virus trojan à supprimerFermé

Question

Bonjour,
je n'arrive pas à supprimer deux virus! pouvez vous m'aider?

voici mon logfile

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:03:37, on 03/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32	askeng.exe
C:\Windows\system32	askeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\System32undll32.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\system32\shdocvw.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Service Processor] shdocvw.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Windows Service Processor] shdocvw.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O13 - Gopher Prefix: 
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = computer-of-love
O17 - HKLM\Software\..\Telephony: DomainName = computer-of-love
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = computer-of-love
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = computer-of-love
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Lyonnais92 · Answer

Bonjour,

1) quel programme te les décèle et où ?

2) c'est toi qui as mis ça :

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = computer-of-love
O17 - HKLM\Software\..\Telephony: DomainName = computer-of-love
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = computer-of-love
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = computer-of-love 

3) Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : C:\Windows\system32\shdocvw.exe 

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse. 

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

alex · Answer

c'est hijackthis qui les décèle...
pour la deuxieme question, oui c'est moi qui ai mit ca... faut pas?

et voici le rapport :         :s

a-squared 4.0.0.73 2009.01.06 - 
AhnLab-V3 2009.1.5.3 2009.01.06 - 
AntiVir 7.9.0.45 2009.01.05 TR/Dropper.Gen 
Authentium 5.1.0.4 2009.01.05 - 
Avast 4.8.1281.0 2009.01.05 - 
AVG 8.0.0.199 2009.01.05 - 
BitDefender 7.2 2009.01.06 - 
CAT-QuickHeal 10.00 2009.01.06 - 
ClamAV 0.94.1 2009.01.06 - 
Comodo 878 2009.01.05 - 
DrWeb 4.44.0.09170 2009.01.06 - 
eTrust-Vet 31.6.6293 2009.01.06 - 
Ewido 4.0 2008.12.31 - 
F-Prot 4.4.4.56 2009.01.05 - 
F-Secure 8.0.14470.0 2009.01.06 - 
Fortinet 3.117.0.0 2009.01.06 - 
GData 19 2009.01.06 - 
Ikarus T3.1.1.45.0 2009.01.06 - 
K7AntiVirus 7.10.576 2009.01.05 - 
Kaspersky 7.0.0.125 2009.01.06 - 
McAfee 5486 2009.01.05 - 
McAfee+Artemis 5486 2009.01.05 - 
Microsoft 1.4205 2009.01.06 - 
NOD32 3741 2009.01.05 - 
Norman 5.80.02 2009.01.02 W32/Malware.EXGC 
Panda 9.0.0.4 2009.01.05 - 
PCTools 4.4.2.0 2009.01.05 - 
Prevx1 V2 2009.01.06 - 
Rising 21.11.11.00 2009.01.06 - 
SecureWeb-Gateway 6.7.6 2009.01.05 Trojan.Dropper.Gen 
Sophos 4.37.0 2009.01.06 - 
Sunbelt 3.2.1809.2 2008.12.22 - 
Symantec 10 2009.01.06 - 
TheHacker 6.3.1.4.205 2009.01.05 - 
TrendMicro 8.700.0.1004 2009.01.06 - 
VBA32 3.12.8.10 2009.01.05 - 
ViRobot 2009.1.6.1545 2009.01.06 - 
VirusBuster 4.5.11.0 2009.01.05 - 
Information additionnelle 
File size: 63494 bytes 
MD5...: 41243e5f78b2228d61760eba64743b25 
SHA1..: 5721847cba9ec698f9fdafcf5d9a3528c6a55bdd 
SHA256: 431e361ebb59a6550f3bbef45e057052f352798280188738252aa4e063b6185d 
SHA512: 49d175638fab10fea881dbd20997fa7c0e458cdc49632ed68ee69360bcf19092
bf2e8037a9b27dcda7ac88d886f6d35b4d3c30199301a5ecd3d77804f1afb7eb
 
ssdeep: 1536:+4leFZGZ+tfh0CdeH0hKaAO8SSY9rXeJKtptqb93ll:+nGEXdYHuJNSmXeA
tfW1l
 
PEiD..: Armadillo v1.71 
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) 
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x401a90
timedatestamp.....: 0x495054eb (Tue Dec 23 03:03:07 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xc1c 0xe00 5.71 77253574e0d58c18d56c59897ab62818
.rdata 0x2000 0x200 0x200 4.48 624c374834f4905c56a8b9a1bfdeb07a
.data 0x3000 0x23c 0x200 5.10 c99c37acb7904823e8b851d85b6d66c4
.rsrc 0x4000 0xe018 0xe206 7.99 02e7791adc4310cf31dc9e32e4d59af7

( 2 imports ) 
> KERNEL32.dll: GetProcAddress, LoadLibraryA, GetModuleHandleA, GetStartupInfoA
> MSVCRT.dll: exit, _acmdln, __getmainargs, _initterm, __setusermatherr, _XcptFilter, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _exit, _adjust_fdiv

( 0 exports ) 
 
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=41243e5f78b2228d61760eba64743b25' target='_blank'>http://research.sunbelt-software.com/...

Lyonnais92 · Answer

Re,

1) c'est hijackthis qui les décèle..

tu parles de ça :

O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
	

	Effacer à tout prix ! Spyware component related to DownloadWare and found in Program FilesKFH 

et de ça :

O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe

	Ce service (Boonty.exe) semble être méchant. This entry was classified from our visitors as bad.


2) Ouvre le gestionnaire des tâches par Ctrl Alt Suppr

Choisis l'onglet Processus

Fais un clic droit sur shdocvw.exe puis clique sur Terminer le processus. Ignore l'avertissement.

Relance HijackThis.

Choisis Do a scan only

Coche la case devant les lignes suivantes

O4 - HKLM\..\Run: [Windows Service Processor] shdocvw.exe
O4 - HKLM\..\RunServices: [Windows Service Processor] shdocvw.exe

Ferme toutes les fenêtres (hormis HijackThis), y compris ton navigateur.

Clique sur fix checked.

Ferme Hijackthis.

3) Fais redémarrer l'ordi et remets un rapport Hijackthis.

Lyonnais92 · Answer

Re,

1) Télécharge OAD http://sosvirus.changelog.fr/OAD.exe
- Enregistre le sur ton Bureau

Clique droit sur le fichier OAD.exe et sur Propriétés, dans l'onglet Compatibilité, Cadre "Niveau de privilège" il faut cocher "Exécuter ce programme en tant qu'administrateur".

- nom de fichier à rechercher tape ou fais un copier coller de : shdocvw
- Type de recherche : sélectionne l'option 6 puis valide [entree]

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ai terminé.
Le rapport de recherche s'affichera automatiquement à dès qu'il en aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient(e) 

Clique droit sur le fichier OAD.exe et sur Propriétés, dans l'onglet Compatibilité, Cadre "Niveau de privilège" il faut cocher "Exécuter ce programme en tant qu'administrateur".

2) Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
 .

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

Lyonnais92 · Answer

Re,

mets le rapport RSIT.

Pas la peine de chercher à mettre la totalité du rapport OAD.

Lyonnais92 · Answer

Re,

je pourrais avoir les 200 (environ) dernières lignes du rapport RSIT ?

alex · Answer

désolé j'avais mal regardé...

2008-12-23 00:14:45 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2008-12-23 00:14:45 ----A---- C:\Windows\system32\CompatUI.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cmipnpinstall.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cmifw.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cmicryptinstall.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cmdl32.exe
2008-12-23 00:14:45 ----A---- C:\Windows\system32\clfsw32.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\clbcatq.dll
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cipher.exe
2008-12-23 00:14:45 ----A---- C:\Windows\system32\cic.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\consent.exe
2008-12-23 00:14:44 ----A---- C:\Windows\system32\conime.exe
2008-12-23 00:14:44 ----A---- C:\Windows\system32\comuid.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\comsvcs.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\comdlg32.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\comctl32.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\colorui.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\COLORCNV.DLL
2008-12-23 00:14:44 ----A---- C:\Windows\system32\colbact.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\cofiredm.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\cmutil.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\cmstplua.dll
2008-12-23 00:14:44 ----A---- C:\Windows\system32\cmstp.exe
2008-12-23 00:14:44 ----A---- C:\Windows\system32\cmpbk32.dll
2008-12-23 00:14:43 ----A---- C:\Windows\system32\els.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\esentutl.exe
2008-12-23 00:14:42 ----A---- C:\Windows\system32\esentprf.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\esent.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\EncDump.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\efsadu.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\eapsvc.dll
2008-12-23 00:14:42 ----A---- C:\Windows\system32\EAPQEC.DLL
2008-12-23 00:14:42 ----A---- C:\Windows\system32\eappprxy.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fontsub.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fontext.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fmifs.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2008-12-23 00:14:41 ----A---- C:\Windows\system32\FirewallAPI.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\findstr.exe
2008-12-23 00:14:41 ----A---- C:\Windows\system32\findnetprinters.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\filemgmt.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\feclient.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fdWSD.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fdWCN.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fdSSDP.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fdPHost.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fdeploy.dll
2008-12-23 00:14:41 ----A---- C:\Windows\system32\fde.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\extrac32.exe
2008-12-23 00:14:40 ----A---- C:\Windows\system32\ExplorerFrame.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\expand.exe
2008-12-23 00:14:40 ----A---- C:\Windows\system32\evr.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\eventcls.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dpx.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3ui.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3svc.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3msm.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3gpui.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3gpclnt.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3dlg.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3cfg.dll
2008-12-23 00:14:40 ----A---- C:\Windows\system32\dot3api.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dxgi.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dxdiagn.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dxdiag.exe
2008-12-23 00:14:39 ----A---- C:\Windows\system32\DWWIN.EXE
2008-12-23 00:14:39 ----A---- C:\Windows\system32\drmv2clt.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\drmmgrtn.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\driverquery.exe
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dps.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dpnet.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\DpiScaling.exe
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dpapimig.exe
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dnshc.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dnsapi.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmvdsitf.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmutil.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmusic.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmsynth.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmscript.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmocx.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmloader.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmime.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmdskres2.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmdskmgr.dll
2008-12-23 00:14:39 ----A---- C:\Windows\system32\dmdlgs.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\eapphost.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\eappgnui.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\eappcfg.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\eapp3hst.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dxva2.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dxmasf.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dwmredir.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dwmapi.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dwm.exe
2008-12-23 00:14:38 ----A---- C:\Windows\system32\duser.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dsuiext.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dssenh.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dsprop.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dsound.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dskquoui.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dskquota.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dsdmo.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\dsauth.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\drvstore.dll
2008-12-23 00:14:38 ----A---- C:\Windows\system32\drvinst.exe
2008-12-23 00:14:37 ----A---- C:\Windows\system32\dssec.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\dsquery.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\authfwcfg.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\AudioEng.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\audiodg.exe
2008-12-23 00:14:37 ----A---- C:\Windows\system32\audiodev.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\atmfd.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\atl.dll
2008-12-23 00:14:37 ----A---- C:\Windows\system32\AtBroker.exe
2008-12-23 00:14:37 ----A---- C:\Windows\system32\at.exe
2008-12-23 00:14:36 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2008-12-23 00:14:36 ----A---- C:\Windows\system32\AuthFWGP.dll
2008-12-23 00:14:36 ----A---- C:\Windows\system32\auditpol.exe
2008-12-23 00:14:36 ----A---- C:\Windows\system32\audiosrv.dll
2008-12-23 00:14:36 ----A---- C:\Windows\system32\AudioSes.dll
2008-12-23 00:14:36 ----A---- C:\Windows\system32\AUDIOKSE.dll
2008-12-23 00:14:35 ----A---- C:\Windows\system32\bitsadmin.exe
2008-12-23 00:14:35 ----A---- C:\Windows\system32\BFE.DLL
2008-12-23 00:14:35 ----A---- C:\Windows\system32\bcdsrv.dll
2008-12-23 00:14:35 ----A---- C:\Windows\system32\bcdedit.exe
2008-12-23 00:14:35 ----A---- C:\Windows\system32\batt.dll
2008-12-23 00:14:35 ----A---- C:\Windows\system32\basesrv.dll
2008-12-23 00:14:35 ----A---- C:\Windows\system32\basecsp.dll
2008-12-23 00:14:35 ----A---- C:\Windows\bfsvc.exe
2008-12-23 00:14:34 ----A---- C:\Windows\system32\bcrypt.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\bcdprov.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\AzSqlExt.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\azroleui.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\azroles.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\avrt.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\avifil32.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\autoplay.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\autofmt.exe
2008-12-23 00:14:34 ----A---- C:\Windows\system32\autoconv.exe
2008-12-23 00:14:34 ----A---- C:\Windows\system32\autochk.exe
2008-12-23 00:14:34 ----A---- C:\Windows\system32\authz.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\authui.dll
2008-12-23 00:14:34 ----A---- C:\Windows\system32\ACW.exe
2008-12-23 00:14:34 ----A---- C:\Windows\system32\ActionQueue.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\actxprxy.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\activeds.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\aclui.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\accessibilitycpl.dll
2008-12-23 00:14:33 ----A---- C:\Windows\system32\aaclient.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\apss.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\appinfo.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\apphelp.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\apircl.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\apilogen.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\apds.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\amxread.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\amstream.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\advapi32.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\adtschema.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\adsnt.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\adsmsext.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\adsldpc.dll
2008-12-23 00:14:32 ----A---- C:\Windows\system32\adsldp.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\catsrvut.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\catsrv.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\capisp.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\cacls.exe
2008-12-23 00:14:31 ----A---- C:\Windows\system32\cabview.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\cabinet.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\btpanui.dll
2008-12-23 00:14:31 ----A---- C:\Windows\system32\alg.exe
2008-12-23 00:14:30 ----A---- C:\Windows\system32\certutil.exe
2008-12-23 00:14:30 ----A---- C:\Windows\system32\certreq.exe
2008-12-23 00:14:30 ----A---- C:\Windows\system32\certprop.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\certmgr.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\CertEnrollUI.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2008-12-23 00:14:30 ----A---- C:\Windows\system32\CertEnroll.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\certcli.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\bthci.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\browseui.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\browser.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\bridgeunattend.exe
2008-12-23 00:14:30 ----A---- C:\Windows\system32\brcplsdw.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\brcpl.dll
2008-12-23 00:14:30 ----A---- C:\Windows\system32\BOOTVID.DLL
2008-12-23 00:14:30 ----A---- C:\Windows\system32\bootstr.dll
2008-12-23 00:14:29 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-12-23 00:14:29 ----A---- C:\Windows\system32\cfgbkend.dll
2008-12-23 00:14:29 ----A---- C:\Windows\system32\cewmdm.dll
2008-12-23 00:14:29 ----A---- C:\Windows\system32\cdosys.dll
2008-12-23 00:14:28 ----A---- C:\Windows\system32\bootcfg.exe
2008-12-23 00:14:28 ----A---- C:\Windows\system32\blackbox.dll
2008-12-23 00:14:28 ----A---- C:\Windows\system32\bitsigd.dll
2008-12-23 00:14:25 ----A---- C:\Windows\system32\IMJP10K.DLL
2008-12-23 00:14:24 ----A---- C:\Windows\system32\imapi2fs.dll
2008-12-23 00:14:24 ----A---- C:\Windows\system32\imapi2.dll
2008-12-23 00:14:24 ----A---- C:\Windows\system32\imapi.dll
2008-12-23 00:14:24 ----A---- C:\Windows\system32\imagesp1.dll
2008-12-23 00:14:24 ----A---- C:\Windows\system32\imagehlp.dll
2008-12-23 00:14:24 ----A---- C:\Windows\system32\IKEEXT.DLL
2008-12-23 00:14:23 ----A---- C:\Windows\system32\input.dll
2008-12-23 00:14:23 ----A---- C:\Windows\system32\InkEd.dll
2008-12-23 00:14:23 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2008-12-23 00:14:23 ----A---- C:\Windows\system32\inetppui.dll
2008-12-23 00:14:23 ----A---- C:\Windows\system32\inetpp.dll
2008-12-23 00:14:23 ----A---- C:\Windows\system32\inetmib1.dll
2008-12-23 00:14:22 ----A---- C:\Windows\system32\infocardapi.dll
2008-12-23 00:14:22 ----A---- C:\Windows\system32\imm32.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\icaapi.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iassvcs.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iassdo.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iassam.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasrecst.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasrad.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iaspolcy.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasnap.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\IasMigPlugin.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iashost.exe
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iashlpr.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasdatastore.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasads.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\iasacct.dll
2008-12-23 00:14:21 ----A---- C:\Windows\system32\ias.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\ifsutil.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\ifmon.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\idndl.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\icsunattend.exe
2008-12-23 00:14:20 ----A---- C:\Windows\system32\icsfiltr.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\icm32.dll
2008-12-23 00:14:20 ----A---- C:\Windows\system32\icardagt.exe
2008-12-23 00:14:20 ----A---- C:\Windows\system32\httpapi.dll
2008-12-23 00:14:19 ----A---- C:\Windows\system32\icfupgd.dll
2008-12-23 00:14:19 ----A---- C:\Windows\system32\icardres.dll
2008-12-23 00:14:19 ----A---- C:\Windows\system32\icacls.exe
2008-12-23 00:14:19 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2008-12-23 00:14:19 ----A---- C:\Windows\system32\hlink.dll
2008-12-23 00:14:18 ----A---- C:\Windows\system32\hnetmon.dll
2008-12-23 00:14:18 ----A---- C:\Windows\system32\hnetcfg.dll
2008-12-23 00:14:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2008-12-23 00:14:17 ----A---- C:\Windows\system32\ftp.exe
2008-12-23 00:14:17 ----A---- C:\Windows\system32\fsutil.exe
2008-12-23 00:14:17 ----A---- C:\Windows\system32\fsmgmt.msc
2008-12-23 00:14:17 ----A---- C:\Windows\system32\framedyn.dll
2008-12-23 00:14:17 ----A---- C:\Windows\system32\framebuf.dll
2008-12-23 00:14:17 ----A---- C:\Windows\system32\fphc.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\hcrstco.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\hbaapi.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\GuidedHelp.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\fwcfg.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\fundisc.dll
2008-12-23 00:14:16 ----A---- C:\Windows\system32\framedynos.dll
2008-12-23 00:14:16 ----A---- C:\Windows\fveupdate.exe
2008-12-23 00:14:15 ----A---- C:\Windows\system32\getmac.exe
2008-12-23 00:14:15 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2008-12-23 00:14:15 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2008-12-23 00:14:15 ----A---- C:\Windows\system32\gacinstall.dll
2008-12-23 00:14:15 ----A---- C:\Windows\HelpPane.exe
2008-12-23 00:14:14 ----A---- C:\Windows\system32\graftabl.com
2008-12-23 00:14:14 ----A---- C:\Windows\system32\gpupdate.exe
2008-12-23 00:14:14 ----A---- C:\Windows\system32\gpsvc.dll
2008-12-23 00:14:14 ----A---- C:\Windows\system32\gpresult.exe
2008-12-23 00:14:14 ----A---- C:\Windows\system32\gpedit.dll
2008-12-23 00:14:14 ----A---- C:\Windows\system32\gpapi.dll
2008-12-23 00:14:12 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2008-12-23 00:14:12 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2008-12-23 00:14:09 ----A---- C:\Windows\system32\wiaacmgr.exe
2008-12-23 00:14:09 ----A---- C:\Windows\system32\whealogr.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\winusb.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wintrust.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\winsta.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\winsrv.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\WINSRPC.DLL
2008-12-23 00:14:08 ----A---- C:\Windows\system32\WinSAT.exe
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiashext.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiaservc.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiascanprofiles.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiarpc.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiadss.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiadefui.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wiaaut.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wfapigp.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wevtutil.exe
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wevtsvc.dll
2008-12-23 00:14:08 ----A---- C:\Windows\system32\wevtfwd.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\WLanConn.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\wlancfg.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\wlanapi.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\wkssvc.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\wisptis.exe
2008-12-23 00:14:07 ----A---- C:\Windows\system32\WinSCard.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\WinSATAPI.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\winrsmgr.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\wininit.exe
2008-12-23 00:14:07 ----A---- C:\Windows\system32\winhttp.dll
2008-12-23 00:14:07 ----A---- C:\Windows\system32\winethc.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winrshost.exe
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winrscmd.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winrs.exe
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winrm.vbs
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winnsi.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winmm.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\winlogon.exe
2008-12-23 00:14:06 ----A---- C:\Windows\system32\wbemcomn.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\wavemsp.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\WavDest.dll
2008-12-23 00:14:06 ----A---- C:\Windows\system32\waitfor.exe
2008-12-23 00:14:06 ----A---- C:\Windows\system32\w32tm.exe
2008-12-23 00:14:06 ----A---- C:\Windows\system32\w32time.dll
2008-12-23 00:14:05 ----A---- C:\Windows\system32\WebClnt.dll
2008-12-23 00:14:05 ----A---- C:\Windows\system32\wdscore.dll
2008-12-23 00:14:05 ----A---- C:\Windows\system32\VSSVC.exe
2008-12-23 00:14:05 ----A---- C:\Windows\system32\vsstrace.dll
2008-12-23 00:14:05 ----A---- C:\Windows\system32\vssapi.dll
2008-12-23 00:14:05 ----A---- C:\Windows\system32\vssadmin.exe
2008-12-23 00:14:05 ----A---- C:\Windows\system32\vss_ps.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wevtapi.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wermgr.exe
2008-12-23 00:14:04 ----A---- C:\Windows\system32\WerFaultSecure.exe
2008-12-23 00:14:04 ----A---- C:\Windows\system32\WerFault.exe
2008-12-23 00:14:04 ----A---- C:\Windows\system32\werdiagcontroller.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wercplsupport.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wercon.exe
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wer.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wecutil.exe
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wecsvc.dll
2008-12-23 00:14:04 ----A---- C:\Windows\system32\wecapi.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wship6.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wshcon.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wsecedit.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\WSDMon.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\WSDApi.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscsvc.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscproxystub.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscntfy.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscmisetup.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscisvif.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wscapi.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\WpdConns.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wpdbusenum.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wdigest.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wdi.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wdc.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wcnwiz.dll
2008-12-23 00:14:03 ----A---- C:\Windows\system32\wcncsvc.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\ws2_32.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpnpinst.exe
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpdwcn.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\WPDSp.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpdshext.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\WpdMtpUS.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\WpdMtp.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpd_ci.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpcsvc.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpclsp.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpccpl.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\wpcao.dll
2008-12-23 00:14:02 ----A---- C:\Windows\system32\Wpc.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\XPSSHHDR.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\xolehlp.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\xmlprovi.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\xmllite.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\xcopy.exe
2008-12-23 00:14:01 ----A---- C:\Windows\system32\xactsrv.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wzcdlg.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wvc.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wusa.exe
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WUDFx.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WUDFSvc.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WUDFPlatform.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wsqmcons.exe
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wsock32.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\wsnmp32.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WsmWmiPl.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WsmSvc.dll
2008-12-23 00:14:01 ----A---- C:\Windows\system32\WsmRes.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\xwizards.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\xpssvcs.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WUDFHost.exe
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\wtsapi32.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WsmProv.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WsmCl.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WsmAuto.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2008-12-23 00:14:00 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2008-12-23 00:14:00 ----A---- C:\Windows\system32\wmicmiplugin.dll
2008-12-23 00:13:59 ----A---- C:\Windows\system32\wmidx.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wmdrmsdk.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wmdrmdev.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\Wldap32.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlanui.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlansvc.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlansec.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlanpref.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlanmsm.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\WlanMmHC.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\WlanMM.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlanhlp.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\WLanHC.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlangpui.dll
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlanext.exe
2008-12-23 00:13:58 ----A---- C:\Windows\system32\wlandlg.dll
2008-12-23 00:13:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2008-12-23 00:13:57 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2008-12-23 00:13:57 ----A---- C:\Windows\system32\wmpsrcwp.dll
2008-12-23 00:13:57 ----A---- C:\Windows\system32\wmpshell.dll
2008-12-23 00:13:57 ----A---- C:\Windows\system32\wmpmde.dll
2008-12-23 00:13:57 ----A---- C:\Windows\system32\wmdrmnet.dll
2008-12-23 00:13:57 ----A---- C:\Windows\system32\WMASF.DLL
2008-12-23 00:13:57 ----A---- C:\Windows\system32\WMADMOE.DLL
2008-12-23 00:13:57 ----A---- C:\Windows\system32\WMADMOD.DLL
2008-12-23 00:13:57 ----A---- C:\Windows\system32\wlgpclnt.dll
2008-12-23 00:13:56 ----A---- C:\Windows\system32\wow32.dll
2008-12-23 00:13:56 ----A---- C:\Windows\system32\WMVXENCD.DLL
2008-12-23 00:13:56 ----A---- C:\Windows\system32\WMVSENCD.DLL
2008-12-23 00:13:56 ----A---- C:\Windows\system32\WMVSDECD.DLL
2008-12-23 00:13:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2008-12-23 00:13:56 ----A---- C:\Windows\system32\wmvdspa.dll
2008-12-23 00:13:56 ----A---- C:\Windows\system32\WMVDECOD.DLL
2008-12-23 00:13:56 ----A---- C:\Windows\system32\wmploc.DLL
2008-12-23 00:13:55 ----A---- C:\Windows\system32\WMPhoto.dll
2008-12-23 00:13:55 ----A---- C:\Windows\system32\WMPEncEn.dll
2008-12-23 00:13:55 ----A---- C:\Windows\system32\wmpdxm.dll
2008-12-23 00:13:55 ----A---- C:\Windows\system32\wmiprop.dll
2008-12-23 00:13:54 ----A---- C:\Windows\system32\wmpcm.dll
2008-12-23 00:13:54 ----A---- C:\Windows\system32\wmp.dll
2008-12-23 00:13:53 ----A---- C:\Windows\system32\Tabbtn.dll
2008-12-23 00:13:53 ----A---- C:\Windows\system32	2embed.dll
2008-12-23 00:13:53 ----A---- C:\Windows\system32\systeminfo.exe
2008-12-23 00:13:53 ----A---- C:\Windows\system32\systemcpl.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	dh.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	cpmon.ini
2008-12-23 00:13:49 ----A---- C:\Windows\system32	cpmon.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	cpipcfg.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	bssvc.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	bs.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	askschd.dll
2008-12-23 00:13:49 ----A---- C:\Windows\system32	askmgr.exe
2008-12-23 00:13:49 ----A---- C:\Windows\system32	asklist.exe
2008-12-23 00:13:49 ----A---- C:\Windows\system32	askkill.exe
2008-12-23 00:13:48 ----A---- C:\Windows\system32	askeng.exe
2008-12-23 00:13:48 ----A---- C:\Windows\system32	askcomp.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32	apisrv.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32	akeown.exe
2008-12-23 00:13:48 ----A---- C:\Windows\system32	abcal.exe
2008-12-23 00:13:48 ----A---- C:\Windows\system32\TabbtnEx.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32\srrstr.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32\sqmapi.dll
2008-12-23 00:13:48 ----A---- C:\Windows\system32\sqlcese30.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\sstpsvc.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\SSShim.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\ssdpsrv.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\srwmi.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\srvsvc.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\sqlsrv32.dll
2008-12-23 00:13:47 ----A---- C:\Windows\system32\sqlceqp30.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\SysFxUI.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\syncui.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\synceng.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\SyncCenter.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\sxstrace.exe
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spwmp.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spwizres.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spwizimg.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spwizeng.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\sppnp.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spopk.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spoolsv.exe
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spoolss.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\spbcd.dll
2008-12-23 00:13:46 ----A---- C:\Windows\system32\SoundRecorder.exe
2008-12-23 00:13:45 ----A---- C:\Windows\system32\syssetup.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\sysmain.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\syskey.exe
2008-12-23 00:13:45 ----A---- C:\Windows\system32\sxsstore.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\sxs.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\swprv.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\svchost.exe
2008-12-23 00:13:45 ----A---- C:\Windows\system32\sud.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\Storprop.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\stobject.dll
2008-12-23 00:13:45 ----A---- C:\Windows\system32\sti_ci.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\zipfldr.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\xwtpw32.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\usp10.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\userinit.exe
2008-12-23 00:13:44 ----A---- C:\Windows\system32\userenv.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\usercpl.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\user32.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\usbui.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\usbperf.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\usbmon.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\upnphost.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\upnpcont.exe
2008-12-23 00:13:44 ----A---- C:\Windows\system32\upnp.dll
2008-12-23 00:13:44 ----A---- C:\Windows\system32\untfs.dll
2008-12-23 00:13:43 ----A---- C:\Windows\system32\VIDRESZR.DLL
2008-12-23 00:13:43 ----A---- C:\Windows\system32\vga64k.dll
2008-12-23 00:13:43 ----A---- C:\Windows\system32\vga256.dll
2008-12-23 00:13:43 ----A---- C:\Windows\system32\vga.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vfwwdm32.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\version.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\verifier.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\verifier.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdsutil.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdsldr.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdsdyn.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdsbas.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vds_ps.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vds.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdmredir.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\vdmdbg.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\VAN.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\uxtheme.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\uxsms.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\uudf.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\Utilman.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\utildll.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32\TSpkg.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32	rkwks.dll
2008-12-23 00:13:42 ----A---- C:\Windows\system32	racerpt.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\TpmInit.exe
2008-12-23 00:13:42 ----A---- C:\Windows\system32\TMM.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32\umb.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32\ulib.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32\UIHub.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32\TSTheme.exe
2008-12-23 00:13:41 ----A---- C:\Windows\system32	sgqec.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	sddd.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	scupgrd.exe
2008-12-23 00:13:41 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	humbcache.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	hemeui.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	hemecpl.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	ermsrv.dll
2008-12-23 00:13:41 ----A---- C:\Windows\system32	ermmgr.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\unregmp2.exe
2008-12-23 00:13:40 ----A---- C:\Windows\system32\unlodctr.exe
2008-12-23 00:13:40 ----A---- C:\Windows\system32\unbcl.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\unattendedjoin.exe
2008-12-23 00:13:40 ----A---- C:\Windows\system32\unattend.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\UIAutomationCore.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\UI0Detect.exe
2008-12-23 00:13:40 ----A---- C:\Windows\system32\ufat.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\uexfat.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\uDWM.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\ucsvc.exe
2008-12-23 00:13:40 ----A---- C:\Windows\system32	xfw32.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32	xflog.dll
2008-12-23 00:13:40 ----A---- C:\Windows\system32\TsWpfWrp.exe
2008-12-23 00:11:26 ----A---- C:\Windows\system32\cbsra.exe
2008-12-22 23:39:56 ----D---- C:\Program Files\Acronis
2008-12-22 23:31:49 ----D---- C:\Program Files\Microsoft Silverlight
2008-12-22 23:28:22 ----D---- C:\ProgramData\Messenger Plus!
2008-12-22 21:37:35 ----A---- C:\Windows\system32\winipsec.dll
2008-12-22 21:37:35 ----A---- C:\Windows\system32\polstore.dll
2008-12-22 21:37:35 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-12-22 21:37:35 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-12-22 21:35:24 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-22 21:35:23 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-12-22 21:35:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-12-22 21:29:05 ----A---- C:\Windows\system32\psisdecd.dll
2008-12-22 21:29:05 ----A---- C:\Windows\system32\EncDec.dll
2008-12-22 21:24:29 ----A---- C:\Windows\system32\gdi32.dll
2008-12-22 21:19:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-22 21:19:02 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-22 21:19:02 ----A---- C:\Windows\system32\gameux.dll
2008-12-22 21:18:04 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-22 21:16:17 ----A---- C:\Windows\system32\msxml3.dll
2008-12-22 21:16:16 ----A---- C:\Windows\system32\msxml3r.dll
2008-12-22 21:12:36 ----A---- C:\Windows\system32
etapi32.dll
2008-12-22 21:11:36 ----A---- C:\Windows\system32	zres.dll
2008-12-22 21:09:27 ----A---- C:\Windows\system32\shell32.dll
2008-12-22 21:05:21 ----RSH---- C:\Windows\system32\shdocvw.exe
2008-12-22 21:05:21 ----A---- C:\Windows\explorer.exe
2008-12-22 20:59:26 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-12-22 20:59:26 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-12-22 20:59:25 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-12-22 20:59:25 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-12-22 20:59:25 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-12-22 20:59:25 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-12-22 20:59:24 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-12-22 20:59:24 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-12-22 20:59:23 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-12-22 20:59:23 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-12-22 20:59:22 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-12-22 20:59:21 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-12-22 20:59:20 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-12-22 20:59:20 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-12-22 20:59:19 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-12-22 20:59:19 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-12-22 20:59:18 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-12-22 20:59:18 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-12-22 20:59:18 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-12-22 20:59:17 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-12-22 20:59:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-12-22 20:59:16 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-12-22 20:59:16 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-12-22 20:59:15 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-12-22 20:59:15 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-12-22 20:59:14 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-12-22 20:59:14 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-12-22 20:59:13 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-12-22 20:59:13 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-12-22 20:59:12 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-12-22 20:59:12 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-12-22 20:59:11 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-12-22 20:59:11 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-12-22 20:59:10 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-12-22 20:59:10 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-12-22 20:59:09 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-12-22 20:59:09 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-12-22 20:59:09 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-12-22 20:59:08 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-12-22 20:59:08 ----A---- C:\Windows\system32\NlsData0045.dll
2008-12-22 20:59:07 ----A---- C:\Windows\system32\NlsData0049.dll
2008-12-22 20:59:07 ----A---- C:\Windows\system32\NlsData0047.dll
2008-12-22 20:59:07 ----A---- C:\Windows\system32\NlsData0046.dll
2008-12-22 20:59:07 ----A---- C:\Windows\system32\NlsData0039.dll
2008-12-22 20:59:06 ----A---- C:\Windows\system32\NlsData0026.dll
2008-12-22 20:59:06 ----A---- C:\Windows\system32\NlsData0024.dll
2008-12-22 20:59:06 ----A---- C:\Windows\system32\NlsData0022.dll
2008-12-22 20:59:06 ----A---- C:\Windows\system32\NlsData0021.dll
2008-12-22 20:59:06 ----A---- C:\Windows\system32\NlsData0020.dll
2008-12-22 20:59:05 ----A---- C:\Windows\system32\NlsData0027.dll
2008-12-22 20:59:04 ----A---- C:\Windows\system32\NlsData0011.dll
2008-12-22 20:59:04 ----A---- C:\Windows\system32\NlsData0010.dll
2008-12-22 20:59:03 ----A---- C:\Windows\system32\NlsData0018.dll
2008-12-22 20:59:03 ----A---- C:\Windows\system32\NlsData0013.dll
2008-12-22 20:59:03 ----A---- C:\Windows\system32\NlsData0000.dll
2008-12-22 20:59:02 ----A---- C:\Windows\system32\NlsData0019.dll
2008-12-22 20:59:02 ----A---- C:\Windows\system32\NlsData0003.dll
2008-12-22 20:59:02 ----A---- C:\Windows\system32\NlsData0002.dll
2008-12-22 20:59:02 ----A---- C:\Windows\system32\NlsData0001.dll
2008-12-22 20:59:01 ----A---- C:\Windows\system32\NlsData004a.dll
2008-12-22 20:59:01 ----A---- C:\Windows\system32\NlsData0009.dll
2008-12-22 20:59:01 ----A---- C:\Windows\system32\NlsData0007.dll
2008-12-22 20:59:00 ----A---- C:\Windows\system32\NlsData004e.dll
2008-12-22 20:59:00 ----A---- C:\Windows\system32\NlsData004c.dll
2008-12-22 20:59:00 ----A---- C:\Windows\system32\NlsData004b.dll
2008-12-22 20:59:00 ----A---- C:\Windows\system32\NlsData003e.dll
2008-12-22 20:58:59 ----A---- C:\Windows\system32\NlsData002a.dll
2008-12-22 20:58:59 ----A---- C:\Windows\system32\NlsData001b.dll
2008-12-22 20:58:59 ----A---- C:\Windows\system32\NlsData001a.dll
2008-12-22 20:58:57 ----A---- C:\Windows\system32\NlsData001d.dll
2008-12-22 20:58:57 ----A---- C:\Windows\system32\NlsData000c.dll
2008-12-22 20:58:57 ----A---- C:\Windows\system32\NlsData000a.dll
2008-12-22 20:58:56 ----A---- C:\Windows\system32\NlsData000f.dll
2008-12-22 20:58:56 ----A---- C:\Windows\system32\NlsData000d.dll
2008-12-22 20:58:55 ----A---- C:\Windows\system32\NlsData0416.dll
2008-12-22 20:58:55 ----A---- C:\Windows\system32\NlsData0414.dll
2008-12-22 20:58:55 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-12-22 20:58:54 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-12-22 20:58:54 ----A---- C:\Windows\system32\NlsData081a.dll
2008-12-22 20:58:54 ----A---- C:\Windows\system32\NlsData0816.dll
2008-12-22 20:58:53 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-12-22 20:56:11 ----A---- C:\Windows\system32\kbd106n.dll
2008-12-22 20:56:07 ----A---- C:\Windows\system32\winresume.exe
2008-12-22 20:56:07 ----A---- C:\Windows\system32\winload.exe
2008-12-22 20:56:07 ----A---- C:\Windows\system32\srdelayed.exe
2008-12-22 20:56:07 ----A---- C:\Windows\system32\srcore.dll
2008-12-22 20:56:07 ----A---- C:\Windows\system32\srclient.dll
2008-12-22 20:56:07 ----A---- C:\Windows\system32strui.exe
2008-12-22 20:56:06 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-12-22 20:56:06 ----A---- C:\Windows\system32\kd1394.dll
2008-12-22 20:56:06 ----A---- C:\Windows\system32\ci.dll
2008-12-22 20:52:26 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-22 20:52:25 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-22 20:52:25 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-22 20:50:37 ----A---- C:\Windows\system32\win32spl.dll
2008-12-22 20:50:37 ----A---- C:\Windows\system32\printcom.dll
2008-12-22 20:50:20 ----A---- C:\Windows\system32\wshrm.dll
2008-12-22 20:49:07 ----A---- C:\Windows\system32rinstaller.exe
2008-12-22 20:49:07 ----A---- C:\Windows\system32\mfps.dll
2008-12-22 20:49:07 ----A---- C:\Windows\system32\mfpmp.exe
2008-12-22 20:49:07 ----A---- C:\Windows\system32\mferror.dll
2008-12-22 20:49:07 ----A---- C:\Windows\system32\mf.dll
2008-12-22 20:49:06 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-22 20:49:06 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-22 20:49:06 ----A---- C:\Windows\system32\logagent.exe
2008-12-22 20:48:06 ----A---- C:\Windows\system32\INETRES.dll
2008-12-22 20:48:06 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-22 20:47:46 ----A---- C:\Windows\system32\connect.dll
2008-12-22 20:47:09 ----A---- C:\Windows\system32\quartz.dll
2008-12-22 20:46:31 ----D---- C:\Program Files\MSXML 4.0
2008-12-22 20:46:00 ----A---- C:\Windows\system32
toskrnl.exe
2008-12-22 20:46:00 ----A---- C:\Windows\system32
tkrnlpa.exe
2008-12-22 20:45:30 ----A---- C:\Windows\system32\msxml6r.dll
2008-12-22 20:45:30 ----A---- C:\Windows\system32\msxml6.dll
2008-12-22 20:23:48 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-22 20:18:32 ----D---- C:\Program Files\Microsoft
2008-12-22 20:18:04 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-22 20:08:18 ----D---- C:\Program Files\Windows Live
2008-12-22 20:06:21 ----D---- C:\Windows\PCHEALTH
2008-12-22 19:46:04 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-22 19:44:54 ----A---- C:\Windows\system32\wups2.dll
2008-12-22 19:44:54 ----A---- C:\Windows\system32\wucltux.dll
2008-12-22 19:44:54 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-22 19:44:54 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-22 19:43:53 ----A---- C:\Windows\system32\wudriver.dll
2008-12-22 19:43:52 ----A---- C:\Windows\system32\wups.dll
2008-12-22 19:43:52 ----A---- C:\Windows\system32\wuapi.dll
2008-12-22 19:43:01 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-22 19:43:00 ----A---- C:\Windows\system32\wuapp.exe
2008-12-22 19:02:38 ----D---- C:\Users\Utilisateur\AppData\Roaming\Google
2008-12-22 11:26:19 ----D---- C:\Windows\Minidump
2008-12-21 16:09:29 ----D---- C:\Users\Utilisateur\AppData\Roaming\Adobe
2008-12-21 16:08:58 ----D---- C:\Users\Utilisateur\AppData\Roaming\Identities
2008-12-21 16:05:43 ----D---- C:\Users\Utilisateur\AppData\Roaming\Macromedia
2008-12-21 16:04:11 ----D---- C:\Users\Utilisateur\AppData\Roaming\Hewlett-Packard
2008-12-21 16:02:01 ----SD---- C:\Users\Utilisateur\AppData\Roaming\Microsoft
2008-12-21 16:02:01 ----D---- C:\Users\Utilisateur\AppData\Roaming\Media Center Programs
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Modèles
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Menu Démarrer
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Favoris
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Documents
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Bureau
2008-12-21 15:58:27 ----SHD---- C:\ProgramData\Application Data
2008-12-21 15:58:27 ----SHD---- C:\Program Files\Fichiers communs
2008-12-21 15:58:27 ----SHD---- C:\Documents and Settings
2008-12-21 14:53:42 ----D---- C:\Windows\SoftwareDistribution
2008-12-21 14:52:19 ----SHD---- C:\System Volume Information
2008-12-21 14:50:02 ----D---- C:\Windows\Prefetch

======List of files/folders modified in the last 1 months======

2009-01-06 13:35:17 ----D---- C:\Windows\Temp
2009-01-06 13:04:18 ----D---- C:\Windows\System32
2009-01-06 13:04:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-06 13:04:17 ----D---- C:\Windows\inf
2009-01-06 13:00:37 ----D---- C:\Windows\system32\drivers
2009-01-06 12:48:28 ----SHD---- C:\Windows\Installer
2009-01-06 12:48:28 ----D---- C:\ProgramData\Google
2009-01-06 12:48:28 ----D---- C:\Program Files\Google
2009-01-05 18:51:33 ----RD---- C:\Program Files
2009-01-05 18:50:50 ----HD---- C:\ProgramData
2009-01-05 12:07:00 ----RSD---- C:\Windows\assembly
2009-01-05 12:05:08 ----D---- C:\Windows\winsxs
2009-01-05 12:03:40 ----D---- C:\Program Files\Common Files\microsoft shared
2009-01-05 11:30:57 ----D---- C:\ProgramData\Symantec
2009-01-05 11:30:56 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-01-04 17:09:44 ----D---- C:\Program Files\Microsoft Works
2009-01-04 17:09:13 ----D---- C:\Program Files\Microsoft Office
2009-01-04 17:09:07 ----D---- C:\Program Files\Common Files
2009-01-04 17:08:50 ----RSD---- C:\Windows\Fonts
2009-01-04 17:08:38 ----SD---- C:\ProgramData\Microsoft
2009-01-04 17:06:52 ----D---- C:\Windows\ShellNew
2009-01-04 10:54:38 ----D---- C:\WINDOWS
2009-01-02 19:58:42 ----D---- C:\Program Files\Common Files\Adobe
2009-01-02 19:58:37 ----D---- C:\ProgramData\Adobe
2009-01-02 10:48:16 ----D---- C:\Windows\system32\Tasks
2009-01-02 10:44:10 ----D---- C:\Windows\Tasks
2009-01-02 10:40:18 ----D---- C:\Windows\Debug
2008-12-31 18:23:43 ----D---- C:\Windows\system32\catroot2
2008-12-30 18:42:41 ----D---- C:\Windows\system32\WDI
2008-12-28 19:30:08 ----D---- C:\Windows\system32\NDF
2008-12-25 11:35:47 ----SD---- C:\Windows\Downloaded Program Files
2008-12-25 10:27:32 ----D---- C:\Windows\ModemLogs
2008-12-25 10:06:42 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-25 10:06:16 ----D---- C:\Windows\system32\catroot
2008-12-24 19:29:37 ----D---- C:\Windowsescache
2008-12-24 18:48:56 ----D---- C:\Windows\system32\fr-FR
2008-12-24 18:48:56 ----D---- C:\Windows\PolicyDefinitions
2008-12-23 21:00:19 ----D---- C:\Windows\Logs
2008-12-23 18:28:45 ----D---- C:\Windows\system32\LogFiles
2008-12-23 01:25:42 ----D---- C:\Program Files\Internet Explorer
2008-12-23 01:25:41 ----D---- C:\Windows\system32\migration
2008-12-23 01:25:41 ----D---- C:\Windows\system32\en-US
2008-12-23 01:25:24 ----D---- C:\Windows\Microsoft.NET
2008-12-23 01:13:38 ----SHD---- C:\boot
2008-12-23 01:13:37 ----ASH---- C:\Program Files\desktop.ini
2008-12-23 01:03:53 ----D---- C:\Program Files\Windows Calendar
2008-12-23 01:03:52 ----D---- C:\Program Files\Windows Sidebar
2008-12-23 01:03:51 ----D---- C:\Program Files\Movie Maker
2008-12-23 01:03:49 ----D---- C:\Program Files\Windows Mail
2008-12-23 01:03:48 ----D---- C:\Program Files\Windows Media Player
2008-12-23 01:03:47 ----D---- C:\Program Files\Windows Collaboration
2008-12-23 01:03:46 ----D---- C:\Program Files\Windows Journal
2008-12-23 01:03:45 ----D---- C:\Program Files\Windows Photo Gallery
2008-12-23 01:03:33 ----D---- C:\Program Files\Windows Defender
2008-12-23 01:03:33 ----D---- C:\Program Files\Common Files\System
2008-12-23 01:03:32 ----D---- C:\Windows\servicing
2008-12-23 01:03:31 ----D---- C:\Windows\ehome
2008-12-23 01:03:10 ----D---- C:\Windows\MSAgent
2008-12-23 01:03:08 ----D---- C:\Windows\L2Schemas
2008-12-23 01:03:08 ----D---- C:\Windows\IME
2008-12-23 01:03:08 ----D---- C:\Windows\DigitalLocker
2008-12-23 01:03:06 ----D---- C:\Windows\system32\XPSViewer
2008-12-23 01:03:06 ----D---- C:\Windows\system32\ko-KR
2008-12-23 01:03:06 ----D---- C:\Windows\system32\da-DK
2008-12-23 01:03:06 ----D---- C:\Windows\system32\com
2008-12-23 01:03:05 ----D---- C:\Windows\system32\it-IT
2008-12-23 01:03:05 ----D---- C:\Windows\system32\de-DE
2008-12-23 01:03:04 ----D---- C:\Windows\system32\oobe
2008-12-23 01:03:04 ----D---- C:\Windows\system32\el-GR
2008-12-23 01:03:02 ----D---- C:\Windows\system32\sysprep
2008-12-23 01:03:02 ----D---- C:\Windows\system32\fr
2008-12-23 01:02:54 ----D---- C:\Windows\system32\AdvancedInstallers
2008-12-23 01:02:53 ----D---- C:\Windows\system32u-RU
2008-12-23 01:02:53 ----D---- C:\Windows\system32\ias
2008-12-23 01:02:37 ----D---- C:\Windows\system32\sv-SE
2008-12-23 01:02:37 ----D---- C:\Windows\system32\he-IL
2008-12-23 01:02:36 ----D---- C:\Windows\system32\SLUI
2008-12-23 01:02:36 ----D---- C:\Windows\system32\setup
2008-12-23 01:02:36 ----D---- C:\Windows\system32\pt-PT
2008-12-23 01:02:36 ----D---- C:\Windows\system32\hu-HU
2008-12-23 01:02:36 ----D---- C:\Windows\system32\fi-FI
2008-12-23 01:02:36 ----D---- C:\Windows\system32\cs-CZ
2008-12-23 01:02:33 ----D---- C:\Windows\system32\zh-CN
2008-12-23 01:02:33 ----D---- C:\Windows\system32\manifeststore
2008-12-23 01:02:32 ----D---- C:\Windows\system32\zh-TW
2008-12-23 01:02:32 ----D---- C:\Windows\system32\pl-PL
2008-12-23 01:02:32 ----D---- C:\Windows\system32\ja-JP
2008-12-23 01:02:32 ----D---- C:\Windows\system32\es-ES
2008-12-23 01:02:31 ----D---- C:\Windows\system32o-RO
2008-12-23 01:02:26 ----D---- C:\Windows\system32	r-TR
2008-12-23 01:02:25 ----D---- C:\Windows\system32\wbem
2008-12-23 01:02:20 ----D---- C:\Windows\system32
l-NL
2008-12-23 01:02:20 ----D---- C:\Windows\system32
b-NO
2008-12-23 01:02:20 ----D---- C:\Windows\system32\ar-SA
2008-12-23 01:02:14 ----D---- C:\Windows\system32\migwiz
2008-12-23 01:02:12 ----D---- C:\Windows\system32\pt-BR
2008-12-23 01:00:07 ----D---- C:\Windows\AppPatch
2008-12-23 00:59:59 ----D---- C:\Windows\Boot
2008-12-23 00:59:54 ----D---- C:\Windows\system32\Boot
2008-12-23 00:40:17 ----A---- C:\Windows\system32\ifxcardm.dll
2008-12-23 00:40:12 ----A---- C:\Windows\system32\axaltocm.dll
2008-12-22 23:18:48 ----D---- C:\Windows\system32as
2008-12-22 23:18:48 ----D---- C:\Windows\system32\icsxml
2008-12-21 16:09:13 ----SHD---- C:\$RECYCLE.BIN
2008-12-21 16:08:40 ----HD---- C:\System.sav
2008-12-21 16:08:40 ----D---- C:\SwSetup
2008-12-21 16:07:02 ----D---- C:\Windows\system32estore
2008-12-21 16:05:51 ----D---- C:\Windows\system
2008-12-21 16:02:01 ----RD---- C:\Users
2008-12-21 15:58:27 ----D---- C:\Program Files\Windows NT
2008-12-21 15:46:53 ----D---- C:\Windows\SMINST
2008-12-21 14:56:28 ----D---- C:\Windows\panther
2008-12-09 15:24:38 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-06-28 8192]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-12-17 371248]
R1 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-08-25 66952]
R1 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-08-25 81288]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERSimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERSimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERSixdptsk.sys [2006-11-15 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-17 534016]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-11-18 145920]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-19 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-19 206848]
R3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS
vm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS
vlddmkm.sys [2006-12-07 4456416]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS
vsmu.sys [2006-09-15 11520]
R3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\Windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\Windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-15 179256]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-19 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-17 534016]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 R5U870FLx86;R5U870 UVC Lower Filter  ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2006-10-19 73344]
S3 R5U870FUx86;R5U870 UVC Upper Filter  ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2006-10-19 43904]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\Windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;a-squared Anti-Malware Service; C:\Program Files\a-squared Anti-Malware\a2service.exe [2008-12-14 419448]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2006-11-24 270431]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2006-11-24 118877]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2006-12-04 58984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 sdAuxService;PC Tools Auxiliary Service; C:\P

Lyonnais92 · Answer

Re,

on va continuer comme ça :

) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

2) Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau à partir de ce lien :

https://download.cnet.com/Malwarebytes/3000-8022_4-10804572.html

3) A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

4) Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

5) Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

6) MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

7) Dans l'onglet analyse, vérifie que "Exécuter une analyse rapide"  est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

8) MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

9) A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

10) Si des malwares ont été détectés, leur liste s'affiche.
En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

11) MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

12) Ferme MBAM en cliquant sur Quitter.

13) Poste le rapport dans ta réponse

Lyonnais92 · Answer

Re,

alors  fais ceci :

On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


* Vérifie que tu as fermé/désactivé tous les programmes anti-virus, anti-malware ou anti-spyware afin qu'ils n'interfèrent pas avec le travail de ComboFix.

Envoie le contenu de C:\ComboFix.txt dans ta prochaine réponse afin que je l'examine.

alex · Answer

ComboFix 09-01-06.02 - Utilisateur 2009-01-07 17:54:12.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1918.1031 [GMT 1:00] Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2008-12-07 au 2009-01-07 )))))))))))))))))))))))))))))))))))) . 2009-01-07 11:40 . 2009-01-07 11:40 d-------- c:\users\Utilisateur\AppData\Roaming\Malwarebytes 2009-01-07 11:40 . 2009-01-07 11:40 d-------- c:\users\All Users\Malwarebytes 2009-01-07 11:40 . 2009-01-07 11:40 d-------- c:\programdata\Malwarebytes 2009-01-07 11:40 . 2009-01-07 11:40 d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-07 11:40 . 2009-01-04 18:38 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-01-07 11:40 . 2009-01-04 18:38 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-01-06 23:57 . 2009-01-06 23:57 d-------- c:\users\All Users\NVIDIA 2009-01-06 23:57 . 2009-01-06 23:57 d-------- c:\programdata\NVIDIA 2009-01-06 23:52 . 2009-01-07 11:03 42,514 --a------ c:\users\All Users vModes.dat 2009-01-06 23:52 . 2009-01-07 11:03 42,514 --a------ c:\programdata vModes.dat 2009-01-06 23:52 . 2007-01-03 11:20 1,732 --a------ c:\windows\System32\drivers vphy.bin 2009-01-06 13:35 . 2009-01-06 13:35 d-------- C: sit 2009-01-05 18:51 . 2009-01-05 18:52 d-------- c:\program files\a-squared Anti-Malware 2009-01-05 18:50 . 2009-01-06 22:56 d-------- c:\users\All Users\Spybot - Search & Destroy 2009-01-05 18:50 . 2009-01-06 22:56 d-------- c:\programdata\Spybot - Search & Destroy 2009-01-05 18:50 . 2009-01-05 18:51 d-------- c:\program files\Spybot - Search & Destroy 2009-01-05 16:23 . 2009-01-05 16:23 d-------- c:\users\Utilisateur\AppData\Roaming\PC Tools 2009-01-05 16:23 . 2009-01-07 18:01 d-a------ c:\users\All Users\TEMP 2009-01-05 16:23 . 2009-01-07 18:01 d-a------ c:\programdata\TEMP 2009-01-05 16:23 . 2009-01-07 11:26 d-------- c:\program files\Spyware Doctor 2009-01-05 16:23 . 2008-08-25 12:36 81,288 --a------ c:\windows\System32\drivers\iksyssec.sys 2009-01-05 16:23 . 2008-08-25 12:36 66,952 --a------ c:\windows\System32\drivers\iksysflt.sys 2009-01-05 16:23 . 2008-08-25 12:36 40,840 --a------ c:\windows\System32\drivers\ikfilesec.sys 2009-01-05 16:23 . 2008-06-02 16:19 29,576 --a------ c:\windows\System32\drivers\kcom.sys 2009-01-05 13:38 . 2009-01-05 15:52 d-------- c:\users\Utilisateur\AppData\Roaming\vlc 2009-01-05 13:37 . 2009-01-05 13:37 d-------- c:\program files\VideoLAN 2009-01-05 13:28 . 2009-01-05 13:28 d-------- c:\program files\Matroska Playback Pack 2009-01-05 13:23 . 2009-01-05 13:23 d-------- c:\users\Utilisateur\AppData\Roaming\Media Player Classic 2009-01-05 13:23 . 2009-01-05 13:23 d-------- c:\program files\Media Player Classic 2009-01-05 13:18 . 2009-01-05 13:18 d-------- c:\users\Utilisateur\AppData\Roaming\CyberLink 2009-01-04 17:08 . 2009-01-04 17:08 d-------- c:\program files\Microsoft.NET 2009-01-04 17:05 . 2009-01-05 12:09 d-------- c:\users\All Users\Microsoft Help 2009-01-04 17:05 . 2009-01-05 12:09 d-------- c:\programdata\Microsoft Help 2009-01-04 17:03 . 2009-01-04 17:03 dr-h----- C:\MSOCache 2009-01-04 16:40 . 2009-01-04 16:40 d-------- c:\users\Utilisateur\AppData\Roaming\Template 2009-01-04 16:40 . 2009-01-04 16:40 0 --a------ c:\users\Utilisateur\AppData\Roaming\wklnhst.dat 2009-01-03 18:49 . 2009-01-03 18:49 d--h----- c:\windows\Icons 2009-01-03 18:03 . 2009-01-03 18:03 d-------- c:\program files\Trend Micro 2009-01-02 10:44 . 2009-01-02 10:44 d-------- c:\users\Utilisateur\AppData\Roaming\TuneUp Software 2009-01-02 10:44 . 2009-01-02 10:44 603,904 --a------ c:\windows\System32\TUProgSt.exe 2009-01-02 10:44 . 2009-01-02 10:44 360,192 --a------ c:\windows\System32\TuneUpDefragService.exe 2009-01-02 10:44 . 2008-12-11 13:31 27,904 --a------ c:\windows\System32\uxtuneup.dll 2009-01-02 10:44 . 2008-12-11 13:31 17,152 --a------ c:\windows\System32\authuitu.dll 2009-01-02 10:43 . 2009-01-02 10:43 d-------- c:\users\All Users\TuneUp Software 2009-01-02 10:43 . 2009-01-02 10:43 d--hs---- c:\users\All Users\{55A29068-F2CE-456C-9148-C869879E2357} 2009-01-02 10:43 . 2009-01-02 10:43 d-------- c:\programdata\TuneUp Software 2009-01-02 10:43 . 2009-01-02 10:43 d--hs---- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357} 2009-01-02 10:43 . 2009-01-02 10:44 d-------- c:\program files\TuneUp Utilities 2009 2009-01-02 10:33 . 2009-01-02 10:33 d-------- c:\program files\CCleaner 2009-01-01 13:24 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys 2009-01-01 12:26 . 2009-01-01 12:26 d-------- c:\program files\Alwil Software 2009-01-01 12:15 . 2009-01-01 12:15 2 --a------ C:\339834068 2009-01-01 12:14 . 2009-01-01 12:14 108,336 --a------ c:\windows\System32\mswinsck.ocx 2008-12-28 15:40 . 2008-12-28 15:40 d-------- c:\users\Utilisateur\AppData\Roaming\HP 2008-12-28 15:40 . 2008-12-28 15:40 d-------- c:\users\All Users\HP 2008-12-28 15:40 . 2008-12-28 15:40 d-------- c:\programdata\HP 2008-12-25 11:31 . 2008-12-25 11:31 d-------- c:\users\All Users\BOONTY 2008-12-25 11:31 . 2008-12-25 11:31 d-------- c:\programdata\BOONTY 2008-12-25 11:30 . 2008-12-25 11:30 d-------- C:\Boonty 2008-12-25 10:28 . 2008-12-25 10:28 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2008-12-25 10:06 . 2008-12-25 10:06 d-------- c:\users\All Users\BVRP Software 2008-12-25 10:06 . 2008-12-25 10:06 d-------- c:\programdata\BVRP Software 2008-12-25 10:06 . 2008-12-25 10:08 d-------- c:\program files\Avanquest update 2008-12-25 10:02 . 2008-12-25 10:02 d-------- c:\users\Utilisateur\AppData\Roaming\InstallShield 2008-12-25 10:02 . 2008-12-25 10:02 d-------- c:\users\All Users\Sony Ericsson 2008-12-25 10:02 . 2008-12-25 10:02 d-------- c:\programdata\Sony Ericsson 2008-12-25 10:02 . 2008-12-25 10:02 d-------- c:\program files\Sony Ericsson 2008-12-25 10:02 . 2007-12-10 14:22 110,632 --a------ c:\windows\System32\drivers\s3017mdm.sys 2008-12-25 10:02 . 2007-12-10 14:22 110,120 --a------ c:\windows\System32\drivers\s3017unic.sys 2008-12-25 10:02 . 2007-12-10 14:22 104,616 --a------ c:\windows\System32\drivers\s3017mgmt.sys 2008-12-25 10:02 . 2007-12-10 14:22 100,648 --a------ c:\windows\System32\drivers\s3017obex.sys 2008-12-25 10:02 . 2007-12-10 14:22 83,880 --a------ c:\windows\System32\drivers\s3017bus.sys 2008-12-25 10:02 . 2007-12-10 14:22 25,512 --a------ c:\windows\System32\drivers\s3017nd5.sys 2008-12-25 10:02 . 2007-12-10 14:22 15,016 --a------ c:\windows\System32\drivers\s3017mdfl.sys 2008-12-25 10:02 . 2007-12-10 14:22 12,200 --a------ c:\windows\System32\drivers\s3017whnt.sys 2008-12-25 10:02 . 2007-12-10 14:22 12,200 --a------ c:\windows\System32\drivers\s3017wh.sys 2008-12-25 10:02 . 2007-12-10 14:22 12,200 --a------ c:\windows\System32\drivers\s3017cmnt.sys 2008-12-25 10:02 . 2007-12-10 14:22 12,200 --a------ c:\windows\System32\drivers\s3017cm.sys 2008-12-25 10:02 . 2007-12-10 14:22 10,792 --a------ c:\windows\System32\drivers\s3017cr.sys 2008-12-24 22:45 . 2008-12-24 22:45 1,390,730 --a------ c:\windows\System32\AutoPartNt.exe 2008-12-24 22:45 . 2008-12-24 22:46 1,024 --a------ c:\windows\System32\AutoPartNt.let 2008-12-24 22:34 . 2008-12-24 22:34 d-------- c:\program files\Common Files\Acronis 2008-12-24 19:19 . 2008-12-24 19:19 d-------- c:\users\All Users\Acronis 2008-12-24 19:19 . 2008-12-24 19:19 d-------- c:\programdata\Acronis 2008-12-23 22:08 . 2008-12-23 22:08 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-12-23 20:08 . 2009-01-05 16:36 d-------- c:\users\Utilisateur\AppData\Roaming\Azureus 2008-12-23 20:08 . 2008-12-23 20:08 d-------- c:\users\All Users\Azureus 2008-12-23 20:08 . 2008-12-23 20:08 d-------- c:\programdata\Azureus 2008-12-23 20:08 . 2008-12-23 20:08 d-------- c:\program files\Vuze 2008-12-23 01:20 . 2008-08-22 10:57 156,160 --a------ c:\windows\System32\msls31.dll 2008-12-23 01:20 . 2008-08-22 11:06 72,704 --a------ c:\windows\System32\admparse.dll 2008-12-23 01:20 . 2008-08-22 11:04 66,560 --a------ c:\windows\System32 dc.ocx 2008-12-23 01:20 . 2008-08-22 11:04 48,128 --a------ c:\windows\System32\mshtmler.dll 2008-12-23 01:20 . 2008-08-22 11:07 18,944 --a------ c:\windows\System32\corpol.dll 2008-12-23 00:59 . 2008-12-23 00:59 d-------- C:\PerfLogs 2008-12-23 00:32 . 2008-12-23 00:09 152,576 --a------ c:\windows\System32\SPWizUI.dll 2008-12-23 00:32 . 2008-12-23 00:09 47,560 --a------ c:\windows\System32\SPReview.exe 2008-12-23 00:17 . 2008-01-18 23:33 193,024 --a------ c:\windows\System32 ecdisc.exe 2008-12-23 00:17 . 2008-01-18 23:36 6,656 --a------ c:\windows\System32\sdspres.dll 2008-12-23 00:16 . 2008-01-18 23:33 599,552 --a------ c:\windows\System32\vsp1cln.exe 2008-12-23 00:16 . 2008-01-18 23:36 142,336 --a------ c:\windows\System32\spp.dll 2008-12-23 00:16 . 2008-01-18 23:36 28,160 --a------ c:\windows\System32\sxproxy.dll 2008-12-23 00:14 . 2008-01-18 23:38 4,595,712 --a------ c:\windows\System32\AuthFWSnapin.dll 2008-12-23 00:11 . 2008-01-18 23:33 44,032 --a------ c:\windows\System32\cbsra.exe 2008-12-23 00:09 . 2008-12-23 00:34 196,608 --a------ c:\windows\SPInstall.etl 2008-12-22 23:40 . 2008-12-24 22:35 114,048 --a------ c:\windows\System32\drivers\snapman.sys 2008-12-22 23:39 . 2008-12-22 23:39 d-------- c:\program files\Acronis 2008-12-22 23:31 . 2008-12-22 23:31 d-------- c:\program files\Microsoft Silverlight 2008-12-22 23:28 . 2008-12-22 23:28 d-------- c:\users\All Users\Messenger Plus! 2008-12-22 23:28 . 2008-12-22 23:28 d-------- c:\programdata\Messenger Plus! 2008-12-22 21:37 . 2008-12-22 21:37 361,984 --a------ c:\windows\System32\IPSECSVC.DLL 2008-12-22 21:37 . 2008-12-22 21:37 272,896 --a------ c:\windows\System32\polstore.dll 2008-12-22 21:37 . 2008-12-22 21:37 61,440 --a------ c:\windows\System32\winipsec.dll 2008-12-22 21:37 . 2008-12-22 21:37 28,672 --a------ c:\windows\System32\FwRemoteSvr.dll 2008-12-22 21:36 . 2008-12-22 21:36 1,820 --a------ c:\windows\System32 asctrnm.h 2008-12-22 21:35 . 2008-12-22 21:35 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll 2008-12-22 21:35 . 2008-12-22 21:35 160,768 --a------ c:\windows\System32\PortableDeviceTypes.dll 2008-12-22 21:35 . 2008-12-22 21:35 94,720 --a------ c:\windows\System32\PortableDeviceClassExtension.dll 2008-12-22 21:29 . 2008-12-22 21:29 428,544 --a------ c:\windows\System32\EncDec.dll 2008-12-22 21:29 . 2008-12-22 21:29 293,376 --a------ c:\windows\System32\psisdecd.dll 2008-12-22 21:29 . 2008-12-22 21:29 217,088 --a------ c:\windows\System32\psisrndr.ax 2008-12-22 21:29 . 2008-12-22 21:29 177,664 --a------ c:\windows\System32\mpg2splt.ax 2008-12-22 21:29 . 2008-12-22 21:29 80,896 --a------ c:\windows\System32\MSNP.ax 2008-12-22 21:29 . 2008-12-22 21:29 69,632 --a------ c:\windows\System32\Mpeg2Data.ax 2008-12-22 21:29 . 2008-12-22 21:29 57,856 --a------ c:\windows\System32\MSDvbNP.ax . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-06 11:48 --------- d-----w c:\program files\Google 2009-01-05 10:30 --------- d-----w c:\programdata\Symantec 2009-01-05 10:30 --------- d-----w c:\program files\Common Files\Symantec Shared 2009-01-04 16:09 --------- d-----w c:\program files\Microsoft Works 2009-01-02 18:58 --------- d-----w c:\program files\Common Files\Adobe 2008-12-25 09:06 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-23 00:13 174 --sha-w c:\program files\desktop.ini 2008-12-23 00:03 --------- d-----w c:\program files\Windows Sidebar 2008-12-23 00:03 --------- d-----w c:\program files\Windows Photo Gallery 2008-12-23 00:03 --------- d-----w c:\program files\Windows Mail 2008-12-23 00:03 --------- d-----w c:\program files\Windows Journal 2008-12-23 00:03 --------- d-----w c:\program files\Windows Defender 2008-12-23 00:03 --------- d-----w c:\program files\Windows Collaboration 2008-12-23 00:03 --------- d-----w c:\program files\Windows Calendar 2008-12-22 23:40 82,432 ----a-w c:\windows\System32\axaltocm.dll 2008-12-22 23:40 101,888 ----a-w c:\windows\System32\ifxcardm.dll 2008-12-22 20:19 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll 2008-12-22 20:19 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll 2008-12-22 20:19 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll 2008-12-22 20:19 2,560 ----a-w c:\windows\AppPatch\AcRes.dll 2008-12-22 20:19 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll 2008-12-22 20:19 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll 2008-12-22 19:58 801,280 ----a-w c:\windows\System32\NaturalLanguage6.dll 2008-12-22 19:58 6,917,120 ----a-w c:\windows\System32\NlsLexicons0c1a.dll 2008-12-22 19:58 4,495,360 ----a-w c:\windows\System32\NlsData0816.dll 2008-12-22 19:58 4,495,360 ----a-w c:\windows\System32\NlsData0416.dll 2008-12-22 19:58 4,495,360 ----a-w c:\windows\System32\NlsData0414.dll 2008-12-22 19:58 4,495,360 ----a-w c:\windows\System32\NlsData001d.dll 2008-12-22 19:58 2,643,456 ----a-w c:\windows\System32\NlsData000c.dll 2008-12-22 19:58 2,342,912 ----a-w c:\windows\System32\NlsData000d.dll 2008-12-22 19:58 1,965,056 ----a-w c:\windows\System32\NlsData0c1a.dll 2008-12-22 19:58 1,965,056 ----a-w c:\windows\System32\NlsData081a.dll 2008-12-22 19:58 1,965,056 ----a-w c:\windows\System32\NlsData001b.dll 2008-12-22 19:58 1,965,056 ----a-w c:\windows\System32\NlsData001a.dll 2008-12-22 19:58 1,965,056 ----a-w c:\windows\System32\NlsData000f.dll 2008-12-21 14:58 --------- d-sh--w c:\programdata\Modèles 2008-12-21 14:58 --------- d-sh--w c:\programdata\Menu Démarrer 2008-12-21 14:58 --------- d-sh--w c:\programdata\Favoris 2008-12-21 14:58 --------- d-sh--w c:\programdata\Documents 2008-12-21 14:58 --------- d-sh--w c:\programdata\Bureau 2008-12-21 14:58 --------- d-sh--w c:\programdata\Application Data 2008-12-21 14:58 --------- d-sh--w c:\program files\Fichiers communs 2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 2156368] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-06 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-12-02 167936] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-11-06 159744] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2006-10-18 317152] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 472800] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264] "a-squared"="c:\program files\a-squared Anti-Malware\a2guard.exe" [2008-12-14 2782352] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704] "Windows Service Processor"="shdocvw.exe" [2008-12-22 c:\windows\System32\shdocvw.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "Windows Service Processor"="shdocvw.exe" [2008-12-22 c:\windows\System32\shdocvw.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion un-] "WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion un-] "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe "HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{99A15342-19AD-4E5C-A919-38CF73877D4A}"= UDP:c:\program files\HP\QuickPlay\QP.exe:QP "{F0A27DAD-A71E-436D-BC91-D7848825ACEF}"= TCP:c:\program files\HP\QuickPlay\QP.exe:QP "TCP Query User{69ED9FA7-8AA4-4793-A6B3-F90DCBD03832}c:\program files\vuze\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus "UDP Query User{7ECEE20F-5190-472F-89A0-3A93D41B2518}c:\program files\vuze\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus "{1AA62717-FC4C-4AFF-B59C-2DEAB15ADB6B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F42E53CE-3A69-4030-86F2-02719AD51ED8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{67EFBFC0-DD8F-4B5E-A860-CD03F351AD76}c:\program files\vuze\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus "UDP Query User{FA4FB1C9-21F5-47C4-B93D-CA9E983D629F}c:\program files\vuze\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "$Œ¨vx@öv"= $Œ¨vx@öv:*:Enabled:Windows Service Processor R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-01-01 111184] R4 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-01-01 20560] R4 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-01-01 51792] R4 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-01-05 356920] R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-01-02 603904] S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [2006-10-19 73344] S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [2006-10-19 43904] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\System32\drivers\s3017bus.sys [2008-12-25 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\System32\drivers\s3017mdfl.sys [2008-12-25 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\System32\drivers\s3017mdm.sys [2008-12-25 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s3017mgmt.sys [2008-12-25 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\System32\drivers\s3017nd5.sys [2008-12-25 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\System32\drivers\s3017obex.sys [2008-12-25 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\System32\drivers\s3017unic.sys [2008-12-25 110120] S4 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service;c:\program files\Common Files\Acronis\Partition Suite\oss_reinstall_svc.exe [2007-03-09 2235793] --- Other Services/Drivers In Memory --- *Deregistered* - mchInjDrv HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3278e38f-cf66-11dd-a3a8-806e6f6e6963}] \shell\AutoRun\command - E:\Start.exe . Contenu du dossier 'Tâches planifiées' 2009-01-07 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04] 2009-01-07 c:\windows\Tasks\User_Feed_Synchronization-{BC15957C-856C-4294-8592-9A47F1994B75}.job - c:\windows\system32\msfeedssync.exe [2008-08-22 11:05] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.google.fr/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=71&bd=Pavilion&pf=laptop . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-07 18:01:31 Windows 6.0.6001 Service Pack 1 NTFS detected NTDLL code modification: ZwClose Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'Explorer.exe'(4568) c:\windows\System32\msxml3.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32 vvsvc.exe c:\windows\System32\audiodg.exe c:\windows\System32 undll32.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\a-squared Anti-Malware\a2service.exe c:\program files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\windows\System32\drivers\XAudio.exe c:\program files\HP\QuickPlay\Kernel\TV\CLSched.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\System32\conime.exe c:\program files\Alwil Software\Avast4\ashDisp.exe c:\windows\System32 undll32.exe c:\windows\ehome\ehmsas.exe c:\progra~1\HEWLET~1\Shared\HPQTOA~1.EXE c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe . ************************************************************************** . Heure de fin: 2009-01-07 18:07:41 - La machine a redémarré ComboFix-quarantined-files.txt 2009-01-07 17:06:07 Avant-CF: 43 035 607 040 octets libres Après-CF: 42,561,544,192 octets libres 321 --- E O F --- 2009-01-06 22:52:58

Lyonnais92 · Answer

Re,

Rends toi sur ce site :

https://www.virustotal.com/gui/

Clique sur parcourir et cherche ce fichier : c:\WINDOWS\winsxs\x86_microsoft-windows-shdocvw_31bf3856ad364e35_6.0.6001.18000_none_e774ed850be62dd0\shdocvw.dll 

Clique sur Send File.

Un rapport va s'élaborer ligne à ligne.

Attends la fin. Il doit comprendre la taille du fichier envoyé.

Sauvegarde le rapport avec le bloc-note.

Copie le dans ta réponse. 

Si VirusTotal indique que le fichier a déjà été analysé, cliquer sur le bouton Reanalyse le fichier maintenant

alex · Answer

File size: 1067520 bytes 
MD5...: 86b89709bdfc7a59d566590cc30cdbb1 
SHA1..: aa2fa1674d9a281d33c88f8d242357b13dde888b 
SHA256: d462611aa108d46166cce71430f9500b9eaedd1b52f2144bea34e689c9b41315 
SHA512: c41766d3aeef5446fe4b1a9f74cfe5ac0eb58653307f541018427ec896676079
d8a2832fd17d98d8c7f6c6f80bb2d9971f6fd9982c51af80602422e8b5e433c7
 
ssdeep: 12288:MdKGHCO9r8LkY/YERoeDszyl48pvZ/uqPWbbwWRHsz6CIr5xu6m9sm:9/L
dwUoopZGqELRq5Ilk
 
PEiD..: - 
TrID..: File type identification
DirectShow filter (47.4%)
Windows OCX File (29.1%)
Win32 EXE PECompact compressed (generic) (9.7%)
Win32 Executable MS Visual C++ (generic) (8.8%)
Win32 Executable Generic (2.0%) 
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x711d5af9
timedatestamp.....: 0x4791a756 (Sat Jan 19 07:31:34 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x56fac 0x57000 6.50 f092958fe9f883f624650b09f724f885
.data 0x58000 0x15b0 0x1400 2.89 bf3c2036be91b46340db8705be910f92
.rsrc 0x5a000 0xa80f8 0xa8200 5.41 2ea71a8dfe71cc1a03a2651c1d4b6197
.reloc 0x103000 0x3ee0 0x4000 6.65 0c7bb1334257b6e5dfacc7d494cd56ea

( 7 imports ) 
> SHELL32.dll: DragQueryFileW, -, SHBindToFolderIDListParentEx, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHChangeNotify, SHSetTemporaryPropertyForItem, SHBindToFolderIDListParent, -, -, -, SHCreateShellItemArrayFromDataObject, -, SHGetIconOverlayIndexW, SHCreateItemWithParent, -, SHBrowseForFolderW, SHFileOperationW, -, SHGetPathFromIDListW, SHBindToParent, -, -, -, SHGetSpecialFolderLocation, SHCreateItemFromIDList, SHCreateShellItemArrayFromIDLists, SHGetTemporaryPropertyForItem, -, -, -, -, -, ShellExecuteW, ExtractIconExW, SHGetFileInfoW, -, -, SHGetSpecialFolderPathW, -, -, SHBindToObject, -, -, SHParseDisplayName, -, -, ShellExecuteExW, -, -, -, SHEvaluateSystemCommandTemplate
> SHLWAPI.dll: SHSetValueW, -, -, -, SHDeleteKeyW, -, StrTrimW, PathStripToRootW, PathIsUNCServerShareW, -, -, PathAppendW, -, PathFindFileNameW, PathFindExtensionW, -, -, StrCmpIW, -, -, StrPBrkW, -, GetMenuPosFromID, -, PathIsRelativeW, -, -, -, StrRetToStrW, -, -, -, PathIsUNCW, -, -, PathRemoveFileSpecW, -, -, -, -, PathIsContentTypeW, UrlUnescapeW, HashData, -, UrlCanonicalizeW, PathCombineW, UrlCreateFromPathW, UrlApplySchemeW, SHEnumValueW, -, UrlGetPartW, PathCreateFromUrlAlloc, -, PathCanonicalizeW, -, -, -, SHCreateShellPalette, -, -, PathGetDriveNumberW, -, -, -, -, -, StrRetToBufW, -, -, -, SHQueryValueExW, -, -, -, SHOpenRegStream2W, -, StrToIntW, UrlCombineW, PathIsURLW, -, -, -, -, UrlGetLocationW, StrCmpW, SHRegGetValueW, StrCmpNW, -, StrChrW, SHGetValueW, PathUndecorateW, AssocIsDangerous, -, PathParseIconLocationW, AssocGetPerceivedType, -, -, -, -, -, -, -, SHStrDupW, -, -, -, -, -, -, -, -, -, -, -, -, PathCreateFromUrlW, -, -, -, StrStrW, StrCmpNIW, StrStrIW, StrDupW, -, -, -, StrFormatByteSizeW, AssocQueryStringW
> msvcrt.dll: _adjust_fdiv, _amsg_exit, _initterm, _XcptFilter, _wcsicmp, memmove, memcpy, realloc, free, malloc, memset, _vsnwprintf, _except_handler4_common
> KERNEL32.dll: GetCurrentDirectoryW, CreateProcessW, GetSystemTimeAsFileTime, QueryPerformanceCounter, CreateMutexW, LocalReAlloc, ResetEvent, GlobalSize, CreateJobObjectW, AssignProcessToJobObject, ResumeThread, GetProcessId, CreateIoCompletionPort, SetInformationJobObject, GetQueuedCompletionStatus, DeactivateActCtx, ActivateActCtx, ReleaseActCtx, CreateActCtxW, CompareStringW, DelayLoadFailureHook, GlobalLock, GlobalUnlock, GetUserDefaultUILanguage, InterlockedExchange, GetLocaleInfoW, LoadLibraryA, InterlockedCompareExchange, WideCharToMultiByte, GetCurrentProcessId, OpenMutexA, SetEvent, WaitForSingleObject, TerminateThread, lstrcmpA, DisableThreadLibraryCalls, TlsAlloc, TlsFree, HeapFree, GetProcessHeap, HeapAlloc, SetLastError, RaiseException, GetCurrentProcess, FlushInstructionCache, GlobalFree, GetVersionExA, lstrcmpiW, GetTempPathW, lstrcmpW, CreateEventW, GetCurrentThreadId, CreateThread, GetUserDefaultLCID, GetThreadUILanguage, GetSystemDefaultLCID, lstrlenA, MultiByteToWideChar, FormatMessageW, GetModuleFileNameW, GlobalAlloc, GetModuleHandleW, LocalFree, LocalAlloc, GetTickCount, HeapDestroy, EnterCriticalSection, LeaveCriticalSection, DeleteCriticalSection, InitializeCriticalSection, VirtualQuery, GetSystemInfo, VirtualAlloc, VirtualProtect, GetVersionExW, InterlockedDecrement, CloseHandle, GetProcAddress, lstrlenW, FreeLibrary, GetLastError, GetSystemDirectoryW, LoadLibraryW, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, Sleep, VirtualFree, InterlockedIncrement
> GDI32.dll: GetLayout, SelectObject, GetTextExtentPoint32W, SetBkColor, SetTextColor, CreateFontIndirectW, CreateRectRgnIndirect, CreatePalette, DeleteObject, GetStockObject, SelectPalette, RealizePalette, GetObjectW, GetPaletteEntries, SetPaletteEntries, LPtoDP, SaveDC, SetMapMode, SetWindowOrgEx, SetViewportOrgEx, DeleteDC, RestoreDC, CreateDCW, ExtTextOutW, GetDeviceCaps
> USER32.dll: GetCapture, GetFocus, IsWindowVisible, LoadStringW, EndMenu, MapWindowPoints, EnableWindow, GetDlgItem, DestroyIcon, GetDoubleClickTime, SendDlgItemMessageW, LoadIconW, SetWindowTextW, CheckDlgButton, IsDlgButtonChecked, SetWindowPlacement, GetWindowPlacement, IntersectRect, OffsetRect, GetLastActivePopup, IsCharAlphaNumericW, MessageBoxW, CharUpperW, GetSystemMetrics, SystemParametersInfoA, GetWindowTextW, CreatePopupMenu, EqualRect, DrawIconEx, GetSysColor, SetClipboardViewer, ChangeClipboardChain, MoveWindow, ScreenToClient, WindowFromPoint, GetCursorPos, RegisterClassExW, wsprintfW, GetClassInfoExW, SetWindowRgn, DrawTextW, GetKeyState, IsChild, CreateWindowExW, LoadImageW, SystemParametersInfoW, DestroyMenu, IsRectEmpty, GetAsyncKeyState, SetMenuDefaultItem, EnableMenuItem, DeleteMenu, TrackPopupMenu, GetMenuDefaultItem, GetMessagePos, SetRectEmpty, CopyRect, EndPaint, BeginPaint, GetDlgCtrlID, EnumWindows, GetWindowThreadProcessId, IsHungAppWindow, GetForegroundWindow, GetActiveWindow, FindWindowW, RegisterClipboardFormatW, CharNextW, DispatchMessageW, TranslateMessage, SendMessageTimeoutW, PeekMessageW, GetMenuItemInfoW, GetMenuItemCount, RemoveMenu, GetMonitorInfoW, MonitorFromRect, PostQuitMessage, MsgWaitForMultipleObjects, GetClassNameW, GetKeyboardLayout, MonitorFromWindow, GetShellWindow, InsertMenuW, GetMenuStringW, GetMenuItemID, ActivateKeyboardLayout, DrawTextExW, GetWindowDC, RegisterWindowMessageW, SetWindowPos, KillTimer, SetRect, GetClientRect, SetForegroundWindow, ShowWindow, LoadCursorW, SetCursor, GetParent, SetFocus, IsWindowEnabled, SetTimer, GetWindowRect, GetWindowLongA, SendMessageW, PostMessageW, GetAncestor, IsIconic, InvalidateRect, DestroyAcceleratorTable, DestroyWindow, DefWindowProcW, GetDC, CallWindowProcW, UnionRect, PtInRect, IsWindow, GetWindowLongW, EndDialog, SetWindowLongW, SetDlgItemTextW, CreateDialogParamW, DialogBoxParamW, ReleaseDC
> ADVAPI32.dll: TraceMessage, RegQueryInfoKeyW, RegEnumValueW, RegDeleteValueW, RegQueryValueW, EventRegister, EventUnregister, UnregisterTraceGuids, RegisterTraceGuidsW, GetTraceLoggerHandle, GetTraceEnableLevel, GetTraceEnableFlags, GetUserNameW, RegEnumKeyW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteKeyW, RegOpenKeyExW, EventEnabled, EventWrite, RegCloseKey

( 24 exports ) 
AddUrlToFavorites, DllCanUnloadNow, DllGetClassObject, DllGetVersion, DllRegisterWindowClasses, DoAddToFavDlg, DoAddToFavDlgW, DoFileDownload, DoFileDownloadEx, DoOrganizeFavDlg, DoOrganizeFavDlgW, DoPrivacyDlg, HlinkFindFrame, HlinkFrameNavigate, HlinkFrameNavigateNHL, ImportPrivacySettings, OpenURL, SHAddSubscribeFavorite, SHGetIDispatchForFolder, SetQueryNetSessionCount, SetShellOfflineState, SoftwareUpdateMessageBox, URLQualifyA, URLQualifyW

Lyonnais92 · Answer

Re,

il manque la liste des résultats des détections par les antivirus.

alex · Answer

oui mais comme je n'avai rien vu de spécial, je me suis dit que ca ne valai pas la peine... désolé


AhnLab-V3 2008.12.12.2 2008.12.13 - 
AntiVir 7.9.0.45 2008.12.12 - 
Authentium 5.1.0.4 2008.12.12 - 
Avast 4.8.1281.0 2008.12.12 - 
AVG 8.0.0.199 2008.12.13 - 
BitDefender 7.2 2008.12.13 - 
CAT-QuickHeal 10.00 2008.12.12 - 
ClamAV 0.94.1 2008.12.13 - 
Comodo 741 2008.12.12 - 
DrWeb 4.44.0.09170 2008.12.13 - 
eSafe 7.0.17.0 2008.12.11 - 
eTrust-Vet 31.6.6258 2008.12.12 - 
Ewido 4.0 2008.12.13 - 
F-Prot 4.4.4.56 2008.12.12 - 
F-Secure 8.0.14332.0 2008.12.13 - 
Fortinet 3.117.0.0 2008.12.13 - 
GData 19 2008.12.13 - 
Ikarus T3.1.1.45.0 2008.12.13 - 
K7AntiVirus 7.10.552 2008.12.12 - 
Kaspersky 7.0.0.125 2008.12.13 - 
McAfee 5462 2008.12.13 - 
McAfee+Artemis 5462 2008.12.13 - 
Microsoft 1.4205 2008.12.13 - 
NOD32 3688 2008.12.12 - 
Norman 5.80.02 2008.12.12 - 
Panda 9.0.0.4 2008.12.13 - 
PCTools 4.4.2.0 2008.12.13 - 
Prevx1 V2 2008.12.13 - 
Rising 21.07.52.00 2008.12.13 - 
SecureWeb-Gateway 6.7.6 2008.12.12 - 
Sophos 4.36.0 2008.12.13 - 
Sunbelt 3.2.1801.2 2008.12.11 - 
Symantec 10 2008.12.13 - 
TheHacker 6.3.1.2.186 2008.12.12 - 
TrendMicro 8.700.0.1004 2008.12.12 - 
VBA32 3.12.8.10 2008.12.12 - 
ViRobot 2008.12.12.1515 2008.12.12 - 
VirusBuster 4.5.11.0 2008.12.12 -

Lyonnais92 · Answer

Re,

ces fichiers C:\Windows\system32\shdocvw.exe et similaires 

continuent de me poser problème.

Ouvre ce lien :

https://www.broadcom.com/

enregistre toi et soumets le fichier ci-dessus.

Donne le rapport ou sa référence.

=========================

alex · Answer

euh... qu'est ce que je fait?

" The submitted file is not detected. "

Lyonnais92 · Answer

Re,

euh .....

tu réessayes.

Virus trojan à supprimer

17 réponses

Discussions similaires

Newsletters