Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SVCHOST.EXE process PID=1484 using 50% processor HELP !


  • Please log in to reply
7 replies to this topic

#1 ld06000

ld06000

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:20 AM

Posted 29 October 2013 - 06:00 AM

Hi all

I'm a poor french user of XP SP3 experiencing a strange issue (strange for me...). I've refurbished a 8 years old PC HP Pavilion, restored the system with HD formating, upgraded to SP3, installed IE7 and Avast antivirus (all from a USB key and not from the internet). Then I connected it to my internet access and went well.... until this morning. I turned it up and it began to work slowly. I checked the process manager and saw a svchost.exe PID=1484 using 50% of the processor...

Then I ran Highjackthis and it gave me the following. To be honest I'm not able to understand what it means. Would anyone be kind enough to have a look to it? Many thanks in advance !

Laurent

Nice France

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:00:08, on 29/10/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

FIREFOX: 24.0 (fr)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - S-1-5-18 Startup: AutoTBar.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: AutoTBar.exe (User 'Default user')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe

--
End of file - 8353 bytes
 

Moderator Edit: Moved from Windows XP to a more appropriate forum.

Roger


Edited by rotor123, 29 October 2013 - 08:11 AM.


BC AdBot (Login to Remove)

 


#2 ld06000

ld06000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:20 AM

Posted 30 October 2013 - 05:44 AM

Hi

Today I've used Trojanremover and it did not find any threat on my PC. I ran also DDS.com twice : first time with this bl..dy svchost process which eats 50% of the CPU and the second time after having halted this process. What's surprising is dds does not list less SVCHOST process in the second than in the first... Please note also once this process has been killed, it does not come back...

Many thanks in advance for your help

 

 

FIRST TRY withe the SVCHOST process PID=1600

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.5730.13  BrowserJavaVersion: 10.45.2
Run by HP_Propriétaire at 11:26:29 on 2013-10-30
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.511.154 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\11:41 30/10/2013.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.fr/
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
uSearch Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Vue HP: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: Vue HP: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: <No Name>:  - LocalServer32 - <no file>
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [iTunesHelper] c:\program files\itunes\iTunesHelper.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
StartupFolder: c:\docume~1\alluse~1\menudé~1\progra~1\démarr~1\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - LocalServer32 - <no file>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{22F0D61D-2908-47B6-83EF-81C9DFA376DA} : DHCPNameServer = 192.168.1.1
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - c:\program files\windows defender\MpShHook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_propriétaire\application data\mozilla\firefox\profiles\c68bcwvy.default\
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2013-10-28 12112]
R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [2013-10-28 247192]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-10-28 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-10-28 178304]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2013-10-28 26136]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-10-28 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-10-28 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-10-28 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-10-28 70384]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-10-28 50344]
R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2013-10-28 179088]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
.
=============== Created Last 30 ================
.
2013-10-30 10:23:01    --------    d-----w-    c:\documents and settings\all users\application data\Licenses
2013-10-30 10:20:41    --------    d-----w-    c:\documents and settings\hp_propriétaire\application data\Simply Super Software
2013-10-30 10:19:53    77312    ----a-w-    c:\windows\system32\ztvunace26.dll
2013-10-30 10:19:53    605968    ----a-w-    c:\windows\system32\ztv7z.dll
2013-10-30 10:19:52    77072    ----a-w-    c:\windows\system32\ztvcabinet.dll
2013-10-30 10:19:52    75264    ----a-w-    c:\windows\system32\unacev2.dll
2013-10-30 10:19:52    185616    ----a-w-    c:\windows\system32\ztvunrar39.dll
2013-10-30 10:19:52    169744    ----a-w-    c:\windows\system32\ztvunrar36.dll
2013-10-30 10:19:52    153088    ----a-w-    c:\windows\system32\UNRAR3.dll
2013-10-30 10:19:45    --------    d-----w-    c:\program files\Trojan Remover
2013-10-30 10:19:45    --------    d-----w-    c:\documents and settings\all users\application data\Simply Super Software
2013-10-29 21:21:03    --------    d-----w-    c:\program files\FileZilla Server
2013-10-29 20:45:50    --------    d-----w-    c:\documents and settings\all users\application data\boost_interprocess
2013-10-29 20:43:30    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2013-10-29 20:26:23    105472    ------w-    c:\windows\system32\dllcache\mup.sys
2013-10-29 20:13:37    --------    d--h--r-    c:\documents and settings\hp_propriétaire\Recent
2013-10-29 20:11:44    --------    d-----w-    c:\program files\CCleaner
2013-10-29 19:49:57    --------    d-----w-    c:\windows\system32\PreInstall
2013-10-29 17:26:57    2321288    ----a-w-    c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-10-29 17:26:18    7796464    ----a-w-    c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{2f570708-cc17-46d1-a390-8539f15766fa}\mpengine.dll
2013-10-29 17:26:16    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-28 22:24:50    --------    d-----w-    c:\documents and settings\hp_propriétaire\application data\Macromedia
2013-10-28 22:24:50    --------    d-----w-    c:\documents and settings\hp_propriétaire\application data\Adobe
2013-10-28 22:24:11    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-10-28 22:24:10    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 21:01:49    --------    d-----w-    c:\windows\system32\SoftwareDistribution
2013-10-28 20:43:47    --------    d-----w-    c:\documents and settings\hp_propriétaire\application data\AVAST Software
2013-10-28 20:40:56    12112    ----a-w-    c:\windows\system32\drivers\aswNdis.sys
2013-10-28 20:40:16    --------    d-----w-    c:\program files\AVAST Software
2013-10-28 20:39:33    --------    d-----w-    c:\documents and settings\all users\application data\AVAST Software
2013-10-28 20:39:06    --------    d-sh--r-    C:\cmdcons
2013-10-28 20:39:05    --------    d-----w-    c:\windows\setup.pss
2013-10-28 20:31:02    93184    ------w-    c:\windows\system32\dllcache\msxml6r.dll
2013-10-28 20:31:01    93184    ------w-    c:\windows\system32\msxml6r.dll
2013-10-28 20:31:01    1306624    ------w-    c:\windows\system32\msxml6.dll
2013-10-28 20:31:01    1306624    ------w-    c:\windows\system32\dllcache\msxml6.dll
2013-10-28 20:28:45    --------    d-----w-    c:\windows\ServicePackFiles
2013-10-28 20:28:35    294912    ------w-    c:\program files\windows media player\dlimport.exe
2013-10-28 20:28:32    294912    ------w-    c:\windows\system32\dllcache\dlimport.exe
2013-10-28 20:26:59    42240    ------w-    c:\windows\system32\drivers\viaagp.sys
2013-10-28 20:26:59    25471    ------w-    c:\windows\system32\drivers\watv10nt.sys
2013-10-28 20:26:59    22271    ------w-    c:\windows\system32\drivers\watv06nt.sys
2013-10-28 20:26:59    14208    ------w-    c:\windows\system32\drivers\wacompen.sys
2013-10-28 20:26:59    121984    ------w-    c:\windows\system32\drivers\usbvideo.sys
2013-10-28 20:26:59    11935    ------w-    c:\windows\system32\drivers\wadv11nt.sys
2013-10-28 20:26:59    11871    ------w-    c:\windows\system32\drivers\wadv09nt.sys
2013-10-28 20:26:59    11807    ------w-    c:\windows\system32\drivers\wadv07nt.sys
2013-10-28 20:26:59    11325    ------w-    c:\windows\system32\drivers\vchnt5.dll
2013-10-28 20:26:59    11295    ------w-    c:\windows\system32\drivers\wadv08nt.sys
2013-10-28 20:25:44    19569    ----a-w-    c:\windows\002550_.tmp
2013-10-28 20:25:22    26488    ----a-w-    c:\windows\system32\spupdsvc.exe
2013-10-28 20:23:12    --------    d-----w-    c:\windows\EHome
2013-10-28 20:15:57    --------    d-----w-    c:\windows\system32\RTCOM
2013-10-28 19:44:23    --------    d-----w-    c:\windows\I386
2013-10-28 19:23:59    7168    ----a-w-    c:\windows\system32\recover.exe
2013-10-28 19:22:18    9728    ----a-w-    c:\windows\system32\label.exe
2013-10-28 19:21:11    3328    ----a-w-    c:\windows\system32\drivers\dxgthk.sys
2013-10-28 19:20:44    62464    ----a-w-    c:\windows\system32\dpnmodem.dll
2013-10-28 19:13:17    81408    ----a-w-    c:\windows\system32\dllcache\autodisc.dll
.
==================== Find3M  ====================
.
2013-10-29 20:42:58    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-10-28 20:41:14    774392    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2013-10-28 20:41:14    70384    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2013-10-28 20:41:14    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2013-10-28 20:41:14    178304    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2013-10-28 20:41:13    43152    ----a-w-    c:\windows\avastSS.scr
2013-10-28 20:41:01    26136    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2013-10-28 20:40:56    247192    ----a-w-    c:\windows\system32\drivers\aswNdis2.sys
.
============= FINISH: 11:28:30,14 ===============
 



#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:20 AM

Posted 01 November 2013 - 10:14 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from one of these locations:
Link 1
Link 2
IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your Anti-Virus and Anti-Spyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • Some Rookit infection may damage your boot sector. The Windows Recovery Console may be needed to restore it. Do not bypass this installation. You may regret it.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
whatnext.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Note: If you have difficulty properly disabling your protection programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please paste the logs in your next reply, DO NOT ATTACH THEM
Let me know what problem persists.

#4 ld06000

ld06000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:20 AM

Posted 02 November 2013 - 05:14 PM

Hi Nasdaq

Thanks to take care of my issue

Despite all the scans ec. the svcost is stil there...

Please find hereafter the different logs I've got.

Many thanks in advance for your help

 

 

RogueKiller V8.7.6 [Oct 28 2013] par Tigzy
mail : tigzyRK<at>gmail<dot>com
Remontees : http://www.adlice.com/forum/
Site Web : http://www.sur-la-toile.com/RogueKiller/
Blog : http://tigzyrk.blogspot.com/

Systeme d'exploitation : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Demarrage : Mode normal
Utilisateur : HP_Propriétaire [Droits d'admin]
Mode : Recherche [Annulé] -- Date : 11/02/2013 21:40:29
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 1 ¤¤¤
[SUSP PATH] ALCWZRD.EXE -- C:\WINDOWS\ALCWZRD.EXE [7] -> TUÉ [TermProc]

¤¤¤ Entrees de registre : 0 ¤¤¤

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Verif: ¤¤¤

Termine : << RKreport[0]_S_11022013_214029.txt >>
RKreport[0]_D_11022013_214003.txt;RKreport[0]_S_11022013_213952.txt

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

# AdwCleaner v3.010 - Rapport créé le 02/11/2013 à 21:45:15
# Mis à jour le 20/10/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : HP_Propriétaire - MAXOU
# Exécuté depuis : C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\boost_interprocess

***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF0118D4-63FF-4138-9327-F3028FB1A578}

***** [ Navigateurs ] *****

-\\ Internet Explorer v7.0.5730.13


-\\ Mozilla Firefox v25.0 (fr)

[ Fichier : C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\c68bcwvy.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1170 octets] - [02/11/2013 21:43:14]
AdwCleaner[S0].txt - [1096 octets] - [02/11/2013 21:45:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1156 octets] ##########

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by HP_Propri‚taire on 02/11/2013 at 22:19:42,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/11/2013 at 22:26:22,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

ComboFix 13-11-01.03 - HP_Propriétaire 02/11/2013  22:55:49.1.2 - x86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.511.103 [GMT 1:00]
Lancé depuis: c:\documents and settings\HP_PropriÚtaire\Mes documents\TÚlÚchargements\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\RAIDTest
c:\documents and settings\Default User\WINDOWS
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\ps2.bat
c:\windows\system32\SET126.tmp
c:\windows\system32\SET127.tmp
c:\windows\system32\SET12E.tmp
c:\windows\system32\SET12F.tmp
c:\windows\system32\SET1A.tmp
c:\windows\system32\SET1B.tmp
c:\windows\system32\SET1C.tmp
c:\windows\system32\SET2B.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\sp
D:\Autorun.inf
.
.
(((((((((((((((((((((((((((((   Fichiers créés du 2013-10-02 au 2013-11-02  ))))))))))))))))))))))))))))))))))))
.
.
2013-11-02 21:37 . 2013-11-02 21:37    --------    d-----w-    c:\windows\LastGood
2013-11-02 21:19 . 2013-11-02 21:19    --------    d-----w-    c:\windows\ERUNT
2013-11-02 20:42 . 2013-11-02 20:45    --------    d-----w-    C:\AdwCleaner
2013-11-02 20:31 . 2013-11-02 20:31    62576    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B3D37FB9-7F72-43AF-BA77-984B5BDC840A}\offreg.dll
2013-11-02 20:25 . 2013-10-16 00:20    7796464    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{B3D37FB9-7F72-43AF-BA77-984B5BDC840A}\mpengine.dll
2013-11-02 20:07 . 2013-11-02 20:07    --------    d-----w-    c:\program files\MSXML 4.0
2013-10-30 10:23 . 2013-10-30 10:23    --------    d-----w-    c:\documents and settings\All Users\Application Data\Licenses
2013-10-30 10:19 . 2012-06-15 15:33    605968    ----a-w-    c:\windows\system32\ztv7z.dll
2013-10-30 10:19 . 2005-08-26 00:50    77312    ----a-w-    c:\windows\system32\ztvunace26.dll
2013-10-30 10:19 . 2012-06-15 15:39    169744    ----a-w-    c:\windows\system32\ztvunrar36.dll
2013-10-30 10:19 . 2012-06-15 15:35    185616    ----a-w-    c:\windows\system32\ztvunrar39.dll
2013-10-30 10:19 . 2012-06-15 15:33    77072    ----a-w-    c:\windows\system32\ztvcabinet.dll
2013-10-30 10:19 . 2003-02-02 19:06    153088    ----a-w-    c:\windows\system32\UNRAR3.dll
2013-10-30 10:19 . 2002-03-06 00:00    75264    ----a-w-    c:\windows\system32\unacev2.dll
2013-10-30 10:19 . 2013-10-30 10:20    --------    d-----w-    c:\program files\Trojan Remover
2013-10-30 10:19 . 2013-10-30 10:19    --------    d-----w-    c:\documents and settings\All Users\Application Data\Simply Super Software
2013-10-30 09:50 . 2012-05-28 18:17    536576    ----a-w-    c:\program files\Fichiers communs\System\ado\SET139.tmp
2013-10-30 09:50 . 2012-05-28 18:17    536576    ------w-    c:\windows\system32\dllcache\msado15.dll
2013-10-30 09:50 . 2010-06-18 13:36    3558912    ------w-    c:\windows\system32\dllcache\moviemk.exe
2013-10-30 09:50 . 2012-07-04 14:05    139784    ------w-    c:\windows\system32\dllcache\rdpwd.sys
2013-10-30 09:49 . 2008-12-16 12:31    354304    ------w-    c:\windows\system32\dllcache\winhttp.dll
2013-10-30 09:49 . 2013-08-09 00:55    144128    ------w-    c:\windows\system32\dllcache\usbport.sys
2013-10-30 09:49 . 2013-08-09 00:55    32384    ------w-    c:\windows\system32\dllcache\usbccgp.sys
2013-10-30 09:49 . 2013-08-09 00:55    5376    ------w-    c:\windows\system32\dllcache\usbd.sys
2013-10-30 09:49 . 2009-03-18 11:02    30336    ------w-    c:\windows\system32\dllcache\usbehci.sys
2013-10-30 09:47 . 2010-12-09 15:15    743424    ------w-    c:\windows\system32\dllcache\ntdll.dll
2013-10-30 09:47 . 2012-04-11 13:51    2150400    ------w-    c:\windows\system32\dllcache\ntkrnlmp.exe
2013-10-30 09:47 . 2012-04-11 13:51    2028544    ------w-    c:\windows\system32\dllcache\ntkrpamp.exe
2013-10-30 09:47 . 2012-04-11 13:51    2194688    ------w-    c:\windows\system32\dllcache\ntoskrnl.exe
2013-10-30 09:47 . 2012-04-11 13:51    2071168    ------w-    c:\windows\system32\dllcache\ntkrnlpa.exe
2013-10-30 09:47 . 2008-04-21 21:15    219136    ------w-    c:\windows\system32\dllcache\wordpad.exe
2013-10-30 09:47 . 2011-07-08 14:02    10496    ------w-    c:\windows\system32\dllcache\ndistapi.sys
2013-10-30 09:47 . 2012-01-11 19:06    3072    ------w-    c:\windows\system32\iacenc.dll
2013-10-30 09:47 . 2012-01-11 19:06    3072    ------w-    c:\windows\system32\dllcache\iacenc.dll
2013-10-30 09:45 . 2010-10-11 14:59    45568    ------w-    c:\windows\system32\dllcache\wab.exe
2013-10-29 21:21 . 2013-10-29 21:21    --------    d-----w-    c:\program files\FileZilla Server
2013-10-29 20:44 . 2013-10-29 20:44    --------    d-----w-    c:\windows\Sun
2013-10-29 20:43 . 2013-10-29 20:42    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2013-10-29 20:26 . 2011-04-21 13:37    105472    ------w-    c:\windows\system32\dllcache\mup.sys
2013-10-29 20:11 . 2013-10-29 20:11    --------    d-----w-    c:\program files\CCleaner
2013-10-29 17:26 . 2013-10-16 00:20    7796464    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-10-29 17:26 . 2013-09-03 13:35    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-29 10:57 . 2013-10-29 11:02    --------    d-----w-    c:\program files\QuickTime
2013-10-29 10:10 . 2013-10-29 10:10    --------    d-----w-    c:\program files\Windows Defender
2013-10-28 22:24 . 2013-10-28 22:24    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-10-28 22:24 . 2013-10-28 22:24    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-28 22:13 . 2013-10-30 02:16    --------    d-----w-    c:\program files\Mozilla Maintenance Service
2013-10-28 20:40 . 2013-10-28 20:40    12112    ----a-w-    c:\windows\system32\drivers\aswNdis.sys
2013-10-28 20:40 . 2013-10-28 20:40    --------    d-----w-    c:\program files\AVAST Software
2013-10-28 20:39 . 2013-10-28 20:39    --------    d-----w-    c:\documents and settings\All Users\Application Data\AVAST Software
2013-10-28 20:31 . 2008-04-13 18:04    93184    ------w-    c:\windows\system32\dllcache\msxml6r.dll
2013-10-28 20:31 . 2008-04-13 18:33    1306624    ------w-    c:\windows\system32\msxml6.dll
2013-10-28 20:31 . 2008-04-13 18:33    1306624    ------w-    c:\windows\system32\dllcache\msxml6.dll
2013-10-28 20:31 . 2008-04-13 18:04    93184    ------w-    c:\windows\system32\msxml6r.dll
2013-10-28 20:28 . 2013-10-28 20:28    --------    d-----w-    c:\windows\ServicePackFiles
2013-10-28 20:28 . 2008-04-13 18:34    294912    ------w-    c:\program files\Windows Media Player\dlimport.exe
2013-10-28 20:28 . 2008-04-13 18:34    294912    ------w-    c:\windows\system32\dllcache\dlimport.exe
2013-10-28 20:26 . 2008-04-13 18:33    11325    ------w-    c:\windows\system32\drivers\vchnt5.dll
2013-10-28 20:26 . 2008-04-13 10:46    121984    ------w-    c:\windows\system32\drivers\usbvideo.sys
2013-10-28 20:26 . 2008-04-13 10:43    14208    ------w-    c:\windows\system32\drivers\wacompen.sys
2013-10-28 20:26 . 2008-04-13 10:36    42240    ------w-    c:\windows\system32\drivers\viaagp.sys
2013-10-28 20:26 . 2008-04-13 08:34    25471    ------w-    c:\windows\system32\drivers\watv10nt.sys
2013-10-28 20:26 . 2008-04-13 08:34    22271    ------w-    c:\windows\system32\drivers\watv06nt.sys
2013-10-28 20:26 . 2008-04-13 08:34    11935    ------w-    c:\windows\system32\drivers\wadv11nt.sys
2013-10-28 20:26 . 2008-04-13 08:34    11871    ------w-    c:\windows\system32\drivers\wadv09nt.sys
2013-10-28 20:26 . 2008-04-13 08:34    11807    ------w-    c:\windows\system32\drivers\wadv07nt.sys
2013-10-28 20:26 . 2008-04-13 08:34    11295    ------w-    c:\windows\system32\drivers\wadv08nt.sys
2013-10-28 20:25 . 2006-12-28 11:01    19569    ----a-w-    c:\windows\002550_.tmp
2013-10-28 20:25 . 2007-08-10 07:18    26488    ----a-w-    c:\windows\system32\spupdsvc.exe
2013-10-28 20:23 . 2013-10-28 20:23    --------    d-----w-    c:\windows\EHome
2013-10-28 20:17 . 2013-10-28 20:17    --------    d-----w-    c:\windows\system32\Lang
2013-10-28 20:17 . 2008-04-13 18:33    221184    ----a-w-    c:\windows\system32\wmpns.dll
2013-10-28 20:17 . 2013-10-29 20:13    --------    d-----w-    c:\documents and settings\HP_Propriétaire
2013-10-28 20:15 . 2013-10-28 20:15    --------    d-----w-    c:\windows\system32\RTCOM
2013-10-28 19:44 . 2013-10-28 20:38    --------    d-----w-    c:\windows\I386
2013-10-28 19:23 . 2004-08-05 03:00    7168    ----a-w-    c:\windows\system32\recover.exe
2013-10-28 19:22 . 2004-08-05 03:00    9728    ----a-w-    c:\windows\system32\label.exe
2013-10-28 19:21 . 2004-08-05 03:00    3328    ----a-w-    c:\windows\system32\drivers\dxgthk.sys
2013-10-28 19:20 . 2004-08-05 03:00    62464    ----a-w-    c:\windows\system32\dpnmodem.dll
2013-10-28 19:13 . 2004-08-05 03:00    81408    ----a-w-    c:\windows\system32\dllcache\autodisc.dll
.
.
.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-29 20:42 . 2003-04-10 21:04    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-08-29 07:01 . 2004-08-05 18:00    1878784    ----a-w-    c:\windows\system32\win32k.sys
2013-08-09 00:55 . 2004-08-05 18:00    144128    ----a-w-    c:\windows\system32\drivers\usbport.sys
.
.
(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-28 20:41    321752    ----a-w-    c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2013-07-02 254336]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"Raccourci vers la page des propriétés de High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 88363]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-11 61440]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2004-10-13 278528]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2004-04-14 233472]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-25 344064]
"PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
"SoundMan"="SOUNDMAN.EXE" [2005-02-21 90112]
"AlcWzrd"="ALCWZRD.EXE" [2005-02-18 2754560]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-28 3567800]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2013-07-19 1655568]
.
c:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\
AutoTBar.exe [2003-9-30 57344]
.
c:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\
AutoTBar.exe [2003-9-30 57344]
.
c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-5 258048]
.
c:\windows\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\
AutoTBar.exe [2003-9-30 57344]
.
c:\documents and settings\Default User\Menu Démarrer\Programmes\Démarrage\
AutoTBar.exe [2003-9-30 57344]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [28/10/2013 21:40 12112]
R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [28/10/2013 21:41 247192]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [28/10/2013 21:41 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [28/10/2013 21:41 178304]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [28/10/2013 21:41 26136]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28/10/2013 21:41 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28/10/2013 21:41 403440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28/10/2013 21:41 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [28/10/2013 21:41 70384]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [28/10/2013 21:40 179088]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 19:19 13592]
.
Contenu du dossier 'Tâches planifiées'
.
2013-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-28 22:24]
.
2013-10-28 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2004-08-13 07:50]
.
2013-11-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\c68bcwvy.default\
FF - ExtSQL: 2013-10-28 21:41; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 23:04
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(896)
c:\windows\system32\Ati2evxx.dll
.
Heure de fin: 2013-11-02  23:06:17
ComboFix-quarantined-files.txt  2013-11-02 22:06
.
Avant-CF: 107 357 667 328 octets libres
Après-CF: 107 476 455 424 octets libres
.
- - End Of File - - 817046EE202FA7216B245D0D44BAF33F
4F3A0EA76E7EDBE2FC4A98F9DE544751


 



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:20 AM

Posted 03 November 2013 - 07:51 AM

I've refurbished a 8 years old PC HP Pavilion, restored the system with HD formating, upgraded to SP3, installed IE7 and Avast antivirus (all from a USB key and not from the internet). Then I connected it to my internet access and went well


Did you get all the latest Updates from Microsoft?
If not please do.
===

Download OTL to your desktop.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.

OTL_Main_Tutorial.gif
  • Select All Users.
  • Under the Custom Scan box paste this text in bold in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs DO NOT ATTACH THEM.
===

#6 ld06000

ld06000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:20 AM

Posted 03 November 2013 - 04:24 PM

Hi Nasdaq and thanks for the time you spend on my issue.

I'll paste the logs in the following answers because it doesn't work in the same answer for some reasons...

BTW I want to let you know when I've re installed XP with HD format etc... I used the original DVD and it install mandatorily by default Norton. I wanted to install Avast so I first deinstall Norton using the control panel, then I realized I should have been using the Norton procedure. I did it afterwards, I ran the de installation program. I'm wondering wether this could have left a piece of code which is conflicting Avast... What do you think ?

Thanks



#7 ld06000

ld06000
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:20 AM

Posted 03 November 2013 - 04:55 PM

HALF LOG (the rest in the next post)

 

 

OTL logfile created on: 03/11/2013 22:44:12 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
511,29 Mb Total Physical Memory | 253,38 Mb Available Physical Memory | 49,56% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 70,22% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 182,49 Gb Total Space | 99,91 Gb Free Space | 54,75% Space Free | Partition Type: NTFS
Drive D: | 3,81 Gb Total Space | 0,37 Gb Free Space | 9,65% Space Free | Partition Type: FAT32
 
Computer Name: MAXOU | User Name: HP_Propriétaire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/03 21:05:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements\OTL.exe
PRC - [2013/10/29 21:42:56 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/10/28 22:26:20 | 003,567,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2013/10/28 21:41:09 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/28 21:40:56 | 000,179,088 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013/07/02 09:16:26 | 000,254,336 | ---- | M] (Oracle Corporation) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2005/02/21 21:49:32 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/02/18 21:32:36 | 002,754,560 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/03 18:37:42 | 002,137,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13110301\algo.dll
MOD - [2013/10/28 21:41:12 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2004/10/08 16:43:10 | 000,196,608 | ---- | M] () -- c:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/29 22:12:16 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/29 21:42:56 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/10/28 23:24:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/28 21:41:09 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/10/28 21:40:56 | 000,179,088 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012/02/26 15:42:28 | 000,632,320 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Program Files\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2013/10/28 21:41:14 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/10/28 21:41:14 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/10/28 21:41:14 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/10/28 21:41:14 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/10/28 21:41:14 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/10/28 21:41:14 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/10/28 21:41:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/10/28 21:41:14 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/10/28 21:41:01 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/10/28 21:40:56 | 000,247,192 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013/10/28 21:40:56 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2005/02/23 00:18:52 | 002,522,560 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004/11/25 06:19:54 | 000,872,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/08/04 07:46:46 | 000,607,452 | ---- | M] (LT) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004/08/04 05:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2004/06/29 18:07:18 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/03/17 23:10:40 | 000,113,664 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2003/09/19 08:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2001/06/04 14:00:00 | 000,014,112 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FR_FR&c=Q105&bd=pavilion&pf=desktop
IE - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
IE - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/28 21:41:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2013/10/28 23:13:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Extensions
[2013/10/28 23:19:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla\Firefox\Profiles\c68bcwvy.default\extensions
[2013/10/28 23:13:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/29 22:12:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/11/02 23:03:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\..\Toolbar\ShellBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\..\Toolbar\WebBrowser: (Vue HP) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Raccourci vers la page des propriétés de High Definition Audio] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - Startup: C:\Documents and Settings\Default User\Menu Démarrer\Programmes\Démarrage\AutoTBar.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2997412704-3374740202-945289101-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22F0D61D-2908-47B6-83EF-81C9DFA376DA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/11/23 22:21:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/02 22:50:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/11/02 22:50:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/11/02 22:50:23 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/11/02 22:50:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/11/02 22:49:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/02 22:49:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/11/02 22:19:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/02 21:42:10 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/02 21:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau\RK_Quarantine
[2013/11/02 21:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2013/10/30 11:26:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outils d'administration
[2013/10/30 11:26:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes vidéos
[2013/10/30 11:26:29 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\Mes vidéos
[2013/10/30 11:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/10/30 11:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Simply Super Software
[2013/10/30 11:20:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Simply Super Software
[2013/10/30 11:20:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Trojan Remover
[2013/10/30 11:19:53 | 000,605,968 | ---- | C] (Igor Pavlov) -- C:\WINDOWS\System32\ztv7z.dll
[2013/10/30 11:19:52 | 000,077,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ztvcabinet.dll
[2013/10/30 11:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2013/10/30 11:19:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2013/10/30 10:50:48 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013/10/30 10:50:06 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2013/10/30 10:50:02 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013/10/30 10:49:59 | 000,354,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2013/10/30 10:49:08 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2013/10/30 10:49:08 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013/10/30 10:49:08 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013/10/30 10:49:08 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013/10/30 10:47:52 | 002,150,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/10/30 10:47:51 | 002,194,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/10/30 10:47:51 | 002,028,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/10/30 10:47:49 | 002,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/10/30 10:47:27 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013/10/30 10:45:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013/10/29 22:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\backup Toshiba
[2013/10/29 22:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\FileZilla Server
[2013/10/29 22:21:03 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla Server
[2013/10/29 21:44:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2013/10/29 21:44:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Sun
[2013/10/29 21:43:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2013/10/29 21:43:30 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/29 21:43:30 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/10/29 21:43:19 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/29 21:43:19 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/29 21:43:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
[2013/10/29 21:26:23 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013/10/29 21:13:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Propriétaire\Recent
[2013/10/29 21:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
[2013/10/29 21:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/29 20:49:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/10/29 18:26:16 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/10/29 12:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
[2013/10/29 11:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/10/29 11:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2013/10/29 11:10:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/10/28 23:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Macromedia
[2013/10/28 23:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Adobe
[2013/10/28 23:24:11 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/28 23:24:10 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/10/28 23:21:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Adobe
[2013/10/28 23:21:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Téléchargements
[2013/10/28 23:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Mozilla
[2013/10/28 23:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Mozilla
[2013/10/28 23:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2013/10/28 23:13:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/10/28 23:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/10/28 22:01:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/10/28 21:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/10/28 21:51:56 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2013/10/28 21:51:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2013/10/28 21:51:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2013/10/28 21:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\AVAST Software
[2013/10/28 21:43:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Avast
[2013/10/28 21:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/10/28 21:41:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Google
[2013/10/28 21:41:22 | 000,403,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/10/28 21:41:22 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/10/28 21:41:21 | 000,774,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/10/28 21:41:21 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/10/28 21:41:21 | 000,035,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/10/28 21:41:20 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/10/28 21:41:20 | 000,026,136 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/10/28 21:41:19 | 000,247,192 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2013/10/28 21:41:18 | 000,269,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/10/28 21:41:13 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/10/28 21:40:56 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2013/10/28 21:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/10/28 21:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/10/28 21:39:06 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/10/28 21:39:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/10/28 21:36:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/10/28 21:31:02 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013/10/28 21:31:01 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013/10/28 21:31:01 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2013/10/28 21:30:57 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2013/10/28 21:30:56 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2013/10/28 21:30:55 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2013/10/28 21:30:47 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/10/28 21:30:47 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/10/28 21:30:47 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013/10/28 21:30:47 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013/10/28 21:30:47 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/10/28 21:30:47 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/10/28 21:30:47 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/10/28 21:30:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013/10/28 21:30:46 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013/10/28 21:30:46 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013/10/28 21:30:46 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013/10/28 21:30:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013/10/28 21:30:46 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013/10/28 21:30:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2013/10/28 21:30:46 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013/10/28 21:30:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013/10/28 21:30:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013/10/28 21:30:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013/10/28 21:30:45 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/10/28 21:30:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013/10/28 21:30:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013/10/28 21:30:43 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2013/10/28 21:30:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013/10/28 21:30:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013/10/28 21:30:43 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/10/28 21:30:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013/10/28 21:30:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013/10/28 21:30:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013/10/28 21:30:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013/10/28 21:30:42 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013/10/28 21:30:42 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/10/28 21:30:42 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2013/10/28 21:30:42 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013/10/28 21:30:42 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013/10/28 21:30:42 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013/10/28 21:30:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013/10/28 21:30:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013/10/28 21:30:41 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013/10/28 21:30:41 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013/10/28 21:30:41 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/10/28 21:30:41 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/10/28 21:30:41 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013/10/28 21:30:41 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/10/28 21:30:41 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/10/28 21:30:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013/10/28 21:30:41 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/10/28 21:30:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013/10/28 21:30:40 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2013/10/28 21:30:40 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013/10/28 21:30:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/10/28 21:30:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2013/10/28 21:30:39 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2013/10/28 21:30:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013/10/28 21:30:38 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/10/28 21:30:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2013/10/28 21:30:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/10/28 21:30:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/10/28 21:28:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/10/28 21:28:32 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2013/10/28 21:27:03 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/10/28 21:27:03 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/10/28 21:27:03 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/10/28 21:27:03 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/10/28 21:27:03 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/10/28 21:27:03 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/10/28 21:27:03 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/10/28 21:27:03 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/10/28 21:27:03 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/10/28 21:27:03 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/10/28 21:27:03 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/10/28 21:27:03 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/10/28 21:27:03 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/10/28 21:27:03 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/10/28 21:27:03 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/10/28 21:27:03 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/10/28 21:27:03 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/10/28 21:27:03 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/10/28 21:27:03 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/10/28 21:27:03 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/10/28 21:27:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/10/28 21:27:02 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/10/28 21:27:02 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/10/28 21:27:02 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/10/28 21:27:02 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/10/28 21:27:02 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013/10/28 21:27:02 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/10/28 21:27:02 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/10/28 21:27:02 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/10/28 21:27:02 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/10/28 21:27:02 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/10/28 21:27:02 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/10/28 21:27:02 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/10/28 21:27:02 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/10/28 21:27:02 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/10/28 21:27:02 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/10/28 21:27:01 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/10/28 21:27:01 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/10/28 21:27:01 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/10/28 21:27:01 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/10/28 21:27:01 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/10/28 21:27:00 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/10/28 21:27:00 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013/10/28 21:27:00 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/10/28 21:27:00 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/10/28 21:27:00 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/10/28 21:27:00 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/10/28 21:27:00 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/10/28 21:27:00 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013/10/28 21:27:00 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/10/28 21:26:59 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/10/28 21:26:59 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/10/28 21:26:59 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/10/28 21:26:59 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/10/28 21:26:59 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/10/28 21:26:59 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/10/28 21:26:59 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/10/28 21:25:22 | 000,026,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013/10/28 21:23:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/10/28 21:23:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/10/28 21:17:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2013/10/28 21:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Identities
[2013/10/28 21:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Apple Computer
[2013/10/28 21:17:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Mes images
[2013/10/28 21:17:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents
[2013/10/28 21:17:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Mes documents\Ma musique
[2013/10/28 21:17:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\HP_Propriétaire\Favoris
[2013/10/28 21:17:01 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Propriétaire\Cookies
[2013/10/28 21:17:01 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\WINDOWS
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Voisinage réseau
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Voisinage d'impression
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Sun
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Services en ligne
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\SendTo
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\SampleView
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outils et Aide
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Modèles
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Microsoft
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Démarrage
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Bureau
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\ApplicationHistory
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Application Data
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\Apple Computer
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Accessoires
[2013/10/28 21:17:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2013/10/28 21:15:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2013/10/28 21:12:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/10/28 20:44:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\I386
[2013/10/28 20:39:45 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/10/28 20:24:50 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2013/10/28 20:24:50 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2013/10/28 20:24:50 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2013/10/28 20:24:50 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2013/10/28 20:24:50 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2013/10/28 20:24:50 | 000,008,261 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneoc.dll
[2013/10/28 20:24:50 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2013/10/28 20:24:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wupdmgr.exe
[2013/10/28 20:24:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wupdmgr.exe
[2013/10/28 20:24:46 | 000,057,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshfr.dll
[2013/10/28 20:24:46 | 000,057,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshfr.dll
[2013/10/28 20:24:46 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ws2ifsl.sys
[2013/10/28 20:24:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshisn.dll
[2013/10/28 20:24:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshisn.dll
[2013/10/28 20:24:46 | 000,010,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowexec.exe
[2013/10/28 20:24:46 | 000,010,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowexec.exe
[2013/10/28 20:24:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshatm.dll
[2013/10/28 20:24:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshatm.dll
[2013/10/28 20:24:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wshnetbs.dll
[2013/10/28 20:24:46 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshnetbs.dll
[2013/10/28 20:24:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013/10/28 20:24:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2013/10/28 20:24:46 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wowdeb.exe
[2013/10/28 20:24:46 | 000,002,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wowdeb.exe
[2013/10/28 20:24:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2013/10/28 20:24:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2013/10/28 20:24:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2013/10/28 20:24:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmiprop.dll
[2013/10/28 20:24:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprop.dll
[2013/10/28 20:24:41 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys
[2013/10/28 20:24:41 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmilib.sys
[2013/10/28 20:24:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerrFRA.dll
[2013/10/28 20:24:40 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerrfra.dll
[2013/10/28 20:24:40 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2013/10/28 20:24:40 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2013/10/28 20:24:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winstrm.dll
[2013/10/28 20:24:40 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winstrm.dll
[2013/10/28 20:24:40 | 000,002,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsock.dll
[2013/10/28 20:24:40 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winspool.exe
[2013/10/28 20:24:40 | 000,002,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.exe
[2013/10/28 20:24:40 | 000,002,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winoldap.mod
[2013/10/28 20:24:38 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2013/10/28 20:24:38 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2013/10/28 20:24:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2013/10/28 20:24:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2013/10/28 20:24:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmsd.exe
[2013/10/28 20:24:38 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmsd.exe
[2013/10/28 20:24:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winnls.dll
[2013/10/28 20:24:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winnls.dll
[2013/10/28 20:24:37 | 000,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhelp.exe
[2013/10/28 20:24:37 | 000,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhelp.exe
[2013/10/28 20:24:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013/10/28 20:24:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2013/10/28 20:24:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winfax.dll
[2013/10/28 20:24:37 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winfax.dll
[2013/10/28 20:24:37 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhstb.exe
[2013/10/28 20:24:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiavusd.dll
[2013/10/28 20:24:36 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavusd.dll
[2013/10/28 20:24:36 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win.com
[2013/10/28 20:24:36 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wfwnet.drv
[2013/10/28 20:24:36 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2013/10/28 20:24:36 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013/10/28 20:24:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wifeman.dll
[2013/10/28 20:24:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wifeman.dll
[2013/10/28 20:24:35 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2013/10/28 20:24:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webhits.dll
[2013/10/28 20:24:35 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webhits.dll
[2013/10/28 20:24:35 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2013/10/28 20:24:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2013/10/28 20:24:34 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2013/10/28 20:24:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2013/10/28 20:24:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2013/10/28 20:24:32 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wavemsp.dll
[2013/10/28 20:24:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32tm.exe
[2013/10/28 20:24:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32tm.exe
[2013/10/28 20:24:32 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2013/10/28 20:24:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vssadmin.exe
[2013/10/28 20:24:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vssadmin.exe
[2013/10/28 20:24:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\w32topl.dll
[2013/10/28 20:24:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32topl.dll
[2013/10/28 20:24:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\vmmreg32.dll
[2013/10/28 20:24:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vmmreg32.dll
[2013/10/28 20:24:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vss_ps.dll
[2013/10/28 20:24:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vss_ps.dll
[2013/10/28 20:24:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vjoy.dll
[2013/10/28 20:24:32 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vjoy.dll
[2013/10/28 20:24:31 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.exe
[2013/10/28 20:24:31 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.exe
[2013/10/28 20:24:31 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga256.dll
[2013/10/28 20:24:31 | 000,051,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga256.dll
[2013/10/28 20:24:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verifier.dll
[2013/10/28 20:24:31 | 000,020,535 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfpodbc.dll
[2013/10/28 20:24:31 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga64k.dll
[2013/10/28 20:24:31 | 000,018,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga64k.dll
[2013/10/28 20:24:31 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.dll
[2013/10/28 20:24:31 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.dll
[2013/10/28 20:24:31 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ver.dll
[2013/10/28 20:24:31 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2013/10/28 20:24:31 | 000,009,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013/10/28 20:24:31 | 000,005,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgaoem.fon
[2013/10/28 20:24:31 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vga.drv
[2013/10/28 20:24:31 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2013/10/28 20:24:31 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013/10/28 20:24:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utildll.dll
[2013/10/28 20:24:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utildll.dll
[2013/10/28 20:24:30 | 000,024,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbsfr.dll
[2013/10/28 20:24:30 | 000,024,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbsfr.dll
[2013/10/28 20:24:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vcdex.dll
[2013/10/28 20:24:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vcdex.dll
[2013/10/28 20:24:29 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2013/10/28 20:24:29 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\user.exe
[2013/10/28 20:24:29 | 000,047,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user.exe
[2013/10/28 20:24:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ureg.dll
[2013/10/28 20:24:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ureg.dll
[2013/10/28 20:24:29 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys
[2013/10/28 20:24:28 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\typelib.dll
[2013/10/28 20:24:28 | 000,177,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\typelib.dll
[2013/10/28 20:24:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ufat.dll
[2013/10/28 20:24:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ufat.dll
[2013/10/28 20:24:28 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2013/10/28 20:24:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2013/10/28 20:24:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umdmxfrm.dll
[2013/10/28 20:24:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umdmxfrm.dll
[2013/10/28 20:24:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unlodctr.exe
[2013/10/28 20:24:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unlodctr.exe
[2013/10/28 20:24:27 | 000,094,864 | ---- | C] (Groupe de travail Twain) -- C:\WINDOWS\twain.dll
[2013/10/28 20:24:27 | 000,094,864 | ---- | C] (Groupe de travail Twain) -- C:\WINDOWS\System32\dllcache\twain.dll
[2013/10/28 20:24:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2013/10/28 20:24:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsappcmp.dll
[2013/10/28 20:24:27 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsappcmp.dll
[2013/10/28 20:24:27 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_16.exe
[2013/10/28 20:24:27 | 000,049,680 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_16.exe
[2013/10/28 20:24:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2013/10/28 20:24:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\traffic.dll
[2013/10/28 20:24:27 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\traffic.dll
[2013/10/28 20:24:27 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\twunk_32.exe
[2013/10/28 20:24:27 | 000,025,600 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twunk_32.exe
[2013/10/28 20:24:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013/10/28 20:24:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2013/10/28 20:24:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013/10/28 20:24:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2013/10/28 20:24:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013/10/28 20:24:27 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2013/10/28 20:24:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013/10/28 20:24:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2013/10/28 20:24:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2013/10/28 20:24:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2013/10/28 20:24:27 | 000,008,192 | ---- | C] (DSP GROUP, INC.) -- C:\WINDOWS\System32\tssoft32.acm
[2013/10/28 20:24:26 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert6.exe
[2013/10/28 20:24:26 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert6.exe
[2013/10/28 20:24:25 | 003,374,512 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\tourP.exe
[2013/10/28 20:24:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2013/10/28 20:24:25 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\toolhelp.dll
[2013/10/28 20:24:25 | 000,013,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toolhelp.dll
[2013/10/28 20:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timer.drv
[2013/10/28 20:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2013/10/28 20:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013/10/28 20:24:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2013/10/28 20:24:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiui.dll
[2013/10/28 20:24:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiui.dll
[2013/10/28 20:24:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telephon.cpl
[2013/10/28 20:24:23 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telephon.cpl
[2013/10/28 20:24:23 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2013/10/28 20:24:23 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2013/10/28 20:24:23 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpsvcs.exe
[2013/10/28 20:24:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi.dll
[2013/10/28 20:24:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2013/10/28 20:24:23 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013/10/28 20:24:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tftp.exe
[2013/10/28 20:24:23 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tftp.exe
[2013/10/28 20:24:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013/10/28 20:24:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskman.exe
[2013/10/28 20:24:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2013/10/28 20:24:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcmsetup.exe
[2013/10/28 20:24:23 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcmsetup.exe
[2013/10/28 20:24:23 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2013/10/28 20:24:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapiperf.dll
[2013/10/28 20:24:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapiperf.dll
[2013/10/28 20:24:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syskey.exe
[2013/10/28 20:24:22 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syskey.exe
[2013/10/28 20:24:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysinv.dll
[2013/10/28 20:24:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinv.dll
[2013/10/28 20:24:22 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\system.drv
[2013/10/28 20:24:22 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2013/10/28 20:24:22 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013/10/28 20:24:22 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systray.exe
[2013/10/28 20:24:22 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\systray.exe
[2013/10/28 20:24:21 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swprv.dll
[2013/10/28 20:24:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syncapp.exe
[2013/10/28 20:24:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\syncapp.exe
[2013/10/28 20:24:21 | 000,019,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysedit.exe
[2013/10/28 20:24:21 | 000,019,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysedit.exe
[2013/10/28 20:24:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\svcpack.dll
[2013/10/28 20:24:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcpack.dll
[2013/10/28 20:24:20 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013/10/28 20:24:20 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2013/10/28 20:24:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\subst.exe
[2013/10/28 20:24:20 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\subst.exe
[2013/10/28 20:24:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole32.tlb
[2013/10/28 20:24:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole32.tlb
[2013/10/28 20:24:20 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdole.tlb
[2013/10/28 20:24:20 | 000,005,532 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\stdole.tlb
[2013/10/28 20:24:20 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storage.dll
[2013/10/28 20:24:20 | 000,004,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\storage.dll
[2013/10/28 20:24:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2013/10/28 20:24:19 | 000,049,179 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwoa.dll
[2013/10/28 20:24:19 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2013/10/28 20:24:19 | 000,024,603 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlwid.dll
[2013/10/28 20:24:18 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2013/10/28 20:24:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013/10/28 20:24:18 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2013/10/28 20:24:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sprestrt.exe
[2013/10/28 20:24:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprestrt.exe
[2013/10/28 20:24:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2013/10/28 20:24:17 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2013/10/28 20:24:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013/10/28 20:24:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013/10/28 20:24:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2013/10/28 20:24:09 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2013/10/28 20:24:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2013/10/28 20:24:09 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2013/10/28 20:24:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\softpub.dll
[2013/10/28 20:24:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softpub.dll
[2013/10/28 20:24:09 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sound.drv
[2013/10/28 20:24:09 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2013/10/28 20:24:09 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013/10/28 20:24:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2013/10/28 20:24:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2013/10/28 20:24:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2013/10/28 20:24:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2013/10/28 20:24:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2013/10/28 20:24:08 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2013/10/28 20:24:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2013/10/28 20:24:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2013/10/28 20:24:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2013/10/28 20:24:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2013/10/28 20:24:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2013/10/28 20:24:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2013/10/28 20:24:08 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2013/10/28 20:24:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2013/10/28 20:24:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2013/10/28 20:24:08 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys
[2013/10/28 20:24:08 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smclib.sys
[2013/10/28 20:24:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2013/10/28 20:24:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2013/10/28 20:24:07 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2013/10/28 20:24:07 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2013/10/28 20:24:07 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2013/10/28 20:24:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2013/10/28 20:24:07 | 000,016,384 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbrccsp.dll
[2013/10/28 20:24:07 | 000,016,384 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbrccsp.dll
[2013/10/28 20:24:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sisbkup.dll
[2013/10/28 20:24:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sisbkup.dll
[2013/10/28 20:24:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skdll.dll
[2013/10/28 20:24:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skdll.dll
[2013/10/28 20:24:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfmapi.dll
[2013/10/28 20:24:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfmapi.dll
[2013/10/28 20:24:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013/10/28 20:24:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2013/10/28 20:24:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.exe
[2013/10/28 20:24:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfc.exe
[2013/10/28 20:24:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shell.dll
[2013/10/28 20:24:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2013/10/28 20:24:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013/10/28 20:24:04 | 000,421,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupdll.dll
[2013/10/28 20:24:04 | 000,421,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setupdll.dll
[2013/10/28 20:24:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serwvdrv.dll
[2013/10/28 20:24:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serwvdrv.dll
[2013/10/28 20:24:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\serialui.dll
[2013/10/28 20:24:04 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serialui.dll
[2013/10/28 20:24:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\senscfg.dll
[2013/10/28 20:24:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\senscfg.dll
[2013/10/28 20:24:03 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdpblb.dll
[2013/10/28 20:24:03 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdpblb.dll
[2013/10/28 20:24:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scredir.dll
[2013/10/28 20:24:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scredir.dll
[2013/10/28 20:24:03 | 000,024,626 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrrnfr.dll
[2013/10/28 20:24:03 | 000,024,626 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrnfr.dll
[2013/10/28 20:24:03 | 000,024,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scofr.dll
[2013/10/28 20:24:03 | 000,024,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scofr.dll
[2013/10/28 20:24:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.fon
[2013/10/28 20:24:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scardssp.dll
[2013/10/28 20:24:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scardssp.dll
[2013/10/28 20:24:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2013/10/28 20:24:02 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sc.exe
[2013/10/28 20:24:01 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2013/10/28 20:24:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvp.exe
[2013/10/28 20:24:01 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtm.dll
[2013/10/28 20:24:01 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtm.dll
[2013/10/28 20:24:01 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/10/28 20:24:01 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/10/28 20:24:01 | 000,053,248 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\rsm.exe
[2013/10/28 20:24:01 | 000,053,248 | ---- | C] (Microsoft Corp) -- C:\WINDOWS\System32\dllcache\rsm.exe
[2013/10/28 20:24:01 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmui.exe
[2013/10/28 20:24:01 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmui.exe
[2013/10/28 20:24:01 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2013/10/28 20:24:01 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2013/10/28 20:24:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpmsg.dll
[2013/10/28 20:24:01 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpmsg.dll
[2013/10/28 20:24:01 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmsink.exe
[2013/10/28 20:24:01 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmsink.exe
[2013/10/28 20:24:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runas.exe
[2013/10/28 20:24:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runas.exe
[2013/10/28 20:24:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013/10/28 20:24:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2013/10/28 20:24:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsvpperf.dll
[2013/10/28 20:24:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsvpperf.dll
[2013/10/28 20:24:00 | 000,202,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2013/10/28 20:24:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routemon.exe
[2013/10/28 20:24:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routemon.exe
[2013/10/28 20:24:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rpcns4.dll
[2013/10/28 20:24:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcns4.dll
[2013/10/28 20:24:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\route.exe
[2013/10/28 20:24:00 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\route.exe
[2013/10/28 20:24:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\routetab.dll
[2013/10/28 20:24:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\routetab.dll
[2013/10/28 20:24:00 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rootmdm.sys
[2013/10/28 20:24:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rnr20.dll
[2013/10/28 20:24:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rnr20.dll
[2013/10/28 20:23:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rend.dll
[2013/10/28 20:23:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rend.dll
[2013/10/28 20:23:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013/10/28 20:23:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2013/10/28 20:23:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2013/10/28 20:23:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\replace.exe
[2013/10/28 20:23:59 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\replace.exe
[2013/10/28 20:23:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013/10/28 20:23:59 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2013/10/28 20:23:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\recover.exe
[2013/10/28 20:23:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\recover.exe
[2013/10/28 20:23:59 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwiz.exe
[2013/10/28 20:23:59 | 000,004,608 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwiz.exe
[2013/10/28 20:23:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched32.dll
[2013/10/28 20:23:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched32.dll
[2013/10/28 20:23:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regedt32.exe
[2013/10/28 20:23:59 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regedt32.exe
[2013/10/28 20:23:58 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmontr.dll
[2013/10/28 20:23:58 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmontr.dll
[2013/10/28 20:23:58 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys
[2013/10/28 20:23:58 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rawwan.sys
[2013/10/28 20:23:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasrad.dll
[2013/10/28 20:23:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasrad.dll
[2013/10/28 20:23:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasmxs.dll
[2013/10/28 20:23:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmxs.dll
[2013/10/28 20:23:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013/10/28 20:23:58 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2013/10/28 20:23:58 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2013/10/28 20:23:58 | 000,016,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raspti.sys
[2013/10/28 20:23:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasser.dll
[2013/10/28 20:23:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasser.dll
[2013/10/28 20:23:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasctrs.dll
[2013/10/28 20:23:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasctrs.dll
[2013/10/28 20:23:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdial.exe
[2013/10/28 20:23:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasdial.exe
[2013/10/28 20:23:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasautou.exe
[2013/10/28 20:23:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasautou.exe
[2013/10/28 20:23:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2013/10/28 20:23:58 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasacd.sys
[2013/10/28 20:23:58 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013/10/28 20:23:58 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2013/10/28 20:23:58 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcdd.sys
[2013/10/28 20:23:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qosname.dll
[2013/10/28 20:23:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qosname.dll
[2013/10/28 20:23:56 | 000,017,792 | ---- | C] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ptilink.sys
[2013/10/28 20:23:56 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013/10/28 20:23:56 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2013/10/28 20:23:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pschdprf.dll
[2013/10/28 20:23:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pschdprf.dll
[2013/10/28 20:23:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psnppagn.dll
[2013/10/28 20:23:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psnppagn.dll
[2013/10/28 20:23:55 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2013/10/28 20:23:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pmspl.dll
[2013/10/28 20:23:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmspl.dll
[2013/10/28 20:23:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping6.exe
[2013/10/28 20:23:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping6.exe
[2013/10/28 20:23:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\plustab.dll
[2013/10/28 20:23:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plustab.dll
[2013/10/28 20:23:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prflbmsg.dll
[2013/10/28 20:23:55 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\prflbmsg.dll
[2013/10/28 20:23:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2013/10/28 20:23:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\print.exe
[2013/10/28 20:23:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\print.exe
[2013/10/28 20:23:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2013/10/28 20:23:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pifmgr.dll
[2013/10/28 20:23:54 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pifmgr.dll
[2013/10/28 20:23:49 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2013/10/28 20:23:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pentnt.exe
[2013/10/28 20:23:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pentnt.exe
[2013/10/28 20:23:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfts.dll
[2013/10/28 20:23:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfts.dll
[2013/10/28 20:23:48 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2013/10/28 20:23:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.exe
[2013/10/28 20:23:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osuninst.exe
[2013/10/28 20:23:47 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pathping.exe
[2013/10/28 20:23:47 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pathping.exe
[2013/10/28 20:23:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\panmap.dll
[2013/10/28 20:23:47 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\panmap.dll
[2013/10/28 20:23:47 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\parvdm.sys
[2013/10/28 20:23:46 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleacc.dll
[2013/10/28 20:23:46 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli.dll
[2013/10/28 20:23:46 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2013/10/28 20:23:46 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013/10/28 20:23:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2013/10/28 20:23:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olethk32.dll
[2013/10/28 20:23:46 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olethk32.dll
[2013/10/28 20:23:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2013/10/28 20:23:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr.dll
[2013/10/28 20:23:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2013/10/28 20:23:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013/10/28 20:23:46 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olesvr32.dll
[2013/10/28 20:23:46 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr32.dll
[2013/10/28 20:23:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleaccrc.dll
[2013/10/28 20:23:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaccrc.dll
[2013/10/28 20:23:46 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys
[2013/10/28 20:23:45 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2disp.dll
[2013/10/28 20:23:45 | 000,169,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2disp.dll
[2013/10/28 20:23:45 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2nls.dll
[2013/10/28 20:23:45 | 000,153,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2nls.dll
[2013/10/28 20:23:45 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ole2.dll
[2013/10/28 20:23:45 | 000,039,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole2.dll
[2013/10/28 20:23:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2013/10/28 20:23:40 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc16gt.dll
[2013/10/28 20:23:40 | 000,026,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc16gt.dll
[2013/10/28 20:23:39 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys
[2013/10/28 20:23:39 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnknb.sys
[2013/10/28 20:23:39 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys
[2013/10/28 20:23:39 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkspx.sys
[2013/10/28 20:23:39 | 000,032,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkfwd.sys
[2013/10/28 20:23:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2013/10/28 20:23:39 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwlnkflt.sys
[2013/10/28 20:23:39 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\null.sys
[2013/10/28 20:23:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanui.dll
[2013/10/28 20:23:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui.dll
[2013/10/28 20:23:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsevt.dll
[2013/10/28 20:23:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsevt.dll
[2013/10/28 20:23:37 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntlanui2.dll
[2013/10/28 20:23:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2013/10/28 20:23:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013/10/28 20:23:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2013/10/28 20:23:32 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui2.dll
[2013/10/28 20:23:32 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netui2.dll
[2013/10/28 20:23:32 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netmsg.dll
[2013/10/28 20:23:32 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netmsg.dll
[2013/10/28 20:23:31 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\neth.dll
[2013/10/28 20:23:31 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\neth.dll
[2013/10/28 20:23:31 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netevent.dll
[2013/10/28 20:23:31 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netevent.dll
[2013/10/28 20:23:30 | 000,108,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netapi.dll
[2013/10/28 20:23:30 | 000,108,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi.dll
[2013/10/28 20:23:30 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mycomput.dll
[2013/10/28 20:23:30 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mycomput.dll
[2013/10/28 20:23:30 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrhook.dll
[2013/10/28 20:23:30 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrhook.dll
[2013/10/28 20:23:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncpa.cpl
[2013/10/28 20:23:30 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncpa.cpl
[2013/10/28 20:23:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nbtstat.exe
[2013/10/28 20:23:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nbtstat.exe
[2013/10/28 20:23:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncxpnt.dll
[2013/10/28 20:23:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncxpnt.dll
[2013/10/28 20:23:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3r.dll
[2013/10/28 20:23:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3r.dll
[2013/10/28 20:23:28 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013/10/28 20:23:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013/10/28 20:23:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxmlr.dll
[2013/10/28 20:23:28 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxmlr.dll
[2013/10/28 20:23:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2013/10/28 20:23:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013/10/28 20:23:27 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvideo.dll
[2013/10/28 20:23:27 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2013/10/28 20:23:27 | 000,127,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013/10/28 20:23:27 | 000,043,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2r.dll
[2013/10/28 20:23:27 | 000,043,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2r.dll
[2013/10/28 20:23:26 | 001,355,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm50.dll
[2013/10/28 20:23:26 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp50.dll
[2013/10/28 20:23:26 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp50.dll
[2013/10/28 20:23:26 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt20.dll
[2013/10/28 20:23:26 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt20.dll
[2013/10/28 20:23:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2013/10/28 20:23:25 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2013/10/28 20:23:25 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssign32.dll
[2013/10/28 20:23:25 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssign32.dll
[2013/10/28 20:23:25 | 000,028,746 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrecr40.dll
[2013/10/28 20:23:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2013/10/28 20:23:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswch.dll
[2013/10/28 20:23:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswch.dll
[2013/10/28 20:23:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msswchx.exe
[2013/10/28 20:23:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msswchx.exe
[2013/10/28 20:23:25 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssip32.dll
[2013/10/28 20:23:25 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssip32.dll
[2013/10/28 20:23:24 | 000,073,802 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrclr40.dll
[2013/10/28 20:23:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2c.dll
[2013/10/28 20:23:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2c.dll
[2013/10/28 20:23:24 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msratelc.dll
[2013/10/28 20:23:24 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msratelc.dll
[2013/10/28 20:23:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msports.dll
[2013/10/28 20:23:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msports.dll
[2013/10/28 20:23:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msr2cenu.dll
[2013/10/28 20:23:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msr2cenu.dll
[2013/10/28 20:23:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msobjs.dll
 

[2013/10/28 20:23:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobjs.dll
[2013/10/28 20:23:16 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2013/10/28 20:23:16 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msls31.dll
[2013/10/28 20:23:16 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msls31.dll
[2013/10/28 20:23:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2013/10/28 20:23:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidntld.dll
[2013/10/28 20:23:15 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msidntld.dll
[2013/10/28 20:23:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2013/10/28 20:23:14 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2013/10/28 20:23:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013/10/28 20:23:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2013/10/28 20:23:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaudite.dll
[2013/10/28 20:23:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaudite.dll
[2013/10/28 20:23:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscat32.dll
[2013/10/28 20:23:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscat32.dll
[2013/10/28 20:23:11 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msaatext.dll
[2013/10/28 20:23:11 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaatext.dll
[2013/10/28 20:23:11 | 000,061,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm.dll
[2013/10/28 20:23:11 | 000,061,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msacm.dll
[2013/10/28 20:23:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprmsg.dll
[2013/10/28 20:23:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprmsg.dll
[2013/10/28 20:23:10 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprddm.dll
[2013/10/28 20:23:10 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprddm.dll
[2013/10/28 20:23:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprui.dll
[2013/10/28 20:23:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprui.dll
[2013/10/28 20:23:10 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpnotify.exe
[2013/10/28 20:23:10 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpnotify.exe
[2013/10/28 20:23:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mrinfo.exe
[2013/10/28 20:23:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrinfo.exe
[2013/10/28 20:23:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmutilse.dll
[2013/10/28 20:23:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmutilse.dll
[2013/10/28 20:23:08 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mode.com
[2013/10/28 20:23:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2013/10/28 20:23:08 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modex.dll
[2013/10/28 20:23:08 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modex.dll
[2013/10/28 20:23:08 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modern.fon
[2013/10/28 20:23:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mountvol.exe
[2013/10/28 20:23:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mountvol.exe
[2013/10/28 20:23:08 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.sys
[2013/10/28 20:23:08 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mouse.drv
[2013/10/28 20:23:08 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2013/10/28 20:23:08 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013/10/28 20:23:08 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmtask.tsk
[2013/10/28 20:23:08 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2013/10/28 20:23:08 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013/10/28 20:23:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmdrv.dll
[2013/10/28 20:23:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmdrv.dll
[2013/10/28 20:23:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_mtf.dll
[2013/10/28 20:23:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_mtf.dll
[2013/10/28 20:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_qic.dll
[2013/10/28 20:23:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_qic.dll
[2013/10/28 20:23:07 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mll_hp.dll
[2013/10/28 20:23:07 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mll_hp.dll
[2013/10/28 20:23:06 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2013/10/28 20:23:06 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2013/10/28 20:23:06 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42fra.dll
[2013/10/28 20:23:06 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\migpwd.exe
[2013/10/28 20:23:06 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2013/10/28 20:23:06 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2013/10/28 20:23:05 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2013/10/28 20:23:05 | 000,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2013/10/28 20:23:05 | 000,924,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2013/10/28 20:23:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metal_ss.dll
[2013/10/28 20:23:05 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40fra.dll
[2013/10/28 20:23:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdhcp.dll
[2013/10/28 20:23:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdhcp.dll
[2013/10/28 20:23:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.drv
[2013/10/28 20:23:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2013/10/28 20:23:03 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013/10/28 20:23:02 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\main.cpl
[2013/10/28 20:23:02 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\main.cpl
[2013/10/28 20:23:02 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapistub.dll
[2013/10/28 20:23:02 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi.drv
[2013/10/28 20:23:02 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2013/10/28 20:23:02 | 000,073,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013/10/28 20:23:02 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.drv
[2013/10/28 20:23:02 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2013/10/28 20:23:02 | 000,025,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013/10/28 20:23:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcicda.dll
[2013/10/28 20:23:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcicda.dll
[2013/10/28 20:23:02 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcdsrv32.dll
[2013/10/28 20:23:02 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcdsrv32.dll
[2013/10/28 20:23:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcd32.dll
[2013/10/28 20:23:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd32.dll
[2013/10/28 20:23:02 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lzexpand.dll
[2013/10/28 20:23:02 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2013/10/28 20:23:02 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013/10/28 20:23:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole16.dll
[2013/10/28 20:23:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole16.dll
[2013/10/28 20:23:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mag_hook.dll
[2013/10/28 20:23:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mag_hook.dll
[2013/10/28 20:23:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciole32.dll
[2013/10/28 20:23:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciole32.dll
[2013/10/28 20:23:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys
[2013/10/28 20:23:02 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcd.sys
[2013/10/28 20:23:02 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mchgrcoi.dll
[2013/10/28 20:23:02 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mchgrcoi.dll
[2013/10/28 20:23:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lz32.dll
[2013/10/28 20:23:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lz32.dll
[2013/10/28 20:23:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loghours.dll
[2013/10/28 20:23:01 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loghours.dll
[2013/10/28 20:23:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lights.exe
[2013/10/28 20:23:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lights.exe
[2013/10/28 20:23:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lnkstub.exe
[2013/10/28 20:23:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lnkstub.exe
[2013/10/28 20:23:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013/10/28 20:23:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2013/10/28 20:23:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprmonui.dll
[2013/10/28 20:23:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmonui.dll
[2013/10/28 20:23:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpr.exe
[2013/10/28 20:23:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpr.exe
[2013/10/28 20:23:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lpq.exe
[2013/10/28 20:23:01 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpq.exe
[2013/10/28 20:23:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lodctr.exe
[2013/10/28 20:23:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lodctr.exe
[2013/10/28 20:23:00 | 000,224,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lanman.drv
[2013/10/28 20:23:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\langwrbk.dll
[2013/10/28 20:23:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\langwrbk.dll
[2013/10/28 20:22:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\label.exe
[2013/10/28 20:22:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\label.exe
[2013/10/28 20:22:18 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kdcom.dll
[2013/10/28 20:22:18 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdcom.dll
[2013/10/28 20:22:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2013/10/28 20:22:18 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keyboard.drv
[2013/10/28 20:22:18 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2013/10/28 20:22:18 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013/10/28 20:22:17 | 000,065,536 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgsh400.dll
[2013/10/28 20:22:17 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jobexec.dll
[2013/10/28 20:22:17 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jobexec.dll
[2013/10/28 20:22:17 | 000,045,568 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgsd400.dll
[2013/10/28 20:22:17 | 000,035,840 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgmd400.dll
[2013/10/28 20:22:17 | 000,028,719 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jsfr.dll
[2013/10/28 20:22:17 | 000,028,719 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsfr.dll
[2013/10/28 20:22:17 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2013/10/28 20:22:17 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2013/10/28 20:22:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2013/10/28 20:22:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2013/10/28 20:22:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcan.dll
[2013/10/28 20:22:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcan.dll
[2013/10/28 20:22:17 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmac.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmac.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfo.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfo.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbene.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbene.dll
[2013/10/28 20:22:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2013/10/28 20:22:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jet500.dll
[2013/10/28 20:22:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jet500.dll
[2013/10/28 20:22:16 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2013/10/28 20:22:16 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxmontr.dll
[2013/10/28 20:22:16 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxmontr.dll
[2013/10/28 20:22:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxpromn.dll
[2013/10/28 20:22:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxpromn.dll
[2013/10/28 20:22:16 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxsap.dll
[2013/10/28 20:22:16 | 000,044,544 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgaw400.dll
[2013/10/28 20:22:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxrtmgr.dll
[2013/10/28 20:22:16 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxrtmgr.dll
[2013/10/28 20:22:16 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2013/10/28 20:22:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxrip.dll
[2013/10/28 20:22:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxrip.dll
[2013/10/28 20:22:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2013/10/28 20:22:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013/10/28 20:22:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2013/10/28 20:22:15 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2013/10/28 20:22:15 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2013/10/28 20:22:15 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsec6.exe
[2013/10/28 20:22:15 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsec6.exe
[2013/10/28 20:22:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iologmsg.dll
[2013/10/28 20:22:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iologmsg.dll
[2013/10/28 20:22:15 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipfltdrv.sys
[2013/10/28 20:22:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtprio.dll
[2013/10/28 20:22:15 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtprio.dll
[2013/10/28 20:22:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprop.dll
[2013/10/28 20:22:15 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprop.dll
[2013/10/28 20:22:14 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\infosoft.dll
[2013/10/28 20:22:14 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infosoft.dll
[2013/10/28 20:22:14 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcplc.dll
[2013/10/28 20:22:14 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcplc.dll
[2013/10/28 20:22:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2013/10/28 20:22:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifsutil.dll
[2013/10/28 20:22:13 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ifsutil.dll
[2013/10/28 20:22:12 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassdo.dll
[2013/10/28 20:22:12 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassdo.dll
[2013/10/28 20:22:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakui.dll
[2013/10/28 20:22:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll
[2013/10/28 20:22:12 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrecst.dll
[2013/10/28 20:22:12 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrecst.dll
[2013/10/28 20:22:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassam.dll
[2013/10/28 20:22:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassam.dll
[2013/10/28 20:22:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2013/10/28 20:22:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2013/10/28 20:22:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iassvcs.dll
[2013/10/28 20:22:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iassvcs.dll
[2013/10/28 20:22:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasnap.dll
[2013/10/28 20:22:12 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasnap.dll
[2013/10/28 20:22:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icmui.dll
[2013/10/28 20:22:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasads.dll
[2013/10/28 20:22:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasads.dll
[2013/10/28 20:22:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iashlpr.dll
[2013/10/28 20:22:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iashlpr.dll
[2013/10/28 20:22:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasacct.dll
[2013/10/28 20:22:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasacct.dll
[2013/10/28 20:22:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iaspolcy.dll
[2013/10/28 20:22:12 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iaspolcy.dll
[2013/10/28 20:22:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013/10/28 20:22:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2013/10/28 20:22:11 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013/10/28 20:22:11 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2013/10/28 20:22:10 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2013/10/28 20:22:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\home_ss.dll
[2013/10/28 20:22:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2013/10/28 20:22:10 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2013/10/28 20:22:10 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2013/10/28 20:22:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetmon.dll
[2013/10/28 20:22:10 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hnetmon.dll
[2013/10/28 20:22:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hostname.exe
[2013/10/28 20:22:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostname.exe
[2013/10/28 20:22:09 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrlui.dll
[2013/10/28 20:22:08 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2013/10/28 20:22:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2013/10/28 20:22:08 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2013/10/28 20:22:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkcsp.dll
[2013/10/28 20:22:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkcsp.dll
[2013/10/28 20:22:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\graftabl.com
[2013/10/28 20:22:06 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glmf32.dll
[2013/10/28 20:22:06 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\glmf32.dll
[2013/10/28 20:22:05 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013/10/28 20:22:05 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2013/10/28 20:22:05 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gcdef.dll
[2013/10/28 20:22:05 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gcdef.dll
[2013/10/28 20:22:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2013/10/28 20:22:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2013/10/28 20:22:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdi.exe
[2013/10/28 20:22:05 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi.exe
[2013/10/28 20:22:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2013/10/28 20:22:05 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2013/10/28 20:22:04 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftsrch.dll
[2013/10/28 20:22:04 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftsrch.dll
[2013/10/28 20:22:04 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2013/10/28 20:22:04 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2013/10/28 20:22:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2013/10/28 20:22:04 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2013/10/28 20:22:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsusd.dll
[2013/10/28 20:22:04 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsusd.dll
[2013/10/28 20:22:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsutil.exe
[2013/10/28 20:22:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsutil.exe
[2013/10/28 20:22:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2013/10/28 20:22:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2013/10/28 20:22:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2013/10/28 20:22:04 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fs_rec.sys
[2013/10/28 20:22:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2013/10/28 20:22:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsconins.dll
[2013/10/28 20:22:03 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2013/10/28 20:22:03 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2013/10/28 20:22:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fmifs.dll
[2013/10/28 20:22:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fmifs.dll
[2013/10/28 20:22:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2013/10/28 20:22:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\finger.exe
[2013/10/28 20:22:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\finger.exe
[2013/10/28 20:22:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\find.exe
[2013/10/28 20:22:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\find.exe
[2013/10/28 20:22:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2013/10/28 20:22:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fixmapi.exe
[2013/10/28 20:22:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fixmapi.exe
[2013/10/28 20:22:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fc.exe
[2013/10/28 20:22:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fc.exe
[2013/10/28 20:22:01 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2013/10/28 20:22:01 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2013/10/28 20:22:01 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esentutl.exe
[2013/10/28 20:22:01 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentutl.exe
[2013/10/28 20:22:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcls.dll
[2013/10/28 20:22:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventcls.dll
[2013/10/28 20:22:01 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2013/10/28 20:22:01 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2013/10/28 20:22:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esentprf.dll
[2013/10/28 20:22:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esentprf.dll
[2013/10/28 20:22:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventvwr.exe
[2013/10/28 20:22:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eventvwr.exe
[2013/10/28 20:22:00 | 001,114,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent97.dll
[2013/10/28 20:22:00 | 001,114,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esent97.dll
[2013/10/28 20:22:00 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2013/10/28 20:22:00 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013/10/28 20:22:00 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2013/10/28 20:21:11 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys
[2013/10/28 20:21:11 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxgthk.sys
[2013/10/28 20:21:10 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2013/10/28 20:21:10 | 000,059,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwil1036.dll
[2013/10/28 20:21:10 | 000,055,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dwil1033.dll
[2013/10/28 20:21:10 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys
[2013/10/28 20:21:10 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxapi.sys
[2013/10/28 20:21:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsauth.dll
[2013/10/28 20:21:09 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsauth.dll
[2013/10/28 20:21:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drwtsn32.exe
[2013/10/28 20:21:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwtsn32.exe
[2013/10/28 20:21:09 | 000,028,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drwatson.exe
[2013/10/28 20:21:09 | 000,028,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drwatson.exe
[2013/10/28 20:21:09 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds16gt.dLL
[2013/10/28 20:21:09 | 000,004,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds16gt.dll
[2013/10/28 20:20:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnmodem.dll
[2013/10/28 20:20:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnmodem.dll
[2013/10/28 20:20:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnwsock.dll
[2013/10/28 20:20:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnwsock.dll
[2013/10/28 20:20:44 | 000,054,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpserial.dll
[2013/10/28 20:20:44 | 000,054,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpserial.dll
[2013/10/28 20:20:44 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\docprop.dll
[2013/10/28 20:20:44 | 000,042,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsock.dll
[2013/10/28 20:20:44 | 000,042,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsock.dll
[2013/10/28 20:20:44 | 000,036,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dosapp.fon
[2013/10/28 20:20:44 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplay.dll
[2013/10/28 20:20:44 | 000,033,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplay.dll
[2013/10/28 20:20:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\doskey.exe
[2013/10/28 20:20:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\doskey.exe
[2013/10/28 20:20:43 | 000,330,752 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dmconfig.dll
[2013/10/28 20:20:43 | 000,330,752 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmconfig.dll
[2013/10/28 20:20:43 | 000,285,184 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2013/10/28 20:20:43 | 000,134,656 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskres.dll
[2013/10/28 20:20:43 | 000,134,656 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskres.dll
[2013/10/28 20:20:43 | 000,061,440 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmview.ocx
[2013/10/28 20:20:43 | 000,061,440 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmview.ocx
[2013/10/28 20:20:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmocx.dll
[2013/10/28 20:20:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmocx.dll
[2013/10/28 20:20:43 | 000,018,432 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmintf.dll
[2013/10/28 20:20:43 | 000,018,432 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmintf.dll
[2013/10/28 20:20:43 | 000,005,888 | ---- | C] (Microsoft Corp., Veritas Software.) -- C:\WINDOWS\System32\dllcache\dmload.sys
[2013/10/28 20:20:43 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllhst3g.exe
[2013/10/28 20:20:43 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhst3g.exe
[2013/10/28 20:20:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dimap.dll
[2013/10/28 20:20:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimap.dll
[2013/10/28 20:20:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2013/10/28 20:20:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskperf.exe
[2013/10/28 20:20:41 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskperf.exe
[2013/10/28 20:20:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskcomp.com
[2013/10/28 20:20:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskcopy.com
[2013/10/28 20:20:40 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2013/10/28 20:20:40 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diactfrm.dll
[2013/10/28 20:20:40 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diactfrm.dll
[2013/10/28 20:20:40 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2013/10/28 20:20:40 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013/10/28 20:20:40 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2013/10/28 20:20:40 | 000,086,044 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013/10/28 20:20:40 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpsapi.dll
[2013/10/28 20:20:40 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpsapi.dll
[2013/10/28 20:20:40 | 000,055,808 | ---- | C] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgres.dll
[2013/10/28 20:20:40 | 000,055,808 | ---- | C] (Microsoft Corp. et Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgres.dll
[2013/10/28 20:20:39 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeml.dll
[2013/10/28 20:20:39 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeml.dll
[2013/10/28 20:20:39 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskperf.dll
[2013/10/28 20:20:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskmon.dll
[2013/10/28 20:20:39 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\deskadp.dll
[2013/10/28 20:20:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013/10/28 20:20:38 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dramp.dll
[2013/10/28 20:20:38 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dramp.dll
[2013/10/28 20:20:38 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim.dll
[2013/10/28 20:20:38 | 000,436,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim.dll
[2013/10/28 20:20:38 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3drm.dll
[2013/10/28 20:20:38 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3drm.dll
[2013/10/28 20:20:38 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2013/10/28 20:20:38 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dxof.dll
[2013/10/28 20:20:38 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dxof.dll
[2013/10/28 20:20:38 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dpmesh.dll
[2013/10/28 20:20:38 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dpmesh.dll
[2013/10/28 20:20:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2013/10/28 20:20:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2013/10/28 20:20:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csseqchk.dll
[2013/10/28 20:20:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csseqchk.dll
[2013/10/28 20:20:36 | 000,027,200 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ctl3dv2.dll
[2013/10/28 20:20:36 | 000,027,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctl3dv2.dll
[2013/10/28 20:20:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ctl3d32.dll
[2013/10/28 20:20:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ctl3d32.dll
[2013/10/28 20:20:35 | 000,149,019 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crtdll.dll
[2013/10/28 20:20:35 | 000,149,019 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\crtdll.dll
[2013/10/28 20:20:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2013/10/28 20:20:34 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2013/10/28 20:20:34 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013/10/28 20:20:34 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013/10/28 20:20:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\console.dll
[2013/10/28 20:20:34 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\console.dll
[2013/10/28 20:20:34 | 000,030,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compobj.dll
[2013/10/28 20:20:34 | 000,030,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compobj.dll
[2013/10/28 20:20:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convert.exe
[2013/10/28 20:20:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\convert.exe
[2013/10/28 20:20:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\control.exe
[2013/10/28 20:20:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\control.exe
[2013/10/28 20:20:29 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2013/10/28 20:20:29 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\commdlg.dll
[2013/10/28 20:20:29 | 000,033,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013/10/28 20:20:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compact.exe
[2013/10/28 20:20:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compact.exe
[2013/10/28 20:20:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comp.exe
[2013/10/28 20:20:29 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comp.exe
[2013/10/28 20:20:29 | 000,010,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comm.drv
[2013/10/28 20:20:28 | 001,042,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2013/10/28 20:20:28 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\class_ss.dll
[2013/10/28 20:20:28 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2013/10/28 20:20:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnetcfg.dll
[2013/10/28 20:20:28 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnetcfg.dll
[2013/10/28 20:20:28 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013/10/28 20:20:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnvfat.dll
[2013/10/28 20:20:28 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnvfat.dll
[2013/10/28 20:20:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmpbk32.dll
[2013/10/28 20:20:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmpbk32.dll
[2013/10/28 20:20:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clb.dll
[2013/10/28 20:20:28 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clb.dll
[2013/10/28 20:20:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ckcnv.exe
[2013/10/28 20:20:28 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ckcnv.exe
[2013/10/28 20:20:28 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comcat.dll
[2013/10/28 20:20:28 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comcat.dll
[2013/10/28 20:20:27 | 000,781,397 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2013/10/28 20:20:27 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciadmin.dll
[2013/10/28 20:20:27 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciadmin.dll
[2013/10/28 20:20:27 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2013/10/28 20:20:27 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2013/10/28 20:20:27 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013/10/28 20:20:27 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2013/10/28 20:20:27 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2013/10/28 20:20:27 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2013/10/28 20:20:27 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2013/10/28 20:20:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2013/10/28 20:20:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkdsk.exe
[2013/10/28 20:20:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chkdsk.exe
[2013/10/28 20:20:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkntfs.exe
[2013/10/28 20:20:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chkntfs.exe
[2013/10/28 20:20:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2013/10/28 20:20:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cidaemon.exe
[2013/10/28 20:20:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chcp.com
[2013/10/28 20:20:26 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cards.dll
[2013/10/28 20:20:26 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cards.dll
[2013/10/28 20:20:26 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2013/10/28 20:20:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2013/10/28 20:20:26 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013/10/28 20:20:26 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/10/28 20:20:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccfgnt.dll
[2013/10/28 20:20:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ccfgnt.dll
[2013/10/28 20:20:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2013/10/28 20:20:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2013/10/28 20:20:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013/10/28 20:20:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2013/10/28 20:20:25 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2013/10/28 20:20:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvid.dll
[2013/10/28 20:20:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvid.dll
[2013/10/28 20:20:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootvrfy.exe
[2013/10/28 20:20:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootvrfy.exe
[2013/10/28 20:20:24 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blue_ss.dll
[2013/10/28 20:20:24 | 000,152,576 | ---- | C] (Microsoft Corporation; Microsoft Research) -- C:\WINDOWS\System32\dllcache\bnts.dll
[2013/10/28 20:20:24 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2013/10/28 20:20:24 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootok.exe
[2013/10/28 20:20:24 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootok.exe
[2013/10/28 20:20:24 | 000,004,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\beep.sys
[2013/10/28 20:20:23 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2013/10/28 20:20:23 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2013/10/28 20:13:17 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2013/10/28 20:13:17 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013/10/28 20:13:17 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2013/10/28 20:13:17 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifile.dll
[2013/10/28 20:13:17 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013/10/28 20:13:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autodisc.dll
[2013/10/28 20:13:17 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autodisc.dll
[2013/10/28 20:13:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2013/10/28 20:13:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013/10/28 20:13:17 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2013/10/28 20:13:17 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avicap.dll
[2013/10/28 20:13:17 | 000,070,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013/10/28 20:13:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap32.dll
[2013/10/28 20:13:17 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avicap32.dll
[2013/10/28 20:13:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2013/10/28 20:13:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013/10/28 20:13:16 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys
[2013/10/28 20:13:16 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmuni.sys
[2013/10/28 20:13:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmpvcno.dll
[2013/10/28 20:13:16 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmpvcno.dll
[2013/10/28 20:13:16 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys
[2013/10/28 20:13:16 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmepvc.sys
[2013/10/28 20:13:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atkctrs.dll
[2013/10/28 20:13:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atkctrs.dll
[2013/10/28 20:13:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2013/10/28 20:13:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2013/10/28 20:13:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013/10/28 20:13:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\arp.exe
[2013/10/28 20:13:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\arp.exe
[2013/10/28 20:13:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apcups.dll
[2013/10/28 20:13:05 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\apcups.dll
[2013/10/28 20:13:04 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\activeds.tlb
[2013/10/28 20:13:04 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.tlb
[2013/10/28 20:13:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adptif.dll
[2013/10/28 20:13:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adptif.dll
[2013/10/28 20:13:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acledit.dll
[2013/10/28 20:13:03 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acledit.dll
[2013/10/28 20:13:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2013/10/28 20:13:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013/10/28 20:13:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aaaamon.dll
[2013/10/28 20:13:03 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaaamon.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/03 21:52:22 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/03 21:04:34 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/11/03 21:01:50 | 000,000,182 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/11/03 21:01:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/03 21:01:23 | 536,203,264 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/03 21:01:23 | 000,102,232 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/11/02 23:03:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/11/02 22:49:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/11/02 22:46:00 | 000,446,566 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013/11/02 22:46:00 | 000,381,692 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/02 22:46:00 | 000,064,484 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013/11/02 22:46:00 | 000,053,436 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/02 22:43:17 | 000,000,138 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\fusioncache.dat
[2013/11/02 20:55:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/30 11:20:02 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Remover.lnk
[2013/10/30 11:20:02 | 000,000,825 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Trojan Remover.lnk
[2013/10/29 22:21:06 | 000,001,757 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\FileZilla Server Interface.lnk
[2013/10/29 21:42:58 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/10/29 21:42:53 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/10/29 21:42:53 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/10/29 21:42:52 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/10/29 21:42:52 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/10/29 21:14:58 | 000,021,784 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\cc_20131029_211433.reg
[2013/10/29 21:11:53 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/10/29 12:02:10 | 000,001,615 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2013/10/28 23:24:11 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/10/28 23:24:11 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/10/28 23:13:14 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/10/28 23:13:07 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2013/10/28 21:59:56 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/10/28 21:43:30 | 000,001,790 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! SafeZone.lnk
[2013/10/28 21:43:30 | 000,001,730 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Premier.lnk
[2013/10/28 21:41:14 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/10/28 21:41:14 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/10/28 21:41:14 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/10/28 21:41:14 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/10/28 21:41:14 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/10/28 21:41:14 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/10/28 21:41:14 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/10/28 21:41:14 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/10/28 21:41:13 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/10/28 21:41:13 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/10/28 21:41:01 | 000,026,136 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswKbd.sys
[2013/10/28 21:40:56 | 000,247,192 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswNdis2.sys
[2013/10/28 21:40:56 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2013/10/28 21:39:12 | 000,000,298 | RHS- | M] () -- C:\boot.ini
[2013/10/28 21:38:33 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/10/28 21:26:46 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2013/10/28 21:18:15 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\Connexion facile à Internet.job
[2013/10/28 21:18:06 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Connexion facile à Internet.lnk
[2013/10/28 21:17:49 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\Enregistrement auprès de HP.url
[2013/10/28 21:17:26 | 000,001,895 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_PX598AA-ABF w5037.fr_YC_0Pavi_QCZB516_E52FRheBLF4_47_IPuffer_SASUSTeK Computer INC._V1.xx_B3.19_T050310_WXH2_L40C_M512_J200_7Intel_8Pentium 4_93_#131028_N10EC8139_Z_G10025B62_OLITE-ON DVDRW SOHW-1633S.MRK
[2013/10/28 21:16:13 | 000,000,993 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/10/28 21:15:33 | 000,000,218 | RHS- | M] () -- C:\BOOT.BAK
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/02 22:50:23 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/11/02 22:50:23 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/11/02 22:50:23 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/11/02 22:50:23 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/11/02 22:50:23 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/10/30 11:20:02 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Trojan Remover.lnk
[2013/10/30 11:20:02 | 000,000,825 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Trojan Remover.lnk
[2013/10/30 11:19:53 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2013/10/30 11:19:52 | 000,185,616 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar39.dll
[2013/10/30 11:19:52 | 000,169,744 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2013/10/30 11:19:52 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2013/10/30 11:19:52 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2013/10/30 10:47:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/10/30 10:47:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/10/29 22:21:06 | 000,001,757 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\FileZilla Server Interface.lnk
[2013/10/29 21:47:19 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/10/29 21:14:44 | 000,021,784 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Mes documents\cc_20131029_211433.reg
[2013/10/29 21:11:53 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2013/10/29 12:02:08 | 000,001,615 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\QuickTime Player.lnk
[2013/10/29 11:13:52 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/10/29 11:10:45 | 000,000,966 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Defender.lnk
[2013/10/28 23:24:12 | 000,001,002 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/28 23:13:14 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/10/28 23:13:07 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk
[2013/10/28 23:13:07 | 000,000,735 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2013/10/28 21:43:30 | 000,001,790 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! SafeZone.lnk
[2013/10/28 21:43:30 | 000,001,730 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Premier.lnk
[2013/10/28 21:41:22 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/10/28 21:41:21 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/10/28 21:39:10 | 000,000,218 | RHS- | C] () -- C:\BOOT.BAK
[2013/10/28 21:39:09 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2013/10/28 21:30:59 | 000,677,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/10/28 21:30:59 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/10/28 21:30:59 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/10/28 21:30:59 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/10/28 21:30:59 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/10/28 21:30:59 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/10/28 21:30:59 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/10/28 21:30:59 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/10/28 21:30:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/10/28 21:30:59 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/10/28 21:30:59 | 000,075,692 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/10/28 21:30:59 | 000,058,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/10/28 21:30:59 | 000,027,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/10/28 21:30:59 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/10/28 21:30:59 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/10/28 21:30:59 | 000,001,740 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/10/28 21:30:59 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/10/28 21:30:58 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/10/28 21:30:58 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/10/28 21:30:58 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/10/28 21:30:58 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/10/28 21:30:58 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/10/28 21:30:58 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/10/28 21:30:58 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/10/28 21:30:58 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/10/28 21:30:58 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/10/28 21:30:58 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/10/28 21:30:58 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/10/28 21:30:58 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/10/28 21:30:58 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/10/28 21:30:58 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/10/28 21:30:58 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/10/28 21:30:58 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/10/28 21:30:58 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/10/28 21:30:58 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/10/28 21:30:58 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/10/28 21:30:58 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/10/28 21:30:58 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/10/28 21:30:58 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/10/28 21:30:58 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/10/28 21:30:57 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/10/28 21:30:57 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/10/28 21:30:57 | 000,085,617 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/10/28 21:30:57 | 000,066,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/10/28 21:30:57 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/10/28 21:30:57 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/10/28 21:30:57 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/10/28 21:30:57 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/10/28 21:30:57 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/10/28 21:30:57 | 000,001,465 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/10/28 21:30:57 | 000,001,455 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/10/28 21:30:57 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/10/28 21:30:57 | 000,001,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/10/28 21:30:57 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/10/28 21:30:57 | 000,001,057 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/10/28 21:30:57 | 000,001,048 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/10/28 21:30:57 | 000,001,034 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/10/28 21:30:57 | 000,000,820 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/10/28 21:30:57 | 000,000,819 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/10/28 21:30:57 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/10/28 21:30:57 | 000,000,788 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/10/28 21:30:57 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/10/28 21:30:57 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/10/28 21:30:57 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/10/28 21:30:56 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/10/28 21:30:56 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/10/28 21:30:56 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/10/28 21:30:55 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/10/28 21:30:55 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/10/28 21:30:55 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/10/28 21:30:55 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/10/28 21:30:55 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/10/28 21:30:54 | 000,184,107 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/10/28 21:30:54 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/10/28 21:30:54 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/10/28 21:30:54 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/10/28 21:30:54 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/10/28 21:30:54 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/10/28 21:30:54 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/10/28 21:30:54 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/10/28 21:27:02 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/10/28 21:27:02 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/10/28 21:27:01 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/10/28 21:18:06 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\Connexion facile à Internet.job
[2013/10/28 21:17:49 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\Enregistrement auprès de HP.url
[2013/10/28 21:17:20 | 000,001,895 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_PX598AA-ABF w5037.fr_YC_0Pavi_QCZB516_E52FRheBLF4_47_IPuffer_SASUSTeK Computer INC._V1.xx_B3.19_T050310_WXH2_L40C_M512_J200_7Intel_8Pentium 4_93_#131028_N10EC8139_Z_G10025B62_OLITE-ON DVDRW SOHW-1633S.MRK
[2013/10/28 21:17:13 | 536,203,264 | -HS- | C] () -- C:\hiberfil.sys
[2013/10/28 21:17:04 | 000,002,335 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Bureau\Aide et support.lnk
[2013/10/28 21:17:04 | 000,000,826 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Démarrer Internet Explorer.lnk
[2013/10/28 21:17:04 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Local Settings\Application Data\fusioncache.dat
[2013/10/28 21:17:04 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2013/10/28 21:17:03 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Assistance à distance.lnk
[2013/10/28 21:17:03 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Internet Explorer.lnk
[2013/10/28 21:17:03 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Lecteur Windows Media.lnk
[2013/10/28 21:17:03 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\HP_Propriétaire\Menu Démarrer\Programmes\Outlook Express.lnk
[2013/10/28 21:16:08 | 000,000,751 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Assistant de réparation logicielle.lnk
[2013/10/28 21:16:01 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Connexion facile à Internet.lnk
[2013/10/28 21:14:17 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System\hpsysdrv.DAT
[2013/10/28 20:24:50 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/10/28 20:24:50 | 000,000,707 | ---- | C] () -- C:\WINDOWS\_default.pif
[2013/10/28 20:24:44 | 000,039,340 | ---- | C] () -- C:\WINDOWS\wmprfFRA.prx
[2013/10/28 20:24:41 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/10/28 20:24:37 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\win87em.dll
[2013/10/28 20:24:34 | 001,095,680 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.nld
[2013/10/28 20:24:34 | 000,937,984 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.sve
[2013/10/28 20:24:34 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\wdl.trm
[2013/10/28 20:24:33 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.deu
[2013/10/28 20:24:33 | 000,957,440 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.enu
[2013/10/28 20:24:33 | 000,867,840 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.ita
[2013/10/28 20:24:33 | 000,786,944 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.fra
[2013/10/28 20:24:33 | 000,750,080 | ---- | C] () -- C:\WINDOWS\System32\wbdbase.esn
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.sve
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.nld
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.ita
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.fra
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.esn
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.enu
[2013/10/28 20:24:33 | 000,065,489 | ---- | C] () -- C:\WINDOWS\System32\wbcache.deu
[2013/10/28 20:24:30 | 000,018,832 | ---- | C] () -- C:\WINDOWS\System32\v7vga.rom
[2013/10/28 20:24:30 | 000,001,263 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/10/28 20:24:27 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tsd32.dll
[2013/10/28 20:24:22 | 000,003,577 | ---- | C] () -- C:\WINDOWS\System32\sysprtj.sep
[2013/10/28 20:24:22 | 000,003,214 | ---- | C] () -- C:\WINDOWS\System32\sysprint.sep
[2013/10/28 20:24:19 | 000,049,345 | ---- | C] () -- C:\WINDOWS\System32\sqlsodbc.chm
[2013/10/28 20:24:19 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/10/28 20:24:05 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\share.exe
[2013/10/28 20:24:04 | 000,033,075 | ---- | C] () -- C:\WINDOWS\System32\services.msc
[2013/10/28 20:24:01 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/10/28 20:24:01 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/10/28 20:24:00 | 000,003,271 | ---- | C] () -- C:\WINDOWS\System32\rsaci.rat
[2013/10/28 20:23:58 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/10/28 20:23:56 | 000,003,862 | ---- | C] () -- C:\WINDOWS\System32\pubprn.vbs
[2013/10/28 20:23:56 | 000,003,862 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pubprn.vbs
[2013/10/28 20:23:56 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\pscript.sep
[2013/10/28 20:23:49 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2013/10/28 20:23:49 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013/10/28 20:23:49 | 000,057,862 | R--- | C] () -- C:\WINDOWS\System32\perfmon.msc
[2013/10/28 20:23:49 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2013/10/28 20:23:49 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013/10/28 20:23:48 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\pcl.sep
[2013/10/28 20:23:37 | 000,032,590 | ---- | C] () -- C:\WINDOWS\System32\ntmsoprq.msc
[2013/10/28 20:23:37 | 000,025,901 | ---- | C] () -- C:\WINDOWS\System32\ntmsmgr.msc
[2013/10/28 20:23:36 | 000,048,794 | ---- | C] () -- C:\WINDOWS\System32\ntimage.gif
[2013/10/28 20:23:36 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos411.sys
[2013/10/28 20:23:36 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos412.sys
[2013/10/28 20:23:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos804.sys
[2013/10/28 20:23:36 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos404.sys
[2013/10/28 20:23:36 | 000,027,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ntdos.sys
[2013/10/28 20:23:35 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/10/28 20:23:34 | 000,149,848 | ---- | C] () -- C:\WINDOWS\System32\noise.deu
[2013/10/28 20:23:34 | 000,049,196 | ---- | C] () -- C:\WINDOWS\System32\noise.fra
[2013/10/28 20:23:34 | 000,019,684 | ---- | C] () -- C:\WINDOWS\System32\noise.esn
[2013/10/28 20:23:34 | 000,019,618 | ---- | C] () -- C:\WINDOWS\System32\noise.ita
[2013/10/28 20:23:34 | 000,013,730 | ---- | C] () -- C:\WINDOWS\System32\noise.sve
[2013/10/28 20:23:34 | 000,013,256 | ---- | C] () -- C:\WINDOWS\System32\noise.nld
[2013/10/28 20:23:34 | 000,007,116 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nlsfunc.exe
[2013/10/28 20:23:34 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013/10/28 20:23:34 | 000,000,697 | ---- | C] () -- C:\WINDOWS\System32\noise.tha
[2013/10/28 20:23:33 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/10/28 20:23:29 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/10/28 20:23:12 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mscdexnt.exe
[2013/10/28 20:23:07 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013/10/28 20:23:07 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mlang.dat
[2013/10/28 20:23:06 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013/10/28 20:23:04 | 000,039,434 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mem.exe
[2013/10/28 20:23:02 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/10/28 20:23:02 | 000,041,847 | ---- | C] () -- C:\WINDOWS\System32\lusrmgr.msc
[2013/10/28 20:23:02 | 000,024,124 | ---- | C] () -- C:\WINDOWS\System32\dllcache\marlett.ttf
[2013/10/28 20:23:01 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/10/28 20:22:18 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\dllcache\key01.sys
[2013/10/28 20:22:12 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/10/28 20:22:10 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/10/28 20:22:09 | 000,004,912 | ---- | C] () -- C:\WINDOWS\System32\dllcache\himem.sys
[2013/10/28 20:22:07 | 000,021,232 | ---- | C] () -- C:\WINDOWS\System32\graphics.pro
[2013/10/28 20:22:06 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\gm.dls
[2013/10/28 20:22:06 | 003,440,660 | ---- | C] () -- C:\WINDOWS\System32\dllcache\gm.dls
[2013/10/28 20:22:04 | 000,152,844 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framdit.ttf
[2013/10/28 20:22:04 | 000,135,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\framd.ttf
[2013/10/28 20:22:04 | 000,032,409 | ---- | C] () -- C:\WINDOWS\System32\fsmgmt.msc
[2013/10/28 20:22:02 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fastopen.exe
[2013/10/28 20:22:02 | 000,000,080 | ---- | C] () -- C:\WINDOWS\explorer.scf
[2013/10/28 20:22:01 | 000,056,286 | ---- | C] () -- C:\WINDOWS\System32\eventvwr.msc
[2013/10/28 20:22:01 | 000,008,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\exe2bin.exe
[2013/10/28 20:22:01 | 000,006,708 | ---- | C] () -- C:\WINDOWS\System32\esentprf.hxx
[2013/10/28 20:22:00 | 000,127,213 | ---- | C] () -- C:\WINDOWS\System32\ega.cpi
[2013/10/28 20:22:00 | 000,013,010 | ---- | C] () -- C:\WINDOWS\System32\dllcache\edlin.exe
[2013/10/28 20:21:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013/10/28 20:21:10 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\dsound.vxd
[2013/10/28 20:20:41 | 000,033,311 | ---- | C] () -- C:\WINDOWS\System32\diskmgmt.msc
[2013/10/28 20:20:39 | 000,041,131 | ---- | C] () -- C:\WINDOWS\System32\dfrg.msc
[2013/10/28 20:20:39 | 000,032,738 | ---- | C] () -- C:\WINDOWS\System32\devmgmt.msc
[2013/10/28 20:20:39 | 000,021,162 | ---- | C] () -- C:\WINDOWS\System32\dllcache\debug.exe
[2013/10/28 20:20:35 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\country.sys
[2013/10/28 20:20:33 | 000,037,357 | ---- | C] () -- C:\WINDOWS\System32\compmgmt.msc
[2013/10/28 20:20:28 | 000,082,944 | ---- | C] () -- C:\WINDOWS\clock.avi
[2013/10/28 20:20:28 | 000,061,126 | ---- | C] () -- C:\WINDOWS\System32\cliconf.chm
[2013/10/28 20:20:28 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\cmos.ram
[2013/10/28 20:20:27 | 000,041,990 | ---- | C] () -- C:\WINDOWS\System32\certmgr.msc
[2013/10/28 20:20:27 | 000,041,461 | ---- | C] () -- C:\WINDOWS\System32\ciadv.msc
[2013/10/28 20:20:24 | 000,028,420 | ---- | C] () -- C:\WINDOWS\System32\bios1.rom
[2013/10/28 20:20:24 | 000,008,191 | ---- | C] () -- C:\WINDOWS\System32\bios4.rom
[2013/10/28 20:13:05 | 000,012,642 | ---- | C] () -- C:\WINDOWS\System32\dllcache\append.exe
[2013/10/28 20:13:05 | 000,009,037 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ansi.sys
[2013/10/28 20:13:03 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520850.cpx
[2013/10/28 20:13:03 | 000,002,233 | ---- | C] () -- C:\WINDOWS\System32\12520850.cpx
[2013/10/28 20:13:03 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\12520437.cpx
[2013/10/28 20:13:03 | 000,002,151 | ---- | C] () -- C:\WINDOWS\System32\12520437.cpx
 
========== ZeroAccess Check ==========
 
[2005/01/02 01:38:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:33:42 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2008/04/13 19:33:26 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:33:50 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/10/28 21:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/10/30 11:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Licenses
[2013/10/30 11:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Simply Super Software
[2005/01/02 02:15:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2008/04/13 19:33:54 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 19:33:52 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 19:33:40 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 19:33:22 | 000,077,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/13 19:33:22 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 19:33:24 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 19:33:24 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/04/13 19:34:22 | 000,109,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/13 19:33:24 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 19:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/13 19:33:50 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/13 19:34:08 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 19:33:24 | 000,024,576 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 19:34:02 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 19:34:02 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 19:33:36 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 19:33:34 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/04/13 19:34:22 | 000,109,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2008/04/13 19:34:24 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 19:33:40 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 19:33:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 19:33:40 | 000,399,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/13 19:33:38 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 19:33:42 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 19:34:10 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 19:33:52 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 19:33:48 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2008/04/13 19:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/13 19:33:48 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 19:33:42 | 000,194,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 19:33:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 19:33:48 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 19:33:48 | 000,297,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 19:33:42 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/13 19:34:28 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 19:33:20 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 19:33:28 | 000,332,800 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 19:33:50 | 000,334,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 19:34:14 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 19:33:50 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
No service found with a name of Wmi
SRV - [2008/04/13 19:33:24 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 19:33:54 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 19:33:50 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2004/08/05 19:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\explorer.exe
[2008/04/13 19:34:04 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
 
< MD5 for: SERVICES  >
[2004/08/05 19:00:00 | 000,007,445 | ---- | M] () MD5=BFD730E6D9FA130C5063D4065B33520D -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES._  >
[2004/08/05 04:00:00 | 000,002,121 | ---- | M] () MD5=A1DB7070915025C9180823D904E1F6A6 -- C:\WINDOWS\I386\SERVICES._
 
< MD5 for: SERVICES.CNF  >
[2013/10/30 00:08:53 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Documents and Settings\HP_Propriétaire\Mes documents\backup Toshiba\Documents\KIRA\site internet\_vti_pvt\services.cnf
 
< MD5 for: SERVICES.EX_  >
[2004/08/05 04:00:00 | 000,050,051 | ---- | M] () MD5=2DC392BA68141EA14FCF7AC014E9F059 -- C:\WINDOWS\I386\SERVICES.EX_
 
< MD5 for: SERVICES.EXE  >
[2009/02/09 10:53:11 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=51A24094F076961A7FF73E5F7E991D68 -- C:\WINDOWS\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2QFE\services.exe
[2008/04/13 19:34:22 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\erdnt\cache\services.exe
[2008/04/13 19:34:22 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2008/04/13 19:34:22 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=54CB50058851D95E56EC70D09F70857F -- C:\WINDOWS\system32\services.exe
[2009/02/09 12:16:53 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=62789101F9C2401ED598AA2CDE7450C0 -- C:\WINDOWS\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3QFE\services.exe
[2004/08/05 19:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=732E0B1ABAACE15D80EC19056B0A2AF9 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009/02/09 11:08:26 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9D6BF82FE50D55F20F8E10E0F6653886 -- C:\WINDOWS\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP2GDR\services.exe
[2009/02/09 12:23:48 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C3FB1D70CB88722267949694BA51759E -- C:\WINDOWS\SoftwareDistribution\Download\284fbcf1e8e0b40c0953d6b85a551eae\SP3GDR\services.exe
 
< MD5 for: SERVICES.LNK  >
[2004/11/23 22:21:58 | 000,001,602 | ---- | M] () MD5=EDDC918DE400B03D155516B088E9DF80 -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration\Services.lnk
 
< MD5 for: SERVICES.MS_  >
[2004/08/05 04:00:00 | 000,003,641 | ---- | M] () MD5=1E2C9130CD22F59F15082EB8132D3288 -- C:\WINDOWS\I386\SERVICES.MS_
 
< MD5 for: SERVICES.MSC  >
[2004/08/05 04:00:00 | 000,033,075 | ---- | M] () MD5=BB3F5C8084B5AA6A6DF7AB4822EF7BA6 -- C:\WINDOWS\system32\services.msc
 
< MD5 for: SVCHOST.EXE  >
[2004/08/05 19:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=1BD6C2F707A275CB7C16FD99FE0F31CA -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/13 19:34:24 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=E4BDF223CD75478BF44567B4D5C2634D -- C:\WINDOWS\system32\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2004/08/05 19:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 19:34:28 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004/08/05 19:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:34:30 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WINSOCK.DL_  >
[2004/08/05 04:00:00 | 000,001,516 | ---- | M] () MD5=1F5F755D7626F52EF6EA53A0071A78BF -- C:\WINDOWS\I386\WINSOCK.DL_
 
< MD5 for: WINSOCK.DLL  >
[2004/08/05 04:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\dllcache\winsock.dll
[2004/08/05 04:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\WINDOWS\system32\winsock.dll

< End of report >



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:20 AM

Posted 04 November 2013 - 08:32 AM

Nothing suspicious found on the log.

Question, after reinstalling the Operating system did you check for any Windows Updates that could be missing.

If not please do and let me know if you get any error message.
===

Please download JavaRa

If you get this message:
Problems with the download? Please use this direct link or try another mirror.

Select the Direct link download unzip it to your Desktop.

Double click JavaRa.exe then click Remove Older Versions.
In Vista and Windows 7 right click the JavaRa.exe and select run as Administrator.

Follow any prompts; a log will popup (JavaRa.log)-- please post the contents of this log.
===

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users