Info.txt logfile of random's system information tool 1.05 2008-12-21 12:34:29
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Fichiers communs\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\WINDOWS\System32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\aewiuiq.exe" -uninstall
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\agsee.exe" -uninstall
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\isccyuu.exe" -uninstall
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\ocycqmi.exe" -uninstall
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\sgesyyi.exe" -uninstall
Favorit-->"c:\documents and settings\ludo sab & lina\local settings\application data\sykqssu.exe" -uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
InternetGameBox -->C:\Program Files\InternetGameBox\uninst.exe
Kit de connexion ADSL-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{81868ECE-C551-4D16-8272-53A6EC493872}\setup.exe" -l0x40c -usb
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
MessengerSkinner-->C:\Program Files\MessengerSkinner\uninst.exe
Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}
modem ADSL USB-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe" -l0x9
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
VirtuaGuy HD-->C:\Documents and Settings\ludo sab & lina\Menu Démarrer\Programmes\VirtuaGuy HD\uninstall.lnk
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
System event log
Computer Name: LINA-KR60OTU5ZJ
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC.
Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.
Record Number: 17081
Source Name: SideBySide
Time Written: 20081213134151.000000+060
Event Type: erreur
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 32
Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.
Record Number: 17080
Source Name: SideBySide
Time Written: 20081213134151.000000+060
Event Type: erreur
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 59
Message: Generate Activation Context a échoué pour C:\Program Files\IncrediMail\bin\MFC80U.DLL.
Message d'erreur de référence : Opération réussie.
.
Record Number: 17079
Source Name: SideBySide
Time Written: 20081213134151.000000+060
Event Type: erreur
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 59
Message: Resolve Partial Assembly a échoué pour Microsoft.VC80.MFCLOC.
Message d'erreur de référence : L'assemblage référencé n'est pas installé sur votre système.
.
Record Number: 17078
Source Name: SideBySide
Time Written: 20081213134151.000000+060
Event Type: erreur
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 32
Message: L'assemblage dépendant Microsoft.VC80.MFCLOC ne peut pas être trouvé. La dernière erreur était L'assemblage référencé n'est pas installé sur votre système.
Record Number: 17077
Source Name: SideBySide
Time Written: 20081213134151.000000+060
Event Type: erreur
User:
Application event log
Computer Name: LINA-KR60OTU5ZJ
Event Code: 102
Message: MsnMsgr (1556) \\.\C:\Documents and Settings\ludo sab & lina\Local Settings\Application Data\Microsoft\Messenger\maniezludovic@hotmail.fr\SharingMetadata\Working\database_6E18_9265_1892_2BD9\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).
Record Number: 834
Source Name: ESENT
Time Written: 20081109141729.000000+060
Event Type: Informations
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 100
Message: MsnMsgr (1556) Le moteur de base de données 5.01.2600.0000 est démarré.
Record Number: 833
Source Name: ESENT
Time Written: 20081109141729.000000+060
Event Type: Informations
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 12001
Message: The Messenger Sharing USN Journal Reader service started successfully.
Record Number: 832
Source Name: usnjsvc
Time Written: 20081109141722.000000+060
Event Type:
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 2001
Message: Le service EAPOL a été démarré correctement
Record Number: 831
Source Name: EAPOL
Time Written: 20081109135357.000000+060
Event Type: Informations
User:
Computer Name: LINA-KR60OTU5ZJ
Event Code: 2001
Message: Le service EAPOL a été démarré correctement
Record Number: 830
Source Name: EAPOL
Time Written: 20081109083451.000000+060
Event Type: Informations
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 8 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0803
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Logfile of random's system information tool 1.05 (written by random/random)
Run by ludo sab & lina at 2008-12-21 12:30:55
Microsoft Windows XP Professionnel
System drive C: has 2 GB (21%) free of 10 GB
Total RAM: 319 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:33:30, on 21/12/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\fxstaller.exe
C:\WINDOWS\sysrest32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\documents and settings\ludo sab & lina\local settings\application data\aewiuiq.exe
C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
C:\Program Files\IncrediMail\bin\ImApp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\ludo sab & lina\Local Settings\Temporary Internet Files\Content.IE5\M44P2KXJ\RSIT[1].exe
C:\Program Files\trend micro\ludo sab & lina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\System32\awturOGA.dll (file missing)
O2 - BHO: (no name) - {85b6da9f-1123-409f-9281-fd287ca961eb} - C:\WINDOWS\System32\sofofuhi.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9B7B4060-AACC-4BAF-9B92-4F0CE51271D4} - C:\WINDOWS\System32\iifdcApQ.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: {36d00b2c-5ccf-787b-ae84-5df432206d8d} - {d8d60223-4fd5-48ea-b787-fcc5c2b00d63} - C:\WINDOWS\System32\lgirmn.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
O4 - HKLM\..\Run: [mmsass] mldmm.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Secure System Restore] sysrest32.exe
O4 - HKLM\..\Run: [setenanuhe] Rundll32.exe "C:\WINDOWS\System32\kufubabe.dll",s
O4 - HKLM\..\RunServices: [mmsass] mldmm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [sykqssu] "c:\documents and settings\ludo sab & lina\local settings\application data\sykqssu.exe" sykqssu
O4 - HKCU\..\Run: [isccyuu] "c:\documents and settings\ludo sab & lina\local settings\application data\isccyuu.exe" isccyuu
O4 - HKCU\..\Run: [ocycqmi] "c:\documents and settings\ludo sab & lina\local settings\application data\ocycqmi.exe" ocycqmi
O4 - HKCU\..\Run: [aewiuiq] "c:\documents and settings\ludo sab & lina\local settings\application data\aewiuiq.exe" aewiuiq
O4 - HKCU\..\Run: [agsee] "c:\documents and settings\ludo sab & lina\local settings\application data\agsee.exe" agsee
O4 - HKCU\..\Run: [sgesyyi] "c:\documents and settings\ludo sab & lina\local settings\application data\sgesyyi.exe" sgesyyi
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [setenanuhe] Rundll32.exe "C:\WINDOWS\System32\kufubabe.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O20 - AppInit_DLLs: ,C:\WINDOWS\System32\lodivoyo.dll,C:\WINDOWS\System32\kufubabe.dll lgirmn.dll
O20 - Winlogon Notify: awturOGA - awturOGA.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
End of file - 6004 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
C:\WINDOWS\System32\awturOGA.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85b6da9f-1123-409f-9281-fd287ca961eb}]
C:\WINDOWS\System32\sofofuhi.dll [2008-09-19 68332]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B7B4060-AACC-4BAF-9B92-4F0CE51271D4}]
C:\WINDOWS\System32\iifdcApQ.dll [2008-12-09 303104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-11-17 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-11-18 737776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8d60223-4fd5-48ea-b787-fcc5c2b00d63}]
C:\WINDOWS\System32\lgirmn.dll [2008-12-21 126976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - &Radio - C:\WINDOWS\System32\msdxm.ocx [2001-10-04 847900]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-11-17 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EoEngine"= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Windows UDP Control Center"=C:\WINDOWS\fxstaller.exe [2008-12-07 52786]
"mmsass"=mldmm.exe []
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Secure System Restore"=C:\WINDOWS\sysrest32.exe [2008-12-20 55858]
"setenanuhe"=C:\WINDOWS\System32\kufubabe.dll []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\System32\ctfmon.exe [2001-10-04 13312]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-10-05 243072]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-11-18 68856]
"sykqssu"=c:\documents and settings\ludo sab & lina\local settings\application data\sykqssu.exe [2008-11-22 295936]
"isccyuu"=c:\documents and settings\ludo sab & lina\local settings\application data\isccyuu.exe [2008-11-22 307200]
"ocycqmi"=c:\documents and settings\ludo sab & lina\local settings\application data\ocycqmi.exe [2008-11-30 301568]
"aewiuiq"=c:\documents and settings\ludo sab & lina\local settings\application data\aewiuiq.exe [2008-12-19 237568]
"agsee"=c:\documents and settings\ludo sab & lina\local settings\application data\agsee.exe [2008-12-19 239104]
"sgesyyi"=c:\documents and settings\ludo sab & lina\local settings\application data\sgesyyi.exe [2008-12-20 274432]
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=",C:\WINDOWS\System32\lodivoyo.dll,C:\WINDOWS\System32\kufubabe.dll lgirmn.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awturOGA]
awturOGA.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=C:\WINDOWS\System32\awturOGA.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\System32\iifdcApQ
"notification packages"=scecli
C:\WINDOWS\System32\lodivoyo.dll
C:\WINDOWS\System32\kufubabe.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2008-12-21 12:31:13 ----D---- C:\Program Files\trend micro
2008-12-21 12:30:55 ----DC---- C:\rsit
2008-12-21 12:29:35 ----AC---- C:\WINDOWS\System32\awttttRi.dll
2008-12-21 12:21:23 ----SHC---- C:\WINDOWS\System32\pextvoyg.ini
2008-12-21 12:21:20 ----A---- C:\WINDOWS\System32\gyovtxep.dll
2008-12-21 12:18:41 ----AC---- C:\WINDOWS\System32\lgirmn.dll
2008-12-21 12:18:40 ----A---- C:\WINDOWS\System32\loiybgwx.dll
2008-12-21 12:18:21 ----AC---- C:\WINDOWS\System32\wvUoOGwU.dll
2008-12-21 12:15:48 ----SHC---- C:\WINDOWS\System32\atugiteh.ini
2008-12-20 21:22:48 ----AC---- C:\WINDOWS\System32\iiffFxVp.dll
2008-12-20 21:10:04 ----AC---- C:\WINDOWS\System32\fcccyAss.dll
2008-12-20 20:56:31 ----AC---- C:\WINDOWS\System32\jkkIBQgE.dll
2008-12-20 20:43:18 ----AC---- C:\WINDOWS\System32\jkkLBsqR.dll
2008-12-20 20:29:34 ----AC---- C:\WINDOWS\System32\hgGwWPIC.dll
2008-12-20 20:16:14 ----AC---- C:\WINDOWS\System32\cbXQgdBr.dll
2008-12-20 20:02:54 ----AC---- C:\WINDOWS\System32\rqRLebYS.dll
2008-12-20 19:49:33 ----AC---- C:\WINDOWS\System32\ddcBSKEV.dll
2008-12-20 19:36:13 ----AC---- C:\WINDOWS\System32\pmnnOFvT.dll
2008-12-20 19:22:53 ----AC---- C:\WINDOWS\System32\geBstuRl.dll
2008-12-20 19:09:36 ----AC---- C:\WINDOWS\System32\qoMdCrpo.dll
2008-12-20 18:56:17 ----AC---- C:\WINDOWS\System32\wvUoMdDt.dll
2008-12-20 18:42:55 ----AC---- C:\WINDOWS\System32\hgGwWQhg.dll
2008-12-20 18:37:23 ----AC---- C:\WINDOWS\System32\ssqRICuR.dll
2008-12-20 18:29:37 ----AC---- C:\WINDOWS\System32\ljJARlIA.dll
2008-12-20 18:16:17 ----AC---- C:\WINDOWS\System32\hgGvtQHw.dll
2008-12-20 18:02:59 ----AC---- C:\WINDOWS\System32\hgGywVOi.dll
2008-12-20 17:50:00 ----AC---- C:\WINDOWS\System32\ljJCtsro.dll
2008-12-20 17:36:20 ----AC---- C:\WINDOWS\System32\ljJCvSmJ.dll
2008-12-20 17:23:02 ----AC---- C:\WINDOWS\System32\yayyYOge.dll
2008-12-20 17:05:50 ----AC---- C:\WINDOWS\System32\khfDuVoo.dll
2008-12-20 16:52:36 ----AC---- C:\WINDOWS\System32\tuvUOFXn.dll
2008-12-20 16:39:18 ----AC---- C:\WINDOWS\System32\mlJYpNde.dll
2008-12-20 16:25:58 ----AC---- C:\WINDOWS\System32\geBrsSKE.dll
2008-12-20 16:12:37 ----AC---- C:\WINDOWS\System32\qoMghecy.dll
2008-12-20 15:59:14 ----AC---- C:\WINDOWS\System32\mlJDtqrs.dll
2008-12-20 15:45:56 ----AC---- C:\WINDOWS\System32\khfDtSkJ.dll
2008-12-20 15:32:37 ----AC---- C:\WINDOWS\System32\khfCtrRH.dll
2008-12-20 15:19:19 ----AC---- C:\WINDOWS\System32\ssqNFXrQ.dll
2008-12-20 14:54:21 ----AC---- C:\WINDOWS\System32\nnnkKEUN.dll
2008-12-20 14:40:56 ----AC---- C:\WINDOWS\System32\wvUmkkjH.dll
2008-12-20 14:37:05 ----AC---- C:\WINDOWS\System32\ljJARjgg.dll
2008-12-20 14:27:39 ----AC---- C:\WINDOWS\System32\khfGyxXn.dll
2008-12-20 14:14:11 ----AC---- C:\WINDOWS\System32\ddcAstqo.dll
2008-12-20 14:00:46 ----AC---- C:\WINDOWS\System32\cbXQggDt.dll
2008-12-20 13:47:27 ----AC---- C:\WINDOWS\System32\byXRkIBu.dll
2008-12-20 13:34:07 ----AC---- C:\WINDOWS\System32\xxywTNHY.dll
2008-12-20 13:20:49 ----AC---- C:\WINDOWS\System32\mlJAtUOF.dll
2008-12-20 13:07:26 ----AC---- C:\WINDOWS\System32\iifefCrR.dll
2008-12-20 13:03:51 ----AC---- C:\WINDOWS\System32\awtqoLfF.dll
2008-12-20 12:58:53 ----AC---- C:\WINDOWS\System32\cbXQghGx.dll
2008-12-20 12:51:44 ----DC---- C:\WINDOWS\pss
2008-12-20 12:40:53 ----AC---- C:\WINDOWS\System32\opnnmLFX.dll
2008-12-20 12:30:48 ----AC---- C:\WINDOWS\nigzss.txt
2008-12-20 12:30:41 ----RSHC---- C:\WINDOWS\sysrest32.exe
2008-12-20 12:30:29 ----AC---- C:\reps.exe
2008-12-20 12:27:51 ----AC---- C:\WINDOWS\System32\khfFXonO.dll
2008-12-20 12:27:50 ----AC---- C:\WINDOWS\System32\csofxf.dll
2008-12-20 12:27:46 ----A---- C:\WINDOWS\System32\likniftv.dll
2008-12-20 12:23:44 ----SHC---- C:\WINDOWS\System32\ntwajdnv.ini
2008-12-20 12:23:41 ----A---- C:\WINDOWS\System32\vndjawtn.dll
2008-12-20 12:22:19 ----AC---- C:\WINDOWS\System32\qoMffDuV.dll
2008-12-20 12:19:17 ----DC---- C:\WINDOWS\Minidump
2008-12-20 11:05:28 ----SHC---- C:\WINDOWS\System32\ahufepop.ini
2008-12-19 19:44:38 ----AC---- C:\WINDOWS\System32\urqOIxVN.dll
2008-12-19 11:19:34 ----AC---- C:\WINDOWS\System32\ogfzhd.dll
2008-12-19 11:19:32 ----A---- C:\WINDOWS\System32\vcvaqxks.dll
2008-12-19 11:17:19 ----SHC---- C:\WINDOWS\System32\gswclvwm.ini
2008-12-19 11:17:14 ----A---- C:\WINDOWS\System32\mwvlcwsg.dll
2008-12-19 11:16:39 ----AC---- C:\WINDOWS\System32\fccaAqnK.dll
2008-12-19 11:14:12 ----SHC---- C:\WINDOWS\System32\urukejet.ini
2008-12-16 20:41:47 ----AC---- C:\WINDOWS\System32\xxywWpqP.dll
2008-12-16 20:28:26 ----AC---- C:\WINDOWS\System32\yayvVLEu.dll
2008-12-16 20:20:17 ----AC---- C:\WINDOWS\System32\vemktb.dll
2008-12-16 20:20:14 ----A---- C:\WINDOWS\System32\mmmmkgpl.dll
2008-12-16 20:19:43 ----AC---- C:\WINDOWS\System32\opnkkkkl.dll
2008-12-16 18:42:33 ----AC---- C:\WINDOWS\System32\urqRLcYS.dll
2008-12-16 17:35:20 ----AC---- C:\WINDOWS\System32\awtqnkhe.dll
2008-12-16 17:22:03 ----AC---- C:\WINDOWS\System32\geBtSJdE.dll
2008-12-16 17:08:28 ----AC---- C:\WINDOWS\System32\cbXNDUKB.dll
2008-12-16 16:55:18 ----AC---- C:\WINDOWS\System32\opnmKEuU.dll
2008-12-16 16:41:49 ----AC---- C:\WINDOWS\System32\byXQKeEU.dll
2008-12-16 16:28:32 ----AC---- C:\WINDOWS\System32\iifeeFXo.dll
2008-12-16 16:25:57 ----AC---- C:\WINDOWS\System32\nnnmmnKC.dll
2008-12-16 16:15:28 ----AC---- C:\WINDOWS\System32\awttqool.dll
2008-12-16 16:06:48 ----AC---- C:\WINDOWS\System32\cdzyfo.dll
2008-12-16 16:06:47 ----A---- C:\WINDOWS\System32\rhmvfiex.dll
2008-12-16 16:06:09 ----AC---- C:\WINDOWS\System32\byXNfGAT.dll
2008-12-16 16:06:01 ----C---- C:\bluz.exe
2008-12-16 13:11:42 ----A---- C:\WINDOWS\System32\aswBoot.exe
2008-12-15 17:02:09 ----AC---- C:\WINDOWS\System32\kucnhy.dll
2008-12-15 17:02:05 ----A---- C:\WINDOWS\System32\iuqkeopr.dll
2008-12-15 16:53:09 ----AC---- C:\WINDOWS\System32\ljJASmnk.dll
2008-12-14 13:09:58 ----AC---- C:\WINDOWS\System32\sdieni.dll
2008-12-14 13:09:54 ----A---- C:\WINDOWS\System32\biqqdibe.dll
2008-12-14 12:57:03 ----AC---- C:\WINDOWS\System32\hlbamt.dll
2008-12-14 12:57:01 ----A---- C:\WINDOWS\System32\craobcjs.dll
2008-12-13 11:10:13 ----AC---- C:\WINDOWS\System32\gqqaet.dll
2008-12-13 11:10:08 ----A---- C:\WINDOWS\System32\agsmylsj.dll
2008-12-12 08:53:00 ----AC---- C:\WINDOWS\System32\msv.exe
2008-12-10 21:17:13 ----AC---- C:\WINDOWS\System32\ssqPijhG.dll
2008-12-09 10:28:16 ----AC---- C:\WINDOWS\System32\mcrh.tmp
2008-12-09 10:07:11 ----AC---- C:\WINDOWS\System32\13b1ef08-.txt
2008-12-09 10:05:08 ----ASHC---- C:\WINDOWS\System32\QpAcdfii.ini2
2008-12-09 10:05:07 ----ASHC---- C:\WINDOWS\System32\QpAcdfii.ini
2008-12-09 10:05:02 ----AC---- C:\WINDOWS\System32\iifdcApQ.dll
2008-12-09 10:00:03 ----SDC---- C:\WINDOWS\System32\Microsoft
2008-12-08 19:21:24 ----RSHC---- C:\WINDOWS\fxstaller.exe
2008-11-23 06:37:43 ----D---- C:\Program Files\InternetGameBox
======List of files/folders modified in the last 1 months======
2008-12-21 12:31:13 ----RD---- C:\Program Files
2008-12-21 12:29:35 ----DC---- C:\WINDOWS\system32
2008-12-21 12:19:19 ----DC---- C:\WINDOWS\Temp
2008-12-21 12:16:29 ----DC---- C:\WINDOWS\Debug
2008-12-21 12:15:41 ----C---- C:\WINDOWS\System32\hetiguta.dll
2008-12-20 21:36:13 ----AC---- C:\WINDOWS\SchedLgU.Txt
2008-12-20 12:58:31 ----SHC---- C:\boot.ini
2008-12-20 12:58:31 ----AC---- C:\WINDOWS\win.ini
2008-12-20 12:58:31 ----AC---- C:\WINDOWS\system.ini
2008-12-20 12:51:44 ----DC---- C:\WINDOWS
2008-12-19 11:14:00 ----C---- C:\WINDOWS\System32\tejekuru.dll
2008-12-19 11:14:00 ----ASHC---- C:\WINDOWS\System32\bulisazu.dll
2008-12-16 18:44:59 ----DC---- C:\WINDOWS\System32\CatRoot2
2008-12-16 13:13:05 ----DC---- C:\WINDOWS\System32\drivers
2008-12-15 19:23:25 ----ASHC---- C:\WINDOWS\System32\zuwupima.dll
2008-12-15 18:26:27 ----D---- C:\Program Files\eMule
2008-12-15 17:15:12 ----SDC---- C:\WINDOWS\Downloaded Program Files
2008-12-15 16:49:58 ----DC---- C:\WINDOWS\Prefetch
2008-12-11 12:12:52 ----SDC---- C:\WINDOWS\Tasks
2008-12-11 10:47:07 ----ASHC---- C:\WINDOWS\System32\tuzoyono.dll
2008-12-10 22:46:52 ----ASHC---- C:\WINDOWS\System32\nunoruzo.dll
2008-12-09 12:33:08 ----D---- C:\Program Files\MessengerSkinner
2008-12-02 20:59:50 ----D---- C:\Documents and Settings\ludo sab & lina\Application Data\Adobe
2008-12-02 08:59:14 ----SD---- C:\Documents and Settings\ludo sab & lina\Application Data\Microsoft
2008-11-30 11:43:37 ----SHDC---- C:\WINDOWS\Installer
2008-11-24 10:56:06 ----AC---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\System32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\System32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\System32\drivers\aswTdi.sys [2008-11-26 50864]
R1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\System32\DRIVERS\p3.sys [2001-10-04 37632]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\System32\drivers\aswMon2.sys [2008-11-26 94032]
R3 aswRdr;aswRdr; C:\WINDOWS\System32\drivers\aswRdr.sys [2008-11-26 23152]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-04 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-04 12288]
R3 nv4;nv4; C:\WINDOWS\System32\DRIVERS\nv4.sys [2001-08-17 731648]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-04 5888]
R3 usb_rndis;Broadcom USB Remote NDIS Device Driver; C:\WINDOWS\System32\DRIVERS\usb8023.sys [2001-10-04 11136]
R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2001-10-04 50688]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2001-10-04 18944]
R3 VIAudio;Contrôleur audio VIA AC'97 (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2001-08-17 35200]
S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2001-08-17 56448]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2001-08-17 24960]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2001-08-17 21760]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-17 138168]
-----------------EOF-----------------
Adware.gen
