Comment savoir si je suis infecter

yeuthuylam Messages postés 555 Statut Membre -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
comment je peut savoir si je suis infecter merci

10 réponses

Réponse 1 / 10
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt pour vérifier toi même:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr



___________________


sinon pour aider :



Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 2 / 10
yeuthuylam Messages postés 555 Statut Membre 39
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by monkey at 2009-04-08 03:11:02
Microsoft Windows XP Professional Service Pack 2
System drive C: has 109 GB (78%) free of 141 GB
Total RAM: 3070 MB (73% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2008-12-23 161200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-03-04 1194496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - Barre d'outils &Crawler - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-03-04 1194496]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-04-07 95536]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Barre d'outils - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2005-04-07 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"RivaTunerStartupDaemon"=C:\Program Files\RivaTuner v2.24\RivaTuner.exe [2009-02-26 2781184]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-03-12 17531392]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-10-16 1368064]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2008-10-16 1191936]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-04-07 778240]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2009-04-07 69632]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-11 186904]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-03-20 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-03-20 86016]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-03-26 401040]
"Ad-Watch"=C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [2009-04-07 515416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"AlcoholAutomount"=D:\Program Files\Alcohol 120\axcmd.exe [2009-02-23 203928]
"fsm"= []
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2008-12-23 2745776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
D:\Internet Download Manager\IDMan.exe /onboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-03-18 4363504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer]
C:\Program Files\Software Informer\softinfo.exe [2009-03-11 1724485]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-03-23 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-02-25 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Activision\Spider-Man - Le règne des Ombres\image\pc\Spider-Man Web of Shadows.exe"="C:\Program Files\Activision\Spider-Man - Le règne des Ombres\image\pc\Spider-Man Web of Shadows.exe:*:Enabled:Spider-Man(TM) - Le règne des Ombres"
"C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{789aad89-14a9-11de-a48b-fe97041edfe2}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f107255-1481-11de-a486-aece71bc34e3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


======List of files/folders created in the last 1 months======

2009-04-08 03:11:02 ----D---- C:\rsit
2009-04-08 03:11:02 ----D---- C:\Program Files\trend micro
2009-04-07 23:30:38 ----A---- C:\WINDOWS\system32\lsdelete.exe
2009-04-07 23:26:42 ----D---- C:\Documents and Settings\monkey\Application Data\Spyware Terminator
2009-04-07 23:26:40 ----D---- C:\Program Files\Spyware Terminator
2009-04-07 23:26:40 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2009-04-07 23:21:01 ----HDC---- C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-04-07 13:51:38 ----D---- C:\Program Files\eMule
2009-04-07 03:04:12 ----D---- C:\Program Files\a-squared Free
2009-04-07 02:33:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-06 18:34:05 ----D---- C:\Program Files\Appwalk.com Technologies Canada
2009-04-06 15:48:35 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2009-04-06 02:55:05 ----A---- C:\WINDOWS\ARPR.INI
2009-04-06 02:24:33 ----D---- C:\Program Files\Internet Cyclone
2009-04-06 01:00:01 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-04-03 15:43:04 ----D---- C:\Program Files\Sanh Dieu Online
2009-04-03 15:37:45 ----D---- C:\Documents and Settings\monkey\Application Data\Opera
2009-04-03 15:37:39 ----D---- C:\Program Files\Opera
2009-04-02 23:47:43 ----D---- C:\Documents and Settings\All Users\Application Data\Speedbit
2009-04-02 22:39:52 ----D---- C:\Program Files\LIVE! SanhDieu
2009-04-02 20:31:07 ----D---- C:\CFLog
2009-04-02 20:30:20 ----D---- C:\Program Files\Common Files\INCA Shared
2009-03-30 22:38:50 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2009-03-30 20:33:48 ----D---- C:\WINDOWS\nview
2009-03-30 20:33:48 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-03-30 20:33:15 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvwssr.dll
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvcplui.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-03-30 20:33:02 ----A---- C:\WINDOWS\system32\keystone.exe
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwss.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsth.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-03-30 20:32:58 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2009-03-30 20:32:57 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsth.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrssl.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrssk.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrspl.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrshu.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsel.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-03-30 20:32:56 ----A---- C:\WINDOWS\system32\nvrscs.dll
2009-03-30 20:32:55 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmobls.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmccss.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvmccs.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nview.dll
2009-03-30 20:32:50 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2009-03-30 20:32:49 ----A---- C:\WINDOWS\system32\nvgames.dll
2009-03-30 20:32:49 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2009-03-30 20:32:49 ----A---- C:\WINDOWS\system32\nvdisps.dll
2009-03-30 20:32:49 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2009-03-30 20:32:48 ----A---- C:\WINDOWS\system32\nvcuda.dll
2009-03-30 20:32:48 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2009-03-30 20:32:43 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-03-30 20:32:43 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-03-30 20:32:43 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-03-30 20:32:43 ----A---- C:\WINDOWS\system32\nvapi.dll
2009-03-30 00:56:51 ----A---- C:\WINDOWS\system32\difxapi.dll
2009-03-30 00:56:38 ----D---- C:\Intel
2009-03-30 00:07:25 ----D---- C:\Program Files\Lavasoft
2009-03-30 00:07:25 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-29 17:43:31 ----D---- C:\Program Files\VTCGame
2009-03-29 17:02:12 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-03-29 17:02:12 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-03-29 17:02:12 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-03-29 17:02:11 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-03-29 17:02:11 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-03-29 17:02:11 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-03-29 17:02:10 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-03-29 17:02:10 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-03-29 17:02:10 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-03-29 17:02:09 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-03-29 17:02:09 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-03-29 17:02:09 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-03-29 17:02:08 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-03-29 17:02:08 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-03-29 01:02:50 ----A---- C:\WINDOWS\bdagent.INI
2009-03-27 15:30:31 ----D---- C:\Documents and Settings\monkey\Application Data\dvdcss
2009-03-27 15:17:00 ----D---- C:\Documents and Settings\monkey\Application Data\BitDefender
2009-03-27 15:16:31 ----D---- C:\Program Files\BitDefender
2009-03-27 15:16:31 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2009-03-27 15:02:05 ----D---- C:\Avenger
2009-03-27 15:02:05 ----A---- C:\avenger.txt
2009-03-27 13:55:56 ----D---- C:\Documents and Settings\monkey\Application Data\Malwarebytes
2009-03-27 13:55:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-27 13:55:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-27 00:41:03 ----D---- C:\Documents and Settings\monkey\Application Data\IDM
2009-03-26 22:20:21 ----D---- C:\Program Files\Crawler
2009-03-26 20:32:25 ----D---- C:\WINDOWS\Minidump
2009-03-26 14:24:25 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2009-03-26 14:24:24 ----D---- C:\Program Files\Connection Booster
2009-03-25 23:30:16 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2009-03-25 22:54:32 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-03-25 22:54:27 ----D---- C:\Program Files\Adobe
2009-03-25 18:15:21 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-03-25 17:39:35 ----D---- C:\WINDOWS\system32\appmgmt
2009-03-25 17:35:36 ----D---- C:\Documents and Settings\monkey\Application Data\Intel
2009-03-25 17:35:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-03-25 17:35:17 ----A---- C:\WINDOWS\system32\NETw5r32.dll
2009-03-25 17:35:17 ----A---- C:\WINDOWS\system32\NETw5c32.dll
2009-03-25 17:34:59 ----D---- C:\Program Files\Intel
2009-03-25 17:34:59 ----D---- C:\Program Files\Common Files\Intel
2009-03-25 17:34:59 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-03-25 17:27:37 ----D---- C:\Downloads
2009-03-25 17:23:56 ----D---- C:\Documents and Settings\monkey\Application Data\Software Informer
2009-03-25 17:23:52 ----D---- C:\Program Files\Software Informer
2009-03-25 17:05:34 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-03-25 17:05:28 ----D---- C:\Program Files\SUPERAntiSpyware
2009-03-25 17:05:28 ----D---- C:\Documents and Settings\monkey\Application Data\SUPERAntiSpyware.com
2009-03-25 16:22:47 ----D---- C:\Program Files\Common Files\BitDefender
2009-03-25 16:07:18 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-03-25 16:04:24 ----D---- C:\Program Files\Netgame
2009-03-25 15:56:00 ----D---- C:\Program Files\ma-config.com
2009-03-25 15:56:00 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-03-25 15:47:16 ----D---- C:\Documents and Settings\monkey\Application Data\Mozilla
2009-03-25 15:46:56 ----D---- C:\Program Files\Mozilla Firefox
2009-03-25 15:05:01 ----D---- C:\Program Files\Common Files\Adobe
2009-03-23 23:11:45 ----D---- C:\Documents and Settings\monkey\Application Data\Activision
2009-03-23 23:11:45 ----D---- C:\Documents and Settings\All Users\Application Data\Activision
2009-03-23 23:01:32 ----D---- C:\WINDOWS\Kung Fu Panda
2009-03-23 22:25:43 ----A---- C:\WINDOWS\ODBC.INI
2009-03-23 22:25:40 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-03-23 22:24:28 ----D---- C:\Program Files\Common Files\L&H
2009-03-23 22:23:01 ----D---- C:\Program Files\Microsoft ActiveSync
2009-03-23 22:21:08 ----D---- C:\Program Files\Common Files\DESIGNER
2009-03-23 22:20:46 ----D---- C:\Program Files\Microsoft Works
2009-03-23 22:20:02 ----D---- C:\Program Files\Microsoft Visual Studio
2009-03-23 22:18:59 ----D---- C:\WINDOWS\SHELLNEW
2009-03-23 22:18:19 ----D---- C:\Program Files\Microsoft.NET
2009-03-23 22:18:19 ----D---- C:\Program Files\Microsoft Office
2009-03-23 01:39:47 ----D---- C:\Documents and Settings\monkey\Application Data\Macromedia
2009-03-23 01:39:26 ----D---- C:\WINDOWS\Applian FLV Player
2009-03-23 01:39:26 ----D---- C:\Program Files\FLV Player
2009-03-22 23:34:21 ----D---- C:\Program Files\Broadcom
2009-03-22 23:34:20 ----D---- C:\Documents and Settings\monkey\Application Data\InstallShield
2009-03-22 23:27:22 ----D---- C:\Program Files\Hewlett-Packard
2009-03-22 23:27:14 ----D---- C:\SWSetup
2009-03-22 23:04:31 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-03-21 13:52:05 ----D---- C:\Documents and Settings\monkey\Application Data\Adobe
2009-03-20 00:31:14 ----D---- C:\Program Files\ElcomSoft
2009-03-20 00:11:33 ----D---- C:\WINDOWS\pss
2009-03-20 00:05:44 ----D---- C:\Program Files\directx
2009-03-19 23:47:53 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-03-19 23:47:53 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-03-19 23:47:53 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-03-19 23:47:53 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-03-19 23:47:53 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-03-19 23:47:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-03-19 23:47:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-03-19 23:47:52 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-03-19 23:47:52 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-03-19 23:47:52 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-03-19 23:47:51 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-03-19 23:47:51 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-03-19 23:47:51 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-03-19 23:47:51 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-03-19 23:47:50 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-03-19 23:47:50 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-03-19 23:47:50 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-03-19 23:47:50 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-03-19 23:47:50 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-03-19 23:47:49 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-03-19 23:47:49 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-03-19 23:47:47 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-03-19 23:47:47 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-03-19 23:47:46 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-03-19 23:47:46 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-03-19 23:47:44 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-03-19 23:47:44 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-03-19 23:47:25 ----D---- C:\WINDOWS\Logs
2009-03-19 23:46:27 ----D---- C:\Program Files\MSBuild
2009-03-19 23:46:24 ----D---- C:\WINDOWS\system32\XPSViewer
2009-03-19 23:46:20 ----D---- C:\Program Files\Reference Assemblies
2009-03-19 23:46:02 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-03-19 23:45:33 ----RSD---- C:\WINDOWS\assembly
2009-03-19 23:45:05 ----D---- C:\WINDOWS\Microsoft.NET
2009-03-19 23:44:02 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-03-19 23:44:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-03-19 23:43:59 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-03-19 23:43:54 ----D---- C:\Program Files\MSXML 6.0
2009-03-19 23:28:07 ----D---- C:\Program Files\Activision
2009-03-19 23:24:57 ----D---- C:\Program Files\the SIM all
2009-03-19 23:13:15 ----D---- C:\Program Files\RivaTuner v2.24
2009-03-19 23:07:15 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-03-19 22:08:37 ----D---- C:\Documents and Settings\monkey\Application Data\WinRAR
2009-03-19 22:04:23 ----D---- C:\WINDOWS\system32\AGEIA
2009-03-19 22:04:23 ----D---- C:\Program Files\AGEIA Technologies
2009-03-19 22:04:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-19 19:43:24 ----SHD---- C:\RECYCLER
2009-03-19 19:42:44 ----D---- C:\WINDOWS\system32\Lang
2009-03-19 19:38:57 ----D---- C:\Documents and Settings\monkey\Application Data\DMCache
2009-03-19 19:38:45 ----D---- C:\Program Files\Internet Download Manager
2009-03-19 19:37:36 ----D---- C:\Program Files\WinRAR
2009-03-19 19:37:26 ----D---- C:\Documents and Settings\monkey\Application Data\vlc
2009-03-19 19:36:58 ----D---- C:\Program Files\VideoLAN
2009-03-19 19:36:27 ----D---- C:\Documents and Settings\monkey\Application Data\Yahoo!
2009-03-19 19:36:26 ----D---- C:\Program Files\Yahoo!
2009-03-19 19:36:23 ----D---- C:\Program Files\CCleaner
2009-03-19 19:35:54 ----D---- C:\WINDOWS\system32\RTCOM
2009-03-19 19:35:50 ----A---- C:\WINDOWS\RtlUpd.exe
2009-03-19 19:35:48 ----A---- C:\WINDOWS\RTHDCPL.EXE
2009-03-19 19:35:48 ----A---- C:\WINDOWS\MicCal.exe
2009-03-19 19:35:47 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-19 19:35:47 ----D---- C:\Program Files\Realtek
2009-03-19 19:35:43 ----A---- C:\WINDOWS\RtlExUpd.dll
2009-03-19 19:35:41 ----D---- C:\Program Files\Common Files\InstallShield
2009-03-19 19:35:12 ----D---- C:\NVIDIA
2009-03-19 19:29:18 ----D---- C:\Documents and Settings\monkey\Application Data\Identities
2009-03-19 19:29:13 ----ASH---- C:\Documents and Settings\monkey\Application Data\desktop.ini
2009-03-19 19:29:12 ----SD---- C:\Documents and Settings\monkey\Application Data\Microsoft
2009-03-19 19:28:17 ----D---- C:\WINDOWS\Prefetch
2009-03-19 19:28:16 ----SD---- C:\WINDOWS\system32\Microsoft
2009-03-19 19:28:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-03-19 19:25:19 ----D---- C:\WINDOWS\system32\xircom
2009-03-19 19:25:19 ----D---- C:\Program Files\xerox
2009-03-19 19:25:19 ----D---- C:\Program Files\microsoft frontpage
2009-03-19 19:25:11 ----A---- C:\WINDOWS\control.ini
2009-03-19 19:25:11 ----A---- C:\AUTOEXEC.BAT
2009-03-19 19:24:19 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-03-19 19:24:15 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-03-19 19:24:12 ----HD---- C:\Program Files\WindowsUpdate
2009-03-19 19:23:57 ----D---- C:\WINDOWS\system32\DirectX
2009-03-19 19:23:33 ----A---- C:\WINDOWS\system32\atrace.dll
2009-03-19 19:23:31 ----A---- C:\WINDOWS\system32\desktop.ini
2009-03-19 19:23:31 ----A---- C:\WINDOWS\desktop.ini
2009-03-19 19:23:24 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-03-19 19:23:23 ----A---- C:\WINDOWS\system32\acctres.dll
2009-03-19 19:23:22 ----D---- C:\Program Files\Common Files\Services
2009-03-19 19:23:19 ----SD---- C:\WINDOWS\Tasks
2009-03-19 19:23:19 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-03-19 19:23:18 ----D---- C:\Program Files\Common Files\MSSoap
2009-03-19 19:23:14 ----D---- C:\WINDOWS\srchasst
2009-03-19 19:23:11 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-03-19 19:23:11 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-03-19 19:23:11 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-03-19 19:23:11 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-03-19 19:23:10 ----A---- C:\WINDOWS\system32\wups.dll
2009-03-19 19:23:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-03-19 19:23:10 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-03-19 19:23:10 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-03-19 19:23:10 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-03-19 19:23:09 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-03-19 19:23:09 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-03-19 19:23:09 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-03-19 19:23:09 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-03-19 19:23:05 ----D---- C:\Program Files\Movie Maker
2009-03-19 19:23:01 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-03-19 19:23:01 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-03-19 19:23:01 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-03-19 19:23:01 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-03-19 19:22:56 ----D---- C:\WINDOWS\system32\Restore
2009-03-19 19:22:56 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-03-19 19:22:56 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-03-19 19:22:55 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-03-19 19:22:55 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-03-19 19:22:55 ----A---- C:\WINDOWS\system32\srclient.dll
2009-03-19 19:22:55 ----A---- C:\WINDOWS\system32\ils.dll
2009-03-19 19:22:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-03-19 19:22:54 ----A---- C:\WINDOWS\system32\msconf.dll
2009-03-19 19:22:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-03-19 19:22:54 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-03-19 19:22:54 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-03-19 19:22:51 ----D---- C:\Program Files\NetMeeting
2009-03-19 19:22:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-03-19 19:22:50 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-03-19 19:22:49 ----A---- C:\WINDOWS\system32\inetres.dll
2009-03-19 19:22:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-03-19 19:22:47 ----D---- C:\Program Files\Outlook Express
2009-03-19 19:22:47 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-03-19 19:22:47 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-03-19 19:22:47 ----A---- C:\WINDOWS\system32\mstask.dll
2009-03-19 19:22:46 ----A---- C:\WINDOWS\system32\isign32.dll
2009-03-19 19:22:46 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-03-19 19:22:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-03-19 19:22:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-03-19 19:22:40 ----D---- C:\Program Files\Common Files\System
2009-03-19 19:22:39 ----D---- C:\Program Files\Internet Explorer
2009-03-19 19:22:22 ----HD---- C:\Program Files\Uninstall Information
2009-03-19 19:22:18 ----D---- C:\Program Files\ComPlus Applications
2009-03-19 19:22:18 ----A---- C:\WINDOWS\vbaddin.ini
2009-03-19 19:22:18 ----A---- C:\WINDOWS\vb.ini
2009-03-19 19:22:17 ----D---- C:\WINDOWS\Registration
2009-03-19 19:22:15 ----D---- C:\Program Files\Online Services
2009-03-19 19:22:10 ----D---- C:\Program Files\Windows Media Connect 2
2009-03-19 19:22:09 ----D---- C:\Program Files\Windows Media Player
2009-03-19 19:22:08 ----D---- C:\Program Files\Messenger
2009-03-19 19:22:03 ----D---- C:\Program Files\MSN Gaming Zone
2009-03-19 19:22:03 ----A---- C:\WINDOWS\system32\write.exe
2009-03-19 19:21:55 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-03-19 19:21:55 ----A---- C:\WINDOWS\system32\hticons.dll
2009-03-19 19:21:55 ----A---- C:\WINDOWS\system32\avwav.dll
2009-03-19 19:21:55 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-03-19 19:21:55 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-03-19 19:21:54 ----A---- C:\WINDOWS\system32\winchat.exe
2009-03-19 19:21:48 ----A---- C:\WINDOWS\system32\getuname.dll
2009-03-19 19:21:48 ----A---- C:\WINDOWS\system32\charmap.exe
2009-03-19 19:21:48 ----A---- C:\WINDOWS\system32\calc.exe
2009-03-19 19:21:47 ----A---- C:\WINDOWS\system32\winmine.exe
2009-03-19 19:21:47 ----A---- C:\WINDOWS\system32\sol.exe
2009-03-19 19:21:47 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-03-19 19:21:47 ----A---- C:\WINDOWS\system32\freecell.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\tskill.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\tscon.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\shadow.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\reset.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\regini.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-03-19 19:21:46 ----A---- C:\WINDOWS\system32\msg.exe
2009-03-19 19:21:45 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-03-19 19:21:45 ----A---- C:\WINDOWS\system32\logoff.exe
2009-03-19 19:21:45 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\stclient.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-03-19 19:21:44 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-03-19 19:21:43 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-03-19 19:21:39 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-03-19 19:21:25 ----D---- C:\Program Files\MSN
2009-03-19 19:21:24 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-03-19 19:21:24 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-03-19 19:21:24 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-03-19 19:21:24 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-03-19 19:21:23 ----D---- C:\Program Files\Windows NT
2009-03-19 19:21:23 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-03-19 19:21:23 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-03-19 19:21:22 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-03-19 19:21:22 ----A---- C:\WINDOWS\system32\spider.exe
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-03-19 19:21:21 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-03-19 19:21:20 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-03-19 19:21:19 ----D---- C:\WINDOWS\system32\MsDtc
2009-03-19 19:21:19 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-03-19 19:21:19 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-03-19 19:21:19 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-03-19 19:21:19 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-03-19 19:21:19 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-03-19 19:21:18 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-03-19 19:21:18 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-03-19 19:21:17 ----D---- C:\WINDOWS\system32\Com
2009-03-19 19:21:17 ----A---- C:\WINDOWS\system32\colbact.dll
2009-03-19 19:21:17 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-03-19 19:21:17 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-03-19 19:21:17 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-03-19 19:21:17 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-03-19 19:21:16 ----A---- C:\WINDOWS\system32\comuid.dll
2009-03-19 19:21:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-03-19 19:21:16 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-03-19 19:21:09 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-03-19 19:21:09 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-03-19 19:21:09 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-03-19 19:21:09 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-03-19 17:48:25 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2009-03-19 17:48:14 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-03-19 12:29:18 ----A---- C:\WINDOWS\system32\h323log.txt
2009-03-19 12:23:43 ----A---- C:\WINDOWS\system32\uniime.dll
2009-03-19 12:23:34 ----A---- C:\WINDOWS\system32\imjp81k.dll
2009-03-19 12:23:31 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2009-03-19 12:23:31 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2009-03-19 12:23:30 ----A---- C:\WINDOWS\system32\msir3jp.dll
2009-03-19 12:23:30 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2009-03-19 12:23:08 ----A---- C:\WINDOWS\system32\c_g18030.dll
2009-03-19 12:23:07 ----A---- C:\WINDOWS\system32\kbd101a.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbdax2.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbd106n.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\kbd101.dll
2009-03-19 12:22:54 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2009-03-19 12:22:24 ----A---- C:\WINDOWS\system32\c_is2022.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-03-19 12:22:23 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-03-19 12:22:22 ----RA---- C:\WINDOWS\system32\kbdarmw.dll
2009-03-19 12:22:22 ----RA---- C:\WINDOWS\system32\kbdarme.dll
2009-03-19 12:22:22 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2009-03-19 12:22:21 ----RA---- C:\WINDOWS\system32\kbdgeo.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdintel.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdintam.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdinpun.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdinmar.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdinkan.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdinhin.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdinguj.dll
2009-03-19 12:22:20 ----RA---- C:\WINDOWS\system32\kbdindev.dll
2009-03-19 12:22:20 ----A---- C:\WINDOWS\system32\c_iscii.dll
2009-03-19 12:22:19 ----RA---- C:\WINDOWS\system32\kbdvntc.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbdurdu.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbdsyr2.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbdsyr1.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbdfa.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbddiv2.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbddiv1.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbda3.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbda2.dll
2009-03-19 12:22:17 ----RA---- C:\WINDOWS\system32\kbda1.dll
2009-03-19 12:22:17 ----A---- C:\WINDOWS\system32\kbdusa.dll
2009-03-19 12:22:14 ----RA---- C:\WINDOWS\system32\kbdheb.dll
2009-03-19 12:22:10 ----RA---- C:\WINDOWS\system32\kbdth3.dll
2009-03-19 12:22:10 ----RA---- C:\WINDOWS\system32\kbdth2.dll
2009-03-19 12:22:10 ----RA---- C:\WINDOWS\system32\kbdth1.dll
2009-03-19 12:22:09 ----RA---- C:\WINDOWS\system32\kbdth0.dll
2009-03-19 12:22:09 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2009-03-19 12:17:49 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-03-19 12:17:48 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-03-19 12:17:48 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-03-19 12:17:10 ----A---- C:\WINDOWS\system32\usbui.dll
2009-03-19 12:16:08 ----SHD---- C:\WINDOWS\Installer
2009-03-19 12:16:08 ----D---- C:\Program Files\Common Files\ODBC
2009-03-19 12:16:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-03-19 12:16:08 ----A---- C:\WINDOWS\ODBCINST.INI
2009-03-19 12:16:04 ----RD---- C:\Program Files
2009-03-19 12:16:04 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-03-19 12:16:04 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-03-19 12:16:04 ----D---- C:\Program Files\Common Files
2009-03-19 12:16:02 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-03-19 12:16:02 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-03-19 12:16:02 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-03-19 12:16:00 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-03-19 12:15:58 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-03-19 12:15:57 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-03-19 12:15:56 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-03-19 12:15:56 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-03-19 12:15:56 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-03-19 12:15:56 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-03-19 12:15:55 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-03-19 12:15:55 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-03-19 12:15:55 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-03-19 12:15:55 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-03-19 12:15:55 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-03-19 12:15:54 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-03-19 12:15:48 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-03-19 12:15:48 ----A---- C:\WINDOWS\system32\irclass.dll
2009-03-19 12:15:48 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-03-19 12:15:48 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-03-19 12:15:47 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-03-19 12:15:45 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-03-19 12:15:45 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-03-19 12:15:45 ----A---- C:\WINDOWS\system32\batt.dll
2009-03-19 12:15:44 ----A---- C:\WINDOWS\system32\storprop.dll
2009-03-19 12:15:44 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-03-19 12:15:40 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-03-19 12:15:27 ----RA---- C:\WINDOWS\SET8.tmp
2009-03-19 12:15:25 ----RA---- C:\WINDOWS\SET4.tmp
2009-03-19 12:15:24 ----RA---- C:\WINDOWS\SET3.tmp
2009-03-19 12:15:20 ----D---- C:\WINDOWS\system32\CatRoot2
2009-03-19 12:15:20 ----D---- C:\WINDOWS\system32\CatRoot
2009-03-19 12:15:14 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-03-19 12:14:51 ----SHD---- C:\System Volume Information
2009-03-19 12:14:51 ----D---- C:\Documents and Settings
2009-03-19 12:12:37 ----SH---- C:\boot.ini
2009-03-19 12:08:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-03-19 12:08:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-03-19 12:08:12 ----RSD---- C:\WINDOWS\Fonts
2009-03-19 12:08:12 ----RD---- C:\WINDOWS\Web
2009-03-19 12:08:12 ----RD---- C:\WINDOWS\Offline Web Pages
2009-03-19 12:08:12 ----HD---- C:\WINDOWS\inf
2009-03-19 12:08:12 ----D---- C:\WINDOWS\WinSxS
2009-03-19 12:08:12 ----D---- C:\WINDOWS\WBEM
2009-03-19 12:08:12 ----D---- C:\WINDOWS\twain_32
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Temp
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\wins
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\wbem
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\usmt
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\spool
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\ShellExt
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\Setup
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\ras
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\PreInstall
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\oobe
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\npp
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\mui
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\Macromed
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\inetsrv
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\IME
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\icsxml
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\ias
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\export
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\en-us
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\en
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\drivers
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\dhcp
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\config
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\3com_dmi
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\3076
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\2052
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1054
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1042
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1041
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1037
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1033
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1031
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1028
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32\1025
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system32
2009-03-19 12:08:12 ----D---- C:\WINDOWS\system
2009-03-19 12:08:12 ----D---- C:\WINDOWS\SoftwareDistribution
2009-03-19 12:08:12 ----D---- C:\WINDOWS\security
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Resources
2009-03-19 12:08:12 ----D---- C:\WINDOWS\repair
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Provisioning
2009-03-19 12:08:12 ----D---- C:\WINDOWS\PeerNet
2009-03-19 12:08:12 ----D---- C:\WINDOWS\pchealth
2009-03-19 12:08:12 ----D---- C:\WINDOWS\NLDRV
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Network Diagnostic
2009-03-19 12:08:12 ----D---- C:\WINDOWS\mui
2009-03-19 12:08:12 ----D---- C:\WINDOWS\msapps
2009-03-19 12:08:12 ----D---- C:\WINDOWS\msagent
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Media
2009-03-19 12:08:12 ----D---- C:\WINDOWS\l2schemas
2009-03-19 12:08:12 ----D---- C:\WINDOWS\java
2009-03-19 12:08:12 ----D---- C:\WINDOWS\ime
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Help
2009-03-19 12:08:12 ----D---- C:\WINDOWS\ehome
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Driver Cache
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Debug
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Cursors
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Connection Wizard
2009-03-19 12:08:12 ----D---- C:\WINDOWS\Config
2009-03-19 12:08:12 ----D---- C:\WINDOWS\AppPatch
2009-03-19 12:08:12 ----D---- C:\WINDOWS\addins
2009-03-19 12:08:12 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-04-07 11:32:04 ----A---- C:\WINDOWS\win.ini
2009-04-07 11:32:04 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-08-31 36352]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2006-11-08 62336]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 bdfm;BDFM; C:\WINDOWS\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2009-04-08 104328]
R3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\drivers\bdfsfltr.sys [2009-03-27 242184]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-08 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-04 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-12 5051904]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-11-17 3636864]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-03-20 6288384]
R3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys []
R3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24\RivaTuner32.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-12-24 78720]
R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-07-20 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-07-19 59392]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-07-20 20608]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2005-07-30 121856]
S3 a7ieqp88;a7ieqp88; C:\WINDOWS\system32\drivers\a7ieqp88.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\system32\drivers\AWRTPD.sys []
S3 Ad-Watch Registry Filter;Ad-Watch Registry Kernel Filter; \??\C:\WINDOWS\system32\drivers\AWRTRD.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-04 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 nibitor;Lowlevel driver for NiBiTor; \??\C:\Documents and Settings\monkey\Desktop\NiBiTor.v3.6\nibitor.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 USB_RNDIS;TI Remote NDIS USB Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-04 12672]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-02-25 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-02-25 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-04-07 951632]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-04-07 415024]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2009-03-26 179856]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-03-20 163910]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-10-16 905216]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-04-07 487424]
R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-04-07 1626112]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-03-17 2829277]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
0
Réponse 3 / 10
yeuthuylam Messages postés 555 Statut Membre 39
 
info.txt logfile of random's system information tool 1.06 2009-04-08 03:11:30

======Uninstall list======

.NETSpeedBoost Professional Edition 6.0-->MsiExec.exe /I{99B898FD-A3E6-48A4-9930-9C9DA16DE831}
-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}\Ad-AwareAE.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Applian FLV Player-->"C:\WINDOWS\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
BitDefender Internet Security 2009-->MsiExec.exe /X{961CE74B-30C0-47D6-ACD9-0C887A5E23F5}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Connection Booster 4.0.0.0-->"C:\Program Files\Connection Booster\unins000.exe"
Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe uninst
Intel PROSet Wireless-->Intel PROSet Wireless
Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Internet Download Manager-->C:\Program Files\Internet Download Manager\Uninstall.exe
Kung Fu Panda-->"C:\WINDOWS\Kung Fu Panda\uninstall.exe" "/U:D:\Program Files\kung fu panda\Uninstall\uninstall.xml"
Ma-Config.com-->MsiExec.exe /X{560BD6E0-0BA6-43AF-B423-E1DF4D2EB3C3}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.0.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}
Opera 9.62-->MsiExec.exe /X{D9226EB1-C528-48AC-B423-BD9240E1F60B}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
RivaTuner v2.24-->"C:\Program Files\RivaTuner v2.24\uninstall.exe"
Sanh Dieu Online Open Beta-->C:\Program Files\Sanh Dieu Online\Uninstall.exe
Software Informer 1.0 BETA-->"C:\Program Files\Software Informer\unins000.exe"
Spider-Man(TM) - Le règne des Ombres-->C:\Program Files\InstallShield Installation Information\{7F7E4FA7-6F32-4DE2-917E-361E034AED7A}\setup.exe -runfromtemp -l0x040c
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
the SIM all-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84459E32-F72C-41DD-89CD-6474A52B2530}\setup.exe" -l0x9
The Sims Superstar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}\setup.exe" -l0009
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Yahoo! Barre d'outils-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /S C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Antivirus BitDefender
FW: Pare-feu BitDefender

======System event log======

Computer Name: MONKEY-LOVE
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001F3C3DCEE5. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 2328
Source Name: Dhcp
Time Written: 20090325234728.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the
DHCP Server) for the Network Card with network address 001F3C3DCEE5. The following
error occurred:
The operation was canceled by the user.
.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Record Number: 2323
Source Name: Dhcp
Time Written: 20090325234715.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 7023
Message: The Shell Task service terminated with the following error:
The specified module could not be found.


Record Number: 2298
Source Name: Service Control Manager
Time Written: 20090325234702.000000+420
Event Type: error
User:

Computer Name: MONKEY-LOVE
Event Code: 7023
Message: The Shell Task service terminated with the following error:
The specified module could not be found.


Record Number: 2216
Source Name: Service Control Manager
Time Written: 20090325233347.000000+420
Event Type: error
User:

Computer Name: MONKEY-LOVE
Event Code: 7023
Message: The Shell Task service terminated with the following error:
The specified module could not be found.


Record Number: 2108
Source Name: Service Control Manager
Time Written: 20090325232003.000000+420
Event Type: error
User:

=====Application event log=====

Computer Name: MONKEY-LOVE
Event Code: 0
Message: Configuration section system.serviceModel.activation does not exist in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 77
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090319234634.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 0
Message: Configuration section system.runtime.serialization does not exist in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 76
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090319234634.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 0
Message: Configuration section system.serviceModel does not exist in C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 75
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090319234634.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 0
Message: Could not detect IIS installation or IIS is disabled, skipping the Web Host Script Mappings component since it depends upon IIS to function properly.
If you believe this message is an error, check your IIS installation to make sure it is installed properly.

Record Number: 73
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20090319234634.000000+420
Event Type: warning
User:

Computer Name: MONKEY-LOVE
Event Code: 1020
Message: Updates to the IIS metabase were aborted because IIS is either not installed or is disabled on this machine. To configure ASP.NET to run in IIS, please install or enable IIS and re-register ASP.NET using aspnet_regiis.exe /i.

Record Number: 56
Source Name: ASP.NET 2.0.50727.0
Time Written: 20090319234548.000000+420
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\WiFi\bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
0
Réponse 4 / 10
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok tu es infecté par tes clés usb!
ici:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{789aad89-14a9-11de-a48b-fe97041edfe2}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f107255-1481-11de-a486-aece71bc34e3}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn


________________

vire ad aware qui est dépassé


garde spybot et malwarebyte +/- super antispyware si protection en temps réel désactivés pour tous

car bitdefender le fait déjà


_________________











Telecharge et install UsbFix de C_XX & Chiquitine29

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir</gras>

# Double clic sur le raccourci UsbFix présent sur ton bureau .

# Choisi l option 1 ( Recherche )

# Laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 10
yeuthuylam Messages postés 555 Statut Membre 39
 
j en n ai pas XD alors je suis pas infecter
0
Réponse 6 / 10
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
pas XD?



fais usbfix pour voir
0
Réponse 7 / 10
yeuthuylam Messages postés 555 Statut Membre 39
 
############################## [ UsbFix V3.002 ]

# User : monkey (Administrators) # MONKEY-LOVE
# Update on 07/04/09 by C_XX & Chiquitine29
# Start at: 03:25:04 | 08/04/2009

# Intel Pentium III Xeon processor
# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : Antivirus BitDefender 12.0 [ Enabled | Updated ]
# FW : Pare-feu BitDefender [ Enabled ]12.0

# C:\ # Local Fixed Disk # 137.26 Go (106.66 Go free) # NTFS
# D:\ # Local Fixed Disk # 149.05 Go (122.92 Go free) # NTFS
# E:\ # Local Fixed Disk # 11.79 Go (2.14 Go free) [HP_RECOVERY] # NTFS
# F:\ # CD-ROM Disc
# H:\ # CD-ROM Disc

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
D:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\msiexec.exe

################## [ Registre # Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
HKCU_Main: "Start Page"="http://search.speedbit.com/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_Run: IMJPMIG8.1="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
HKLM_Run: PHIME2002ASync=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
HKLM_Run: PHIME2002A=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
HKLM_Run: RivaTunerStartupDaemon="C:\Program Files\RivaTuner v2.24\RivaTuner.exe" /S
HKLM_Run: RTHDCPL=RTHDCPL.EXE
HKLM_Run: IntelZeroConfig="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
HKLM_Run: IntelWireless="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: BDAgent="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
HKLM_Run: BitDefender Antiphishing Helper="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
HKLM_Run: IAAnotif=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM_Run: nwiz=nwiz.exe /install
HKLM_Run: NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM_Run: Malwarebytes' Anti-Malware="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKLM_Run: <NO NAME>=
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
HKLM_Run: Installed=1
HKLM_Run: <NO NAME>=
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
HKLM_Run: Installed=1
HKLM_Run: NoChange=1
HKLM_Run: <NO NAME>=
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
HKLM_Run: Installed=1
HKLM_Run: <NO NAME>=
HKCU_Run: CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: AlcoholAutomount="D:\Program Files\Alcohol 120\axcmd.exe" /automount
HKCU_Run: fsm=
HKCU_Run: IDMan=C:\Program Files\Internet Download Manager\IDMan.exe /onboot

################## [ Informations ]


################## [ Fichiers # Dossiers infectieux ]

Found ! D:\install.exe
Found ! E:\Folder.htt

################## [ Registre # Clés infectieuses ]

# -> Not Found !

################## [ Registre # Mountpoint2 ]

Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{789aad89-14a9-11de-a48b-fe97041edfe2}\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f107255-1481-11de-a486-aece71bc34e3}\Shell\AutoRun\command

################## [ ! Fin du rapport # UsbFix V3.002 ! ]
0
Réponse 8 / 10
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
refais usbfix

choisi l'option 2 et colle le rapport

puis remets un rapport RSIT
0
Réponse 9 / 10
yeuthuylam Messages postés 555 Statut Membre 39
 
rien j ai du redemarrer 2 fois et j ai pas le fichier
0
Réponse 10 / 10
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
alors remets rsit

pour voir
0

Discussions similaires

Suis-je infecté ?
avocatdudiable -
lilidurhone -

5 réponses
suis je infecté
mehditunisien -
buginformatik -

6 réponses
Suis-je vraiment infecté ?
jn316 -
crapoulou -

13 réponses
infecter par crossrider
maaxx712 -
bazfile -

10 réponses
infecter avec cyber security
koala -
sKe69 -

2 réponses