Aller au contenu

[RESOLU] Microsoft Update


patrickng9

Publications recommandées

Salut,

Depuis qu'il y a un virus sur mon ordi (je l'ai deja enlever mais je doute qu'il y a encore des problemes a cause de ca), je ne peux plus aller sur Microsoft Update

La message dit:

Google

Error

Not Found

The requested URL /microsoftupdate was not found on this server.

De plus, mon firewall est desactiver chaque fois que je ouvre mon ordi et que je ne peux plus ouvrir mon anti-spyware Spybot Search & Destroy pour scanner mon ordi. (Je clique mais ca ne fait rien)

Pourquoi?

Connaissez-vous un bon anti-spyware gratuit? (J'en ai besoin un meilleur)

Ah et en passant, jai aussi cette probleme: s-7-8-38-100028030-100023459-100016285-3731.com

Je clique sur mes disques durs pis ca apparait le message erreur.

Lien vers le commentaire
Partager sur d'autres sites

Salut,

Nous allons regarder cela :

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.

Lien vers le commentaire
Partager sur d'autres sites

Ah et en passant, jai aussi cette probleme: s-7-8-38-100028030-100023459-100016285-3731.com

Je clique sur mes disques durs pis ca apparait le message erreur.

-----------------Voici les fichier texte-------------------------

Logfile of random's system information tool 1.05 (written by random/random)

Run by Patrick at 2009-02-22 19:10:12

Microsoft Windows XP Professional Service Pack 3

System drive C: has 31 GB (80%) free of 38 GB

Total RAM: 1015 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 7:10:34 PM, on 2/22/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe

C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Patrick\Local Settings\Temporary Internet Files\Content.IE5\CPE2FETO\RSIT[1].exe

C:\Program Files\trend micro\Patrick.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [D-Link RangeBooster G WDA-2320] C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234160922453

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1234160873796

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A6DF6C0-5872-42D2-B81E-47D6F380B50C}: NameServer = 85.255.112.39,85.255.112.40

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--

End of file - 6612 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-03-24 53408]

"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-06-15 124656]

"D-Link RangeBooster G WDA-2320"=C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe [2007-08-29 1662976]

"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]

"LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-07-19 221184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

"PowerBar"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

C:\WINDOWS\system32\igfxtray.exe [2007-01-13 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]

C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]

C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VistaDrive]

C:\WINDOWS\VistaDrive\VistaDrive.exe [2006-10-05 280779]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]

C:\PROGRA~1\MICROS~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2007-01-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

C:\WINDOWS\system32\NavLogon.dll [2006-06-15 43760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-01-17 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"ForceClassicControlPanel"=1

"NoSMConfigurePrograms"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-02-22 19:10:12 ----D---- C:\rsit

2009-02-22 19:10:12 ----D---- C:\Program Files\trend micro

2009-02-22 12:50:44 ----A---- C:\WINDOWS\system32\msln.exe

2009-02-15 19:24:33 ----D---- C:\WINDOWS\Drivers

2009-02-15 13:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2009-02-15 13:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2009-02-15 13:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$

2009-02-13 14:43:31 ----A---- C:\WINDOWS\OEWABLog.txt

2009-02-13 14:43:06 ----D---- C:\Program Files\xerox

2009-02-13 14:43:04 ----D---- C:\WINDOWS\system32\xircom

2009-02-13 14:43:04 ----D---- C:\WINDOWS\system32\npp

2009-02-13 14:43:04 ----D---- C:\WINDOWS\srchasst

2009-02-13 14:43:04 ----D---- C:\Program Files\netmeeting

2009-02-13 14:43:04 ----D---- C:\Program Files\msn gaming zone

2009-02-13 14:43:04 ----D---- C:\Program Files\Common Files\speechengines

2009-02-13 14:43:03 ----D---- C:\Program Files\microsoft frontpage

2009-02-13 14:42:29 ----D---- C:\WINDOWS\Prefetch

2009-02-13 14:40:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

2009-02-13 14:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2009-02-13 14:40:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2009-02-13 14:40:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$

2009-02-13 14:40:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2009-02-13 14:40:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2009-02-13 14:39:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2009-02-13 14:39:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$

2009-02-13 14:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$

2009-02-13 14:39:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2009-02-13 14:39:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2009-02-13 14:39:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2009-02-13 14:39:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$

2009-02-13 14:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2009-02-13 14:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2009-02-13 14:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2009-02-13 14:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2009-02-13 14:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

2009-02-13 14:36:20 ----A---- C:\WINDOWS\setuplog.txt

2009-02-13 14:35:26 ----D---- C:\Program Files\Messenger

2009-02-13 14:35:05 ----D---- C:\WINDOWS\system32\scripting

2009-02-13 14:35:03 ----D---- C:\WINDOWS\system32\bits

2009-02-13 14:35:03 ----D---- C:\Program Files\msn

2009-02-13 14:35:02 ----D---- C:\Program Files\movie maker

2009-02-13 14:32:29 ----D---- C:\WINDOWS\ServicePackFiles

2009-02-13 14:26:59 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2009-02-13 14:26:57 ----D---- C:\WINDOWS\EHome

2009-02-11 00:38:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$

2009-02-09 01:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

2009-02-09 01:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$

2009-02-09 01:15:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$

2009-02-09 01:15:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$

2009-02-09 01:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$

2009-02-09 01:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$

2009-02-09 01:14:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$

2009-02-09 01:14:12 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$

2009-02-09 01:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$

2009-02-09 01:13:51 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2009-02-09 01:13:49 ----D---- C:\Program Files\MSXML 6.0

2009-02-09 01:13:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2009-02-09 01:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

2009-02-09 01:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$

2009-02-09 01:13:13 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$

2009-02-09 01:13:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$

2009-02-09 01:13:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2009-02-09 01:12:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$

2009-02-09 01:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$

2009-02-09 01:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$

2009-02-09 01:12:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$

2009-02-09 01:12:03 ----D---- C:\WINDOWS\ie7updates

2009-02-09 01:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$

2009-02-09 01:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$

2009-02-09 01:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$

2009-02-09 01:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$

2009-02-09 01:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2009-02-09 01:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$

2009-02-09 01:11:17 ----D---- C:\Program Files\MSXML 4.0

2009-02-09 01:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$

2009-02-09 01:11:05 ----A---- C:\WINDOWS\imsins.BAK

2009-02-09 01:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$

2009-02-09 00:57:57 ----N---- C:\WINDOWS\system32\wmphoto.dll

2009-02-09 00:57:55 ----N---- C:\WINDOWS\system32\windowscodecsext.dll

2009-02-09 00:57:55 ----N---- C:\WINDOWS\system32\windowscodecs.dll

2009-02-09 00:57:49 ----N---- C:\WINDOWS\system32\tspkg.dll

2009-02-09 00:57:41 ----N---- C:\WINDOWS\system32\spupdwxp.exe

2009-02-09 00:57:40 ----N---- C:\WINDOWS\system32\spnpinst.exe

2009-02-09 00:57:40 ----A---- C:\WINDOWS\system32\spdwnwxp.exe

2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slserv.exe

2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slrundll.exe

2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slgen.dll

2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slextspk.dll

2009-02-09 00:57:39 ----N---- C:\WINDOWS\system32\slcoinst.dll

2009-02-09 00:57:39 ----N---- C:\WINDOWS\slrundll.exe

2009-02-09 00:57:36 ----N---- C:\WINDOWS\system32\setupn.exe

2009-02-09 00:57:31 ----N---- C:\WINDOWS\system32\s3gnb.dll

2009-02-09 00:57:27 ----N---- C:\WINDOWS\system32\rasqec.dll

2009-02-09 00:57:27 ----N---- C:\WINDOWS\system32\qutil.dll

2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qcliprov.dll

2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qagentrt.dll

2009-02-09 00:57:26 ----N---- C:\WINDOWS\system32\qagent.dll

2009-02-09 00:57:25 ----N---- C:\WINDOWS\system32\pnrpnsp.dll

2009-02-09 00:57:25 ----N---- C:\WINDOWS\system32\photometadatahandler.dll

2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2psvc.dll

2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pnetsh.dll

2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pgraph.dll

2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2pgasvc.dll

2009-02-09 00:57:24 ----N---- C:\WINDOWS\system32\p2p.dll

2009-02-09 00:57:23 ----N---- C:\WINDOWS\system32\onex.dll

2009-02-09 00:57:18 ----N---- C:\WINDOWS\system32\nv4_disp.dll

2009-02-09 00:57:14 ----N---- C:\WINDOWS\system32\napstat.exe

2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\napmontr.dll

2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\napipsec.dll

2009-02-09 00:57:13 ----N---- C:\WINDOWS\system32\mtxparhd.dll

2009-02-09 00:57:12 ----N---- C:\WINDOWS\system32\msshavmsg.dll

2009-02-09 00:57:12 ----N---- C:\WINDOWS\system32\mssha.dll

2009-02-09 00:57:01 ----N---- C:\WINDOWS\system32\mdmxsdk.dll

2009-02-09 00:56:56 ----N---- C:\WINDOWS\system32\l2gpstore.dll

2009-02-09 00:56:56 ----N---- C:\WINDOWS\system32\kmsvc.dll

2009-02-09 00:56:49 ----N---- C:\WINDOWS\system32\smtpapi.dll

2009-02-09 00:56:49 ----N---- C:\WINDOWS\system32\rwnh.dll

2009-02-09 00:56:47 ----N---- C:\WINDOWS\system32\comsdupd.exe

2009-02-09 00:56:44 ----N---- C:\WINDOWS\system32\hsfcisp2.dll

2009-02-09 00:56:40 ----N---- C:\WINDOWS\system32\faxpatch.exe

2009-02-09 00:56:40 ----A---- C:\WINDOWS\002640_.tmp

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapsvc.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapqec.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappprxy.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapphost.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappgnui.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eappcfg.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapp3hst.dll

2009-02-09 00:56:38 ----N---- C:\WINDOWS\system32\eapolqec.dll

2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3ui.dll

2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3svc.dll

2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3msm.dll

2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll

2009-02-09 00:56:37 ----N---- C:\WINDOWS\system32\dot3dlg.dll

2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dot3cfg.dll

2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dot3api.dll

2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dimsroam.dll

2009-02-09 00:56:36 ----N---- C:\WINDOWS\system32\dimsntfy.dll

2009-02-09 00:56:35 ----N---- C:\WINDOWS\system32\dhcpqec.dll

2009-02-09 00:56:32 ----N---- C:\WINDOWS\system32\credssp.dll

2009-02-09 00:56:29 ----N---- C:\WINDOWS\system32\bitsprx4.dll

2009-02-09 00:56:29 ----N---- C:\WINDOWS\system32\azroles.dll

2009-02-09 00:56:28 ----N---- C:\WINDOWS\system32\ativvaxx.dll

2009-02-09 00:56:28 ----N---- C:\WINDOWS\system32\ativtmxx.dll

2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati3duag.dll

2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati3d1ag.dll

2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2dvag.dll

2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2dvaa.dll

2009-02-09 00:56:27 ----N---- C:\WINDOWS\system32\ati2cqag.dll

2009-02-09 00:47:43 ----N---- C:\WINDOWS\system32\tzchange.exe

2009-02-09 00:35:12 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2009-02-09 00:35:12 ----A---- C:\WINDOWS\system32\mucltui.dll

2009-02-09 00:30:37 ----A---- C:\WINDOWS\system32\wucltui.dll.mui

2009-02-09 00:30:37 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui

2009-02-09 00:30:36 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2009-02-09 00:30:36 ----A---- C:\WINDOWS\system32\wuapi.dll.mui

2009-02-08 12:53:01 ----D---- C:\Program Files\Spybot - Search & Destroy

2009-02-08 12:53:01 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2009-02-07 14:02:09 ----D---- C:\Program Files\CCleaner

2009-02-06 23:28:39 ----D---- C:\Program Files\WinDirStat

2009-02-06 21:59:28 ----D---- C:\Program Files\Microsoft

2009-02-06 21:59:16 ----D---- C:\Program Files\Windows Live SkyDrive

2009-02-06 21:59:05 ----D---- C:\Program Files\Windows Live

2009-02-06 21:56:10 ----D---- C:\Program Files\Common Files\Windows Live

2009-02-06 17:25:27 ----D---- C:\WINDOWS\system32\ReinstallBackups

2009-02-06 17:08:55 ----D---- C:\Documents and Settings\Patrick\Application Data\Mozilla

2009-02-06 17:07:15 ----A---- C:\WINDOWS\NeroDigital.ini

2009-02-06 17:07:13 ----D---- C:\Documents and Settings\Patrick\Application Data\CyberLink

2009-02-06 16:52:43 ----D---- C:\Documents and Settings\Patrick\Application Data\Macromedia

2009-02-06 16:49:27 ----D---- C:\Documents and Settings\Patrick\Application Data\Adobe

2009-02-06 16:49:11 ----D---- C:\Documents and Settings\Patrick\Application Data\Identities

2009-02-06 16:49:00 ----ASH---- C:\Documents and Settings\Patrick\Application Data\desktop.ini

2009-02-06 16:48:59 ----SD---- C:\Documents and Settings\Patrick\Application Data\Microsoft

2009-02-06 16:05:03 ----D---- C:\WINDOWS\system32\LogFiles

2009-02-06 15:52:22 ----A---- C:\WINDOWS\system32\vfwwdm32.dll

2009-02-06 15:52:22 ----A---- C:\WINDOWS\system32\ksuser.dll

2009-02-06 07:39:08 ----A---- C:\WINDOWS\unvise32.exe

2009-02-06 07:37:43 ----D---- C:\temp

2009-02-06 01:56:06 ----D---- C:\WINDOWS\cache

2009-02-06 01:33:07 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!

2009-02-06 01:33:05 ----D---- C:\Program Files\Yahoo!

2009-02-06 01:29:45 ----RA---- C:\WINDOWS\system32\InstMed.exe

2009-02-06 01:29:42 ----A---- C:\WINDOWS\system32\lvcoinst.ini

2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\LVUI2RC.dll

2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\LVUI2.dll

2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\lvcoinst.dll

2009-02-06 01:29:41 ----A---- C:\WINDOWS\system32\lvcodec2.dll

2009-02-06 01:29:38 ----D---- C:\Program Files\Common Files\Logitech

2009-02-06 01:29:35 ----A---- C:\WINDOWS\system32\Lvkrn12n.dll

2009-02-06 01:29:35 ----A---- C:\WINDOWS\system32\LCamCpl.dll

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL

2009-02-06 01:29:34 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\QCUI2.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\Ltwvc12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltkrn12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltimg12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltfil12n.DLL

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\ltefx12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\LTDIS12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lftif12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lffax12n.dll

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\LFCMP12n.DLL

2009-02-06 01:29:33 ----A---- C:\WINDOWS\system32\lfbmp12n.dll

2009-02-06 01:29:32 ----A---- C:\WINDOWS\system32\LQCUI2.dll

2009-02-06 01:29:02 ----D---- C:\Program Files\Logitech

2009-02-06 01:11:29 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink

2009-02-06 01:09:34 ----D---- C:\WINDOWS\pss

2009-02-06 00:52:31 ----A---- C:\WINDOWS\IDMan.INI

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\wnicapi.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\WlanApp.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\odSupp_M.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\JJAKEn.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\AQCKGen.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\ANIWZCS2.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\ANICtl.dll

2009-02-06 00:41:04 ----A---- C:\WINDOWS\system32\aIPH.dll

2009-02-06 00:40:52 ----D---- C:\Program Files\ANI

2009-02-06 00:40:52 ----A---- C:\WINDOWS\system32\ANIOApi.dll

2009-02-06 00:40:46 ----D---- C:\Program Files\D-Link

2009-02-06 00:40:46 ----A---- C:\WINDOWS\system32\jswscsup.dll

2009-02-06 00:40:46 ----A---- C:\WINDOWS\system32\DWLInst.dll

2009-02-06 00:40:10 ----D---- C:\dlink

2009-02-05 14:34:34 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL

2009-02-05 14:34:29 ----D---- C:\Program Files\Symantec

2009-02-05 14:34:29 ----A---- C:\WINDOWS\system32\capicom.dll

2009-02-05 14:34:25 ----D---- C:\Program Files\Symantec AntiVirus

2009-02-05 14:34:25 ----D---- C:\Program Files\Common Files\Symantec Shared

2009-02-05 14:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec

2009-02-05 14:33:42 ----D---- C:\Program Files\WinZip

2009-02-05 14:29:15 ----SHD---- C:\RECYCLER

2009-02-05 14:29:07 ----A---- C:\WINDOWS\system32\igfxres.dll

2009-02-05 14:24:47 ----D---- C:\AUD

2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igxprd32.dll

2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxtray.exe

2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxpers.exe

2009-02-05 14:24:00 ----A---- C:\WINDOWS\system32\igfxexps.dll

2009-02-05 14:23:59 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpgd32.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpdx32.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igxpdv32.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\iglicd32.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igldev32.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxzoom.exe

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxsrvc.exe

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxsrvc.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxress.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxpph.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxext.exe

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxdo.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxdev.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxCoIn_v4764.dll

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\igfxcfg.exe

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\hkcmd.exe

2009-02-05 14:23:59 ----A---- C:\WINDOWS\system32\hccutils.dll

2009-02-05 14:23:58 ----D---- C:\WINDOWS\system32\Lang

2009-02-05 14:23:58 ----A---- C:\WINDOWS\system32\igxpun.exe

2009-02-05 14:23:58 ----A---- C:\WINDOWS\system32\difxapi.dll

2009-02-05 14:23:55 ----D---- C:\Intel

2009-02-05 14:14:27 ----D---- C:\WINDOWS\Profiles

2009-02-05 14:14:25 ----D---- C:\WINDOWS\system32\Adobe

2009-02-05 14:14:25 ----D---- C:\Program Files\Common Files\Adobe

2009-02-05 14:14:25 ----D---- C:\Program Files\Adobe

2009-02-05 14:14:09 ----A---- C:\WINDOWS\IsUninst.exe

2009-02-05 14:13:15 ----N---- C:\WINDOWS\system32\TwnLib4.dll

2009-02-05 14:13:15 ----A---- C:\WINDOWS\system32\TwnLib20.dll

2009-02-05 14:13:13 ----N---- C:\WINDOWS\system32\ImagXRA7.dll

2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagXR7.dll

2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagXpr7.dll

2009-02-05 14:13:12 ----N---- C:\WINDOWS\system32\ImagX7.dll

2009-02-05 14:13:12 ----A---- C:\WINDOWS\system32\NeroCheck.exe

2009-02-05 14:13:09 ----D---- C:\Program Files\Common Files\Ahead

2009-02-05 14:13:08 ----D---- C:\Program Files\Ahead

2009-02-05 14:12:52 ----D---- C:\Program Files\CyberLink

2009-02-05 14:12:43 ----HD---- C:\Program Files\InstallShield Installation Information

2009-02-05 14:12:43 ----D---- C:\Program Files\CyberLink DVD Solution

2009-02-05 14:12:43 ----A---- C:\Program Files\Uninstall_CDS.exe

2009-02-05 14:12:25 ----D---- C:\Program Files\Common Files\InstallShield

2009-02-05 14:09:28 ----A---- C:\WINDOWS\ODBC.INI

2009-02-05 14:09:03 ----D---- C:\Program Files\Microsoft ActiveSync

2009-02-05 14:08:56 ----D---- C:\Program Files\Common Files\Designer

2009-02-05 14:08:38 ----D---- C:\WINDOWS\ShellNew

2009-02-05 14:08:32 ----D---- C:\Program Files\Microsoft Office

2009-02-05 13:38:23 ----A---- C:\WINDOWS\SMWizard.INI

2009-02-05 13:37:09 ----HD---- C:\Program Files\Uninstall Information

2009-02-05 13:36:51 ----SD---- C:\WINDOWS\system32\Microsoft

2009-02-05 13:36:51 ----A---- C:\WINDOWS\SchedLgU.Txt

2009-02-05 13:34:17 ----D---- C:\WINDOWS\WBEM

2009-02-05 13:34:14 ----D---- C:\WINDOWS\Offline Web Pages

2009-02-05 13:33:46 ----HDC---- C:\WINDOWS\ie7

2009-02-05 13:33:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$

2009-02-05 13:33:30 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2009-02-05 13:33:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$

2009-02-05 13:33:22 ----N---- C:\WINDOWS\system32\spmsg.dll

2009-02-05 13:33:21 ----HD---- C:\WINDOWS\$hf_mig$

2009-02-05 13:33:15 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2009-02-05 13:33:13 ----N---- C:\WINDOWS\system32\ieframe.dll.mui

2009-02-05 13:33:13 ----N---- C:\WINDOWS\system32\advpack.dll.mui

2009-02-05 13:33:12 ----N---- C:\WINDOWS\system32\ieui.dll

2009-02-05 13:33:12 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2009-02-05 13:33:12 ----A---- C:\WINDOWS\system32\msfeeds.dll

2009-02-05 13:33:11 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe

2009-02-05 13:33:11 ----N---- C:\WINDOWS\system32\msfeedssync.exe

2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieudinit.exe

2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\iertutil.dll

2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieframe.dll

2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2009-02-05 13:33:11 ----A---- C:\WINDOWS\system32\icardie.dll

2009-02-05 13:32:33 ----RSD---- C:\WINDOWS\assembly

2009-02-05 13:32:20 ----D---- C:\WINDOWS\Microsoft.NET

2009-02-05 13:31:50 ----D---- C:\Program Files\Mozilla Firefox

2009-02-05 13:31:43 ----D---- C:\Program Files\WinRAR

2009-02-05 13:31:31 ----A---- C:\WINDOWS\control.ini

2009-02-05 13:31:31 ----A---- C:\AUTOEXEC.BAT

2009-02-05 13:31:18 ----A---- C:\WINDOWS\system32\mapi32.dll

2009-02-05 13:31:16 ----D---- C:\WINDOWS\system32\dllcache

2009-02-05 13:30:26 ----SD---- C:\WINDOWS\Downloaded Program Files

2009-02-05 13:30:26 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2009-02-05 13:30:22 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2009-02-05 13:30:18 ----HD---- C:\Program Files\WindowsUpdate

2009-02-05 13:30:01 ----D---- C:\WINDOWS\system32\DirectX

2009-02-05 13:29:43 ----A---- C:\WINDOWS\system32\atrace.dll

2009-02-05 13:29:41 ----A---- C:\WINDOWS\system32\desktop.ini

2009-02-05 13:29:41 ----A---- C:\WINDOWS\desktop.ini

2009-02-05 13:29:34 ----D---- C:\Program Files\Common Files\Services

2009-02-05 13:29:34 ----A---- C:\WINDOWS\system32\acctres.dll

2009-02-05 13:29:31 ----SD---- C:\WINDOWS\Tasks

2009-02-05 13:29:31 ----D---- C:\Program Files\Common Files\MSSoap

2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wucltui.dll

2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wuauserv.dll

2009-02-05 13:29:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wups.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuaueng.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuauclt.exe

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\wuapi.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2009-02-05 13:29:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2009-02-05 13:29:25 ----A---- C:\WINDOWS\system32\qmgr.dll

2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrslv.dll

2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrdm.dll

2009-02-05 13:29:22 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2009-02-05 13:29:21 ----A---- C:\WINDOWS\system32\racpldlg.dll

2009-02-05 13:29:18 ----A---- C:\WINDOWS\system32\fltmc.exe

2009-02-05 13:29:18 ----A---- C:\WINDOWS\system32\fltlib.dll

2009-02-05 13:29:17 ----D---- C:\WINDOWS\system32\Restore

2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srsvc.dll

2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srrstr.dll

2009-02-05 13:29:17 ----A---- C:\WINDOWS\system32\srclient.dll

2009-02-05 13:29:16 ----A---- C:\WINDOWS\system32\msoert2.dll

2009-02-05 13:29:16 ----A---- C:\WINDOWS\system32\msoeacct.dll

2009-02-05 13:29:15 ----A---- C:\WINDOWS\system32\inetres.dll

2009-02-05 13:29:15 ----A---- C:\WINDOWS\system32\inetcomm.dll

2009-02-05 13:29:13 ----D---- C:\Program Files\Outlook Express

2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\schedsvc.dll

2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\mstinit.exe

2009-02-05 13:29:13 ----A---- C:\WINDOWS\system32\mstask.dll

2009-02-05 13:29:09 ----D---- C:\Program Files\Common Files\System

2009-02-05 13:29:08 ----D---- C:\Program Files\Common Files\Microsoft Shared

2009-02-05 13:29:03 ----D---- C:\Program Files\Internet Explorer

2009-02-05 13:28:28 ----D---- C:\Program Files\ComPlus Applications

2009-02-05 13:28:26 ----A---- C:\WINDOWS\vbaddin.ini

2009-02-05 13:28:26 ----A---- C:\WINDOWS\vb.ini

2009-02-05 13:28:22 ----D---- C:\WINDOWS\Registration

2009-02-05 13:28:06 ----D---- C:\Program Files\NotePad++

2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\wul.exe

2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\vcdrom.exe

2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\TweakUI.exe

2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\Timezone.exe.manifest

2009-02-05 13:28:05 ----A---- C:\WINDOWS\system32\TimeZone.exe

2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\pserv2.exe

2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MsiZap.exe

2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\msicuu.exe

2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MS_Auto.exe

2009-02-05 13:28:04 ----A---- C:\WINDOWS\system32\MemTest.exe

2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\latency.exe

2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\Hoster.exe

2009-02-05 13:28:03 ----A---- C:\WINDOWS\system32\cpuz.ini

2009-02-05 13:28:02 ----D---- C:\WINDOWS\system32\cplicons

2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\cpuz.exe

2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\BootVis.exe

2009-02-05 13:28:02 ----A---- C:\WINDOWS\system32\BootSafe.exe

2009-02-05 13:27:55 ----D---- C:\Program Files\Windows Media Player

2009-02-05 13:27:55 ----D---- C:\Program Files\Windows Media Connect 2

2009-02-05 13:27:53 ----D---- C:\Program Files\Foxit

2009-02-05 13:27:49 ----D---- C:\WINDOWS\VistaDrive

2009-02-05 13:27:49 ----A---- C:\WINDOWS\system32\write.exe

2009-02-05 13:27:49 ----A---- C:\WINDOWS\system32\sndvol32.exe

2009-02-05 13:27:44 ----A---- C:\WINDOWS\system32\calc.exe

2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\winmine.exe

2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\sol.exe

2009-02-05 13:27:43 ----A---- C:\WINDOWS\system32\mshearts.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tslabels.ini

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tskill.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\tscon.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\shadow.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\reset.exe

2009-02-05 13:27:42 ----A---- C:\WINDOWS\system32\freecell.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\rwinsta.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\regini.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\qwinsta.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\qappsrv.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\msg.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\logoff.exe

2009-02-05 13:27:41 ----A---- C:\WINDOWS\system32\cdmodem.dll

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxex.dll

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\mtxdm.dll

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\comrepl.dll

2009-02-05 13:27:40 ----A---- C:\WINDOWS\system32\comaddin.dll

2009-02-05 13:27:39 ----A---- C:\WINDOWS\system32\stclient.dll

2009-02-05 13:27:39 ----A---- C:\WINDOWS\system32\comsnap.dll

2009-02-05 13:27:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2009-02-05 13:27:34 ----D---- C:\Program Files\Windows NT

2009-02-05 13:27:34 ----A---- C:\WINDOWS\system32\mspaint.exe

2009-02-05 13:27:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2009-02-05 13:27:33 ----A---- C:\WINDOWS\system32\spider.exe

2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\remotepg.dll

2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\rdshost.exe

2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\mstscax.dll

2009-02-05 13:27:32 ----A---- C:\WINDOWS\system32\mstsc.exe

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\tscupgrd.exe

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\termsrv.dll

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\sessmgr.exe

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdpclip.exe

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\rdchost.dll

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\qprocess.exe

2009-02-05 13:27:31 ----A---- C:\WINDOWS\system32\icaapi.dll

2009-02-05 13:27:30 ----D---- C:\WINDOWS\system32\MsDtc

2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\mtxoci.dll

2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtctm.dll

2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2009-02-05 13:27:30 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\xolehlp.dll

2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\msdtclog.dll

2009-02-05 13:27:29 ----A---- C:\WINDOWS\system32\msdtc.exe

2009-02-05 13:27:28 ----D---- C:\WINDOWS\system32\Com

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\comsvcs.dll

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\colbact.dll

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\clbcatex.dll

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrvut.dll

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrvps.dll

2009-02-05 13:27:28 ----A---- C:\WINDOWS\system32\catsrv.dll

2009-02-05 13:27:27 ----A---- C:\WINDOWS\system32\comuid.dll

2009-02-05 13:27:27 ----A---- C:\WINDOWS\system32\clbcatq.dll

2009-02-05 13:27:22 ----A---- C:\WINDOWS\system32\servdeps.dll

2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\mmfutil.dll

2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\licwmi.dll

2009-02-05 13:27:21 ----A---- C:\WINDOWS\system32\cmprops.dll

2009-02-05 07:26:34 ----A---- C:\WINDOWS\system32\h323log.txt

2009-02-05 07:26:11 ----A---- C:\WINDOWS\system32\hidserv.dll

2009-02-05 07:24:59 ----A---- C:\WINDOWS\system32\usbui.dll

2009-02-05 07:23:33 ----SHD---- C:\WINDOWS\Installer

2009-02-05 07:23:33 ----D---- C:\Program Files\Common Files\ODBC

2009-02-05 07:23:33 ----D---- C:\Program Files\Common Files

2009-02-05 07:23:33 ----D---- C:\Program Files

2009-02-05 07:23:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2009-02-05 07:23:33 ----A---- C:\WINDOWS\ODBCINST.INI

2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2009-02-05 07:23:29 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdur.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2009-02-05 07:23:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdru.dll

2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2009-02-05 07:23:26 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2009-02-05 07:23:25 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2009-02-05 07:23:24 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2009-02-05 07:23:23 ----RA---- C:\WINDOWS\system32\kbdest.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdro.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2009-02-05 07:23:21 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2009-02-05 07:23:15 ----A---- C:\WINDOWS\system32\irclass.dll

2009-02-05 07:23:13 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2009-02-05 07:23:13 ----A---- C:\WINDOWS\TASKMAN.EXE

2009-02-05 07:23:13 ----A---- C:\WINDOWS\system32\batt.dll

2009-02-05 07:23:12 ----A---- C:\WINDOWS\system32\storprop.dll

2009-02-05 07:23:12 ----A---- C:\WINDOWS\notepad.exe

2009-02-05 07:23:03 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2009-02-05 07:22:34 ----RA---- C:\WINDOWS\SET7.tmp

2009-02-05 07:22:32 ----RA---- C:\WINDOWS\SET4.tmp

2009-02-05 07:22:31 ----RA---- C:\WINDOWS\SET3.tmp

2009-02-05 07:22:27 ----D---- C:\WINDOWS\system32\CatRoot2

2009-02-05 07:22:27 ----D---- C:\WINDOWS\system32\CatRoot

2009-02-05 07:22:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2009-02-05 07:21:55 ----D---- C:\Documents and Settings

2009-02-05 07:21:54 ----SHD---- C:\System Volume Information

2009-02-05 07:20:14 ----SH---- C:\boot.ini

2009-02-05 07:16:43 ----RSD---- C:\WINDOWS\Fonts

2009-02-05 07:16:43 ----D---- C:\WINDOWS\WinSxS

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Web

2009-02-05 07:16:43 ----D---- C:\WINDOWS\twain_32

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Temp

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\wins

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\wbem

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\usmt

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\spool

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ShellExt

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\Setup

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ras

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\PreInstall

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\oobe

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\mui

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\Macromed

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\inetsrv

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\IME

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\icsxml

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\ias

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\export

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\en-us

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\en

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\drivers

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\dhcp

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\config

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\3com_dmi

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\3076

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\2052

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1054

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1042

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1041

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1037

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1033

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1031

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1028

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32\1025

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system32

2009-02-05 07:16:43 ----D---- C:\WINDOWS\system

2009-02-05 07:16:43 ----D---- C:\WINDOWS\SoftwareDistribution

2009-02-05 07:16:43 ----D---- C:\WINDOWS\security

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Resources

2009-02-05 07:16:43 ----D---- C:\WINDOWS\repair

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Provisioning

2009-02-05 07:16:43 ----D---- C:\WINDOWS\PeerNet

2009-02-05 07:16:43 ----D---- C:\WINDOWS\pchealth

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Network Diagnostic

2009-02-05 07:16:43 ----D---- C:\WINDOWS\mui

2009-02-05 07:16:43 ----D---- C:\WINDOWS\msapps

2009-02-05 07:16:43 ----D---- C:\WINDOWS\msagent

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Media

2009-02-05 07:16:43 ----D---- C:\WINDOWS\l2schemas

2009-02-05 07:16:43 ----D---- C:\WINDOWS\java

2009-02-05 07:16:43 ----D---- C:\WINDOWS\inf

2009-02-05 07:16:43 ----D---- C:\WINDOWS\ime

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Help

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Driver Cache

2009-02-05 07:16:43 ----D---- C:\WINDOWS\dell

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Debug

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Cursors

2009-02-05 07:16:43 ----D---- C:\WINDOWS\Config

2009-02-05 07:16:43 ----D---- C:\WINDOWS\AppPatch

2009-02-05 07:16:43 ----D---- C:\WINDOWS\addins

2009-02-05 07:16:43 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-02-07 14:40:14 ----A---- C:\WINDOWS\win.ini

2009-02-06 01:42:25 ----A---- C:\WINDOWS\system.ini

2009-02-03 15:21:14 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []

R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []

R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []

R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-01-24 195776]

R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []

R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-02-20 62336]

R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB); C:\WINDOWS\system32\DRIVERS\A3AB.sys [2007-05-24 547744]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-01-13 5672032]

R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2007-07-25 57376]

R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-05-27 22016]

R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090220.004\naveng.sys []

R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090220.004\navex15.sys []

R3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LVCM.sys [2005-05-27 1317152]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-06-23 266880]

R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []

R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-01-24 24768]

R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 XDva224;XDva224; \??\C:\WINDOWS\system32\XDva224.sys []

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S3 ac97intc;Intel® 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]

S3 EraserUtilDrvI7;EraserUtilDrvI7; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI7.sys []

S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]

S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]

S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-01-17 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-01-17 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-03-24 192160]

R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-03-24 169632]

R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-06-15 31472]

R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]

R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-06-15 1805552]

S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]

S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\D-Link\RangeBooster G WDA-2320\JSWUtil\jswpsapi.exe [2007-08-02 352338]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-02-23 2045632]

S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-06-15 115952]

S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-01-24 214720]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-22 19:10:38

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

ANIO Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}\Setup.exe"

ANIWZCS2 Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4C590030-7469-453E-8589-D15DA9D03F52}\Setup.exe"

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}

CPL All-in-One-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\CPLBonus.inf,CPLuninstall

DVD Solution-->"C:\Program Files\Uninstall_CDS.exe"

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Intel® Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall

LiveUpdate 3.0 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U

Logitech QuickCam Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x9

Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT

Macromedia Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Microsoft .NET Framework 2.0-->MsiExec.exe /X{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}

Multimedia Launcher-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall

Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

NotePad++ 3.6-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\Note.inf,Npaduninstall

PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall

RangeBooster G WDA-2320-->C:\Program Files\InstallShield Installation Information\{A0878C51-B88B-4E4C-9061-F95B98290505}\setup.exe -runfromtemp -l0x0009 -removeonly

Restore System Fonts-->C:\WINDOWS\unvise32.exe c:\uninstal.log

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}

Security Update for Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

Symantec AntiVirus-->MsiExec.exe /I{78D891EF-9E2D-4FC8-A71F-E6F897BA1B21}

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Windows Live Call-->MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}

Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}

Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}

Windows Live Sign-in Assistant-->MsiExec.exe /I{505DF7A3-88D5-4DD6-9AD5-C98C2ED0CEC4}

Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

WinZip-->"C:\Program Files\WinZip\WINZIP32.EXE" /uninstall

Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

======Security center information======

AV: Symantec AntiVirus Corporate Edition

System event log

Computer Name: COMPUTER2007

Event Code: 1003

Message: Your computer was not able to renew its address from the network (from the

DHCP Server) for the Network Card with network address 00142A89321D. The following

error occurred:

The operation was canceled by the user.

.

Your computer will continue to try and obtain an address on its own from

the network address (DHCP) server.

Record Number: 98

Source Name: Dhcp

Time Written: 20090205144455.000000-360

Event Type: warning

User:

Computer Name: COMPUTER2007

Event Code: 4201

Message: The system detected that network adapter \DEVICE\TCPIP_{FD7CD47D-F9D4-4B7B-AD2B-F6A49CD78600} was connected to the network,

and has initiated normal operation over the network adapter.

Record Number: 97

Source Name: Tcpip

Time Written: 20090205144455.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1003

Message: Your computer was not able to renew its address from the network (from the

DHCP Server) for the Network Card with network address 00142A89321D. The following

error occurred:

The operation was canceled by the user.

.

Your computer will continue to try and obtain an address on its own from

the network address (DHCP) server.

Record Number: 96

Source Name: Dhcp

Time Written: 20090205144445.000000-360

Event Type: warning

User:

Computer Name: COMPUTER2007

Event Code: 4201

Message: The system detected that network adapter \DEVICE\TCPIP_{FD7CD47D-F9D4-4B7B-AD2B-F6A49CD78600} was connected to the network,

and has initiated normal operation over the network adapter.

Record Number: 95

Source Name: Tcpip

Time Written: 20090205144445.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1003

Message: Your computer was not able to renew its address from the network (from the

DHCP Server) for the Network Card with network address 00142A89321D. The following

error occurred:

The operation was canceled by the user.

.

Your computer will continue to try and obtain an address on its own from

the network address (DHCP) server.

Record Number: 94

Source Name: Dhcp

Time Written: 20090205144431.000000-360

Event Type: warning

User:

Application event log

Computer Name: COMPUTER2007

Event Code: 1000

Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.

The Record Data contains the new index values assigned

to this service.

Record Number: 5

Source Name: LoadPerf

Time Written: 20090205132817.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1000

Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.

The Record Data contains the new index values assigned

to this service.

Record Number: 4

Source Name: LoadPerf

Time Written: 20090205132815.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1000

Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.

The Record Data contains the new index values assigned

to this service.

Record Number: 3

Source Name: LoadPerf

Time Written: 20090205132711.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1000

Message: Performance counters for the PSched (PSched) service were loaded successfully.

The Record Data contains the new index values assigned

to this service.

Record Number: 2

Source Name: LoadPerf

Time Written: 20090205132654.000000-360

Event Type: information

User:

Computer Name: COMPUTER2007

Event Code: 1000

Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.

The Record Data contains the new index values assigned

to this service.

Record Number: 1

Source Name: LoadPerf

Time Written: 20090205132644.000000-360

Event Type: information

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel

"PROCESSOR_REVISION"=0401

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Lien vers le commentaire
Partager sur d'autres sites

Oui car tu as d'autres infections comme du WareOut :

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A6DF6C0-5872-42D2-B81E-47D6F380B50C}: NameServer = 85.255.112.39,85.255.112.40

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40

J'ai l'habitude de désinfecter donc ne t'inquiète pas pour les rapports bizarres ;)

Lien vers le commentaire
Partager sur d'autres sites

Salut, voici le rapport:

-------------- UsbFix V2.414.3 ---------------

* User : Patrick - LIVINGROOM

* Outils mis a jours le 18/01/2009 par Chiquitine29 et Chimay8

* Recherche effectuée à 9:00:02 le Mon 02/23/2009

* Windows Xp - Internet Explorer 7.0.5730.11

--------------- [ Processus actifs ] ----------------

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\logonui.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\userinit.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

--------------- [ Informations lecteurs ] ----------------

C: - Fixed Drive

D: - Fixed Drive

+- Contenu de l'autorun : C:\autorun.inf

[autorun]

;klettuqwoptxx

shellexecute="RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com c:\"

;ccduquoatfjhocjgnufrekqxylwtphpipyueixawprpcdbhlqrrsymehlmphjqpcivfrwjwycd

shell\Open\command="RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com c:\"

;ruxrrccbukokeinoxxjxzfgwlwogmeqsmeckndkivcfjswdanifwttqhycbkgdhwezxpraokzuv

shell=Open

+- Contenu de l'autorun : D:\autorun.inf

[autorun]

;zljtekblucokgilxkiybtpnkinkalvzxen

shellexecute="RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com d:\"

;mgjkaweydunuzraebvfrkhcnjowgfpprilwyyiasqmqhcttnlanabmiqxovhoztzxtiogkt

shell\Open\command="RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com d:\"

;xbfeyapdqwvciqwkwkwtnjhrmehbzdzbvdsmsuzfwpqyixgajwbdqz

shell=Open

--------------- [ Lecteur C ] ----------------

C: - Fixed Drive

+- Listing des fichiers présents :

[02/06/2009 07:39 AM][--a------] C:\AUTOEXEC.BAT

[08/12/2004 12:00 AM][-rahs----] C:\NTDETECT.COM

[02/06/2009 01:42 AM][---hs----] C:\boot.ini

[02/22/2009 12:25 PM][-r-hs----] C:\autorun.inf

[02/23/2009 09:00 AM][--a------] C:\UsbFix.txt

[02/05/2009 01:31 PM][--a------] C:\CONFIG.SYS

[02/05/2009 01:31 PM][--a------] C:\IO.SYS

[02/05/2009 01:31 PM][--a------] C:\MSDOS.SYS

[02/05/2009 01:31 PM][--a------] C:\pagefile.sys

--------------- [ Lecteur D ] ----------------

D: - Fixed Drive

+- Listing des fichiers présents :

[02/02/2009 06:41 PM][--a------] D:\cabalsetup_us.exe

[02/02/2009 06:41 PM][--a------] D:\registryboosterdriverguide1.exe

[02/02/2009 06:41 PM][--a------] D:\windirstat1_1_2_setup.exe

[02/02/2009 06:41 PM][--a------] D:\yphotos_setup_cf.exe

[02/22/2009 12:25 PM][-r-hs----] D:\autorun.inf

--------------- [ Registre / Startup ] ----------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

PowerBar=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]

ccApp="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

vptray=C:\PROGRA~1\SYMANT~1\VPTray.exe

D-Link RangeBooster G WDA-2320=C:\Program Files\D-Link\RangeBooster G WDA-2320\AirPlusCFG.exe

ANIWZCS2Service=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

LVCOMSX=C:\WINDOWS\system32\LVCOMSX.EXE

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=

Installed=1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=

Installed=1

NoChange=1

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=

Installed=1

--------------- [ Registre / Mountpoint2 ] ----------------

-> Recherche négative.

--------------- [ Nettoyage des disques ] ----------------

C:\autorun.inf ~> fichier appelé : "C:\"RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com c:\"" ( absent ! )

D:\autorun.inf ~> fichier appelé : "D:\"RECYCLER\S-7-8-38-100028030-100023459-100016285-3731.com d:\"" ( absent ! )

Supprimé ! - [02/22/2009 12:25 PM][-r-hs----] C:\autorun.inf

Supprimé ! - [02/22/2009 12:25 PM][-r-hs----] D:\autorun.inf

--------------- [ Resumé ] ----------------

-> /!\ Le resultat doit etre [http://www.virustotal.com/fr/ interprété] par un spécialiste /!\

[02/06/2009 07:39 AM][--a------] C:\AUTOEXEC.BAT

[08/12/2004 12:00 AM][-rahs----] C:\NTDETECT.COM

[02/06/2009 01:42 AM][---hs----] C:\boot.ini

[02/02/2009 06:41 PM][--a------] D:\cabalsetup_us.exe

[02/02/2009 06:41 PM][--a------] D:\registryboosterdriverguide1.exe

[02/02/2009 06:41 PM][--a------] D:\windirstat1_1_2_setup.exe

[02/02/2009 06:41 PM][--a------] D:\yphotos_setup_cf.exe

--------------- [ Vaccination ] ----------------

C:\autorun.inf -> Dossier autorun.inf crée par UsbFix !

D:\autorun.inf -> Dossier autorun.inf crée par UsbFix !

--------------- ! Fin du rapport ! ----------------

Enfin, il n'y a plus le s-7-8-38-100028030-100023459-100016285-3731.com, mais par contre, le site de microsoft update est comme bloquer et mon firewall est turn off chaque fois je ouvre mon ordi. Je ne peux pas utiliser mon antispyware pour scanner. (J'essaie de l'ouvrir mais ca faire rien... bizarre)

Lien vers le commentaire
Partager sur d'autres sites

Enfin, il n'y a plus le s-7-8-38-100028030-100023459-100016285-3731.com, mais par contre, le site de microsoft update est comme bloquer et mon firewall est turn off chaque fois je ouvre mon ordi. Je ne peux pas utiliser mon antispyware pour scanner. (J'essaie de l'ouvrir mais ca faire rien... bizarre)

---> Ça va s'arranger, on va s'occuper de WareOut.

  • Désinstalle UsbFix.
  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.
  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.

Lien vers le commentaire
Partager sur d'autres sites

Il y a un probleme. Je pense que le Wareout a bloquer l'adresse: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Internet Explorer cannot display the webpage

Most likely causes:

You are not connected to the Internet.

The website is encountering problems.

There might be a typing error in the address.

What you can try:

Diagnose Connection Problems

More information

Lien vers le commentaire
Partager sur d'autres sites

J'ai le rapport:

Malwarebytes' Anti-Malware 1.33

Version de la base de données: 1654

Windows 5.1.2600 Service Pack 3

2/23/2009 9:37:09 AM

mbam-log-2009-02-23 (09-37-07).txt

Type de recherche: Examen rapide

Eléments examinés: 68748

Temps écoulé: 14 minute(s), 35 second(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 6

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 1

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9a6df6c0-5872-42d2-b81e-47d6f380b50c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9a6df6c0-5872-42d2-b81e-47d6f380b50c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9a6df6c0-5872-42d2-b81e-47d6f380b50c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.39,85.255.112.40 -> No action taken.

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Trojan.Agent) -> No action taken.

Lien vers le commentaire
Partager sur d'autres sites

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

  • Télécharge ComboFix (de sUBs) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Lien vers le commentaire
Partager sur d'autres sites

×
×
  • Créer...