Probleme de Pop Up (Encore un, desole!)

Fermé
Dorian - 24 mars 2009 à 15:42
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 2 avril 2009 à 11:04
Bonjour,
J'ai parcouru un peu le forum mais pas trouver la solution a mes tracas. Mon probleme est que hier j'ai ouvert un msg envoyer par un ami sur facebook (a son insu) et qui contenait un bon gros spam. On me demandait de cliquer pour voir une video et ensuite d'installer la mise a jour pour flash player. Et comme un con je l'ai fait. Depuis, chaque 10min j'ai IE qui s'ouvre en pop up (alors que j'utilise Mozilla d'ailleurs) et qui me fait un scan anti virus bidon et puis me demande d'installer un logiciel anti-virus. De +, chaque fois que je fais une recherche sur Google, quand je clique sur l'un des liens dans les reponses, sa m'envoit quasi tjrs sur la meme page de pub... :-/
Jusque la, je n'ai jamais eu de problemes. Mon ordi (c'est au bureau) a ete reformater il y a 3 semaines et information importante, je vis en Suede et j'ai donc Windows en... suedois! :) (et je ne parle pas Suedois bien sur) :) En anti virus, j'ai AVG avec toutes les updates.
Et j'ai donc telecharger Navilog et Hijack, je post les scans ci-dessous au cas ou sa servirait...
Voila en tout cas, j'espere que quelqu'un saura m'aider, parce que mon patron commence a faire la tete, et je promet d'etre plus vigilant la prochaine fois! :)
Merci d'avance!
Dorian

SCAN NAVILOG:

"Search Navipromo version 3.7.6 commencé le 2009-03-24 à 14:25:58,79

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program\navilog1

Mise à jour le 14.03.2009 à 18h00 par IL-MAFIOSO

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Turion(tm) 64 Mobile Technology ML-30 )
BIOS : Ver 1.00PARTTBL
USER : Dorian ( Administrator )
BOOT : Normal boot

Antivirus : AVG Anti-Virus Free 8.5 (Activated)

C:\ (Local Disk) - NTFS - Total:41 Go (Free:19 Go)
D:\ (Local Disk) - NTFS - Total:14 Go (Free:14 Go)
E:\ (CD or DVD)

Recherche executé en mode normal

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\start-~1\program" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\start-~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Dorian\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\CHIRIS~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Jens\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Dorian\lokala~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\lokala~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\CHIRIS~1\lokala~1\applic~1" ***

*** Recherche dossiers dans "C:\DOCUME~1\Jens\lokala~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Dorian\start-~1\program" ***

*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\start-~1\program" ***

*** Recherche dossiers dans "C:\DOCUME~1\CHIRIS~1\start-~1\program" ***

*** Recherche dossiers dans "C:\DOCUME~1\Jens\start-~1\program" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *
* Recherche dans "C:\Documents and Settings\Dorian\lokala~1\applic~1" *
* Recherche dans "C:\DOCUME~1\ADMINI~1\lokala~1\applic~1" *
* Recherche dans "C:\DOCUME~1\CHIRIS~1\lokala~1\applic~1" *
* Recherche dans "C:\DOCUME~1\Jens\lokala~1\applic~1" *

*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :
* Dans "C:\WINDOWS\system32" :
* Dans "C:\Documents and Settings\Dorian\lokala~1\applic~1" :
* Dans "C:\DOCUME~1\ADMINI~1\lokala~1\applic~1" :
* Dans "C:\DOCUME~1\CHIRIS~1\lokala~1\applic~1" :
* Dans "C:\DOCUME~1\Jens\lokala~1\applic~1" :

3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :

*** Analyse terminée le 2009-03-24 à 14:30:23,81 ***"




SCAN HIJACK:
"Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:01, on 2009-03-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program\Roxio\CinePlayer\DMXLauncher.exe
C:\Program\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\WScript.exe
C:\DOCUME~1\Dorian\LOKALA~1\Temp\RtkBtMnt.EXE
C:\Program\Java\jre6\bin\jusched.exe
C:\windows\pp04.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Skype\Phone\Skype.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program\Skype\Plugin Manager\skypePM.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe
C:\Program\AVG\AVG8\avgcmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BANTAI USA & EZRAEL [AL - MUKHLIS STUDIO]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [InternetDownload_upgrade] "C:\Program\VersalSoft\InternetDownload\InternetDownload.exe" /upgrade
O4 - HKLM\..\Run: [mcafee] C:\WINDOWS\WIN31.dll.vbs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld02.exe
O4 - HKLM\..\Run: [pp] C:\windows\pp04.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe (file missing)
A voir également:

42 réponses

jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 15:46
slt,


Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Salut! Merci pour ta reponse quasi instantane! Voici les infos demandes!

LOG.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dorian at 2009-03-24 15:52:03
Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (48%) free of 42 GB
Total RAM: 1278 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52:08, on 2009-03-24
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
C:\Program\Roxio\CinePlayer\DMXLauncher.exe
C:\Program\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\System32\WScript.exe
C:\DOCUME~1\Dorian\LOKALA~1\Temp\RtkBtMnt.EXE
C:\Program\Java\jre6\bin\jusched.exe
C:\windows\pp04.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Skype\Phone\Skype.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
C:\Program\Skype\Plugin Manager\skypePM.exe
C:\Program\AVG\AVG8\avgwdsvc.exe
C:\Program\AVG\AVG8\avgrsx.exe
C:\Program\AVG\AVG8\avgcsrvx.exe
C:\Program\AVG\AVG8\avgnsx.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dorian\Skrivbord\RSIT.exe
C:\Program\Trend Micro\HijackThis\Dorian.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BANTAI USA & EZRAEL [AL - MUKHLIS STUDIO]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG8\avgssie.dll
O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program\VersalSoft\InternetDownload\VDTB.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program\VersalSoft\InternetDownload\VDTB.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [InternetDownload_upgrade] "C:\Program\VersalSoft\InternetDownload\InternetDownload.exe" /upgrade
O4 - HKLM\..\Run: [mcafee] C:\WINDOWS\WIN31.dll.vbs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld02.exe
O4 - HKLM\..\Run: [pp] C:\windows\pp04.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\Program\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe (file missing)
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 16:05
ok il faut brancher les disques externes (clé usb...) car elles sont touchées et vont infectées les autres ordi


___________________



Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

_______________

telecharge combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

_________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :





File::

C:\windows\pp04.exe
C:\WINDOWS\WIN31.dll.vbs
C:\windows\ld02.exe
C:\WINDOWS\system32\dll32.dll
C:\WIN31.dll.vbs
Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mcafee"= -
"sysldtray"=-
"pp"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e8d9558-0343-11de-8dfc-806d6172696f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e8d955a-0343-11de-8dfc-806d6172696f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b37a78fd-05b4-11de-8ec0-0014a44de4bd}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3619036-170d-11de-8ee7-0014a44de4bd}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5897f8e-0724-11de-8ec6-0014a44de4bd}]




Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.


Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


________________________


Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus

# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!

2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.

_________________


rq: internet explorer 8 est sorti!
0
Re, :)
Premierement, un grand merci pour ton aide, c'est super sympa! :) Desole, sa m'a prit un peu de temps de faire tout ca (surtout avec Windows en Suedois!) :)
Donc, pour Combofix, je te post le log ci-dessous. Les deux autres logiciels n'ont rien detecter d'anormal! Donc pas de logs disponibles.
Par contre, je me suis fait une frayeur car quand j'ai copier/coller les lignes que tu m'a donner pour faire un fichier texte, j'ai oublier de mettre la premiere ligne: "File::"
Et du coup, sa m'a sortit tout un tas de trucs bizarres la premiere fois que j'ai lancer Combofix avec pleins de demandes de confirmation en suedois et je pense qu'il s'agissait de quelque chose comme reformater Windows. Apres avoir plusieurs fois dit "oui" "oui" "oui", a un moment j'ai annuler, pensant que quelque chose etait bizarre vu que tu m'avais dit que je ne devais voir normalement que l'option 1 pour valider et l'option 2 pour annuler. Finalement, la deusieme fois sa a tres bien marcher tout seul, automatiquement (meme pas eu besoin de faire 1).
Mais je viens de remarquer deux choses. La premiere c'est que maintenant quand je demarre l'ordi, il me propose pendant 3 secondes deux types de windows. Windows XP Pro (normal quoi) mais aussi Windows Restore System ou au truc comme ca... Et la 2eme chose, c'est qu'au demarrage sa m'ouvre un message d'erreur sur un fichier dll.
Enfin bon, voyons deja cette histoire de virus, je vais pas t'innonder avec 1000 problemes non plus! :)

Donc le log de Combofix:

"ComboFix 09-03-23.01 - Dorian 2009-03-24 16:36:13.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.1278.645 [GMT 1:00]
Körs från: c:\documents and settings\Dorian\Skrivbord\ComboFix.exe
Använda kommandoväxlar :: c:\documents and settings\Dorian\Skrivbord\CFscript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Skapade en ny återställningspunkt

FILE ::
C:\WIN31.dll.vbs
c:\windows\ld02.exe
c:\windows\pp04.exe
c:\windows\system32\dll32.dll
c:\windows\WIN31.dll.vbs
.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\WIN31.dll.vbs
c:\windows\ld02.exe
c:\windows\pp04.exe
c:\windows\system32\dll32.dll
c:\windows\system32\pthreadGC2.dll
c:\windows\WIN31.dll.vbs
D:\Autorun.inf
D:\WIN31.dll.vbs
G:\autorun.inf
G:\WIN31.dll.vbs
H:\autorun.inf
H:\WIN31.dll.vbs

.
(((((((((((((((((((((((( Filer Skapade från 2009-02-24 till 2009-03-24 ))))))))))))))))))))))))))))))
.

2009-03-24 15:52 . 2009-03-24 15:57 <KAT> d-------- C:\rsit
2009-03-24 15:25 . 2009-03-24 15:25 <KAT> d-------- c:\program\Trend Micro
2009-03-24 14:23 . 2009-03-24 15:21 <KAT> d-------- c:\program\Navilog1
2009-03-24 13:01 . 2009-03-24 14:26 <KAT> d--h----- C:\$AVG8.VAULT$
2009-03-24 12:57 . 2009-03-24 14:07 <KAT> d-------- c:\windows\system32\drivers\Avg
2009-03-24 12:57 . 2009-03-24 12:57 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-24 12:57 . 2009-03-24 12:57 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-24 12:57 . 2009-03-24 12:57 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-24 12:56 . 2009-03-24 12:56 <KAT> d-------- c:\program\AVG
2009-03-24 12:56 . 2009-03-24 14:26 <KAT> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-23 16:58 . 2009-03-23 16:59 <KAT> d-------- c:\documents and settings\Dorian\Application Data\U3
2009-03-23 15:20 . 2009-03-23 15:20 1 --a------ c:\windows\9g234sdfdfgjf23
2009-03-23 15:20 . 2009-03-23 15:20 0 --a------ c:\windows\system32\nfr.gpref
2009-03-23 15:20 . 2009-03-23 15:20 0 --a------ c:\windows\system32\nfr.assembly
2009-03-23 10:18 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-23 10:18 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-23 10:18 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-15 16:14 . 2009-03-15 16:14 <KAT> d-------- c:\documents and settings\Dorian\Application Data\dvdcss
2009-03-12 16:22 . 2009-03-12 16:22 <KAT> d-------- c:\program\IrfanView
2009-03-11 16:56 . 2009-03-24 16:07 <KAT> d-------- c:\documents and settings\Dorian\Application Data\skypePM
2009-03-11 16:54 . 2009-03-24 16:36 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Skype
2009-03-11 12:33 . 2009-03-11 12:33 <KAT> d-------- c:\windows\Sun
2009-03-11 12:31 . 2009-03-11 12:31 <KAT> d-------- c:\program\Java
2009-03-11 12:31 . 2009-03-11 12:31 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-11 12:31 . 2009-03-11 12:31 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-10 20:16 . 2009-03-11 22:40 <KAT> d-------- c:\program\SopCast
2009-03-10 20:10 . 2009-03-10 20:10 <KAT> d-------- c:\program\TVAnts
2009-03-10 13:06 . 2009-03-10 13:06 <KAT> d-------- c:\documents and settings\LocalService\Application Data\DivX
2009-03-10 13:03 . 2009-03-19 13:06 <KAT> d-------- c:\documents and settings\Dorian\Application Data\BitTorrent
2009-03-10 10:45 . 2009-03-10 10:45 <KAT> d-------- c:\program\K-Lite Codec Pack
2009-03-10 10:45 . 2009-03-10 10:45 <KAT> d-------- c:\program\Gabest
2009-03-10 10:45 . 2008-11-06 17:37 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-03-10 10:45 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-03-10 10:45 . 2008-12-07 19:08 795,648 --a------ c:\windows\system32\xvidcore.dll
2009-03-10 10:45 . 2008-11-06 17:33 684,032 --a------ c:\windows\system32\divx.dll
2009-03-10 10:45 . 2004-01-25 17:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-03-10 10:45 . 2008-12-07 19:08 130,048 --a------ c:\windows\system32\xvidvfw.dll
2009-03-10 10:45 . 2007-09-21 01:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-03-10 10:45 . 2008-12-11 01:33 86,016 --a------ c:\windows\system32\dpl100.dll
2009-03-10 10:45 . 2009-02-09 19:56 67,584 --a------ c:\windows\system32\ff_vfw.dll
2009-03-10 10:45 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-03-10 10:45 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-03-10 10:43 . 2009-03-10 10:43 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Media Player Classic
2009-03-06 16:02 . 2009-03-06 16:02 <KAT> d-------- c:\documents and settings\Dorian\Application Data\vlc
2009-03-06 15:28 . 2009-03-06 15:28 <KAT> d-------- c:\program\CONEXANT
2009-03-06 15:28 . 2004-12-15 09:18 1,038,208 --a------ c:\windows\system32\drivers\HSF_DP.sys
2009-03-06 15:28 . 2004-12-15 09:18 703,232 --a------ c:\windows\system32\drivers\HSF_CNXT.sys
2009-03-06 15:28 . 2004-12-15 09:18 200,192 --a------ c:\windows\system32\drivers\HSFHWATI.sys
2009-03-06 15:28 . 2004-12-15 08:52 129,045 --a------ c:\windows\system32\drivers\HSFProf.cty
2009-03-06 15:28 . 2004-10-28 09:29 39,018 --a------ c:\windows\system32\hsfci012.dll
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Jens\Start-meny
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> d-------- c:\documents and settings\Jens\Skrivbord
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Jens\Skrivare
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> d--h----- c:\documents and settings\Jens\Nätverket
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> dr------- c:\documents and settings\Jens\Mina dokument
2009-03-06 14:50 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Jens\Mallar
2009-03-06 14:50 . 2009-03-24 16:38 <KAT> d--h----- c:\documents and settings\Jens\Lokala inställningar
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> dr------- c:\documents and settings\Jens\Favoriter
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> d-------- c:\documents and settings\Jens\Application Data\Roxio
2009-03-06 14:50 . 2009-03-24 12:57 <KAT> d-------- c:\documents and settings\Jens
2009-03-06 14:42 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Dorian\Start-meny
2009-03-06 14:42 . 2009-03-24 16:36 <KAT> d-------- c:\documents and settings\Dorian\Skrivbord
2009-03-06 14:42 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Dorian\Skrivare
2009-03-06 14:42 . 2009-03-06 16:00 <KAT> d--h----- c:\documents and settings\Dorian\Nätverket
2009-03-06 14:42 . 2009-03-10 15:49 <KAT> dr------- c:\documents and settings\Dorian\Mina dokument
2009-03-06 14:42 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Dorian\Mallar
2009-03-06 14:42 . 2009-03-15 16:15 <KAT> d--h----- c:\documents and settings\Dorian\Lokala inställningar
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> dr------- c:\documents and settings\Dorian\Favoriter
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Roxio
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> d-------- c:\documents and settings\Dorian
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Chiristina\Start-meny
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> d-------- c:\documents and settings\Chiristina\Skrivbord
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Chiristina\Skrivare
2009-03-06 14:37 . 2009-03-06 14:41 <KAT> d--h----- c:\documents and settings\Chiristina\Nätverket
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> dr------- c:\documents and settings\Chiristina\Mina dokument
2009-03-06 14:37 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Chiristina\Mallar
2009-03-06 14:37 . 2009-03-24 16:38 <KAT> d--h----- c:\documents and settings\Chiristina\Lokala inställningar
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> dr------- c:\documents and settings\Chiristina\Favoriter
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> d-------- c:\documents and settings\Chiristina\Application Data\Roxio
2009-03-06 14:37 . 2009-03-24 12:57 <KAT> d-------- c:\documents and settings\Chiristina
2009-03-06 14:22 . 2009-03-06 14:22 <KAT> d-------- c:\documents and settings\Julio
2009-02-28 19:14 . 2009-03-06 11:47 <KAT> d-------- c:\documents and settings\Administratör\Application Data\skypePM
2009-02-28 19:14 . 2009-02-28 19:14 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> dr------- c:\program\Skype
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> d-------- c:\program\Delade filer\Skype
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-28 19:12 . 2009-03-06 13:39 <KAT> d-------- c:\documents and settings\Administratör\Application Data\Skype
2009-02-27 16:37 . 2009-02-27 16:37 <KAT> d-------- c:\program\MSXML 4.0
2009-02-27 13:54 . 2009-03-02 13:51 <KAT> d-------- c:\documents and settings\Administratör\Application Data\dvdcss
2009-02-27 12:11 . 2009-02-27 12:19 23,392 --a------ c:\windows\system32\nscompat.tlb
2009-02-27 12:11 . 2009-02-27 12:19 16,832 --a------ c:\windows\system32\amcompat.tlb
2009-02-27 12:00 . 2009-02-27 12:00 <KAT> d-------- c:\program\Delade filer\Adobe AIR
2009-02-27 11:58 . 2009-03-16 15:18 <KAT> d-------- c:\program\Delade filer\Adobe
2009-02-27 11:56 . 2009-02-27 12:11 <KAT> d-------- c:\program\NOS
2009-02-27 11:56 . 2009-02-27 12:11 <KAT> d-------- c:\documents and settings\All Users\Application Data\NOS
2009-02-27 11:52 . 2009-03-04 16:27 <KAT> d-------- c:\documents and settings\Administratör\Application Data\BitTorrent
2009-02-27 11:51 . 2009-03-06 12:39 <KAT> d-------- c:\program\DNA
2009-02-27 11:51 . 2009-02-27 11:51 <KAT> d-------- c:\program\BitTorrent
2009-02-27 11:51 . 2009-03-06 14:21 <KAT> d-------- c:\documents and settings\Administratör\Application Data\DNA
2009-02-27 11:45 . 2009-02-27 11:45 <KAT> d-------- C:\VersalSoft
2009-02-27 11:44 . 2009-02-27 11:44 <KAT> d-------- c:\program\VersalSoft
2009-02-27 11:44 . 2009-02-27 11:44 <KAT> d-------- C:\Program Files
2009-02-27 11:42 . 2009-02-27 11:42 <KAT> d-------- c:\documents and settings\Administratör\Application Data\vlc
2009-02-27 11:41 . 2009-02-27 11:41 <KAT> d-------- c:\program\VideoLAN
2009-02-27 11:32 . 2009-02-27 11:32 <KAT> d-------- c:\documents and settings\All Users\Application Data\TVU Networks
2009-02-27 11:31 . 2009-02-27 11:32 <KAT> d-------- c:\program\TVUPlayer
2009-02-27 11:31 . 2009-02-27 11:31 <KAT> d-------- c:\documents and settings\Administratör\LocalLow
2009-02-27 11:31 . 2009-02-27 11:31 <KAT> d-------- c:\documents and settings\Administratör\LocalLow
2009-02-27 11:20 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2009-02-27 11:20 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys
2009-02-27 11:20 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-02-27 11:20 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\dllcache\usbccgp.sys
2009-02-27 11:20 . 2008-04-14 17:04 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-27 11:20 . 2008-04-14 17:04 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll
2009-02-27 11:12 . 2009-02-27 11:12 0 --a------ c:\windows\nsreg.dat
2009-02-26 14:28 . 2009-02-26 14:28 <KAT> d-------- c:\windows\system32\xircom
2009-02-26 14:28 . 2009-02-26 14:28 <KAT> d-------- c:\program\microsoft frontpage
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\system32\sv
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\system32\bits
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\l2schemas
2009-02-26 14:15 . 2009-02-26 14:15 <KAT> d-------- c:\windows\ServicePackFiles
2009-02-26 10:18 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-02-26 10:17 . 2009-02-26 10:17 <KAT> d-------- c:\program\MSBuild
2009-02-26 10:17 . 2009-02-26 10:17 <KAT> d-------- c:\program\Microsoft Works
2009-02-26 10:16 . 2009-02-26 10:16 <KAT> d-------- c:\program\Microsoft.NET

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-06 15:02 --------- d-----w c:\documents and settings\Dorian\Application Data\vlc
2009-02-27 11:18 --------- d-----w c:\program\Windows Media Connect 2
2009-02-27 10:42 --------- d-----w c:\documents and settings\Administratör\Application Data\vlc
2009-02-26 08:37 --------- d-----w c:\program\Delade filer\InstallShield
2009-02-25 13:50 10,170 ----a-w C:\hwids.dat
2009-02-25 13:22 --------- d-----w c:\program\Onlinetjänster
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:07 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 20:31 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* Tomma poster & legitima standardposter visas inte.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dll"="dll32" [X]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\program\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoxWatchTray"="c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 240112]
"DMXLauncher"="c:\program\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 113136]
"GrooveMonitor"="c:\program\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"InternetDownload_upgrade"="c:\program\VersalSoft\InternetDownload\InternetDownload.exe" [2009-01-05 361472]
"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-03-11 148888]
"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AVG8_TRAY"="c:\program\AVG\AVG8\avgtray.exe" [2009-03-24 1932568]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-12-21 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-24 12:57 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program\\DNA\\btdna.exe"=
"c:\\Program\\BitTorrent\\bittorrent.exe"=
"c:\\Program\\TVAnts\\Tvants.exe"=
"c:\\Program\\SopCast\\SopCast.exe"=
"c:\\Program\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program\\Skype\\Phone\\Skype.exe"=
"c:\\Program\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program\\Mozilla Firefox\\firefox.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:dll32
"7171:TCP"= 7171:TCP:dll32

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-24 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-24 107912]
R2 avg8wd;AVG Free8 WatchDog;c:\program\AVG\AVG8\avgwdsvc.exe [2009-03-24 298264]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2009-03-06 200192]
R3 RoxMediaDB10;RoxMediaDB10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]

--- Övriga tjänster/drivrutiner i minnet ---

*NewlyCreated* - AVG8WD
*NewlyCreated* - AVGLDX86
*NewlyCreated* - AVGMFX86
*NewlyCreated* - AVGTDIX

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
.
------- Extra genomsökning -------
.
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xportera till Microsoft Excel - c:\program\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Dorian\Application Data\Mozilla\Firefox\Profiles\74ey4uwe.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 7171
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program\Mozilla Firefox\plugins\npbittorrent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-24 16:38:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLer som "laddats" under processer som körs ---------------------

- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\Ati2evxx.dll
.
Sluttid: 2009-03-24 16:39:45
ComboFix-quarantined-files.txt 2009-03-24 15:39:40

Före genomsökningen: 21 078 528 000 byte ledigt
Efter genomsökningen: 21,115,666,432 byte ledigt

266 --- E O F --- 2009-03-23 10:14:34"

UN GRAND MERCI!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Et pour IE, en fait j'utilise toujours Firefox donc j'ai pas du tout suivit les updates.
Encore un grand merci, et j'espere que tu m'aideras a regler tres vite le probleme! :)
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 17:33
Et la 2eme chose, c'est qu'au demarrage sa m'ouvre un message d'erreur sur un fichier dll.


quel fichier??

____________

analyse ces fichiers sur virus total : https://www.virustotal.com/gui/

c:\windows\9g234sdfdfgjf23
c:\windows\system32\nfr.gpref
c:\windows\system32\nfr.assembly

et colle les rapports

________________

puis remets un rapport RSIT
0
Il me semble que c'est le fichier "Auto-Run" puisque desormais quand je connecte une cle usb sa ne la lit pas directement, je dois l'ouvrir manuellement depuis poste de travail.

Pour les rapports:
_ c:\windows\9g234sdfdfgjf23: http://www.virustotal.com/fr/analisis/4b236820bfd9551043075062ecd9f334
_ c:\windows\system32\nfr.gpref : il me dit que le fichier est vide
_ c:\windows\system32\nfr.assembly: idem

Je fais un rapport RSIT asap et je le mettrais la!
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 17:46
attends
0
Log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dorian at 2009-03-24 17:47:16
Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (47%) free of 42 GB
Total RAM: 1278 MB (43% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program\AVG\AVG8\avgssie.dll [2009-03-24 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program\Google\Google Toolbar\GoogleToolbar.dll [2009-03-06 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-06 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-06 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2009-03-11 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program\Google\Google Toolbar\GoogleToolbar.dll [2009-03-06 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"RoxWatchTray"=C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2007-08-24 240112]
"DMXLauncher"=C:\Program\Roxio\CinePlayer\DMXLauncher.exe [2007-08-14 113136]
"GrooveMonitor"=C:\Program\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"InternetDownload_upgrade"=C:\Program\VersalSoft\InternetDownload\InternetDownload.exe [2009-01-05 361472]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2009-03-11 148888]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\Program\AVG\AVG8\avgtray.exe [2009-03-24 1932568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program\Skype\Phone\Skype.exe [2009-02-04 23975720]
"ISUSScheduler"=C:\Program\Delade filer\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
"dll"=rundll32 dll32,sm []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-12-17 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-24 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program\Microsoft Office\Office12\GROOVE.EXE"="C:\Program\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program\TVUPlayer\TVUPlayer.exe"="C:\Program\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program\DNA\btdna.exe"="C:\Program\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program\BitTorrent\bittorrent.exe"="C:\Program\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program\TVAnts\Tvants.exe"="C:\Program\TVAnts\Tvants.exe:*:Disabled:TVAnts"
"C:\Program\SopCast\SopCast.exe"="C:\Program\SopCast\SopCast.exe:*:Disabled:SopCast Main Application"
"C:\Program\SopCast\adv\SopAdver.exe"="C:\Program\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver"
"C:\Program\Skype\Phone\Skype.exe"="C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program\AVG\AVG8\avgupd.exe"="C:\Program\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program\AVG\AVG8\avgnsx.exe"="C:\Program\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program\Mozilla Firefox\firefox.exe"="C:\Program\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38a5b4ac-188e-11de-8eee-0014a44de4bd}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5897f8e-0724-11de-8ec6-0014a44de4bd}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe WIN31.dll.vbs


======List of files/folders created in the last 1 months======

2009-03-24 17:47:16 ----D---- C:\rsit
2009-03-24 17:08:19 ----SHD---- C:\RECYCLER
2009-03-24 16:56:55 ----RASHD---- C:\autorun.inf
2009-03-24 16:39:49 ----D---- C:\WINDOWS\temp
2009-03-24 16:39:47 ----A---- C:\ComboFix.txt
2009-03-24 16:35:19 ----A---- C:\WINDOWS\NIRCMD.exe
2009-03-24 16:21:07 ----A---- C:\Boot.bak
2009-03-24 16:21:01 ----RASHD---- C:\cmdcons
2009-03-24 16:18:27 ----A---- C:\WINDOWS\zip.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\VFIND.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWSC.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWREG.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\sed.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\grep.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\fdsv.exe
2009-03-24 16:18:16 ----D---- C:\WINDOWS\ERDNT
2009-03-24 16:17:54 ----AD---- C:\Qoobox
2009-03-24 15:25:47 ----D---- C:\Program\Trend Micro
2009-03-24 14:23:35 ----D---- C:\Program\Navilog1
2009-03-24 13:01:07 ----HD---- C:\$AVG8.VAULT$
2009-03-24 12:57:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-03-24 12:56:55 ----D---- C:\Program\AVG
2009-03-24 12:56:54 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-03-23 16:58:48 ----D---- C:\Documents and Settings\Dorian\Application Data\U3
2009-03-23 10:18:23 ----A---- C:\WINDOWS\system32\muweb.dll
2009-03-23 10:18:23 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-03-23 10:18:22 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-03-15 16:14:07 ----D---- C:\Documents and Settings\Dorian\Application Data\dvdcss
2009-03-12 16:22:04 ----D---- C:\Program\IrfanView
2009-03-11 16:56:16 ----D---- C:\Documents and Settings\Dorian\Application Data\skypePM
2009-03-11 16:54:41 ----D---- C:\Documents and Settings\Dorian\Application Data\Skype
2009-03-11 12:33:28 ----D---- C:\WINDOWS\Sun
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\java.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-11 12:31:35 ----D---- C:\Program\Java
2009-03-11 12:30:53 ----D---- C:\Documents and Settings\Dorian\Application Data\Sun
2009-03-11 12:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 12:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 12:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 12:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-10 20:16:06 ----D---- C:\Program\SopCast
2009-03-10 20:10:52 ----D---- C:\Program\TVAnts
2009-03-10 13:03:33 ----D---- C:\Documents and Settings\Dorian\Application Data\BitTorrent
2009-03-10 10:45:55 ----D---- C:\Program\Gabest
2009-03-10 10:45:13 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-03-10 10:45:06 ----A---- C:\WINDOWS\system32\divx.dll
2009-03-10 10:45:05 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-03-10 10:45:05 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-03-10 10:45:02 ----D---- C:\Program\K-Lite Codec Pack
2009-03-10 10:43:51 ----D---- C:\Documents and Settings\Dorian\Application Data\Media Player Classic
2009-03-10 10:43:50 ----A---- C:\WINDOWS\system32\regsvr32.exe.log
2009-03-06 16:05:08 ----D---- C:\Documents and Settings\Dorian\Application Data\Macromedia
2009-03-06 16:05:07 ----D---- C:\Documents and Settings\Dorian\Application Data\Adobe
2009-03-06 16:04:36 ----D---- C:\Documents and Settings\Dorian\Application Data\Mozilla
2009-03-06 16:02:50 ----D---- C:\Documents and Settings\Dorian\Application Data\vlc
2009-03-06 15:28:32 ----D---- C:\Program\CONEXANT
2009-03-06 15:28:22 ----A---- C:\WINDOWS\system32\hsfci012.dll
2009-03-06 15:27:39 ----D---- C:\Documents and Settings\Dorian\Application Data\WinRAR
2009-03-06 14:42:57 ----D---- C:\Documents and Settings\Dorian\Application Data\Google
2009-03-06 14:42:40 ----D---- C:\Documents and Settings\Dorian\Application Data\Roxio
2009-03-06 14:42:30 ----D---- C:\Documents and Settings\Dorian\Application Data\Identities
2009-03-06 14:42:24 ----SD---- C:\Documents and Settings\Dorian\Application Data\Microsoft
2009-03-06 14:42:24 ----ASH---- C:\Documents and Settings\Dorian\Application Data\desktop.ini
2009-02-28 19:12:40 ----D---- C:\Program\Delade filer\Skype
2009-02-28 19:12:36 ----RD---- C:\Program\Skype
2009-02-28 19:12:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-27 16:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-02-27 16:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-27 16:37:19 ----D---- C:\Program\MSXML 4.0
2009-02-27 12:19:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-27 12:18:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-02-27 12:17:47 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-02-27 12:00:12 ----D---- C:\Program\Delade filer\Adobe AIR
2009-02-27 11:59:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-27 11:58:56 ----D---- C:\Program\Delade filer\Adobe
2009-02-27 11:58:56 ----D---- C:\Program\Adobe
2009-02-27 11:56:20 ----D---- C:\Program\NOS
2009-02-27 11:56:20 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-27 11:51:34 ----D---- C:\Program\DNA
2009-02-27 11:51:29 ----D---- C:\Program\BitTorrent
2009-02-27 11:45:09 ----D---- C:\VersalSoft
2009-02-27 11:44:58 ----D---- C:\Program\VersalSoft
2009-02-27 11:44:52 ----D---- C:\Program Files
2009-02-27 11:41:25 ----D---- C:\Program\VideoLAN
2009-02-27 11:32:03 ----D---- C:\Documents and Settings\All Users\Application Data\TVU Networks
2009-02-27 11:31:52 ----D---- C:\Program\TVUPlayer
2009-02-27 11:20:40 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-02-27 11:11:28 ----D---- C:\Program\Mozilla Firefox
2009-02-26 14:28:05 ----D---- C:\WINDOWS\system32\xircom
2009-02-26 14:28:05 ----D---- C:\Program\xerox
2009-02-26 14:28:04 ----D---- C:\Program\microsoft frontpage
2009-02-26 14:27:58 ----D---- C:\WINDOWS\Prefetch
2009-02-26 14:25:46 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-26 14:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-26 14:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-26 14:25:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-26 14:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-26 14:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-26 14:24:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-26 14:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-26 14:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-26 14:24:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-26 14:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-02-26 14:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-02-26 14:23:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-02-26 14:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-02-26 14:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-02-26 14:23:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-02-26 14:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-02-26 14:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-02-26 14:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-02-26 14:22:58 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-02-26 14:19:13 ----D---- C:\WINDOWS\system32\sv
2009-02-26 14:19:13 ----D---- C:\WINDOWS\l2schemas
2009-02-26 14:19:12 ----D---- C:\WINDOWS\system32\bits
2009-02-26 14:15:47 ----D---- C:\WINDOWS\ServicePackFiles
2009-02-26 14:12:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-02-26 14:09:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-26 14:01:17 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-02-26 10:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-26 10:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-26 10:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-26 10:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-26 10:18:39 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-02-26 10:17:37 ----D---- C:\Program\Microsoft Works
2009-02-26 10:17:25 ----D---- C:\Program\MSBuild
2009-02-26 10:17:00 ----D---- C:\Program\Microsoft Visual Studio
2009-02-26 10:17:00 ----D---- C:\Program\Delade filer\DESIGNER
2009-02-26 10:16:10 ----D---- C:\Program\Microsoft.NET
2009-02-26 10:13:11 ----D---- C:\Program\Microsoft Visual Studio 8
2009-02-26 10:12:17 ----D---- C:\WINDOWS\SHELLNEW
2009-02-26 10:12:01 ----D---- C:\Program\Microsoft Office
2009-02-26 10:12:00 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-02-26 10:11:35 ----RHD---- C:\MSOCache
2009-02-26 10:02:44 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-26 10:02:40 ----D---- C:\Program\Your Uninstaller 2008
2009-02-26 09:53:44 ----D---- C:\Program\InterActual
2009-02-26 09:41:46 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-02-26 09:39:52 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-02-26 09:38:50 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-02-26 09:38:37 ----D---- C:\Program\Google
2009-02-26 09:38:19 ----D---- C:\Program\Delade filer\Sonic Shared
2009-02-26 09:38:06 ----D---- C:\Program\Delade filer\Roxio Shared
2009-02-26 09:37:59 ----D---- C:\Program\InstallShield Installation Information
2009-02-26 09:37:55 ----D---- C:\Program\SmartSound Software
2009-02-26 09:37:55 ----D---- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2009-02-26 09:37:44 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-02-26 09:37:43 ----D---- C:\Program\Roxio
2009-02-26 09:36:38 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-02-26 09:36:38 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-02-26 09:36:34 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-02-26 09:27:57 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-02-26 09:25:35 ----D---- C:\Program\Total Video Converter
2009-02-26 09:24:54 ----D---- C:\Program\WinRAR
2009-02-26 09:17:27 ----D---- C:\programas para trabajar
2009-02-25 15:17:15 ----A---- C:\WINDOWS\system32\h323log.txt
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\irmon.dll
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\irftp.exe
2009-02-25 15:13:24 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-02-25 15:13:14 ----A---- C:\WINDOWS\system32\usbui.dll
2009-02-25 15:09:27 ----A---- C:\WINDOWS\imsins.BAK
2009-02-25 15:09:24 ----SHD---- C:\WINDOWS\Installer
2009-02-25 15:09:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-25 15:09:22 ----D---- C:\Program\Delade filer\ODBC
2009-02-25 15:09:22 ----A---- C:\WINDOWS\ODBCINST.INI
2009-02-25 15:09:17 ----RD---- C:\Program
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer\SpeechEngines
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer\Microsoft Shared
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-02-25 15:09:04 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-02-25 15:08:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-02-25 15:08:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-02-25 15:08:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-02-25 15:08:53 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-02-25 15:08:53 ----A---- C:\WINDOWS\system32\batt.dll
2009-02-25 15:08:53 ----A---- C:\WINDOWS\notepad.exe
2009-02-25 15:08:52 ----A---- C:\WINDOWS\system32\storprop.dll
2009-02-25 15:08:41 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-02-25 15:08:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-25 15:08:24 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-25 15:08:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-25 15:07:46 ----A---- C:\WINDOWS\setuplog.txt
2009-02-25 15:07:43 ----A---- C:\pmtimer.exe
2009-02-25 15:07:43 ----A---- C:\makePNF.exe
2009-02-25 15:07:43 ----A---- C:\DSPdsblr.exe
2009-02-25 15:07:43 ----A---- C:\DPSFNSHR.INI
2009-02-25 15:07:43 ----A---- C:\DPsFnshr.exe
2009-02-25 15:07:42 ----A---- C:\devcon.exe
2009-02-25 15:05:26 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2009-02-25 15:05:26 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-02-25 15:05:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2009-02-25 15:05:12 ----A---- C:\WINDOWS\Alcrmv.exe
2009-02-25 15:04:12 ----A---- C:\DP_MassStorage_wnt5_x86-32.ini
2009-02-25 15:01:12 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\atitvo32.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atioglxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\Atioglgl.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atikvmag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati3duag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2009-02-25 15:00:45 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2009-02-25 15:00:45 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2009-02-25 14:59:10 ----D---- C:\D
2009-02-25 14:58:54 ----SHD---- C:\System Volume Information
2009-02-25 14:58:54 ----D---- C:\Documents and Settings
2009-02-25 14:58:22 ----RASH---- C:\boot.ini
2009-02-25 14:57:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-02-25 14:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-02-25 14:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-02-25 14:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-02-25 14:57:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-25 14:57:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-02-25 14:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2009-02-25 14:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-02-25 14:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-02-25 14:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-25 14:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-02-25 14:56:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-02-25 14:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-02-25 14:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-25 14:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-02-25 14:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-02-25 14:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-02-25 14:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-02-25 14:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-02-25 14:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-02-25 14:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-02-25 14:55:25 ----D---- C:\WINDOWS\ie7updates
2009-02-25 14:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-02-25 14:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-02-25 14:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-02-25 14:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-02-25 14:54:16 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-02-25 14:54:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-02-25 14:54:12 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-02-25 14:54:12 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-02-25 14:53:56 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-02-25 14:53:56 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-02-25 14:53:15 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-02-25 14:53:08 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-02-25 14:52:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-25 14:52:59 ----RSD---- C:\WINDOWS\Fonts
2009-02-25 14:52:59 ----RD---- C:\WINDOWS\Web
2009-02-25 14:52:59 ----N---- C:\WINDOWS\system32\slserv.exe
2009-02-25 14:52:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-02-25 14:52:59 ----N---- C:\WINDOWS\slrundll.exe
2009-02-25 14:52:59 ----HD---- C:\WINDOWS\inf
2009-02-25 14:52:59 ----D---- C:\WINDOWS\WinSxS
2009-02-25 14:52:59 ----D---- C:\WINDOWS\WBEM
2009-02-25 14:52:59 ----D---- C:\WINDOWS\twain_32
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\wins
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\wbem
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\usmt
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\sv-se
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\spool
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ShellExt
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\Setup
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ras
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\PreInstall
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\oobe
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\npp
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\mui
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\inetsrv
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\IME
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\icsxml
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ias
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\export
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\dhcp
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\config
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\3com_dmi
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\3076
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\2052
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1054
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1053
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1042
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1041
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1037
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1033
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1031
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1028
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1025
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system
2009-02-25 14:52:59 ----D---- C:\WINDOWS\security
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Resources
2009-02-25 14:52:59 ----D---- C:\WINDOWS\repair
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Provisioning
2009-02-25 14:52:59 ----D---- C:\WINDOWS\PeerNet
2009-02-25 14:52:59 ----D---- C:\WINDOWS\pchealth
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Offline Web Pages
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Network Diagnostic
2009-02-25 14:52:59 ----D---- C:\WINDOWS\mui
2009-02-25 14:52:59 ----D---- C:\WINDOWS\msapps
2009-02-25 14:52:59 ----D---- C:\WINDOWS\msagent
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Media
2009-02-25 14:52:59 ----D---- C:\WINDOWS\java
2009-02-25 14:52:59 ----D---- C:\WINDOWS\ime
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Help
2009-02-25 14:52:59 ----D---- C:\WINDOWS\ehome
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Driver Cache
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Debug
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Cursors
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Connection Wizard
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Config
2009-02-25 14:52:59 ----D---- C:\WINDOWS\AppPatch
2009-02-25 14:52:59 ----D---- C:\WINDOWS\addins
2009-02-25 14:52:59 ----D---- C:\WINDOWS
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slgen.dll
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-02-25 14:52:52 ----N---- C:\WINDOWS\system32\setupn.exe
2009-02-25 14:52:48 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-02-25 14:52:46 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-02-25 14:52:43 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-02-25 14:52:42 ----N---- C:\WINDOWS\system32\qutil.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qagent.dll
2009-02-25 14:52:38 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-02-25 14:52:33 ----N---- C:\WINDOWS\system32\onex.dll
2009-02-25 14:52:24 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napstat.exe
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-02-25 14:52:15 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-02-25 14:52:14 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-02-25 14:52:14 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-02-25 14:52:11 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-02-25 14:52:11 ----N---- C:\WINDOWS\system32\mssha.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-02-25 14:52:03 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-02-25 14:51:48 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-02-25 14:51:48 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-02-25 14:51:46 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-02-25 14:51:44 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-02-25 14:51:42 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-02-25 14:51:42 ----A---- C:\WINDOWS\002487_.tmp
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-02-25 14:51:38 ----N---- C:\WINDOWS\system32\credssp.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\azroles.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-02-25 14:51:34 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-02-25 14:51:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-02-25 14:51:32 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-02-25 14:51:31 ----D---- C:\Program\Delade filer\InstallShield
2009-02-25 14:51:04 ----D---- C:\tmp
2009-02-25 14:50:47 ----D---- C:\WINDOWS\system32\DRM
2009-02-25 14:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-02-25 14:33:27 ----RSD---- C:\WINDOWS\assembly
2009-02-25 14:33:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-25 14:33:24 ----D---- C:\WINDOWS\system32\URTTemp
2009-02-25 14:32:44 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-25 14:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-02-25 14:32:16 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-02-25 14:30:31 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-25 14:30:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-02-25 14:29:17 ----D---- C:\Program\Windows Media Connect 2
2009-02-25 14:29:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-02-25 14:29:16 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2009-02-25 14:29:03 ----D---- C:\WINDOWS\RegisteredPackages
2009-02-25 14:28:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-02-25 14:26:46 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-25 14:26:34 ----SD---- C:\WINDOWS\system32\Microsoft
2009-02-25 14:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-25 14:24:49 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-25 14:24:47 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-02-25 14:24:29 ----A---- C:\WINDOWS\control.ini
2009-02-25 14:24:29 ----A---- C:\AUTOEXEC.BAT
2009-02-25 14:24:22 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-25 14:24:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-02-25 14:24:14 ----D---- C:\WINDOWS\system32\dllcache
2009-02-25 14:23:01 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-02-25 14:22:55 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-02-25 14:22:49 ----HD---- C:\Program\WindowsUpdate
2009-02-25 14:22:44 ----D---- C:\Program\Onlinetjänster
2009-02-25 14:22:24 ----D---- C:\WINDOWS\system32\DirectX
2009-02-25 14:22:07 ----A---- C:\WINDOWS\system32\atrace.dll
2009-02-25 14:22:06 ----A---- C:\WINDOWS\system32\desktop.ini
2009-02-25 14:22:06 ----A---- C:\WINDOWS\desktop.ini
2009-02-25 14:22:01 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-02-25 14:21:59 ----D---- C:\Program\Delade filer\Services
2009-02-25 14:21:59 ----A---- C:\WINDOWS\system32\acctres.dll
2009-02-25 14:21:57 ----SD---- C:\WINDOWS\Tasks
2009-02-25 14:21:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-02-25 14:21:56 ----D---- C:\Program\Delade filer\MSSoap
2009-02-25 14:21:51 ----D---- C:\WINDOWS\srchasst
2009-02-25 14:21:50 ----D---- C:\WINDOWS\system32\Macromed
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wups.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-02-25 14:21:48 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-02-25 14:21:44 ----D---- C:\Program\Movie Maker
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-02-25 14:21:35 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-02-25 14:21:34 ----D---- C:\WINDOWS\system32\Restore
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srclient.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-02-25 14:21:33 ----D---- C:\Program\Windows Media Player
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\ils.dll
2009-02-25 14:21:32 ----A---- C:\WINDOWS\system32\msconf.dll
2009-02-25 14:21:30 ----D---- C:\Program\NetMeeting
2009-02-25 14:21:30 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-02-25 14:21:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-02-25 14:21:28 ----A---- C:\WINDOWS\system32\inetres.dll
2009-02-25 14:21:28 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-02-25 14:21:26 ----D---- C:\Program\Outlook Express
2009-02-25 14:21:26 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-02-25 14:21:26 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\mstask.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\isign32.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-02-25 14:21:19 ----D---- C:\Program\Delade filer\System
2009-02-25 14:21:10 ----D---- C:\Program\Internet Explorer
2009-02-25 14:20:42 ----HD---- C:\Program\Uninstall Information
2009-02-25 14:20:26 ----D---- C:\Program\ComPlus Applications
2009-02-25 14:20:23 ----A---- C:\WINDOWS\vbaddin.ini
2009-02-25 14:20:23 ----A---- C:\WINDOWS\vb.ini
2009-02-25 14:20:15 ----D---- C:\WINDOWS\Registration
2009-02-25 14:19:55 ----D---- C:\Program\Messenger
2009-02-25 14:19:51 ----D---- C:\Program\MSN Gaming Zone
2009-02-25 14:19:51 ----A---- C:\WINDOWS\system32\write.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\winchat.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\hticons.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avwav.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-02-25 14:19:38 ----A---- C:\WINDOWS\system32\getuname.dll
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\winmine.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\sol.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\charmap.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\calc.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tskill.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tscon.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\shadow.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\reset.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\regini.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\freecell.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\msg.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\logoff.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\stclient.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-02-25 14:19:30 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-02-25 14:19:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-02-25 14:19:29 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-02-25 14:19:28 ----D---- C:\Program\Windows NT
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-02-25 14:19:27 ----A---- C:\WINDOWS\system32\spider.exe
2009-02-25 14:19:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-02-25 14:19:25 ----D---- C:\WINDOWS\system32\MsDtc
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-02-25 14:19:22 ----D---- C:\WINDOWS\system32\Com
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\colbact.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-02-25 14:19:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-02-25 14:19:21 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-02-25 14:19:20 ----A---- C:\WINDOWS\system32\comuid.dll
2009-02-25 14:19:20 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-02-25 14:19:14 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-03-24 16:38:28 ----A---- C:\WINDOWS\system.ini
2009-03-23 11:07:24 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-24 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-03-24 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-24 107912]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-11-06 4024832]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-12-17 1918464]
R3 BCM43XX;Drivrutin för Broadcom 802.11 nätverksadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-08-15 369024]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;Drivrutin för NSC-IR-enhet; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 catchme;catchme; \??\C:\DOCUME~1\Dorian\LOKALA~1\Temp\catchme.sys []
S3 hidusb;Microsoft HID-klassdrivrutin; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;HID-drivrutin för mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-01-01 12160]
S3 usbaudio;USB-ljuddrivrutiner (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2007-08-18 57328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-12-17 434176]
R2 avg8wd;AVG Free8 WatchDog; C:\Program\AVG\AVG8\avgwdsvc.exe [2009-03-24 298264]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2009-03-11 152984]
R2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 RoxMediaDB10;RoxMediaDB10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
S2 SessionLauncher;SessionLauncher; C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-06 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

INFO

info.txt logfile of random's system information tool 1.06 2009-03-24 17:47:22

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {4F3FCD41-AD1C-4EE8-9D5C-35DBA58BA060}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {A8626CEF-CB0A-4BC2-8F51-210A43B6158D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041D-0000-0000000FF1CE} /uninstall {C41B2E34-C30E-4989-8A9D-6B0805B33EC1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
Acrobat.com-->C:\Program\Delade filer\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program\Delade filer\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 8.5-->C:\Program\AVG\AVG8\setup.exe /UNINSTALL
DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}
EMC 10 Content-->MsiExec.exe /X{FDB46DE7-9045-47BB-970A-3E4ED5369E03}
Google Toolbar for Internet Explorer-->"C:\Program\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IrfanView (remove only)-->C:\Program\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
K-Lite Codec Pack 4.7.0 (Full)-->"C:\Program\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program\Windows Media Player\Setup_wm.exe" /Uninstall
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Swedish Language Pack-->MsiExec.exe /X{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - SVE-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - SVE\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0015-041D-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program\Delade filer\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0016-041D-0000-0000000FF1CE}
Microsoft Office Groove MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00BA-041D-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0044-041D-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00A1-041D-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001A-041D-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0018-041D-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proofing (Swedish) 2007-->MsiExec.exe /X{90120000-002C-041D-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0019-041D-0000-0000000FF1CE}
Microsoft Office Shared MUI (Swedish) 2007-->MsiExec.exe /X{90120000-006E-041D-0000-0000000FF1CE}
Microsoft Office Word MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001B-041D-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Program\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Roxio Activation Module-->MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Central Core-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Central Data--&g
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 17:51
ok il en reste , tu avais bien branché toutes les clés usb ?

_________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :





File::
C:\RECYCLER
C:\autorun.inf
c:\windows\9g234sdfdfgjf23
c:\windows\system32\nfr.gpref
c:\windows\system32\nfr.assembly
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5897f8e-0724-11de-8ec6-0014a44de4bd}]




Enregistre ce fichier sous le nom CFscript


Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.


Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt


________________________


scan avec malwarebyte , fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:


https://www.malekal.com/tutoriel-malwarebyte-anti-malware/­


_________________________

encore des soucis?

remets un rapport RSIT
0
OtMoveIt

========== FILES ==========
c:\windows\9g234sdfdfgjf23 moved successfully.
c:\windows\system32\nfr.gpref moved successfully.
c:\windows\system32\nfr.assembly moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.9.0 log created on 03242009_175039
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 17:59
j'avais modifié
mais pas grave
0
J'ai bien connecter toutes les cles usb qui ont eu contact avec ce PC. Manque seulement mon disque dur mais sa fait 3 jours qu'il n'etait pas connecter et je n'ai ce probleme que depuis hier donc j'en deduis qu'il est passer au travers. Par contre, je pense que mon DD a bien un virus: le win31.dll ou quelque chose comme ca mais sa fait un bail et sa n'a jamais vraiment affecter quoi que ce soit. (si ce n'est le double clic inactif dans poste de travail pour ouvrir le disque dur, obliger de passer par clique droit).
Je me rend compte maintenant qu'il y a un nouveau probleme aussi, c'est que quand je clique sur ma page internet dans la barre des taches, ca ne la minimise plus comme avant. Enfin c'est pas tres grave! :)
Je fais le rapport combofix maintenant.
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
24 mars 2009 à 18:13
ok fais la suite je vais m'absenter

je regarde demain
0
Merci pour tout!

Rapport ComboFix:
ComboFix 09-03-23.01 - Dorian 2009-03-24 18:11:37.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.1278.735 [GMT 1:00]
Körs från: c:\documents and settings\Dorian\Skrivbord\ComboFix.exe
Använda kommandoväxlar :: c:\documents and settings\Dorian\Skrivbord\CFscript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
* Skapade en ny återställningspunkt

FILE ::
C:\autorun.inf
C:\RECYCLER
c:\windows\9g234sdfdfgjf23
c:\windows\system32\nfr.assembly
c:\windows\system32\nfr.gpref
.

(((((((((((((((((((((((( Filer Skapade från 2009-02-24 till 2009-03-24 ))))))))))))))))))))))))))))))
.

2009-03-24 17:50 . 2009-03-24 17:50 <KAT> d-------- C:\_OTMoveIt
2009-03-24 15:25 . 2009-03-24 15:25 <KAT> d-------- c:\program\Trend Micro
2009-03-24 14:23 . 2009-03-24 17:19 <KAT> d-------- c:\program\Navilog1
2009-03-24 13:01 . 2009-03-24 14:26 <KAT> d--h----- C:\$AVG8.VAULT$
2009-03-24 12:57 . 2009-03-24 14:07 <KAT> d-------- c:\windows\system32\drivers\Avg
2009-03-24 12:57 . 2009-03-24 12:57 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-24 12:57 . 2009-03-24 12:57 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-24 12:57 . 2009-03-24 12:57 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-24 12:56 . 2009-03-24 12:56 <KAT> d-------- c:\program\AVG
2009-03-24 12:56 . 2009-03-24 16:45 <KAT> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-23 16:58 . 2009-03-23 16:59 <KAT> d-------- c:\documents and settings\Dorian\Application Data\U3
2009-03-23 10:18 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-03-23 10:18 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-03-23 10:18 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-03-15 16:14 . 2009-03-15 16:14 <KAT> d-------- c:\documents and settings\Dorian\Application Data\dvdcss
2009-03-12 16:22 . 2009-03-12 16:22 <KAT> d-------- c:\program\IrfanView
2009-03-11 16:56 . 2009-03-24 16:07 <KAT> d-------- c:\documents and settings\Dorian\Application Data\skypePM
2009-03-11 16:54 . 2009-03-24 17:55 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Skype
2009-03-11 12:33 . 2009-03-11 12:33 <KAT> d-------- c:\windows\Sun
2009-03-11 12:31 . 2009-03-11 12:31 <KAT> d-------- c:\program\Java
2009-03-11 12:31 . 2009-03-11 12:31 410,984 --a------ c:\windows\system32\deploytk.dll
2009-03-11 12:31 . 2009-03-11 12:31 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-03-10 20:16 . 2009-03-11 22:40 <KAT> d-------- c:\program\SopCast
2009-03-10 20:10 . 2009-03-10 20:10 <KAT> d-------- c:\program\TVAnts
2009-03-10 13:06 . 2009-03-10 13:06 <KAT> d-------- c:\documents and settings\LocalService\Application Data\DivX
2009-03-10 13:03 . 2009-03-19 13:06 <KAT> d-------- c:\documents and settings\Dorian\Application Data\BitTorrent
2009-03-10 10:45 . 2009-03-10 10:45 <KAT> d-------- c:\program\K-Lite Codec Pack
2009-03-10 10:45 . 2009-03-10 10:45 <KAT> d-------- c:\program\Gabest
2009-03-10 10:45 . 2008-11-06 17:37 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2009-03-10 10:45 . 2008-09-24 19:41 839,680 --a------ c:\windows\system32\lameACM.acm
2009-03-10 10:45 . 2008-12-07 19:08 795,648 --a------ c:\windows\system32\xvidcore.dll
2009-03-10 10:45 . 2008-11-06 17:33 684,032 --a------ c:\windows\system32\divx.dll
2009-03-10 10:45 . 2004-01-25 17:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2009-03-10 10:45 . 2008-12-07 19:08 130,048 --a------ c:\windows\system32\xvidvfw.dll
2009-03-10 10:45 . 2007-09-21 01:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2009-03-10 10:45 . 2008-12-11 01:33 86,016 --a------ c:\windows\system32\dpl100.dll
2009-03-10 10:45 . 2009-02-09 19:56 67,584 --a------ c:\windows\system32\ff_vfw.dll
2009-03-10 10:45 . 2007-07-10 17:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-03-10 10:45 . 2008-10-03 13:30 414 --a------ c:\windows\system32\lame_acm.xml
2009-03-10 10:43 . 2009-03-10 10:43 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Media Player Classic
2009-03-06 16:02 . 2009-03-06 16:02 <KAT> d-------- c:\documents and settings\Dorian\Application Data\vlc
2009-03-06 15:28 . 2009-03-06 15:28 <KAT> d-------- c:\program\CONEXANT
2009-03-06 15:28 . 2004-12-15 09:18 1,038,208 --a------ c:\windows\system32\drivers\HSF_DP.sys
2009-03-06 15:28 . 2004-12-15 09:18 703,232 --a------ c:\windows\system32\drivers\HSF_CNXT.sys
2009-03-06 15:28 . 2004-12-15 09:18 200,192 --a------ c:\windows\system32\drivers\HSFHWATI.sys
2009-03-06 15:28 . 2004-12-15 08:52 129,045 --a------ c:\windows\system32\drivers\HSFProf.cty
2009-03-06 15:28 . 2004-10-28 09:29 39,018 --a------ c:\windows\system32\hsfci012.dll
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Jens\Start-meny
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> d-------- c:\documents and settings\Jens\Skrivbord
2009-03-06 14:50 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Jens\Skrivare
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> d--h----- c:\documents and settings\Jens\Nätverket
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> dr------- c:\documents and settings\Jens\Mina dokument
2009-03-06 14:50 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Jens\Mallar
2009-03-06 14:50 . 2009-03-24 18:14 <KAT> d--h----- c:\documents and settings\Jens\Lokala inställningar
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> dr------- c:\documents and settings\Jens\Favoriter
2009-03-06 14:50 . 2009-03-06 14:50 <KAT> d-------- c:\documents and settings\Jens\Application Data\Roxio
2009-03-06 14:50 . 2009-03-24 12:57 <KAT> d-------- c:\documents and settings\Jens
2009-03-06 14:42 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Dorian\Start-meny
2009-03-06 14:42 . 2009-03-24 18:11 <KAT> d-------- c:\documents and settings\Dorian\Skrivbord
2009-03-06 14:42 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Dorian\Skrivare
2009-03-06 14:42 . 2009-03-06 16:00 <KAT> d--h----- c:\documents and settings\Dorian\Nätverket
2009-03-06 14:42 . 2009-03-10 15:49 <KAT> dr------- c:\documents and settings\Dorian\Mina dokument
2009-03-06 14:42 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Dorian\Mallar
2009-03-06 14:42 . 2009-03-15 16:15 <KAT> d--h----- c:\documents and settings\Dorian\Lokala inställningar
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> dr------- c:\documents and settings\Dorian\Favoriter
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> d-------- c:\documents and settings\Dorian\Application Data\Roxio
2009-03-06 14:42 . 2009-03-06 14:42 <KAT> d-------- c:\documents and settings\Dorian
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> dr------- c:\documents and settings\Chiristina\Start-meny
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> d-------- c:\documents and settings\Chiristina\Skrivbord
2009-03-06 14:37 . 2009-02-25 15:08 <KAT> d--h----- c:\documents and settings\Chiristina\Skrivare
2009-03-06 14:37 . 2009-03-06 14:41 <KAT> d--h----- c:\documents and settings\Chiristina\Nätverket
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> dr------- c:\documents and settings\Chiristina\Mina dokument
2009-03-06 14:37 . 2009-02-25 14:19 <KAT> d--h----- c:\documents and settings\Chiristina\Mallar
2009-03-06 14:37 . 2009-03-24 18:14 <KAT> d--h----- c:\documents and settings\Chiristina\Lokala inställningar
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> dr------- c:\documents and settings\Chiristina\Favoriter
2009-03-06 14:37 . 2009-03-06 14:37 <KAT> d-------- c:\documents and settings\Chiristina\Application Data\Roxio
2009-03-06 14:37 . 2009-03-24 12:57 <KAT> d-------- c:\documents and settings\Chiristina
2009-03-06 14:22 . 2009-03-06 14:22 <KAT> d-------- c:\documents and settings\Julio
2009-02-28 19:14 . 2009-03-06 11:47 <KAT> d-------- c:\documents and settings\Administratör\Application Data\skypePM
2009-02-28 19:14 . 2009-02-28 19:14 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> dr------- c:\program\Skype
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> d-------- c:\program\Delade filer\Skype
2009-02-28 19:12 . 2009-02-28 19:12 <KAT> d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-28 19:12 . 2009-03-06 13:39 <KAT> d-------- c:\documents and settings\Administratör\Application Data\Skype
2009-02-27 16:37 . 2009-02-27 16:37 <KAT> d-------- c:\program\MSXML 4.0
2009-02-27 13:54 . 2009-03-02 13:51 <KAT> d-------- c:\documents and settings\Administratör\Application Data\dvdcss
2009-02-27 12:11 . 2009-02-27 12:19 23,392 --a------ c:\windows\system32\nscompat.tlb
2009-02-27 12:11 . 2009-02-27 12:19 16,832 --a------ c:\windows\system32\amcompat.tlb
2009-02-27 12:00 . 2009-02-27 12:00 <KAT> d-------- c:\program\Delade filer\Adobe AIR
2009-02-27 11:58 . 2009-03-16 15:18 <KAT> d-------- c:\program\Delade filer\Adobe
2009-02-27 11:56 . 2009-02-27 12:11 <KAT> d-------- c:\program\NOS
2009-02-27 11:56 . 2009-02-27 12:11 <KAT> d-------- c:\documents and settings\All Users\Application Data\NOS
2009-02-27 11:52 . 2009-03-04 16:27 <KAT> d-------- c:\documents and settings\Administratör\Application Data\BitTorrent
2009-02-27 11:51 . 2009-03-06 12:39 <KAT> d-------- c:\program\DNA
2009-02-27 11:51 . 2009-02-27 11:51 <KAT> d-------- c:\program\BitTorrent
2009-02-27 11:51 . 2009-03-06 14:21 <KAT> d-------- c:\documents and settings\Administratör\Application Data\DNA
2009-02-27 11:45 . 2009-02-27 11:45 <KAT> d-------- C:\VersalSoft
2009-02-27 11:44 . 2009-02-27 11:44 <KAT> d-------- c:\program\VersalSoft
2009-02-27 11:44 . 2009-02-27 11:44 <KAT> d-------- C:\Program Files
2009-02-27 11:42 . 2009-02-27 11:42 <KAT> d-------- c:\documents and settings\Administratör\Application Data\vlc
2009-02-27 11:41 . 2009-02-27 11:41 <KAT> d-------- c:\program\VideoLAN
2009-02-27 11:32 . 2009-02-27 11:32 <KAT> d-------- c:\documents and settings\All Users\Application Data\TVU Networks
2009-02-27 11:31 . 2009-02-27 11:32 <KAT> d-------- c:\program\TVUPlayer
2009-02-27 11:31 . 2009-02-27 11:31 <KAT> d-------- c:\documents and settings\Administratör\LocalLow
2009-02-27 11:31 . 2009-02-27 11:31 <KAT> d-------- c:\documents and settings\Administratör\LocalLow
2009-02-27 11:20 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys
2009-02-27 11:20 . 2008-04-13 19:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys
2009-02-27 11:20 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-02-27 11:20 . 2008-04-13 19:45 32,128 --a------ c:\windows\system32\dllcache\usbccgp.sys
2009-02-27 11:20 . 2008-04-14 17:04 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-27 11:20 . 2008-04-14 17:04 21,504 --a------ c:\windows\system32\dllcache\hidserv.dll
2009-02-27 11:12 . 2009-02-27 11:12 0 --a------ c:\windows\nsreg.dat
2009-02-26 14:28 . 2009-02-26 14:28 <KAT> d-------- c:\windows\system32\xircom
2009-02-26 14:28 . 2009-02-26 14:28 <KAT> d-------- c:\program\microsoft frontpage
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\system32\sv
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\system32\bits
2009-02-26 14:19 . 2009-02-26 14:19 <KAT> d-------- c:\windows\l2schemas
2009-02-26 14:15 . 2009-02-26 14:15 <KAT> d-------- c:\windows\ServicePackFiles
2009-02-26 10:18 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-02-26 10:17 . 2009-02-26 10:17 <KAT> d-------- c:\program\MSBuild
2009-02-26 10:17 . 2009-02-26 10:17 <KAT> d-------- c:\program\Microsoft Works
2009-02-26 10:16 . 2009-02-26 10:16 <KAT> d-------- c:\program\Microsoft.NET
2009-02-26 10:13 . 2009-02-26 10:13 <KAT> d-------- c:\program\Microsoft Visual Studio 8
2009-02-26 10:12 . 2009-02-26 10:16 <KAT> d-------- c:\windows\SHELLNEW
2009-02-26 10:12 . 2009-03-23 11:14 <KAT> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-06 15:02 --------- d-----w c:\documents and settings\Dorian\Application Data\vlc
2009-02-27 11:18 --------- d-----w c:\program\Windows Media Connect 2
2009-02-27 10:42 --------- d-----w c:\documents and settings\Administratör\Application Data\vlc
2009-02-26 08:37 --------- d-----w c:\program\Delade filer\InstallShield
2009-02-25 13:50 10,170 ----a-w C:\hwids.dat
2009-02-25 13:22 --------- d-----w c:\program\Onlinetjänster
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:07 1,846,784 ------w c:\windows\system32\dllcache\win32k.sys
2009-01-16 20:31 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-03-24_16.38.50,48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-24 15:53:26 16,384 ----atw c:\windows\system32\config\systemprofile\Lokala inställningar\Temp\Perflib_Perfdata_5f8.dat
- 2009-03-24 11:39:37 62,678 ----a-w c:\windows\system32\perfc009.dat
+ 2009-03-24 16:40:11 63,522 ----a-w c:\windows\system32\perfc009.dat
- 2009-03-24 11:39:37 74,130 ----a-w c:\windows\system32\perfc01D.dat
+ 2009-03-24 16:40:11 75,250 ----a-w c:\windows\system32\perfc01D.dat
- 2009-03-24 11:39:37 401,398 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-24 16:40:11 404,302 ----a-w c:\windows\system32\perfh009.dat
- 2009-03-24 11:39:37 404,572 ----a-w c:\windows\system32\perfh01D.dat
+ 2009-03-24 16:40:11 407,392 ----a-w c:\windows\system32\perfh01D.dat
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* Tomma poster & legitima standardposter visas inte.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dll"="dll32" [X]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Skype"="c:\program\Skype\Phone\Skype.exe" [2009-02-04 23975720]
"ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoxWatchTray"="c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 240112]
"DMXLauncher"="c:\program\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 113136]
"GrooveMonitor"="c:\program\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"InternetDownload_upgrade"="c:\program\VersalSoft\InternetDownload\InternetDownload.exe" [2009-01-05 361472]
"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2009-03-11 148888]
"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AVG8_TRAY"="c:\program\AVG\AVG8\avgtray.exe" [2009-03-24 1932568]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-12-21 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-24 12:57 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program\\DNA\\btdna.exe"=
"c:\\Program\\BitTorrent\\bittorrent.exe"=
"c:\\Program\\TVAnts\\Tvants.exe"=
"c:\\Program\\SopCast\\SopCast.exe"=
"c:\\Program\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program\\Skype\\Phone\\Skype.exe"=
"c:\\Program\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program\\Mozilla Firefox\\firefox.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:dll32
"7171:TCP"= 7171:TCP:dll32

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-24 325640]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-24 107912]
R2 avg8wd;AVG Free8 WatchDog;c:\program\AVG\AVG8\avgwdsvc.exe [2009-03-24 298264]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [2009-03-06 200192]
R3 RoxMediaDB10;RoxMediaDB10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
S2 SessionLauncher;SessionLauncher;c:\docume~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe --> c:\docume~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe [?]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38a5b4ac-188e-11de-8eee-0014a44de4bd}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a
.
.
------- Extra genomsökning -------
.
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xportera till Microsoft Excel - c:\program\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Dorian\Application Data\Mozilla\Firefox\Profiles\74ey4uwe.default\
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 7171
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program\Mozilla Firefox\plugins\npbittorrent.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-24 18:14:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLer som "laddats" under processer som körs ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
.
Sluttid: 2009-03-24 18:16:04
ComboFix-quarantined-files.txt 2009-03-24 17:16:00
ComboFix2.txt 2009-03-24 15:39:47

Före genomsökningen: 21 014 773 760 byte ledigt
Efter genomsökningen: 21,004,517,376 byte ledigt

260 --- E O F --- 2009-03-23 10:14:34
0
RSIT

Log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Dorian at 2009-03-24 19:47:05
Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (47%) free of 42 GB
Total RAM: 1278 MB (51% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program\AVG\AVG8\avgssie.dll [2009-03-24 1078552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4322A444-92F8-4C3E-BD4C-013BA51E2871}]
E-Zsoft VideoDownloaderToolBar - C:\Program\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program\Google\Google Toolbar\GoogleToolbar.dll [2009-03-06 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-03-06 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-03-06 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program\Java\jre6\bin\jp2ssv.dll [2009-03-11 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4322A444-92F8-4C3E-BD4C-013BA51E2871} - E-Zsoft VideoDownloaderToolBar - C:\Program\VersalSoft\InternetDownload\VDTB.dll [2009-01-05 43008]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program\Google\Google Toolbar\GoogleToolbar.dll [2009-03-06 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-03 577536]
"RoxWatchTray"=C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [2007-08-24 240112]
"DMXLauncher"=C:\Program\Roxio\CinePlayer\DMXLauncher.exe [2007-08-14 113136]
"GrooveMonitor"=C:\Program\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"InternetDownload_upgrade"=C:\Program\VersalSoft\InternetDownload\InternetDownload.exe [2009-01-05 361472]
"SunJavaUpdateSched"=C:\Program\Java\jre6\bin\jusched.exe [2009-03-11 148888]
"Adobe Reader Speed Launcher"=C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"AVG8_TRAY"=C:\Program\AVG\AVG8\avgtray.exe [2009-03-24 1932568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program\Skype\Phone\Skype.exe [2009-02-04 23975720]
"ISUSScheduler"=C:\Program\Delade filer\InstallShield\UpdateService\issch.exe [2006-09-11 86960]
"dll"=rundll32 dll32,sm []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-12-17 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-03-24 10520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program\Microsoft Office\Office12\GROOVE.EXE"="C:\Program\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program\TVUPlayer\TVUPlayer.exe"="C:\Program\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"C:\Program\DNA\btdna.exe"="C:\Program\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program\BitTorrent\bittorrent.exe"="C:\Program\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program\TVAnts\Tvants.exe"="C:\Program\TVAnts\Tvants.exe:*:Disabled:TVAnts"
"C:\Program\SopCast\SopCast.exe"="C:\Program\SopCast\SopCast.exe:*:Disabled:SopCast Main Application"
"C:\Program\SopCast\adv\SopAdver.exe"="C:\Program\SopCast\adv\SopAdver.exe:*:Disabled:SopCast Adver"
"C:\Program\Skype\Phone\Skype.exe"="C:\Program\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program\AVG\AVG8\avgupd.exe"="C:\Program\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program\AVG\AVG8\avgnsx.exe"="C:\Program\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program\Mozilla Firefox\firefox.exe"="C:\Program\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{38a5b4ac-188e-11de-8eee-0014a44de4bd}]
shell\AutoRun\command - F:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-03-24 19:47:05 ----D---- C:\rsit
2009-03-24 18:21:32 ----SHD---- C:\RECYCLER
2009-03-24 18:18:22 ----D---- C:\Documents and Settings\Dorian\Application Data\Malwarebytes
2009-03-24 18:18:16 ----D---- C:\Program\Malwarebytes' Anti-Malware
2009-03-24 18:18:16 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-24 18:16:07 ----D---- C:\WINDOWS\temp
2009-03-24 18:16:06 ----A---- C:\ComboFix.txt
2009-03-24 17:50:39 ----D---- C:\_OTMoveIt
2009-03-24 16:56:55 ----RASHD---- C:\autorun.inf
2009-03-24 16:35:19 ----A---- C:\WINDOWS\NIRCMD.exe
2009-03-24 16:21:07 ----A---- C:\Boot.bak
2009-03-24 16:21:01 ----RASHD---- C:\cmdcons
2009-03-24 16:18:27 ----A---- C:\WINDOWS\zip.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\VFIND.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWSC.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\SWREG.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\sed.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\grep.exe
2009-03-24 16:18:27 ----A---- C:\WINDOWS\fdsv.exe
2009-03-24 16:18:16 ----D---- C:\WINDOWS\ERDNT
2009-03-24 16:17:54 ----AD---- C:\Qoobox
2009-03-24 15:25:47 ----D---- C:\Program\Trend Micro
2009-03-24 14:23:35 ----D---- C:\Program\Navilog1
2009-03-24 13:01:07 ----HD---- C:\$AVG8.VAULT$
2009-03-24 12:57:27 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-03-24 12:56:55 ----D---- C:\Program\AVG
2009-03-24 12:56:54 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-03-23 16:58:48 ----D---- C:\Documents and Settings\Dorian\Application Data\U3
2009-03-23 10:18:23 ----A---- C:\WINDOWS\system32\muweb.dll
2009-03-23 10:18:23 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-03-23 10:18:22 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-03-15 16:14:07 ----D---- C:\Documents and Settings\Dorian\Application Data\dvdcss
2009-03-12 16:22:04 ----D---- C:\Program\IrfanView
2009-03-11 16:56:16 ----D---- C:\Documents and Settings\Dorian\Application Data\skypePM
2009-03-11 16:54:41 ----D---- C:\Documents and Settings\Dorian\Application Data\Skype
2009-03-11 12:33:28 ----D---- C:\WINDOWS\Sun
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\javaws.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\javaw.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\java.exe
2009-03-11 12:31:55 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-03-11 12:31:35 ----D---- C:\Program\Java
2009-03-11 12:30:53 ----D---- C:\Documents and Settings\Dorian\Application Data\Sun
2009-03-11 12:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-03-11 12:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-03-11 12:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2009-03-11 12:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-03-10 20:16:06 ----D---- C:\Program\SopCast
2009-03-10 20:10:52 ----D---- C:\Program\TVAnts
2009-03-10 13:03:33 ----D---- C:\Documents and Settings\Dorian\Application Data\BitTorrent
2009-03-10 10:45:55 ----D---- C:\Program\Gabest
2009-03-10 10:45:13 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-03-10 10:45:12 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-03-10 10:45:06 ----A---- C:\WINDOWS\system32\divx.dll
2009-03-10 10:45:05 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-03-10 10:45:05 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-03-10 10:45:02 ----D---- C:\Program\K-Lite Codec Pack
2009-03-10 10:43:51 ----D---- C:\Documents and Settings\Dorian\Application Data\Media Player Classic
2009-03-10 10:43:50 ----A---- C:\WINDOWS\system32\regsvr32.exe.log
2009-03-06 16:05:08 ----D---- C:\Documents and Settings\Dorian\Application Data\Macromedia
2009-03-06 16:05:07 ----D---- C:\Documents and Settings\Dorian\Application Data\Adobe
2009-03-06 16:04:36 ----D---- C:\Documents and Settings\Dorian\Application Data\Mozilla
2009-03-06 16:02:50 ----D---- C:\Documents and Settings\Dorian\Application Data\vlc
2009-03-06 15:28:32 ----D---- C:\Program\CONEXANT
2009-03-06 15:28:22 ----A---- C:\WINDOWS\system32\hsfci012.dll
2009-03-06 15:27:39 ----D---- C:\Documents and Settings\Dorian\Application Data\WinRAR
2009-03-06 14:42:57 ----D---- C:\Documents and Settings\Dorian\Application Data\Google
2009-03-06 14:42:40 ----D---- C:\Documents and Settings\Dorian\Application Data\Roxio
2009-03-06 14:42:30 ----D---- C:\Documents and Settings\Dorian\Application Data\Identities
2009-03-06 14:42:24 ----SD---- C:\Documents and Settings\Dorian\Application Data\Microsoft
2009-03-06 14:42:24 ----ASH---- C:\Documents and Settings\Dorian\Application Data\desktop.ini
2009-02-28 19:12:40 ----D---- C:\Program\Delade filer\Skype
2009-02-28 19:12:36 ----RD---- C:\Program\Skype
2009-02-28 19:12:27 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-02-27 16:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-02-27 16:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-02-27 16:37:19 ----D---- C:\Program\MSXML 4.0
2009-02-27 12:19:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-02-27 12:18:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-02-27 12:17:47 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-02-27 12:00:12 ----D---- C:\Program\Delade filer\Adobe AIR
2009-02-27 11:59:06 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-02-27 11:58:56 ----D---- C:\Program\Delade filer\Adobe
2009-02-27 11:58:56 ----D---- C:\Program\Adobe
2009-02-27 11:56:20 ----D---- C:\Program\NOS
2009-02-27 11:56:20 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-02-27 11:51:34 ----D---- C:\Program\DNA
2009-02-27 11:51:29 ----D---- C:\Program\BitTorrent
2009-02-27 11:45:09 ----D---- C:\VersalSoft
2009-02-27 11:44:58 ----D---- C:\Program\VersalSoft
2009-02-27 11:44:52 ----D---- C:\Program Files
2009-02-27 11:41:25 ----D---- C:\Program\VideoLAN
2009-02-27 11:32:03 ----D---- C:\Documents and Settings\All Users\Application Data\TVU Networks
2009-02-27 11:31:52 ----D---- C:\Program\TVUPlayer
2009-02-27 11:20:40 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-02-27 11:11:28 ----D---- C:\Program\Mozilla Firefox
2009-02-26 14:28:05 ----D---- C:\WINDOWS\system32\xircom
2009-02-26 14:28:05 ----D---- C:\Program\xerox
2009-02-26 14:28:04 ----D---- C:\Program\microsoft frontpage
2009-02-26 14:27:58 ----D---- C:\WINDOWS\Prefetch
2009-02-26 14:25:46 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-02-26 14:25:34 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-02-26 14:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-02-26 14:25:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-02-26 14:25:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-02-26 14:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-02-26 14:24:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-02-26 14:24:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-02-26 14:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-02-26 14:24:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-02-26 14:24:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-02-26 14:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-02-26 14:23:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-02-26 14:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-02-26 14:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-02-26 14:23:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-02-26 14:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-02-26 14:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-02-26 14:23:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-02-26 14:22:58 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-02-26 14:19:13 ----D---- C:\WINDOWS\system32\sv
2009-02-26 14:19:13 ----D---- C:\WINDOWS\l2schemas
2009-02-26 14:19:12 ----D---- C:\WINDOWS\system32\bits
2009-02-26 14:15:47 ----D---- C:\WINDOWS\ServicePackFiles
2009-02-26 14:12:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-02-26 14:09:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-02-26 14:01:17 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-02-26 10:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-02-26 10:26:28 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-02-26 10:26:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-02-26 10:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-02-26 10:18:39 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-02-26 10:17:37 ----D---- C:\Program\Microsoft Works
2009-02-26 10:17:25 ----D---- C:\Program\MSBuild
2009-02-26 10:17:00 ----D---- C:\Program\Microsoft Visual Studio
2009-02-26 10:17:00 ----D---- C:\Program\Delade filer\DESIGNER
2009-02-26 10:16:10 ----D---- C:\Program\Microsoft.NET
2009-02-26 10:13:11 ----D---- C:\Program\Microsoft Visual Studio 8
2009-02-26 10:12:17 ----D---- C:\WINDOWS\SHELLNEW
2009-02-26 10:12:01 ----D---- C:\Program\Microsoft Office
2009-02-26 10:12:00 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-02-26 10:11:35 ----RHD---- C:\MSOCache
2009-02-26 10:02:44 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-26 10:02:40 ----D---- C:\Program\Your Uninstaller 2008
2009-02-26 09:53:44 ----D---- C:\Program\InterActual
2009-02-26 09:41:46 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-02-26 09:39:52 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-02-26 09:38:50 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-02-26 09:38:37 ----D---- C:\Program\Google
2009-02-26 09:38:19 ----D---- C:\Program\Delade filer\Sonic Shared
2009-02-26 09:38:06 ----D---- C:\Program\Delade filer\Roxio Shared
2009-02-26 09:37:59 ----D---- C:\Program\InstallShield Installation Information
2009-02-26 09:37:55 ----D---- C:\Program\SmartSound Software
2009-02-26 09:37:55 ----D---- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2009-02-26 09:37:44 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-02-26 09:37:43 ----D---- C:\Program\Roxio
2009-02-26 09:36:38 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-02-26 09:36:38 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-02-26 09:36:34 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-02-26 09:27:57 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-02-26 09:25:35 ----D---- C:\Program\Total Video Converter
2009-02-26 09:24:54 ----D---- C:\Program\WinRAR
2009-02-26 09:17:27 ----D---- C:\programas para trabajar
2009-02-25 15:17:15 ----A---- C:\WINDOWS\system32\h323log.txt
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\irmon.dll
2009-02-25 15:13:48 ----A---- C:\WINDOWS\system32\irftp.exe
2009-02-25 15:13:24 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-02-25 15:13:14 ----A---- C:\WINDOWS\system32\usbui.dll
2009-02-25 15:09:27 ----A---- C:\WINDOWS\imsins.BAK
2009-02-25 15:09:24 ----SHD---- C:\WINDOWS\Installer
2009-02-25 15:09:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-02-25 15:09:22 ----D---- C:\Program\Delade filer\ODBC
2009-02-25 15:09:22 ----A---- C:\WINDOWS\ODBCINST.INI
2009-02-25 15:09:17 ----RD---- C:\Program
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer\SpeechEngines
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer\Microsoft Shared
2009-02-25 15:09:17 ----D---- C:\Program\Delade filer
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-02-25 15:09:09 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-02-25 15:09:07 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-02-25 15:09:06 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-02-25 15:09:05 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-02-25 15:09:04 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-02-25 15:09:01 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-02-25 15:08:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-02-25 15:08:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-02-25 15:08:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-02-25 15:08:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-02-25 15:08:53 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-02-25 15:08:53 ----A---- C:\WINDOWS\system32\batt.dll
2009-02-25 15:08:53 ----A---- C:\WINDOWS\notepad.exe
2009-02-25 15:08:52 ----A---- C:\WINDOWS\system32\storprop.dll
2009-02-25 15:08:41 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-02-25 15:08:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-25 15:08:24 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-25 15:08:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-02-25 15:07:46 ----A---- C:\WINDOWS\setuplog.txt
2009-02-25 15:07:43 ----A---- C:\pmtimer.exe
2009-02-25 15:07:43 ----A---- C:\makePNF.exe
2009-02-25 15:07:43 ----A---- C:\DSPdsblr.exe
2009-02-25 15:07:43 ----A---- C:\DPSFNSHR.INI
2009-02-25 15:07:43 ----A---- C:\DPsFnshr.exe
2009-02-25 15:07:42 ----A---- C:\devcon.exe
2009-02-25 15:05:26 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2009-02-25 15:05:26 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-02-25 15:05:12 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2009-02-25 15:05:12 ----A---- C:\WINDOWS\Alcrmv.exe
2009-02-25 15:04:12 ----A---- C:\DP_MassStorage_wnt5_x86-32.ini
2009-02-25 15:01:12 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\atitvo32.dll
2009-02-25 15:00:49 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atioglxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\Atioglgl.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atikvmag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ATIDEMGR.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati3duag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2009-02-25 15:00:48 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2009-02-25 15:00:45 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2009-02-25 15:00:45 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2009-02-25 14:59:10 ----D---- C:\D
2009-02-25 14:58:54 ----SHD---- C:\System Volume Information
2009-02-25 14:58:54 ----D---- C:\Documents and Settings
2009-02-25 14:58:22 ----RASH---- C:\boot.ini
2009-02-25 14:57:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2009-02-25 14:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2009-02-25 14:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2009-02-25 14:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2009-02-25 14:57:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-02-25 14:57:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2009-02-25 14:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2009-02-25 14:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2009-02-25 14:57:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2009-02-25 14:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-02-25 14:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-02-25 14:56:40 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2009-02-25 14:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2009-02-25 14:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-25 14:56:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2009-02-25 14:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2009-02-25 14:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2009-02-25 14:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2009-02-25 14:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2009-02-25 14:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2009-02-25 14:55:44 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2009-02-25 14:55:25 ----D---- C:\WINDOWS\ie7updates
2009-02-25 14:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2009-02-25 14:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2009-02-25 14:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2009-02-25 14:54:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2009-02-25 14:54:16 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-02-25 14:54:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-02-25 14:54:12 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-02-25 14:54:12 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-02-25 14:53:56 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-02-25 14:53:56 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-02-25 14:53:15 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2009-02-25 14:53:08 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2009-02-25 14:52:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-02-25 14:52:59 ----RSD---- C:\WINDOWS\Fonts
2009-02-25 14:52:59 ----RD---- C:\WINDOWS\Web
2009-02-25 14:52:59 ----N---- C:\WINDOWS\system32\slserv.exe
2009-02-25 14:52:59 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-02-25 14:52:59 ----N---- C:\WINDOWS\slrundll.exe
2009-02-25 14:52:59 ----HD---- C:\WINDOWS\inf
2009-02-25 14:52:59 ----D---- C:\WINDOWS\WinSxS
2009-02-25 14:52:59 ----D---- C:\WINDOWS\WBEM
2009-02-25 14:52:59 ----D---- C:\WINDOWS\twain_32
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\wins
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\wbem
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\usmt
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\sv-se
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\spool
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ShellExt
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\Setup
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ras
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\PreInstall
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\oobe
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\npp
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\mui
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\inetsrv
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\IME
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\icsxml
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\ias
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\export
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\drivers
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\dhcp
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\config
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\3com_dmi
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\3076
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\2052
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1054
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1053
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1042
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1041
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1037
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1033
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1031
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1028
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32\1025
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system32
2009-02-25 14:52:59 ----D---- C:\WINDOWS\system
2009-02-25 14:52:59 ----D---- C:\WINDOWS\security
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Resources
2009-02-25 14:52:59 ----D---- C:\WINDOWS\repair
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Provisioning
2009-02-25 14:52:59 ----D---- C:\WINDOWS\PeerNet
2009-02-25 14:52:59 ----D---- C:\WINDOWS\pchealth
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Offline Web Pages
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Network Diagnostic
2009-02-25 14:52:59 ----D---- C:\WINDOWS\mui
2009-02-25 14:52:59 ----D---- C:\WINDOWS\msapps
2009-02-25 14:52:59 ----D---- C:\WINDOWS\msagent
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Media
2009-02-25 14:52:59 ----D---- C:\WINDOWS\java
2009-02-25 14:52:59 ----D---- C:\WINDOWS\ime
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Help
2009-02-25 14:52:59 ----D---- C:\WINDOWS\ehome
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Driver Cache
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Debug
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Cursors
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Connection Wizard
2009-02-25 14:52:59 ----D---- C:\WINDOWS\Config
2009-02-25 14:52:59 ----D---- C:\WINDOWS\AppPatch
2009-02-25 14:52:59 ----D---- C:\WINDOWS\addins
2009-02-25 14:52:59 ----D---- C:\WINDOWS
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slgen.dll
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-02-25 14:52:57 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-02-25 14:52:52 ----N---- C:\WINDOWS\system32\setupn.exe
2009-02-25 14:52:48 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-02-25 14:52:46 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-02-25 14:52:43 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-02-25 14:52:42 ----N---- C:\WINDOWS\system32\qutil.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-02-25 14:52:41 ----N---- C:\WINDOWS\system32\qagent.dll
2009-02-25 14:52:38 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-02-25 14:52:33 ----N---- C:\WINDOWS\system32\onex.dll
2009-02-25 14:52:24 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napstat.exe
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-02-25 14:52:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-02-25 14:52:15 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-02-25 14:52:14 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-02-25 14:52:14 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-02-25 14:52:11 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-02-25 14:52:11 ----N---- C:\WINDOWS\system32\mssha.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-02-25 14:52:05 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-02-25 14:52:03 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-02-25 14:51:51 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-02-25 14:51:48 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-02-25 14:51:48 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-02-25 14:51:46 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-02-25 14:51:44 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-02-25 14:51:42 ----N---- C:\WINDOWS\system32\faxpatch.exe
2009-02-25 14:51:42 ----A---- C:\WINDOWS\002487_.tmp
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-02-25 14:51:41 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-02-25 14:51:39 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-02-25 14:51:38 ----N---- C:\WINDOWS\system32\credssp.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\azroles.dll
2009-02-25 14:51:35 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-02-25 14:51:34 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-02-25 14:51:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-02-25 14:51:32 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-02-25 14:51:31 ----D---- C:\Program\Delade filer\InstallShield
2009-02-25 14:51:04 ----D---- C:\tmp
2009-02-25 14:50:47 ----D---- C:\WINDOWS\system32\DRM
2009-02-25 14:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-02-25 14:33:27 ----RSD---- C:\WINDOWS\assembly
2009-02-25 14:33:27 ----D---- C:\WINDOWS\Microsoft.NET
2009-02-25 14:33:24 ----D---- C:\WINDOWS\system32\URTTemp
2009-02-25 14:32:44 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-25 14:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-02-25 14:32:16 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-02-25 14:30:31 ----D---- C:\WINDOWS\system32\LogFiles
2009-02-25 14:30:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-02-25 14:29:17 ----D---- C:\Program\Windows Media Connect 2
2009-02-25 14:29:17 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-02-25 14:29:16 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2009-02-25 14:29:03 ----D---- C:\WINDOWS\RegisteredPackages
2009-02-25 14:28:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-02-25 14:26:46 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-25 14:26:34 ----SD---- C:\WINDOWS\system32\Microsoft
2009-02-25 14:26:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-25 14:24:49 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-25 14:24:47 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-02-25 14:24:29 ----A---- C:\WINDOWS\control.ini
2009-02-25 14:24:29 ----A---- C:\AUTOEXEC.BAT
2009-02-25 14:24:22 ----A---- C:\WINDOWS\OEWABLog.txt
2009-02-25 14:24:16 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-02-25 14:24:14 ----D---- C:\WINDOWS\system32\dllcache
2009-02-25 14:23:01 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-02-25 14:22:55 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-02-25 14:22:49 ----HD---- C:\Program\WindowsUpdate
2009-02-25 14:22:44 ----D---- C:\Program\Onlinetjänster
2009-02-25 14:22:24 ----D---- C:\WINDOWS\system32\DirectX
2009-02-25 14:22:07 ----A---- C:\WINDOWS\system32\atrace.dll
2009-02-25 14:22:06 ----A---- C:\WINDOWS\system32\desktop.ini
2009-02-25 14:22:06 ----A---- C:\WINDOWS\desktop.ini
2009-02-25 14:22:01 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-02-25 14:21:59 ----D---- C:\Program\Delade filer\Services
2009-02-25 14:21:59 ----A---- C:\WINDOWS\system32\acctres.dll
2009-02-25 14:21:57 ----SD---- C:\WINDOWS\Tasks
2009-02-25 14:21:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-02-25 14:21:56 ----D---- C:\Program\Delade filer\MSSoap
2009-02-25 14:21:51 ----D---- C:\WINDOWS\srchasst
2009-02-25 14:21:50 ----D---- C:\WINDOWS\system32\Macromed
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-02-25 14:21:50 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wups.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-02-25 14:21:49 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-02-25 14:21:48 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-02-25 14:21:44 ----D---- C:\Program\Movie Maker
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-02-25 14:21:40 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-02-25 14:21:35 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-02-25 14:21:34 ----D---- C:\WINDOWS\system32\Restore
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\srclient.dll
2009-02-25 14:21:34 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-02-25 14:21:33 ----D---- C:\Program\Windows Media Player
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-02-25 14:21:33 ----A---- C:\WINDOWS\system32\ils.dll
2009-02-25 14:21:32 ----A---- C:\WINDOWS\system32\msconf.dll
2009-02-25 14:21:30 ----D---- C:\Program\NetMeeting
2009-02-25 14:21:30 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-02-25 14:21:30 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-02-25 14:21:28 ----A---- C:\WINDOWS\system32\inetres.dll
2009-02-25 14:21:28 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-02-25 14:21:26 ----D---- C:\Program\Outlook Express
2009-02-25 14:21:26 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-02-25 14:21:26 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\mstask.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\isign32.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-02-25 14:21:25 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-02-25 14:21:19 ----D---- C:\Program\Delade filer\System
2009-02-25 14:21:10 ----D---- C:\Program\Internet Explorer
2009-02-25 14:20:42 ----HD---- C:\Program\Uninstall Information
2009-02-25 14:20:26 ----D---- C:\Program\ComPlus Applications
2009-02-25 14:20:23 ----A---- C:\WINDOWS\vbaddin.ini
2009-02-25 14:20:23 ----A---- C:\WINDOWS\vb.ini
2009-02-25 14:20:15 ----D---- C:\WINDOWS\Registration
2009-02-25 14:19:55 ----D---- C:\Program\Messenger
2009-02-25 14:19:51 ----D---- C:\Program\MSN Gaming Zone
2009-02-25 14:19:51 ----A---- C:\WINDOWS\system32\write.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\winchat.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\hticons.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avwav.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-02-25 14:19:43 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-02-25 14:19:38 ----A---- C:\WINDOWS\system32\getuname.dll
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\winmine.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\sol.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\charmap.exe
2009-02-25 14:19:37 ----A---- C:\WINDOWS\system32\calc.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tskill.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\tscon.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\shadow.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\reset.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\regini.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-02-25 14:19:36 ----A---- C:\WINDOWS\system32\freecell.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\msg.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\logoff.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-02-25 14:19:35 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\stclient.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-02-25 14:19:34 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-02-25 14:19:30 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-02-25 14:19:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-02-25 14:19:29 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-02-25 14:19:28 ----D---- C:\Program\Windows NT
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-02-25 14:19:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-02-25 14:19:27 ----A---- C:\WINDOWS\system32\spider.exe
2009-02-25 14:19:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-02-25 14:19:26 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-02-25 14:19:25 ----D---- C:\WINDOWS\system32\MsDtc
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-02-25 14:19:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-02-25 14:19:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-02-25 14:19:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-02-25 14:19:22 ----D---- C:\WINDOWS\system32\Com
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\colbact.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-02-25 14:19:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-02-25 14:19:21 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-02-25 14:19:21 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-02-25 14:19:20 ----A---- C:\WINDOWS\system32\comuid.dll
2009-02-25 14:19:20 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-02-25 14:19:14 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-02-25 14:19:13 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-03-24 18:14:43 ----A---- C:\WINDOWS\system.ini
2009-03-23 11:07:24 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-03-24 325640]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-03-24 27656]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-03-24 107912]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-11-06 4024832]
R3 Arp1394;1394 ARP-klientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-12-17 1918464]
R3 BCM43XX;Drivrutin för Broadcom 802.11 nätverksadapter; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-08-15 369024]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-12-15 200192]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;Drivrutin för NSC-IR-enhet; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktiverat nav; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S3 hidusb;Microsoft HID-klassdrivrutin; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;HID-drivrutin för mus; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-01-01 12160]
S3 usbaudio;USB-ljuddrivrutiner (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;Drivrutin för USB-masslagringsenheter; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2007-08-18 57328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-12-17 434176]
R2 avg8wd;AVG Free8 WatchDog; C:\Program\AVG\AVG8\avgwdsvc.exe [2009-03-24 298264]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program\Java\jre6\bin\jqs.exe [2009-03-11 152984]
R2 RoxWatch10;Roxio Hard Drive Watcher 10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
R2 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
R3 RoxMediaDB10;RoxMediaDB10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
S2 RoxLiveShare10;LiveShare P2P Server 10; C:\Program\Delade filer\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
S2 SessionLauncher;SessionLauncher; C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\DX9\SessionLauncher.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-06 137200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Info

info.txt logfile of random's system information tool 1.06 2009-03-24 19:47:08

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {4F3FCD41-AD1C-4EE8-9D5C-35DBA58BA060}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040B-0000-0000000FF1CE} /uninstall {F14C929B-E0E6-4EB5-8BFD-FC71AAC7D39C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041D-0000-0000000FF1CE} /uninstall {A8626CEF-CB0A-4BC2-8F51-210A43B6158D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-041D-0000-0000000FF1CE} /uninstall {C41B2E34-C30E-4989-8A9D-6B0805B33EC1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-041D-0000-0000000FF1CE} /uninstall {E6B1E9D4-FBDC-44B2-B825-246D1B466C5B}
Acrobat.com-->C:\Program\Delade filer\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program\Delade filer\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AVG 8.5-->C:\Program\AVG\AVG8\setup.exe /UNINSTALL
DirectXInstallService-->MsiExec.exe /X{098122AB-C605-4853-B441-C0A4EB359B75}
EMC 10 Content-->MsiExec.exe /X{FDB46DE7-9045-47BB-970A-3E4ED5369E03}
Google Toolbar for Internet Explorer-->"C:\Program\Google\Google Toolbar\Component\GoogleToolbarManager_0531C63A913CC9D1.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IrfanView (remove only)-->C:\Program\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
K-Lite Codec Pack 4.7.0 (Full)-->"C:\Program\K-Lite Codec Pack\unins000.exe"
Lecteur Windows Media 11-->"C:\Program\Windows Media Player\Setup_wm.exe" /Uninstall
Malwarebytes' Anti-Malware-->"C:\Program\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Swedish Language Pack-->MsiExec.exe /X{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Language Pack - SVE-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - SVE\install.exe
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0015-041D-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program\Delade filer\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0016-041D-0000-0000000FF1CE}
Microsoft Office Groove MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00BA-041D-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0044-041D-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Swedish) 2007-->MsiExec.exe /X{90120000-00A1-041D-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001A-041D-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0018-041D-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (Finnish) 2007-->MsiExec.exe /X{90120000-001F-040B-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Swedish) 2007-->MsiExec.exe /X{90120000-001F-041D-0000-0000000FF1CE}
Microsoft Office Proofing (Swedish) 2007-->MsiExec.exe /X{90120000-002C-041D-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Swedish) 2007-->MsiExec.exe /X{90120000-0019-041D-0000-0000000FF1CE}
Microsoft Office Shared MUI (Swedish) 2007-->MsiExec.exe /X{90120000-006E-041D-0000-0000000FF1CE}
Microsoft Office Word MUI (Swedish) 2007-->MsiExec.exe /X{90120000-001B-041D-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Program\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Realtek AC'97 Audio-->Alcrmv.exe -r -m
Roxio Activation Module-->MsiExec.exe /I{EC877639-07AB-495C-BFD1-D63AF9140810}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Central Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Central Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
0
MalwareBytes: Apparemment pas de "nuisibles"

Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1749
Windows 5.1.2600 Service Pack 3

2009-03-24 20:11:28
mbam-log-2009-03-24 (20-11-28).txt

Type de recherche: Examen rapide
Eléments examinés: 76635
Temps écoulé: 4 minute(s), 36 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
25 mars 2009 à 10:05
lance tool cleaner et colle le rapport

http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

________________

encore des soucis avec le pc???
0
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\Combofix.txt: trouvé !
C:\Qoobox: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Dorian\Recent\HijackThis.lnk: trouvé !
C:\Documents and Settings\Dorian\Recent\Navilog1.lnk: trouvé !
C:\Program\Navilog1: trouvé !
C:\Program\Trend Micro\HijackThis: trouvé !
C:\Program\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program\Trend Micro\HijackThis\hijackthis.log: trouvé !

Pour l'histoire du fichier dll manquant avec msg d'erreur au demarage, c'est bien run.dll
Sa m'affiche: (en suedois traduit avec google translate)
"il ne peut pas être chargé dll32
elle ne peut pas trouver le module spécifié"
0
Pardon, je viens de voir la suite de ton msg. Oui oui le PC va bcp mieux, un grand merci! Je n'ai plus de pop-up, juste ce message d'erreur au demarrage. Le reste, c'est tout bon! :)
0