefox.exe”="C:\Program Files\Mozilla Firefox\firefox.exe::Enabled:Firefox”
“C:\Program Files\AVG\AVG8\avgemc.exe”=“C:\Program Files\AVG\AVG8\avgemc.exe::Disabled:avgemc.exe"
“C:\Program Files\AVG\AVG8\avgnsx.exe”="C:\Program Files\AVG\AVG8\avgnsx.exe::Disabled:avgnsx.exe”
“C:\Program Files\AVG\AVG8\avgupd.exe”=“C:\Program Files\AVG\AVG8\avgupd.exe::Disabled:avgupd.exe"
“C:\Program Files\eMule\emule.exe”="C:\Program Files\eMule\emule.exe::Disabled:eMule”
“H:\Jeux\LucasArts\Star Wars Empire at War\GameData\fpupdate.exe”=“H:\Jeux\LucasArts\Star Wars Empire at War\GameData\fpupdate.exe::Disabled:fpupdate"
“H:\Jeux\GameSpy Arcade\Aphex.exe”="H:\Jeux\GameSpy Arcade\Aphex.exe::Disabled:GameSpy Arcade”
“H:\Jeux\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe”=“H:\Jeux\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe::Disabled:jk2mp"
“C:\WINDOWS\system32\rundll32.exe”="C:\WINDOWS\system32\rundll32.exe::Disabled:Run a DLL as an App”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”=“C:\Program Files\Windows Live\Messenger\wlcsdk.exe::Enabled:Windows Live Call"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe::Enabled:Windows Live Messenger”
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{4c351eee-54dc-11de-8454-00226ba94163}]
shell\AutoRun\command - n0euybx.exe
shell\open\command - n0euybx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{4f080966-5beb-11de-8464-00226ba94163}]
shell\AutoRun\command - J:\autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{8646f2dc-5092-11de-844f-00226ba94163}]
shell\AutoRun\command - n0euybx.exe
shell\open\command - n0euybx.exe
======List of files/folders created in the last 3 months======
2009-12-27 12:43:28 ----A---- C:\WINDOWS\593bd9znloader2555.dll
2009-12-24 03:35:18 ----A---- C:\WINDOWS\system32\95a1steaz2845.exe
2009-12-23 15:58:15 ----A---- C:\WINDOWS\29c9bac5door2582z.exe
2009-12-19 06:57:48 ----A---- C:\WINDOWS\5019ormzb.dll
2009-12-14 20:21:35 ----A---- C:\WINDOWS\system32\15689wo9m209z.exe
2009-12-13 14:37:32 ----A---- C:\WINDOWS\z5c5vir2915.exe
2009-12-10 18:15:43 ----A---- C:\WINDOWS\201z5r9674.exe
2009-12-09 17:30:11 ----A---- C:\WINDOWS\13440hzck9ool7d85.dll
2009-12-07 19:24:09 ----A---- C:\WINDOWS\32059roz758.dll
2009-12-01 02:52:20 ----A---- C:\WINDOWS\59a2szarse30705.dll
2009-11-24 05:52:06 ----A---- C:\WINDOWS\99706virusz56.dll
2009-11-14 22:38:47 ----A---- C:\WINDOWS\4150szeal9023.exe
2009-11-14 20:48:37 ----A---- C:\WINDOWS\system32\147039zrus7c75.exe
2009-11-12 06:06:29 ----A---- C:\WINDOWS\system32\31852troz759.exe
2009-11-09 18:26:03 ----A---- C:\WINDOWS\system32\1za095ief718.exe
2009-11-07 21:27:55 ----A---- C:\WINDOWS\system32\29593szy603.dll
2009-11-04 18:49:45 ----A---- C:\WINDOWS\system32\3948v9rzs152.exe
2009-11-04 10:48:42 ----A---- C:\WINDOWS\system32\15539hazkt5ol5af.exe
2009-11-02 18:08:08 ----A---- C:\WINDOWS\system32\30650s5zmbot609.dll
2009-10-25 08:45:48 ----A---- C:\WINDOWS\system32\20791wormz5a.exe
2009-10-25 01:53:02 ----A---- C:\WINDOWS\54f79zr1639.exe
2009-10-20 14:56:01 ----A---- C:\WINDOWS\system32\4dz9do9nload5r1390.dll
2009-10-14 23:55:18 ----A---- C:\WINDOWS\15941not-a-vizus94a.exe
2009-10-06 21:23:57 ----A---- C:\WINDOWS\system32\19eds5yware1286z.exe
2009-09-28 19:54:49 ----A---- C:\WINDOWS\12448n5t-a-vi9us4ze.dll
2009-09-27 23:53:54 ----A---- C:\WINDOWS\system32\576d9hzeat5354.dll
2009-09-25 01:47:50 ----A---- C:\WINDOWS\4d965hi9f2186z.dll
2009-09-23 16:10:57 ----A---- C:\WINDOWS\30z145p95c2.exe
2009-09-20 23:02:41 ----A---- C:\WINDOWS\5979h5cktool9fz.exe
2009-09-19 03:30:15 ----A---- C:\WINDOWS\5430not-azv59us3d7.exe
2009-09-17 07:11:41 ----A---- C:\WINDOWS\46zfsparse1592.exe
2009-09-14 07:36:39 ----A---- C:\WINDOWS\77a5t9reat114z3.dll
2009-09-13 23:00:21 ----A---- C:\WINDOWS\eazspywar51595.dll
2009-09-05 09:16:43 ----A---- C:\WINDOWS\12c1ztea59181.dll
2009-09-04 03:55:33 ----A---- C:\WINDOWS\99zcsteal29735.dll
2009-08-28 06:21:45 ----A---- C:\WINDOWS\system32\1z07sp9ware9865.dll
2009-08-26 02:06:07 ----A---- C:\WINDOWS\system32\4825vzrus4859.dll
2009-08-23 20:51:54 ----A---- C:\WINDOWS\system32\43209owzloader2555.exe
2009-08-18 09:52:10 ----A---- C:\WINDOWS\9086nzt-a-v9r5s73f.dll
2009-08-18 03:27:43 ----A---- C:\WINDOWS\1c1dsp9rsz2675.exe
2009-08-13 18:55:53 ----A---- C:\WINDOWS\6519spa5se3218z.exe
2009-08-04 02:42:13 ----A---- C:\WINDOWS\26869z95ktool32a.dll
2009-08-01 22:53:13 ----A---- C:\WINDOWS\2z554tro97c5.exe
2009-07-20 00:21:48 ----D---- C:\rsit
2009-07-19 03:00:14 ----D---- C:\Program Files\MSXML 4.0
2009-07-18 18:05:34 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-07-18 18:05:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\SSubTmr6.dll
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\msxml4r.dll
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\msxml4a.dll
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-07-18 14:22:52 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-07-18 01:14:59 ----D---- C:\Program Files\Trend Micro
2009-07-18 01:06:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-18 01:01:51 ----D---- C:\WORT
2009-07-18 00:58:12 ----D---- C:\ToolBar SD
2009-07-18 00:48:09 ----A---- C:\WINDOWS\system32\tmp.txt
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\WS2Fix.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\VCCLSID.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\VACFix.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\swxcacls.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\swsc.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\Process.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\o4Patch.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\IEDFix.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\dumphive.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\Agent.OMZ.Fix.exe
2009-07-18 00:47:55 ----A---- C:\WINDOWS\system32\404Fix.exe
2009-07-18 00:45:21 ----D---- C:\Program Files\CCleaner
2009-07-17 19:30:01 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-07-17 19:11:43 ----D---- C:\Program Files\Alex Feinman
2009-07-17 14:57:54 ----SHD---- C:\WINDOWS\CSC
2009-07-17 12:21:47 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-07-17 11:34:16 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-17 11:07:08 ----A---- C:\WINDOWS\z5868spy790.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\z29695eal903.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\9bczthr5at24634.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\9370nzt-a-virus5cb.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\9315viru5914z.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\9198vzr9s2375.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\9130steal567z.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\7z775ack9oor1515.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\7009viruz656.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\67zf95wnloader2754.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\67d9szy5are2838.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\65895rzj79f.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\635ddownloader2592z.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\5z43v9rus15b.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\5cf8thze9t22689.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\59aesp5r9z1075.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\58139zpy14d9.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\5169spamzo9543.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\50369hreat1465z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\42d45parse98z0.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\3417spaz9ot4505.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\26255worm904z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\254cs9ealz4245.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\2516zackdo9r1558.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\243355pzmbot459.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\23878viru5z9e.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\1b9f9pzrse2565.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\system32\19z07spy257.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\c28add5arz793.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\7491s599z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\72f1z9r29915.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\6cd1s9zware2251.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\6a57a9dwar52850z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\6759not-a-5izu97e9.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\5e93vir8z8.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\5c89s5ealz023.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\5b59thiefz756.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\56troz139.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\55ceste9l293z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\5455troj491z.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\5131s9ambot557z.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\509spy6z9.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\2e77s5eal9881z.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\299zthief1577.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\29049h5zktool79b.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\28d6sp9rze16545.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\28912szy5475.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\27929hac5tozl2fb.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\2688zspamb5t17c9.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\2630not-a-z59us525.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\25ffazdw95e3135.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\2267zhack9ool1be5.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\22436viru9z05.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\22397sp5mbot6z1.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\21e5stezl1898.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\21392not9a5virus2z0.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\1zdbdownloade95342.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\19589tr9j75dz.exe
2009-07-17 11:07:08 ----A---- C:\WINDOWS\161abzckd9o5438.dll
2009-07-17 11:07:08 ----A---- C:\WINDOWS\1506stzal9722.exe
2009-07-17 10:22:13 ----D---- C:\Documents and Settings\Andrea\Application Data\Mozilla
2009-07-17 10:22:09 ----D---- C:\Program Files\Mozilla Firefox
2009-07-15 23:09:51 ----HDC---- C:\WINDOWS$NtUninstallKB973346$
2009-07-15 23:09:47 ----HDC---- C:\WINDOWS$NtUninstallKB971633$
2009-07-15 23:08:23 ----HDC---- C:\WINDOWS$NtUninstallKB961371$
2009-07-14 11:45:35 ----A---- C:\WINDOWS\uninst.exe
2009-07-14 11:43:12 ----A---- C:\WINDOWS\RAUNINST.EXE
2009-07-13 12:28:55 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-07-13 12:27:49 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-07-13 12:27:49 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-07-12 12:50:12 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-07-12 12:50:08 ----HDC---- C:\WINDOWS$NtUninstallWdf01007$
2009-07-12 06:44:28 ----A---- C:\WINDOWS\system32\5918stzal2239.dll
2009-07-10 14:35:18 ----D---- C:\Documents and Settings\Andrea\Application Data.starphone
2009-07-09 07:25:33 ----A---- C:\WINDOWS\5808hac9toolzc5.dll
2009-07-09 07:10:49 ----A---- C:\WINDOWS\491fvir501z.dll
2009-07-08 01:55:12 ----A---- C:\WINDOWS\system32\xfcodec.dll
2009-07-07 07:42:26 ----A---- C:\WINDOWS\system32\z8d5thi9f5621.dll
2009-07-06 11:18:45 ----A---- C:\WINDOWS\system32\9138troj4z95.exe
2009-07-03 23:13:36 ----D---- C:\Documents and Settings\Andrea\Application Data\Google
2009-07-03 23:09:32 ----D---- C:\Program Files\Google
2009-07-03 14:29:50 ----D---- C:\Documents and Settings\Andrea\Application Data\gtk-2.0
2009-07-03 07:10:36 ----A---- C:\WINDOWS\system32\6529spy9aze3269.exe
2009-07-03 03:56:58 ----A---- C:\WINDOWS\65z8vir9s110.exe
2009-07-02 11:01:56 ----D---- C:\Program Files\Alcohol Soft
2009-07-02 10:50:29 ----D---- C:\Documents and Settings\Andrea\Application Data\Canneverbe_Limited
2009-06-27 21:37:22 ----D---- C:\WINDOWS\system32\Futuremark
2009-06-27 18:42:25 ----A---- C:\WINDOWS\system32\24719virzs569.exe
2009-06-27 00:48:08 ----A---- C:\WINDOWS\21z73vi9usf5.dll
2009-06-26 23:43:59 ----D---- C:\Program Files\RocketDock
2009-06-25 09:23:10 ----D---- C:\WINDOWS\system32\appmgmt
2009-06-25 09:19:31 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-06-24 09:58:58 ----HD---- C:\WINDOWS\PIF
2009-06-23 07:13:39 ----A---- C:\WINDOWS\9687szambot955.dll
2009-06-21 20:18:02 ----A---- C:\WINDOWS\1895virz16.dll
2009-06-20 09:59:52 ----D---- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Pro
2009-06-19 22:13:50 ----D---- C:\Documents and Settings\Andrea\Application Data\Bioshock
2009-06-19 22:12:39 ----RHD---- C:\Documents and Settings\Andrea\Application Data\SecuROM
2009-06-18 11:35:11 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-06-18 11:35:06 ----D---- C:\Program Files\DAEMON Tools Lite
2009-06-18 11:30:53 ----D---- C:\Documents and Settings\Andrea\Application Data\DAEMON Tools Lite
2009-06-17 18:20:33 ----A---- C:\WINDOWS\system32\88415pzm9ot66e.exe
2009-06-16 20:50:33 ----D---- C:\Documents and Settings\Andrea\Application Data\dvdcss
2009-06-16 11:30:36 ----D---- C:\Documents and Settings\Andrea\Application Data\FileZilla
2009-06-16 04:22:16 ----A---- C:\WINDOWS\system32\29865ac9tooz40.exe
2009-06-15 14:15:26 ----D---- C:\Documents and Settings\Andrea\Application Data\OpenOffice.org
2009-06-15 14:14:21 ----D---- C:\Program Files\OpenOffice.org 3
2009-06-14 23:37:40 ----D---- C:\Documents and Settings\Andrea\Application Data\WinRAR
2009-06-14 23:37:10 ----D---- C:\Program Files\WinRAR
2009-06-13 05:16:02 ----A---- C:\WINDOWS\70c5spars985z.exe
2009-06-12 12:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2009-06-11 23:07:32 ----HDC---- C:\WINDOWS$NtUninstallKB961503$
2009-06-11 16:24:02 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2009-06-11 15:46:40 ----D---- C:\Program Files\Messenger Plus! Live
2009-06-11 12:39:00 ----A---- C:\WINDOWS\system32\muweb.dll
2009-06-11 12:39:00 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-06-11 12:39:00 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-06-11 09:40:26 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2009-06-11 09:28:39 ----D---- C:\Program Files\Microsoft
2009-06-11 09:28:00 ----D---- C:\Program Files\Windows Live
2009-06-11 09:22:31 ----D---- C:\Program Files\Common Files\Windows Live
2009-06-10 18:24:50 ----HDC---- C:\WINDOWS$NtUninstallKB961501$
2009-06-10 18:24:45 ----HDC---- C:\WINDOWS$NtUninstallKB969898$
2009-06-10 18:22:55 ----HDC---- C:\WINDOWS$NtUninstallKB970238$
2009-06-10 18:22:21 ----HDC---- C:\WINDOWS$NtUninstallKB968537$
2009-06-09 17:13:26 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-06-09 15:20:38 ----D---- C:\Program Files\CDBurnerXP
2009-06-09 15:15:40 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-06-09 15:15:40 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-06-09 15:15:39 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-06-09 15:15:38 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-06-09 15:15:37 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-06-09 15:15:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-06-09 15:15:36 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-06-09 15:15:34 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-06-09 15:15:34 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-06-09 15:15:34 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-06-09 15:15:33 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-06-09 15:15:33 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-06-09 15:15:31 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-06-09 15:15:30 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-06-09 15:15:30 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-06-09 15:15:29 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-06-09 15:15:29 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-06-09 15:15:28 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-06-09 15:15:28 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-06-09 15:15:27 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-06-09 15:15:26 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-06-09 15:15:24 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-06-09 15:15:24 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-06-09 15:15:22 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-06-09 15:15:22 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-06-09 15:15:21 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-06-09 15:15:21 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-06-09 15:15:19 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-06-09 15:15:19 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-06-09 15:15:19 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-06-09 15:15:18 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-06-09 15:15:17 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-06-09 15:15:17 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-06-09 15:15:17 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-06-09 15:15:16 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-06-09 15:15:16 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-06-09 15:15:15 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-06-09 15:15:15 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-06-09 15:15:15 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-06-09 15:15:14 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-06-09 15:15:14 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-06-09 15:15:13 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-06-09 15:15:13 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-06-09 15:15:12 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-06-09 15:15:11 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-06-09 15:15:10 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-06-09 15:15:10 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-06-09 15:15:09 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-06-09 15:15:09 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-06-09 15:15:09 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-06-09 15:14:38 ----D---- C:\WINDOWS\Logs
2009-06-09 00:03:18 ----D---- C:\Documents and Settings\Andrea\Application Data\vlc
2009-06-09 00:02:41 ----D---- C:\Program Files\VideoLAN
2009-06-08 01:12:52 ----A---- C:\WINDOWS\system32\SIntfNT.dll
2009-06-08 01:12:52 ----A---- C:\WINDOWS\system32\SIntf32.dll
2009-06-08 01:12:52 ----A---- C:\WINDOWS\system32\SIntf16.dll
2009-06-07 12:35:55 ----A---- C:\WINDOWS\system32\7e76add5arz3449.exe
2009-06-06 23:16:01 ----A---- C:\WINDOWS\SIERRA.INI
2009-06-04 16:55:22 ----A---- C:\WINDOWS\ScUnin.exe
2009-06-04 12:03:08 ----HD---- C:$AVG8.VAULT$
2009-06-04 09:34:03 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-06-04 09:34:02 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-06-04 09:34:02 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-06-04 09:34:02 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-06-04 09:34:01 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-06-04 09:33:51 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-06-04 09:33:50 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-06-04 09:33:50 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-06-04 09:33:50 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-06-04 08:49:02 ----D---- C:\WINDOWS.jagex_cache_32
2009-06-04 08:48:56 ----D---- C:\WINDOWS\Sun
2009-06-04 08:48:52 ----A---- C:\WINDOWS\system32\javaws.exe
2009-06-04 08:48:52 ----A---- C:\WINDOWS\system32\javaw.exe
2009-06-04 08:48:52 ----A---- C:\WINDOWS\system32\java.exe
2009-06-04 08:48:52 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-06-04 08:48:39 ----D---- C:\Program Files\Java
2009-06-04 08:47:23 ----D---- C:\Documents and Settings\Andrea\Application Data\Sun
2009-06-04 01:08:57 ----D---- C:\Documents and Settings\Andrea\Application Data\Turbine
2009-06-04 01:07:08 ----D---- C:\Documents and Settings\Andrea\Application Data\Macromedia
2009-06-04 01:07:08 ----D---- C:\Documents and Settings\Andrea\Application Data\Adobe
2009-06-04 01:05:39 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-06-04 01:05:38 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-06-04 01:05:38 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-06-04 01:05:38 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-06-04 01:05:37 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-06-04 01:05:35 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-06-04 01:04:24 ----D---- C:\WINDOWS\system32\URTTEMP
2009-06-04 00:24:54 ----A---- C:\WINDOWS\system32\SAIKICK.dll
2009-06-04 00:24:54 ----A---- C:\WINDOWS\system32\SAIGON.dll
2009-06-04 00:24:54 ----A---- C:\WINDOWS\system32\nY.exe
2009-06-04 00:24:38 ----D---- C:\Program Files\Saitek
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_10.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_0C.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_0A.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_09.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_07.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461_0402.dll
2009-06-04 00:22:41 ----RA---- C:\WINDOWS\system32\SaiC0461.Dll
2009-06-04 00:22:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-06-04 00:18:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-06-04 00:17:22 ----D---- C:\WINDOWS\system32\Lang
2009-06-04 00:14:55 ----D---- C:\WINDOWS\system32\RTCOM
2009-06-04 00:14:45 ----A---- C:\WINDOWS\vncutil.exe
2009-06-04 00:14:45 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-06-04 00:14:45 ----A---- C:\WINDOWS\SkyTel.exe
2009-06-04 00:14:45 ----A---- C:\WINDOWS\RtlUpd.exe
2009-06-04 00:14:45 ----A---- C:\WINDOWS\RTLCPL.EXE
2009-06-04 00:14:44 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2009-06-04 00:14:44 ----A---- C:\WINDOWS\RtkAudioService.exe
2009-06-04 00:14:44 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-06-04 00:14:43 ----A---- C:\WINDOWS\MicCal.exe
2009-06-04 00:14:43 ----A---- C:\WINDOWS\ALCWZRD.EXE
2009-06-04 00:14:42 ----D---- C:\Program Files\Realtek
2009-06-04 00:14:42 ----A---- C:\WINDOWS\ALCMTR.EXE
2009-06-04 00:14:39 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-06-04 00:03:35 ----D---- C:\Program Files\ma-config.com
2009-06-04 00:03:35 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-06-03 23:45:37 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-06-03 23:45:32 ----D---- C:\Program Files\Common Files\Adobe
2009-06-03 23:45:32 ----D---- C:\Program Files\Adobe
2009-06-03 23:42:18 ----A---- C:\WINDOWS\system32\h323log.txt
2009-06-03 23:37:02 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-06-03 23:35:57 ----A---- C:\WINDOWS\system32\usbui.dll
2009-06-03 23:35:08 ----SHD---- C:\WINDOWS\Installer
2009-06-03 23:35:08 ----D---- C:\Program Files\Common Files\ODBC
2009-06-03 23:35:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-06-03 23:35:08 ----A---- C:\WINDOWS\ODBCINST.INI
2009-06-03 23:35:04 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-06-03 23:35:03 ----RD---- C:\Program Files
2009-06-03 23:35:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-06-03 23:35:03 ----D---- C:\Program Files\Common Files
2009-06-03 23:34:53 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-06-03 23:34:53 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-06-03 23:34:53 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-06-03 23:34:51 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-06-03 23:34:50 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-06-03 23:34:48 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-06-03 23:34:46 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-06-03 23:34:46 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-06-03 23:34:46 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-06-03 23:34:46 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-06-03 23:34:46 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-06-03 23:34:44 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-06-03 23:34:44 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-06-03 23:34:44 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-06-03 23:34:44 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-06-03 23:34:44 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-06-03 23:34:43 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-06-03 23:34:37 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-06-03 23:34:37 ----A---- C:\WINDOWS\system32\irclass.dll
2009-06-03 23:34:37 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-06-03 23:34:37 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-06-03 23:34:36 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-06-03 23:34:34 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-06-03 23:34:33 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-06-03 23:34:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-06-03 23:34:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-06-03 23:34:32 ----A---- C:\WINDOWS\notepad.exe
2009-06-03 23:34:26 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-06-03 23:34:20 ----RA---- C:\WINDOWS\SET8.tmp
2009-06-03 23:34:18 ----RA---- C:\WINDOWS\SET4.tmp
2009-06-03 23:34:16 ----RA---- C:\WINDOWS\SET3.tmp
2009-06-03 23:34:12 ----D---- C:\WINDOWS\system32\CatRoot2
2009-06-03 23:34:12 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-03 23:34:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-06-03 23:33:11 ----SHD---- C:\System Volume Information
2009-06-03 23:33:11 ----D---- C:\Documents and Settings
2009-06-03 23:32:28 ----SH---- C:\boot.ini
2009-06-03 23:27:32 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-06-03 23:27:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-06-03 23:27:32 ----RSD---- C:\WINDOWS\Fonts
2009-06-03 23:27:32 ----RD---- C:\WINDOWS\Web
2009-06-03 23:27:32 ----HD---- C:\WINDOWS\inf
2009-06-03 23:27:32 ----D---- C:\WINDOWS\WinSxS
2009-06-03 23:27:32 ----D---- C:\WINDOWS\WBEM
2009-06-03 23:27:32 ----D---- C:\WINDOWS\twain_32
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Temp
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\wins
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\wbem
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\usmt
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\spool
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\ShellExt
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\Setup
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\scripting
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\ras
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\oobe
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\npp
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\mui
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\inetsrv
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\IME
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\icsxml
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\ias
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\export
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\en-US
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\en
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\drivers
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\dhcp
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\config
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\3com_dmi
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\3076
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\2052
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1054
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1042
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1041
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1037
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1033
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1031
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1028
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32\1025
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system32
2009-06-03 23:27:32 ----D---- C:\WINDOWS\system
2009-06-03 23:27:32 ----D---- C:\WINDOWS\security
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Resources
2009-06-03 23:27:32 ----D---- C:\WINDOWS\repair
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Provisioning
2009-06-03 23:27:32 ----D---- C:\WINDOWS\PeerNet
2009-06-03 23:27:32 ----D---- C:\WINDOWS\pchealth
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Offline Web Pages
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Network Diagnostic
2009-06-03 23:27:32 ----D---- C:\WINDOWS\mui
2009-06-03 23:27:32 ----D---- C:\WINDOWS\msapps
2009-06-03 23:27:32 ----D---- C:\WINDOWS\msagent
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Media
2009-06-03 23:27:32 ----D---- C:\WINDOWS\L2Schemas
2009-06-03 23:27:32 ----D---- C:\WINDOWS\java
2009-06-03 23:27:32 ----D---- C:\WINDOWS\ime
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Help
2009-06-03 23:27:32 ----D---- C:\WINDOWS\ehome
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Driver Cache
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Debug
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Cursors
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Connection Wizard
2009-06-03 23:27:32 ----D---- C:\WINDOWS\Config
2009-06-03 23:27:32 ----D---- C:\WINDOWS\AppPatch
2009-06-03 23:27:32 ----D---- C:\WINDOWS\addins
2009-06-03 23:27:32 ----D---- C:\WINDOWS
2009-06-03 23:20:49 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-06-03 23:20:04 ----D---- C:\Documents and Settings\Andrea\Application Data\ATI
2009-06-03 23:20:04 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-06-03 23:14:30 ----HDC---- C:\WINDOWS$NtUninstallKB951376-v2$
2009-06-03 23:14:27 ----HDC---- C:\WINDOWS$NtUninstallKB952954$
2009-06-03 23:13:49 ----HDC---- C:\WINDOWS$NtUninstallKB959426$
2009-06-03 23:13:46 ----HDC---- C:\WINDOWS$NtUninstallKB946648$
2009-06-03 23:13:42 ----HDC---- C:\WINDOWS$NtUninstallKB961373$
2009-06-03 23:13:39 ----HDC---- C:\WINDOWS$NtUninstallKB956803$
2009-06-03 23:13:35 ----HDC---- C:\WINDOWS$NtUninstallKB955839$
2009-06-03 23:13:26 ----HDC---- C:\WINDOWS$NtUninstallKB951978$
2009-06-03 23:13:22 ----HDC---- C:\WINDOWS$NtUninstallKB950974$
2009-06-03 23:12:42 ----D---- C:\WINDOWS\ie7updates
2009-06-03 23:12:35 ----HDC---- C:\WINDOWS$NtUninstallKB960225$
2009-06-03 23:12:27 ----HDC---- C:\WINDOWS$NtUninstallKB956572$
2009-06-03 23:12:22 ----HDC---- C:\WINDOWS$NtUninstallKB938464-v2$
2009-06-03 23:12:18 ----HDC---- C:\WINDOWS$NtUninstallKB952004$
2009-06-03 23:11:40 ----HDC---- C:\WINDOWS$NtUninstallKB950762$
2009-06-03 23:11:37 ----HDC---- C:\WINDOWS$NtUninstallKB957097$
2009-06-03 23:11:34 ----HDC---- C:\WINDOWS$NtUninstallKB960715$
2009-06-03 23:11:31 ----HDC---- C:\WINDOWS$NtUninstallKB958687$
2009-06-03 23:11:28 ----HDC---- C:\WINDOWS$NtUninstallKB952287$
2009-06-03 23:11:23 ----HDC---- C:\WINDOWS$NtUninstallKB967715$
2009-06-03 23:11:20 ----HDC---- C:\WINDOWS$NtUninstallKB950760$
2009-06-03 23:11:16 ----HDC---- C:\WINDOWS$NtUninstallKB951066$
2009-06-03 23:11:13 ----HDC---- C:\WINDOWS$NtUninstallKB958690$
2009-06-03 23:10:35 ----HDC---- C:\WINDOWS$NtUninstallKB959772_WM11$
2009-06-03 23:10:32 ----HDC---- C:\WINDOWS$NtUninstallKB954459$
2009-06-03 23:10:28 ----HDC---- C:\WINDOWS$NtUninstallKB952069_WM9$
2009-06-03 23:10:25 ----HDC---- C:\WINDOWS$NtUninstallKB951748$
2009-06-03 23:10:21 ----HDC---- C:\WINDOWS$NtUninstallKB960803$
2009-06-03 23:10:18 ----HDC---- C:\WINDOWS$NtUninstallKB954600$
2009-06-03 23:10:15 ----HDC---- C:\WINDOWS$NtUninstallKB958644$
2009-06-03 23:10:11 ----HDC---- C:\WINDOWS$NtUninstallKB955069$
2009-06-03 23:10:07 ----HDC---- C:\WINDOWS$NtUninstallKB956802$
2009-06-03 23:09:58 ----HDC---- C:\WINDOWS$NtUninstallKB954154_WM11$
2009-06-03 23:09:55 ----HDC---- C:\WINDOWS$NtUninstallKB923561$
2009-06-03 23:06:53 ----SHD---- C:\RECYCLER
2009-06-03 23:05:31 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-06-03 23:05:24 ----D---- C:\Documents and Settings\Andrea\Application Data\AVGTOOLBAR
2009-06-03 23:05:17 ----D---- C:\Program Files\AVG
2009-06-03 23:05:17 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-06-03 23:00:52 ----D---- C:\Program Files\Common Files\ATI Technologies
2009-06-03 23:00:38 ----D---- C:\WINDOWS\RegisteredPackages
2009-06-03 23:00:29 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-06-03 23:00:28 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-06-03 22:59:07 ----RSD---- C:\WINDOWS\assembly
2009-06-03 22:58:50 ----D---- C:\WINDOWS\Microsoft.NET
2009-06-03 22:58:20 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-06-03 22:57:52 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-06-03 22:57:42 ----D---- C:\Program Files\ATI Technologies
2009-06-03 22:57:13 ----D---- C:\Program Files\Common Files\InstallShield
2009-06-03 22:56:47 ----D---- C:\AMD
2009-06-03 22:54:38 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-06-03 22:54:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-06-03 22:54:16 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-06-03 22:54:15 ----HDC---- C:\WINDOWS$NtUninstallKB898461$
2009-06-03 22:50:10 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-06-03 22:47:31 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-03 22:47:31 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2009-06-03 22:47:31 ----A---- C:\WINDOWS\system32\GTGina.dll
2009-06-03 22:47:25 ----D---- C:\Program Files\Linksys
2009-06-03 22:47:22 ----D---- C:\Documents and Settings\Andrea\Application Data\InstallShield
2009-06-03 22:46:31 ----A---- C:\WINDOWS\system32\WLAN.INI
2009-06-03 21:58:52 ----D---- C:\Documents and Settings\Andrea\Application Data\Identities
2009-06-03 21:58:50 ----HD---- C:\Program Files\Uninstall Information
2009-06-03 21:58:47 ----SD---- C:\Documents and Settings\Andrea\Application Data\Microsoft
2009-06-03 21:58:47 ----ASH---- C:\Documents and Settings\Andrea\Application Data\desktop.ini
2009-06-03 21:57:30 ----D---- C:\WINDOWS\SoftwareDistribution
2009-06-03 21:57:28 ----D---- C:\WINDOWS\Prefetch
2009-06-03 21:57:27 ----SD---- C:\WINDOWS\system32\Microsoft
2009-06-03 21:54:46 ----D---- C:\WINDOWS\system32\xircom
2009-06-03 21:54:46 ----D---- C:\Program Files\xerox
2009-06-03 21:54:46 ----D---- C:\Program Files\microsoft frontpage
2009-06-03 21:54:18 ----HD---- C:\WINDOWS$hf_mig$
2009-06-03 21:54:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-06-03 21:53:58 ----A---- C:\WINDOWS\control.ini
2009-06-03 21:53:58 ----A---- C:\AUTOEXEC.BAT
2009-06-03 21:53:45 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-06-03 21:53:07 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-06-03 21:53:05 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-06-03 21:53:01 ----HD---- C:\Program Files\WindowsUpdate
2009-06-03 21:52:41 ----D---- C:\WINDOWS\system32\DirectX
2009-06-03 21:52:31 ----A---- C:\WINDOWS\system32\atrace.dll
2009-06-03 21:52:28 ----A---- C:\WINDOWS\system32\desktop.ini
2009-06-03 21:52:28 ----A---- C:\WINDOWS\desktop.ini
2009-06-03 21:52:19 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-06-03 21:52:17 ----D---- C:\Program Files\Common Files\Services
2009-06-03 21:52:17 ----A---- C:\WINDOWS\system32\acctres.dll
2009-06-03 21:52:13 ----SD---- C:\WINDOWS\Tasks
2009-06-03 21:52:13 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-06-03 21:52:12 ----D---- C:\Program Files\Common Files\MSSoap
2009-06-03 21:52:06 ----D---- C:\WINDOWS\srchasst
2009-06-03 21:52:05 ----D---- C:\WINDOWS\system32\Macromed
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wups.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuaueng.dll.wusetup.3189468.bak
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-06-03 21:52:02 ----A---- C:\WINDOWS\system32\wuaucpl.cpl.wusetup.3189406.bak
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\wuauclt.exe.wusetup.3189359.bak
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-06-03 21:52:01 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-06-03 21:51:56 ----D---- C:\Program Files\Movie Maker
2009-06-03 21:51:33 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-06-03 21:51:33 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-06-03 21:51:33 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-06-03 21:51:33 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-06-03 21:51:28 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-06-03 21:51:28 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-06-03 21:51:27 ----D---- C:\WINDOWS\system32\Restore
2009-06-03 21:51:27 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-06-03 21:51:27 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-06-03 21:51:27 ----A---- C:\WINDOWS\system32\srclient.dll
2009-06-03 21:51:26 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-06-03 21:51:26 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-06-03 21:51:26 ----A---- C:\WINDOWS\system32\ils.dll
2009-06-03 21:51:25 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-06-03 21:51:25 ----A---- C:\WINDOWS\system32\msconf.dll
2009-06-03 21:51:25 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-06-03 21:51:22 ----D---- C:\Program Files\NetMeeting
2009-06-03 21:51:21 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-06-03 21:51:21 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-06-03 21:51:20 ----A---- C:\WINDOWS\system32\inetres.dll
2009-06-03 21:51:19 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-06-03 21:51:17 ----D---- C:\Program Files\Outlook Express
2009-06-03 21:51:17 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-06-03 21:51:17 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-06-03 21:51:17 ----A---- C:\WINDOWS\system32\mstask.dll
2009-06-03 21:51:16 ----A---- C:\WINDOWS\system32\isign32.dll
2009-06-03 21:51:16 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-06-03 21:51:16 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-06-03 21:51:16 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-06-03 21:51:08 ----D---- C:\Program Files\Common Files\System
2009-06-03 21:51:07 ----D---- C:\Program Files\Internet Explorer
2009-06-03 21:50:38 ----D---- C:\Program Files\ComPlus Applications
2009-06-03 21:50:36 ----A---- C:\WINDOWS\vbaddin.ini
2009-06-03 21:50:36 ----A---- C:\WINDOWS\vb.ini
2009-06-03 21:50:33 ----D---- C:\WINDOWS\Registration
2009-06-03 21:50:28 ----D---- C:\Program Files\Online Services
2009-06-03 21:50:19 ----D---- C:\Program Files\Windows Media Connect 2
2009-06-03 21:50:17 ----D---- C:\Program Files\Windows Media Player
2009-06-03 21:50:16 ----D---- C:\Program Files\Messenger
2009-06-03 21:50:10 ----D---- C:\Program Files\MSN Gaming Zone
2009-06-03 21:50:10 ----A---- C:\WINDOWS\system32\write.exe
2009-06-03 21:49:59 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-06-03 21:49:59 ----A---- C:\WINDOWS\system32\hticons.dll
2009-06-03 21:49:59 ----A---- C:\WINDOWS\system32\avwav.dll
2009-06-03 21:49:59 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-06-03 21:49:59 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-06-03 21:49:58 ----A---- C:\WINDOWS\system32\winchat.exe
2009-06-03 21:49:50 ----A---- C:\WINDOWS\system32\getuname.dll
2009-06-03 21:49:50 ----A---- C:\WINDOWS\system32\charmap.exe
2009-06-03 21:49:49 ----A---- C:\WINDOWS\system32\winmine.exe
2009-06-03 21:49:49 ----A---- C:\WINDOWS\system32\sol.exe
2009-06-03 21:49:49 ----A---- C:\WINDOWS\system32\calc.exe
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\tskill.exe
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\reset.exe
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-06-03 21:49:48 ----A---- C:\WINDOWS\system32\freecell.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\tscon.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\shadow.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\regini.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\msg.exe
2009-06-03 21:49:47 ----A---- C:\WINDOWS\system32\logoff.exe
2009-06-03 21:49:46 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-06-03 21:49:46 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-06-03 21:49:40 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-06-03 21:49:25 ----D---- C:\Program Files\MSN
2009-06-03 21:49:24 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-06-03 21:49:24 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-06-03 21:49:24 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-06-03 21:49:23 ----D---- C:\Program Files\Windows NT
2009-06-03 21:49:23 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-06-03 21:49:22 ----A---- C:\WINDOWS\system32\spider.exe
2009-06-03 21:49:22 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-06-03 21:49:22 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-06-03 21:49:20 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-06-03 21:49:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-06-03 21:49:20 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-06-03 21:49:20 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-06-03 21:49:19 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-06-03 21:49:19 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-06-03 21:49:19 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-06-03 21:49:18 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-06-03 21:49:17 ----D---- C:\WINDOWS\system32\MsDtc
2009-06-03 21:49:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-06-03 21:49:17 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-06-03 21:49:17 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-06-03 21:49:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-06-03 21:49:17 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-06-03 21:49:16 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-06-03 21:49:16 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-06-03 21:49:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-06-03 21:49:16 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-06-03 21:49:16 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-06-03 21:49:14 ----D---- C:\WINDOWS\system32\Com
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-06-03 21:49:14 ----A---- C:\WINDOWS\system32\colbact.dll
2009-06-03 21:49:13 ----A---- C:\WINDOWS\system32\stclient.dll
2009-06-03 21:49:13 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-06-03 21:49:13 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-06-03 21:49:13 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-06-03 21:49:13 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-06-03 21:49:12 ----A---- C:\WINDOWS\system32\comuid.dll
2009-06-03 21:49:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-06-03 21:49:12 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-06-03 21:49:11 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-06-03 21:49:03 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-06-03 21:49:03 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-06-03 21:49:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-06-03 21:49:03 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-06-02 22:23:24 ----A---- C:\WINDOWS\21412hac9tozl5a.dll
2009-05-28 18:50:40 ----A---- C:\WINDOWS\35bdvzr2894.dll
2009-05-27 08:37:25 ----A---- C:\WINDOWS\9fethi5f29z9.exe
2009-05-26 17:06:21 ----A---- C:\WINDOWS\z38fdownload9r1545.exe
2009-05-26 12:17:44 ----A---- C:\WINDOWS\5974vi524z.dll
2009-05-23 17:32:13 ----A---- C:\WINDOWS\57909hiez2953.dll
2009-05-12 07:43:46 ----A---- C:\WINDOWS\6z52thief1999.dll
2009-05-11 15:08:36 ----A---- C:\WINDOWS\5765spambot195z.dll
2009-05-02 07:17:11 ----A---- C:\WINDOWS\system32\4288nzt-5-v9rusef.exe
2009-04-26 02:07:08 ----A---- C:\WINDOWS\618zaddware3695.exe
======List of files/folders modified in the last 3 months======
2009-07-13 12:28:54 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-06-16 16:36:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-06-16 16:36:30 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-06-03 23:35:03 ----A---- C:\WINDOWS\system.ini
2009-06-03 21:53:56 ----A---- C:\WINDOWS\win.ini
2009-06-03 21:09:37 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-07 17:32:35 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-29 06:56:02 ----A---- C:\WINDOWS\system32\wininet.dll
2009-04-29 06:56:02 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-04-29 06:56:01 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-04-29 06:56:01 ----A---- C:\WINDOWS\system32\url.dll
2009-04-29 06:56:01 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-04-29 06:56:01 ----A---- C:\WINDOWS\system32\occache.dll
2009-04-29 06:56:01 ----A---- C:\WINDOWS\system32\mstime.dll
2009-04-29 06:56:00 ----A---- C:\WINDOWS\system32\msrating.dll
2009-04-29 06:56:00 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-04-29 06:56:00 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-04-29 06:55:58 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-04-29 06:55:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-04-29 06:55:58 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-04-29 06:55:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-04-29 06:55:57 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-04-29 06:55:57 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\ieencode.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\icardie.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\extmgr.dll
2009-04-29 06:55:56 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-04-29 06:55:55 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-04-29 06:55:55 ----A---- C:\WINDOWS\system32\advpack.dll
2009-04-28 11:05:56 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-04-28 11:05:56 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2009-04-25 07:26:23 ----A---- C:\WINDOWS\system32\ieakui.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-06-12 327688]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-02 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-03 108552]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-03 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-06-04 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-06-04 18048]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-10-17 2642944]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; ??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-05-22 5082624]
R3 mbr;mbr; ??\C:\DOCUME~1\Andrea\LOCALS~1\Temp\mbr.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RT73;Linksys Home Wireless-G USB Adapter Driver; C:\WINDOWS\sy
on m’aide plus ? c’est pas tres gentil ca :whistle:.
Salut Bisoonoors ne pleure pas :o(
L ami Senosen est peut être en vacances ?,je vais t aider en attendant qu il revienne
- presses les touches ALT + CTRL + DELETE ou CTRL + Shift + ESC.
Cliques sur Processus, et cherches le processus de Winifighter
clic droit dessus pour le mettre en surbrillance et cliques en bas==> Terminer le processus"
2)Télécharger RevoUninstaller
==> Winifighter ==> désinstalles le
tutoriel
=>RevoUninstaller
- Télécharge Winsockxpfix
sur ton bureau sans l executer au cas tu en aurai besoin aprés
==>Winsockxpfix
ensuite
Désactives ton antivirus et antispyware
Télécharge Combofix
==>Combofix
==>sur ton Bureau(et pas ailleurs) et renomme le avant qu’il vienne sur ton bureau.
pour ce faire fait un clic droit sur Combofix.exe ,choisis “enregistrer la cible du lien sous…” et renomme le en==>Bisoonoors.exe
==> et pour l’emplacement choisis ton bureau et cliques sur “enregistrer”
Fermez toutes les fenêtres ouvertes
Double clique==> Bisoonoors.exe ==>(Fichier renommé)
Tapes sur la touche1 pour démarrer le scan et suis les instructions indiquées par combofix.
Lorsque le scan sera terminé, un rapport apparaîtra. Copie/colle ce rapport ici même.
==>Le rapport se trouve également ici : C:\Combofix.txt
==> tu ne devras pas cliquer dans la fenêtre de Combofix pendant l’analyse ; ceci provoquerait le blocage du programme.
Réactives ton antivirus et antispyware
PS
si ta connexion internet n’est plus active après le redémarrage
Fait un double clic sur le fichier de WinsockXPFix
clique sur “Fix” au cas faudra faire une réparation manuelle
- Désactives ton Antivirus
Telecharge UsbFix sur ton bureau
==>UsbFix
–> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc…) suceptible d avoir été infectés sans les ouvrir
–> Double clic sur le raccourci UsbFix sur ton bureau
–>choisi l option 1
–> Le pc va redémarer
–>Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Réactives ton Antivirus
Bleh, c’est bizarre tes trucs avec l’antivirus, quand j’ai ouvert ton truc, ca m’a lance un message depuis le pc ca a fait bip bip, et il m’a dis qu’il etait “entaché”. Alors j’ai prefere le supprimer =). Il me faudrait juste un autre lien ?
Salut
duquel Parles tu??
l antivirus désactivé avant le téléchargement
Si tu parles de Combofix tu as un Bip sonore au démarrage
lien Combofix ==>http://download.bleepingcomputer.com/sUBs/ComboFix.exe
tutoriel =>http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
l antivirus désactivé avant le téléchargement
Lien USBFix
==>http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe
Fais d abord dans l ordre marqué plus Haut et comme d écris étapes 1 à 4