Salut jlpjlp
J'ai le meme probleme que narjes avec le trojan tr/cryptxpack.gen detecté par antivir
J'ai reinstallé windows et le virus s'est remis deux semaines après....
désespérant !
voila mon log hijack avec rsit :
Logfile of random's system information tool 1.06 (written by random/random)
Run by florent at 2009-04-15 15:09:40
Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (75%) free of 27 GB
Total RAM: 2046 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:44, on 15/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20733)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Styler\Styler.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Prevx\prevx.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\florent\Desktop\RSIT.exe
C:\Program Files\trend micro\florent.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - S-1-5-18 Startup: Styler.lnk = ? (User 'SYSTEM')
O4 - .DEFAULT Startup: Styler.lnk = ? (User 'Default user')
O4 - Startup: Styler.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\Prevx\prevx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
End of file - 5555 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-05 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-05 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\Styler\TB\StylerTB.dll [2006-05-02 102400]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LClock"=C:\Program Files\LClock\LClock.exe [2004-09-19 65536]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-05 148888]
"Ashampoo FireWall"=C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe [2007-04-05 3251800]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"GEST"== []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-26 61440]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2008-06-10 1442888]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-03-21 169984]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-03-21 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
C:\Documents and Settings\florent\Start Menu\Programs\Startup
Styler.lnk - C:\Documents and Settings\florent\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"E:\PES 2009\pes2009.exe"="E:\PES 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"E:\Steam\SteamApps\common\empire total war\Empire.exe"="E:\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
"E:\Battlefield 2\BF2.exe"="E:\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"E:\Age of Empires III\age3x.exe"="E:\Age of Empires III\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"E:\Age of Empires III\mgspidy (1).exe"="E:\Age of Empires III\mgspidy (1).exe:*:Enabled:Age of Empires 3"
"E:\Steam\Steam.exe"="E:\Steam\Steam.exe:*:Enabled:Steam"
"E:\Age of Empires III\age3y.exe"="E:\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{967f6e02-1be1-11de-b0df-001fd080806c}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
======List of files/folders created in the last 1 months======
2009-04-15 15:08:55 ----D---- C:\rsit
2009-04-15 15:08:55 ----D---- C:\Program Files\trend micro
2009-04-15 15:05:58 ----A---- C:\Rooter.txt
2009-04-15 15:05:28 ----D---- C:\Rooter$
2009-04-15 15:00:40 ----D---- C:\Program Files\Prevx
2009-04-15 14:59:54 ----D---- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2009-04-15 14:59:54 ----A---- C:\WINDOWS\wininit.ini
2009-04-13 07:39:12 ----D---- C:\Program Files\subcreators
2009-04-13 07:03:35 ----A---- C:\WINDOWS\SubCreator.INI
2009-04-08 00:05:00 ----D---- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
2009-04-07 23:50:55 ----D---- C:\WINDOWS\RegisteredPackages
2009-04-07 23:50:38 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-04-07 23:50:35 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-04-07 20:15:57 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2009-04-07 20:03:01 ----D---- C:\Documents and Settings\florent\Application Data\DAEMON Tools Pro
2009-04-07 20:03:01 ----D---- C:\Documents and Settings\florent\Application Data\DAEMON Tools
2009-04-07 20:02:11 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-04-07 20:02:08 ----D---- C:\Program Files\DAEMON Tools Lite
2009-04-07 19:59:57 ----D---- C:\Documents and Settings\florent\Application Data\DAEMON Tools Lite
2009-04-05 19:19:47 ----D---- C:\Documents and Settings\florent\Application Data\Skype
2009-04-05 19:19:42 ----RD---- C:\Program Files\Skype
2009-04-05 19:19:36 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-04-05 05:29:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-04-02 03:25:39 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-04-02 03:25:33 ----D---- C:\Program Files\Common Files\Adobe
2009-04-02 03:25:33 ----D---- C:\Program Files\Adobe
2009-03-31 08:20:48 ----D---- C:\Documents and Settings\florent\Application Data\dvdcss
2009-03-31 06:44:08 ----D---- C:\Documents and Settings\florent\Application Data\vlc
2009-03-30 04:57:53 ----D---- C:\Documents and Settings\florent\Application Data\The Creative Assembly
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-03-30 03:37:39 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-03-30 03:37:38 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-03-30 03:37:37 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-03-30 03:37:36 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-03-30 03:37:36 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-03-30 03:37:36 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-03-30 03:37:36 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-03-30 03:37:36 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-03-30 03:37:35 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-03-30 03:37:35 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-03-30 03:37:35 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-03-30 03:36:32 ----D---- C:\WINDOWS\Logs
2009-03-30 01:23:20 ----D---- C:\WINDOWS\system32\directx
2009-03-29 20:31:28 ----D---- C:\WINDOWS\Sun
2009-03-29 08:16:40 ----D---- C:\Program Files\VideoLAN
2009-03-29 00:43:18 ----D---- C:\Program Files\uTorrent
2009-03-29 00:43:10 ----D---- C:\Documents and Settings\florent\Application Data\uTorrent
2009-03-29 00:36:48 ----D---- C:\Program Files\Microsoft IntelliPoint
2009-03-29 00:36:01 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-03-29 00:35:51 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-03-29 00:35:13 ----D---- C:\Program Files\Microsoft IntelliType Pro
2009-03-29 00:27:32 ----D---- C:\Program Files\ma-config.com
2009-03-29 00:27:32 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-03-29 00:18:57 ----D---- C:\Documents and Settings\florent\Application Data\ATI
2009-03-29 00:18:57 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-03-29 00:17:12 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-03-29 00:17:00 ----D---- C:\Program Files\ATI Technologies
2009-03-29 00:16:27 ----D---- C:\ATI
2009-03-28 22:46:33 ----D---- C:\Program Files\Ashampoo
2009-03-28 22:44:32 ----D---- C:\Documents and Settings\florent\Application Data\Styler
2009-03-28 22:44:17 ----D---- C:\Documents and Settings\florent\Application Data\Identities
2009-03-28 22:44:15 ----HD---- C:\Program Files\Uninstall Information
2009-03-28 22:43:15 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-03-28 22:43:09 ----ASH---- C:\Documents and Settings\florent\Application Data\desktop.ini
2009-03-28 22:43:05 ----SD---- C:\Documents and Settings\florent\Application Data\Microsoft
2009-03-28 22:43:05 ----D---- C:\Documents and Settings\florent\Application Data\WinRAR
2009-03-28 22:43:05 ----D---- C:\Documents and Settings\florent\Application Data\Sun
2009-03-28 22:42:04 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-28 22:41:51 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-28 22:41:51 ----D---- C:\WINDOWS\Prefetch
2009-03-28 22:41:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-28 21:45:00 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-28 21:44:59 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-03-28 21:44:53 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-03-28 21:44:51 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-28 21:44:46 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-03-28 21:44:31 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-03-28 21:44:24 ----D---- C:\WINDOWS\system32\LogFiles
2009-03-28 21:44:21 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-03-28 21:43:30 ----D---- C:\Program Files\Alky for Applications
2009-03-28 21:43:19 ----D---- C:\Program Files\Kristanix
2009-03-28 21:43:18 ----D---- C:\WINDOWS\Resource Hacker 3.4.0
2009-03-28 21:43:18 ----D---- C:\Program Files\Resource Hacker 3.4.0
2009-03-28 21:43:12 ----D---- C:\Program Files\Stardock
2009-03-28 21:43:12 ----D---- C:\Program Files\Common Files\Stardock
2009-03-28 21:42:31 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-28 21:42:31 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-28 21:42:31 ----A---- C:\WINDOWS\system32\java.exe
2009-03-28 21:42:18 ----D---- C:\Program Files\Java
2009-03-28 21:42:18 ----D---- C:\Program Files\Common Files\Java
2009-03-28 21:41:38 ----D---- C:\Program Files\Mozilla Firefox
2009-03-28 21:41:31 ----D---- C:\Program Files\CCleaner
2009-03-28 21:40:05 ----D---- C:\WINDOWS\system32\XPSViewer
2009-03-28 21:40:05 ----D---- C:\Program Files\MSBuild
2009-03-28 21:40:03 ----D---- C:\Program Files\Reference Assemblies
2009-03-28 21:39:57 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-03-28 21:39:57 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-03-28 21:38:23 ----RSD---- C:\WINDOWS\assembly
2009-03-28 21:38:23 ----D---- C:\WINDOWS\system32\URTTemp
2009-03-28 21:38:23 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-28 21:38:20 ----N---- C:\WINDOWS\system32\XpsSvcs.dll
2009-03-28 21:38:20 ----N---- C:\WINDOWS\system32\XPSSHHDR.dll
2009-03-28 21:38:08 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-03-28 21:36:58 ----A---- C:\WINDOWS\control.ini
2009-03-28 21:36:58 ----A---- C:\AUTOEXEC.BAT
2009-03-28 21:36:46 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-03-28 21:36:45 ----D---- C:\WINDOWS\system32\dllcache
2009-03-28 21:35:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-03-28 21:35:50 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-03-28 21:35:46 ----HD---- C:\Program Files\WindowsUpdate
2009-03-28 21:35:42 ----D---- C:\Program Files\Online Services
2009-03-28 21:35:24 ----A---- C:\WINDOWS\system32\desktop.ini
2009-03-28 21:35:24 ----A---- C:\WINDOWS\system32\atrace.dll
2009-03-28 21:35:24 ----A---- C:\WINDOWS\desktop.ini
2009-03-28 21:35:18 ----A---- C:\WINDOWS\system32\acctres.dll
2009-03-28 21:35:17 ----D---- C:\Program Files\Common Files\Services
2009-03-28 21:35:14 ----SD---- C:\WINDOWS\Tasks
2009-03-28 21:35:14 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-03-28 21:35:13 ----D---- C:\Program Files\Common Files\MSSoap
2009-03-28 21:35:08 ----D---- C:\WINDOWS\srchasst
2009-03-28 21:35:07 ----D---- C:\WINDOWS\system32\Macromed
2009-03-28 21:35:04 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-03-28 21:35:04 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-03-28 21:35:04 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-03-28 21:35:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-03-28 21:35:03 ----A---- C:\WINDOWS\system32\wups.dll
2009-03-28 21:35:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-03-28 21:35:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-03-28 21:35:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-03-28 21:35:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-03-28 21:35:02 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-03-28 21:35:02 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-28 21:35:02 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2009-03-28 21:35:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-03-28 21:35:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-03-28 21:34:38 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-03-28 21:34:38 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-03-28 21:34:38 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-03-28 21:34:38 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-03-28 21:34:33 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-03-28 21:34:33 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-03-28 21:34:32 ----D---- C:\WINDOWS\system32\Restore
2009-03-28 21:34:32 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-03-28 21:34:32 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-03-28 21:34:32 ----A---- C:\WINDOWS\system32\srclient.dll
2009-03-28 21:34:31 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-03-28 21:34:31 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-03-28 21:34:30 ----A---- C:\WINDOWS\system32\inetres.dll
2009-03-28 21:34:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-03-28 21:34:27 ----D---- C:\Program Files\Outlook Express
2009-03-28 21:34:27 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-03-28 21:34:27 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-03-28 21:34:27 ----A---- C:\WINDOWS\system32\mstask.dll
2009-03-28 21:34:26 ----A---- C:\WINDOWS\system32\isign32.dll
2009-03-28 21:34:26 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-03-28 21:34:26 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-03-28 21:34:26 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-03-28 21:34:18 ----D---- C:\Program Files\Common Files\System
2009-03-28 21:33:50 ----D---- C:\Program Files\ComPlus Applications
2009-03-28 21:33:48 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-28 21:33:48 ----A---- C:\WINDOWS\vb.ini
2009-03-28 21:33:44 ----D---- C:\WINDOWS\Registration
2009-03-28 21:33:37 ----D---- C:\Program Files\Windows Media Player
2009-03-28 21:33:31 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-28 21:33:28 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-28 21:33:28 ----A---- C:\WINDOWS\system32\winfxdocobj.exe
2009-03-28 21:33:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-28 21:33:27 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-28 21:33:26 ----D---- C:\WINDOWS\wbem
2009-03-28 21:33:26 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-03-28 21:33:24 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-28 21:33:23 ----D---- C:\Program Files\Internet Explorer
2009-03-28 21:31:48 ----D---- C:\Program Files\VistaExperience.org
2009-03-28 21:30:11 ----D---- C:\Program Files\Windows Sidebar
2009-03-28 21:29:50 ----D---- C:\Program Files\LClock
2009-03-28 21:29:42 ----D---- C:\Program Files\Styler
2009-03-28 21:29:26 ----D---- C:\Program Files\Utilities
2009-03-28 21:29:25 ----A---- C:\WINDOWS\system32\msvcr80.dll
2009-03-28 21:29:25 ----A---- C:\WINDOWS\system32\engine.dll
2009-03-28 21:29:21 ----D---- C:\Program Files\Desktop
2009-03-28 21:28:38 ----D---- C:\Program Files\WinRAR
2009-03-28 21:28:32 ----D---- C:\Program Files\HashTab Shell Extension
2009-03-28 21:28:31 ----D---- C:\Program Files\Unlocker
2009-03-28 21:28:30 ----D---- C:\Program Files\Microsoft PowerToys
2009-03-28 21:28:30 ----A---- C:\WINDOWS\system32\write.exe
2009-03-28 21:28:30 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-03-28 21:28:29 ----A---- C:\WINDOWS\system32\hticons.dll
2009-03-28 21:28:29 ----A---- C:\WINDOWS\system32\avwav.dll
2009-03-28 21:28:29 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-03-28 21:28:29 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-03-28 21:28:28 ----A---- C:\WINDOWS\system32\winchat.exe
2009-03-28 21:28:26 ----A---- C:\WINDOWS\system32\getuname.dll
2009-03-28 21:28:26 ----A---- C:\WINDOWS\system32\charmap.exe
2009-03-28 21:28:25 ----A---- C:\WINDOWS\system32\reset.exe
2009-03-28 21:28:25 ----A---- C:\WINDOWS\system32\calc.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\tskill.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\tscon.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\shadow.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\regini.exe
2009-03-28 21:28:24 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\msg.exe
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\logoff.exe
2009-03-28 21:28:23 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-03-28 21:28:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-03-28 21:28:15 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-03-28 21:28:15 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-03-28 21:28:14 ----D---- C:\Program Files\Windows NT
2009-03-28 21:28:14 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-03-28 21:28:14 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-03-28 21:28:13 ----D---- C:\WINDOWS\system32\en-US
2009-03-28 21:28:13 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-03-28 21:28:12 ----A---- C:\WINDOWS\system32\tsgqec.dll
2009-03-28 21:28:12 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-03-28 21:28:12 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2009-03-28 21:28:12 ----A---- C:\WINDOWS\system32\aaclient.dll
2009-03-28 21:28:11 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-03-28 21:28:11 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-03-28 21:28:10 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-03-28 21:28:09 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-03-28 21:28:09 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-03-28 21:28:08 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-03-28 21:28:08 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-03-28 21:28:08 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-03-28 21:28:08 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-03-28 21:28:08 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-03-28 21:28:07 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-03-28 21:28:07 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-03-28 21:28:06 ----D---- C:\WINDOWS\system32\Com
2009-03-28 21:28:06 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-03-28 21:28:06 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-03-28 21:28:06 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-03-28 21:28:06 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-03-28 21:28:06 ----A---- C:\WINDOWS\system32\colbact.dll
2009-03-28 21:28:05 ----A---- C:\WINDOWS\system32\stclient.dll
2009-03-28 21:28:05 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-03-28 21:28:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-03-28 21:28:05 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-03-28 21:28:05 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-03-28 21:28:04 ----A---- C:\WINDOWS\system32\comuid.dll
2009-03-28 21:28:04 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-03-28 21:28:04 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-03-28 21:28:03 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-03-28 21:27:56 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-03-28 21:27:55 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-03-28 21:27:55 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-03-28 21:27:55 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-03-28 14:41:50 ----SHD---- C:\RECYCLER
2009-03-28 14:37:26 ----D---- C:\WINDOWS\OPTIONS
2009-03-28 14:37:21 ----D---- C:\Documents and Settings\florent\Application Data\InstallShield
2009-03-28 14:36:50 ----D---- C:\WINDOWS\system32\Lang
2009-03-28 14:35:14 ----R---- C:\WINDOWS\system32\ChCfg.exe
2009-03-28 14:34:59 ----D---- C:\WINDOWS\system32\RTCOM
2009-03-28 14:34:58 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-03-28 14:34:53 ----R---- C:\WINDOWS\SoundMan.exe
2009-03-28 14:34:53 ----R---- C:\WINDOWS\SkyTel.exe
2009-03-28 14:34:52 ----R---- C:\WINDOWS\RtlUpd.exe
2009-03-28 14:34:52 ----R---- C:\WINDOWS\RTLCPL.exe
2009-03-28 14:34:46 ----R---- C:\WINDOWS\RTHDCPL.exe
2009-03-28 14:34:44 ----R---- C:\WINDOWS\MicCal.exe
2009-03-28 14:34:42 ----R---- C:\WINDOWS\alcwzrd.exe
2009-03-28 14:34:42 ----R---- C:\WINDOWS\Alcmtr.exe
2009-03-28 14:34:40 ----D---- C:\Program Files\Realtek
2009-03-28 14:34:39 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-28 14:34:36 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-03-28 14:34:36 ----A---- C:\WINDOWS\HideWin.exe
2009-03-28 14:34:31 ----D---- C:\Program Files\Common Files\InstallShield
2009-03-28 14:28:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-28 14:28:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-28 14:28:55 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-03-28 14:28:55 ----D---- C:\Program Files\Intel
2009-03-28 14:28:42 ----D---- C:\Intel
2009-03-28 14:14:41 ----D---- C:\Documents and Settings\florent\Application Data\Macromedia
2009-03-28 14:14:41 ----D---- C:\Documents and Settings\florent\Application Data\Adobe
2009-03-28 14:11:13 ----D---- C:\Documents and Settings\florent\Application Data\Talkback
2009-03-28 14:11:03 ----D---- C:\Documents and Settings\florent\Application Data\Mozilla
2009-03-28 13:54:56 ----D---- C:\Program Files\Avira
2009-03-28 13:54:56 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2009-03-28 13:50:48 ----D---- C:\WINDOWS\pss
2009-03-28 13:18:25 ----A---- C:\WINDOWS\system32\h323log.txt
2009-03-28 13:05:05 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-03-28 13:03:28 ----A---- C:\WINDOWS\system32\usbui.dll
2009-03-28 13:01:59 ----SHD---- C:\WINDOWS\Installer
2009-03-28 13:01:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-28 13:01:58 ----D---- C:\Program Files\Common Files\ODBC
2009-03-28 13:01:58 ----A---- C:\WINDOWS\ODBCINST.INI
2009-03-28 13:01:55 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-03-28 13:01:54 ----RD---- C:\Program Files
2009-03-28 13:01:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-28 13:01:54 ----D---- C:\Program Files\Common Files
2009-03-28 13:01:50 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-03-28 13:01:50 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-03-28 13:01:50 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-03-28 13:01:48 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-03-28 13:01:47 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-03-28 13:01:45 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-03-28 13:01:43 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-03-28 13:01:43 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-03-28 13:01:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-03-28 13:01:43 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-03-28 13:01:43 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-03-28 13:01:41 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-03-28 13:01:40 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-03-28 13:01:34 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-03-28 13:01:34 ----A---- C:\WINDOWS\system32\irclass.dll
2009-03-28 13:01:34 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-03-28 13:01:34 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-03-28 13:01:34 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-03-28 13:01:31 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-03-28 13:01:31 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-03-28 13:01:31 ----A---- C:\WINDOWS\system32\batt.dll
2009-03-28 13:01:30 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-03-28 13:01:29 ----A---- C:\WINDOWS\system32\storprop.dll
2009-03-28 13:01:23 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-03-28 12:59:40 ----RA---- C:\WINDOWS\SET8.tmp
2009-03-28 12:59:37 ----RA---- C:\WINDOWS\SET4.tmp
2009-03-28 12:59:35 ----RA---- C:\WINDOWS\SET3.tmp
2009-03-28 12:59:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-28 12:59:30 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-28 12:59:24 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-28 12:57:13 ----D---- C:\Documents and Settings
2009-03-28 12:57:12 ----SHD---- C:\System Volume Information
2009-03-28 12:56:33 ----SH---- C:\boot.ini
2009-03-28 12:51:08 ----RSD---- C:\WINDOWS\Fonts
2009-03-28 12:51:08 ----RD---- C:\WINDOWS\Web
2009-03-28 12:51:08 ----HD---- C:\WINDOWS\inf
2009-03-28 12:51:08 ----D---- C:\WINDOWS\WinSxS
2009-03-28 12:51:08 ----D---- C:\WINDOWS\twain_32
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Temp
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\wins
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\wbem
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\usmt
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\spool
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\ShellExt
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\Setup
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\scripting
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\ras
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\oobe
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\npp
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\mui
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\IME
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\icsxml
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\ias
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\export
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\en
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\drivers
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\dhcp
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\config
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\3com_dmi
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\3076
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\2052
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1054
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1042
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1041
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1037
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1033
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1031
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1028
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32\1025
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system32
2009-03-28 12:51:08 ----D---- C:\WINDOWS\system
2009-03-28 12:51:08 ----D---- C:\WINDOWS\security
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Resources
2009-03-28 12:51:08 ----D---- C:\WINDOWS\repair
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Provisioning
2009-03-28 12:51:08 ----D---- C:\WINDOWS\PeerNet
2009-03-28 12:51:08 ----D---- C:\WINDOWS\pchealth
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Network Diagnostic
2009-03-28 12:51:08 ----D---- C:\WINDOWS\mui
2009-03-28 12:51:08 ----D---- C:\WINDOWS\msapps
2009-03-28 12:51:08 ----D---- C:\WINDOWS\msagent
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Media
2009-03-28 12:51:08 ----D---- C:\WINDOWS\L2Schemas
2009-03-28 12:51:08 ----D---- C:\WINDOWS\java
2009-03-28 12:51:08 ----D---- C:\WINDOWS\ime
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Help
2009-03-28 12:51:08 ----D---- C:\WINDOWS\ehome
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Driver Cache
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Debug
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Cursors
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Connection Wizard
2009-03-28 12:51:08 ----D---- C:\WINDOWS\Config
2009-03-28 12:51:08 ----D---- C:\WINDOWS\AppPatch
2009-03-28 12:51:08 ----D---- C:\WINDOWS\addins
2009-03-28 12:51:08 ----D---- C:\WINDOWS
======List of files/folders modified in the last 1 months======
2009-04-15 14:39:24 ----A---- C:\WINDOWS\win.ini
2009-04-15 14:39:24 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-28 75072]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-03-21 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-03-21 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-22 12032]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-07 60800]
R3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\florent\LOCALS~1\Temp\ASFWHide []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-25 3565568]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-03-21 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-03-21 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-07 61824]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2008-06-09 18504]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-06-10 31048]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-03-21 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-03-21 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-03-21 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-03-21 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 ahwwfrvx;ahwwfrvx; C:\WINDOWS\system32\drivers\ahwwfrvx.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-03-21 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-03-28 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-03-28 151297]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 CSIScanner;CSIScanner; C:\Program Files\Prevx\prevx.exe [2009-04-15 4414520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-05 152984]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-26 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-03-21 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Antivirus gratit os x
