Sujet Précédent Sujet Suivant

Je hais les rootkits

lolodallau Messages postés 1 Statut Membre -
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité - 13 oct. 2009 à 22:06

Bonjour,

J'ai un joli merdier sur mon portable

voila en dessous !!!

Logfile of random's system information tool 1.06 (written by random/random)
Run by 2L@CONSULTING at 2009-10-12 21:08:57
Microsoft® Windows Vista™ Professionnel Service Pack 2
System drive C: has 33 GB (47%) free of 71 GB
Total RAM: 3069 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:04, on 12/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PdtWzd.exe
C:\Users\2L@CON~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
D:\LiberKey\Apps\Asuite\LKrun.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Windows\System32\mobsync.exe
D:\LiberKey\LiberKeyTools\LiberKeyPortabilizer\LiberKeyPortabilizer.exe
D:\LiberKey\Apps\Firefox\App\firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\LiberKey\Apps\Thunderbird\App\thunderbird\thunderbird.exe
C:\Users\2L@CONSULTING\Desktop\RSIT.exe
C:\Program Files\trend micro\2L@CONSULTING.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [IFXSPMGT] C:\Windows\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PdtWzd.exe" show
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [ASuite] D:\LiberKey\Apps\Asuite\LKrun.exe
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: usermgr.lnk = C:\Windows\System32\usermgr.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\WinNotify.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\Windows\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\Windows\system32\ifxtcs.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\Windows\system32\lxdecoms.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 12663 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{06F8F9FE-C14D-498B-9062-8DD80BA13AFB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2009-02-01 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-23 4435968]
"atchk"=C:\Program Files\Intel\AMT\atchk.exe [2007-04-20 404248]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-02-07 54832]
"IFXSPMGT"=C:\Windows\system32\ifxspmgt.exe [2007-02-26 677408]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 502568]
"Acer Tour"= []
"PLFSet"=C:\Windows\PLFSet.dll [2007-04-24 45056]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-04-18 695056]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"ZPdtWzdVitaKey MC3000"=C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PdtWzd.exe [2009-01-31 3593728]
"eRecoveryService"= []
"Acer Tour Reminder"=C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe [2007-10-09 61440]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2009-02-01 368640]
"ASuite"=D:\LiberKey\Apps\Asuite\LKrun.exe [2009-09-06 1392640]
"FaxCenterServer"=C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2007-06-11 316336]
"lxdemon.exe"=C:\Program Files\Lexmark 4800 Series\lxdemon.exe [2007-12-14 455336]
"lxdeamon"=C:\Program Files\Lexmark 4800 Series\lxdeamon.exe [2007-12-14 25256]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-05-16 213936]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
usermgr.lnk - C:\Windows\System32\usermgr.exe
VPN Client.lnk - C:\Windows\Installer\{F3C1DE9E-5E16-4BA9-B854-7B53A45E3579}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="eNetHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]
C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\WinNotify.dll [2009-01-31 2454016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2007-02-21 331264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Acer\Acer Bio-Protection fingerprint solution\PwdFilter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-10-12 21:06:13 ----D---- C:\Users\2L@CONSULTING\AppData\Roaming\Thunderbird
2009-10-12 21:06:13 ----D---- C:\Users\2L@CONSULTING\AppData\Roaming\Talkback
2009-10-12 20:00:01 ----D---- C:\rsit
2009-10-12 20:00:01 ----D---- C:\Program Files\trend micro
2009-10-10 10:14:09 ----D---- C:\ProgramData\Lavasoft
2009-10-10 10:14:09 ----D---- C:\Program Files\Lavasoft
2009-10-09 20:14:15 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-09 20:14:15 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-10-06 20:04:09 ----D---- C:\ProgramData\Office Genuine Advantage
2009-10-06 19:40:14 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 19:40:14 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 19:40:14 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 19:40:13 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 19:39:46 ----A---- C:\Windows\system32\wups.dll
2009-10-06 19:39:46 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 19:39:46 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 19:39:33 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 19:39:33 ----A---- C:\Windows\system32\wuapp.exe
2009-10-02 20:10:01 ----A---- C:\Windows\system32\usermgr.exe
2009-10-02 19:40:40 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-27 11:58:11 ----D---- C:\Users\2L@CONSULTING\AppData\Roaming\F4
2009-09-27 11:55:48 ----D---- C:\Program Files\F4
2009-09-27 11:55:17 ----D---- C:\Program Files\OpenAL
2009-09-27 11:55:17 ----A---- C:\Windows\system32\wrap_oal.dll
2009-09-27 11:55:17 ----A---- C:\Windows\system32\OpenAL32.dll
2009-09-27 11:55:14 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-09-25 08:12:08 ----D---- C:\Windows\system32\eu-ES
2009-09-25 08:12:08 ----D---- C:\Windows\system32\ca-ES
2009-09-25 08:12:07 ----D---- C:\Windows\system32\vi-VN
2009-09-25 07:57:35 ----D---- C:\Windows\system32\EventProviders
2009-09-25 07:56:48 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-25 07:56:45 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-25 07:56:45 ----A---- C:\Windows\system32\SLCExt.dll
2009-09-25 07:56:43 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-09-25 07:56:43 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-09-25 07:56:41 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-25 07:56:39 ----A---- C:\Windows\system32\mssrch.dll
2009-09-25 07:56:37 ----A---- C:\Windows\system32\tquery.dll
2009-09-25 07:56:36 ----A---- C:\Windows\system32\scavenge.dll
2009-09-25 07:56:36 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-09-25 07:56:36 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-25 07:56:35 ----A---- C:\Windows\system32\RMActivate.exe
2009-09-25 07:56:35 ----A---- C:\Windows\system32\msi.dll
2009-09-25 07:56:34 ----A---- C:\Windows\system32\imapi2fs.dll
2009-09-25 07:56:33 ----A---- C:\Windows\system32\WscEapPr.dll
2009-09-25 07:56:33 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-09-25 07:56:33 ----A---- C:\Windows\system32\sysmain.dll
2009-09-25 07:56:33 ----A---- C:\Windows\system32\secproc_isv.dll
2009-09-25 07:56:32 ----A---- C:\Windows\system32\icardagt.exe
2009-09-25 07:56:31 ----A---- C:\Windows\system32\EhStorShell.dll
2009-09-25 07:56:31 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-09-25 07:56:30 ----A---- C:\Windows\system32\spreview.exe
2009-09-25 07:56:30 ----A---- C:\Windows\system32\spinstall.exe
2009-09-25 07:56:30 ----A---- C:\Windows\system32\drmv2clt.dll
2009-09-25 07:56:29 ----A---- C:\Windows\system32\spwizui.dll
2009-09-25 07:56:29 ----A---- C:\Windows\system32\secproc.dll
2009-09-25 07:56:29 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-25 07:56:28 ----A---- C:\Windows\system32\shell32.dll
2009-09-25 07:56:27 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-09-25 07:56:27 ----A---- C:\Windows\system32\p2psvc.dll
2009-09-25 07:56:27 ----A---- C:\Windows\system32\mssvp.dll
2009-09-25 07:56:26 ----A---- C:\Windows\system32\mssphtb.dll
2009-09-25 07:56:26 ----A---- C:\Windows\system32\mssph.dll
2009-09-25 07:56:26 ----A---- C:\Windows\system32\mscoree.dll
2009-09-25 07:56:26 ----A---- C:\Windows\system32\imapi2.dll
2009-09-25 07:56:25 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-25 07:56:25 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-09-25 07:56:24 ----A---- C:\Windows\system32\sperror.dll
2009-09-25 07:56:24 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-09-25 07:56:24 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-09-25 07:56:24 ----A---- C:\Windows\system32\esent.dll
2009-09-25 07:56:24 ----A---- C:\Windows\system32\DevicePairing.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\wevtsvc.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\SLC.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-09-25 07:56:23 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\msshsq.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\korwbrkr.dll
2009-09-25 07:56:23 ----A---- C:\Windows\system32\IasMigReader.exe
2009-09-25 07:56:22 ----A---- C:\Windows\system32\pmcsnap.dll
2009-09-25 07:56:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-09-25 07:56:21 ----A---- C:\Windows\system32\msjet40.dll
2009-09-25 07:56:21 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-25 07:56:20 ----A---- C:\Windows\system32\Query.dll
2009-09-25 07:56:20 ----A---- C:\Windows\system32\qmgr.dll
2009-09-25 07:56:20 ----A---- C:\Windows\system32\msxml6.dll
2009-09-25 07:56:19 ----A---- C:\Windows\system32\P2PGraph.dll
2009-09-25 07:56:19 ----A---- C:\Windows\system32\ole32.dll
2009-09-25 07:56:19 ----A---- C:\Windows\system32\ntdll.dll
2009-09-25 07:56:19 ----A---- C:\Windows\system32\msexch40.dll
2009-09-25 07:56:19 ----A---- C:\Windows\system32\diagperf.dll
2009-09-25 07:56:18 ----A---- C:\Windows\system32\winload.exe
2009-09-25 07:56:18 ----A---- C:\Windows\system32\uDWM.dll
2009-09-25 07:56:18 ----A---- C:\Windows\system32\srchadmin.dll
2009-09-25 07:56:18 ----A---- C:\Windows\system32\msxml3.dll
2009-09-25 07:56:18 ----A---- C:\Windows\system32\mmc.exe
2009-09-25 07:56:18 ----A---- C:\Windows\system32\mblctr.exe
2009-09-25 07:56:18 ----A---- C:\Windows\system32\EncDec.dll
2009-09-25 07:56:17 ----A---- C:\Windows\system32\riched20.dll
2009-09-25 07:56:17 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-09-25 07:56:17 ----A---- C:\Windows\system32\fdBth.dll
2009-09-25 07:56:17 ----A---- C:\Windows\system32\dfsr.exe
2009-09-25 07:56:16 ----A---- C:\Windows\system32\RacEngn.dll
2009-09-25 07:56:15 ----A---- C:\Windows\system32\spoolss.dll
2009-09-25 07:56:15 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-09-25 07:56:15 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-09-25 07:56:15 ----A---- C:\Windows\system32\milcore.dll
2009-09-25 07:56:15 ----A---- C:\Windows\system32\kernel32.dll
2009-09-25 07:56:15 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-09-25 07:56:15 ----A---- C:\Windows\system32\CertEnroll.dll
2009-09-25 07:56:14 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-25 07:56:14 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-25 07:56:14 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-09-25 07:56:13 ----A---- C:\Windows\system32\WinSAT.exe
2009-09-25 07:56:13 ----A---- C:\Windows\system32\msvcp60.dll
2009-09-25 07:56:13 ----A---- C:\Windows\system32\msjtes40.dll
2009-09-25 07:56:13 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-25 07:56:13 ----A---- C:\Windows\system32\gpedit.dll
2009-09-25 07:56:13 ----A---- C:\Windows\system32\fsquirt.exe
2009-09-25 07:56:13 ----A---- C:\Windows\system32\es.dll
2009-09-25 07:56:12 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-25 07:56:12 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-09-25 07:56:12 ----A---- C:\Windows\system32\mstext40.dll
2009-09-25 07:56:12 ----A---- C:\Windows\system32\Magnify.exe
2009-09-25 07:56:12 ----A---- C:\Windows\system32\cscsvc.dll
2009-09-25 07:56:12 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-09-25 07:56:12 ----A---- C:\Windows\system32\advapi32.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\WMPhoto.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\slwmi.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\msxbde40.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\msexcl40.dll
2009-09-25 07:56:11 ----A---- C:\Windows\system32\comsvcs.dll
2009-09-25 07:56:10 ----A---- C:\Windows\system32\vssapi.dll
2009-09-25 07:56:10 ----A---- C:\Windows\system32\authui.dll
2009-09-25 07:56:09 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-25 07:56:09 ----A---- C:\Windows\system32\NetProjW.dll
2009-09-25 07:56:09 ----A---- C:\Windows\system32\msrepl40.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\propsys.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\newdev.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\gpsvc.dll
2009-09-25 07:56:08 ----A---- C:\Windows\system32\eudcedit.exe
2009-09-25 07:56:08 ----A---- C:\Windows\system32\crypt32.dll
2009-09-25 07:56:07 ----A---- C:\Windows\explorer.exe
2009-09-25 07:56:06 ----A---- C:\Windows\system32\setupapi.dll
2009-09-25 07:56:06 ----A---- C:\Windows\system32\rpcss.dll
2009-09-25 07:56:06 ----A---- C:\Windows\system32\mspbde40.dll
2009-09-25 07:56:05 ----A---- C:\Windows\system32\d3d9.dll
2009-09-25 07:56:04 ----A---- C:\Windows\system32\shlwapi.dll
2009-09-25 07:56:04 ----A---- C:\Windows\system32\msltus40.dll
2009-09-25 07:56:04 ----A---- C:\Windows\system32\mfc42.dll
2009-09-25 07:56:04 ----A---- C:\Windows\system32\davclnt.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\wevtapi.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\photowiz.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\nlhtml.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\msrd3x40.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\msdtctm.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-09-25 07:56:03 ----A---- C:\Windows\system32\browseui.dll
2009-09-25 07:56:02 ----A---- C:\Windows\system32\user32.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\win32spl.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\samsrv.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\quartz.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-25 07:56:01 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-25 07:56:01 ----A---- C:\Windows\system32\ci.dll
2009-09-25 07:56:00 ----A---- C:\Windows\system32\netshell.dll
2009-09-25 07:56:00 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-09-25 07:56:00 ----A---- C:\Windows\system32\compcln.exe
2009-09-25 07:55:59 ----A---- C:\Windows\system32\xmlfilter.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\winhttp.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\mswstr10.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\msctf.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\emdmgmt.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\audiosrv.dll
2009-09-25 07:55:59 ----A---- C:\Windows\system32\apds.dll
2009-09-25 07:55:58 ----A---- C:\Windows\system32\VSSVC.exe
2009-09-25 07:55:58 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-09-25 07:55:58 ----A---- C:\Windows\system32\msvcrt.dll
2009-09-25 07:55:58 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-25 07:55:58 ----A---- C:\Windows\system32\gdi32.dll
2009-09-25 07:55:57 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-09-25 07:55:57 ----A---- C:\Windows\system32\SLUI.exe
2009-09-25 07:55:57 ----A---- C:\Windows\system32\msrd2x40.dll
2009-09-25 07:55:57 ----A---- C:\Windows\system32\mfc42u.dll
2009-09-25 07:55:57 ----A---- C:\Windows\system32\eapphost.dll
2009-09-25 07:55:56 ----A---- C:\Windows\system32\winresume.exe
2009-09-25 07:55:56 ----A---- C:\Windows\system32\wbengine.exe
2009-09-25 07:55:56 ----A---- C:\Windows\system32\shdocvw.dll
2009-09-25 07:55:56 ----A---- C:\Windows\system32\propdefs.dll
2009-09-25 07:55:56 ----A---- C:\Windows\system32\odbc32.dll
2009-09-25 07:55:55 ----A---- C:\Windows\system32\wevtutil.exe
2009-09-25 07:55:55 ----A---- C:\Windows\system32\mssitlb.dll
2009-09-25 07:55:55 ----A---- C:\Windows\system32\dbgeng.dll
2009-09-25 07:55:54 ----A---- C:\Windows\system32\WsmSvc.dll
2009-09-25 07:55:54 ----A---- C:\Windows\system32\swprv.dll
2009-09-25 07:55:54 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\vds.exe
2009-09-25 07:55:53 ----A---- C:\Windows\system32\usp10.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\netlogon.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\msscb.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\msctfp.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\drvinst.exe
2009-09-25 07:55:53 ----A---- C:\Windows\system32\devmgr.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-09-25 07:55:53 ----A---- C:\Windows\system32\BFE.DLL
2009-09-25 07:55:53 ----A---- C:\Windows\system32\adsldpc.dll
2009-09-25 07:55:52 ----A---- C:\Windows\system32\Wldap32.dll
2009-09-25 07:55:52 ----A---- C:\Windows\system32\WFS.exe
2009-09-25 07:55:52 ----A---- C:\Windows\system32\wcnwiz.dll
2009-09-25 07:55:52 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-25 07:55:52 ----A---- C:\Windows\system32\evr.dll
2009-09-25 07:55:51 ----A---- C:\Windows\system32\WSDApi.dll
2009-09-25 07:55:51 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-09-25 07:55:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-25 07:55:51 ----A---- C:\Windows\system32\wercon.exe
2009-09-25 07:55:51 ----A---- C:\Windows\system32\services.exe
2009-09-25 07:55:51 ----A---- C:\Windows\system32\comdlg32.dll
2009-09-25 07:55:51 ----A---- C:\Windows\system32\adtschema.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\wcncsvc.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\mswdat10.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\msjter40.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\msdrm.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\mimefilt.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-09-25 07:55:50 ----A---- C:\Windows\system32\certcli.dll
2009-09-25 07:55:49 ----A---- C:\Windows\system32\taskeng.exe
2009-09-25 07:55:49 ----A---- C:\Windows\system32\rtffilt.dll
2009-09-25 07:55:49 ----A---- C:\Windows\system32\reg.exe
2009-09-25 07:55:49 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-25 07:55:48 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-25 07:55:48 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-25 07:55:48 ----A---- C:\Windows\system32\certutil.exe
2009-09-25 07:55:47 ----A---- C:\Windows\system32\w32time.dll
2009-09-25 07:55:47 ----A---- C:\Windows\system32\msshooks.dll
2009-09-25 07:55:47 ----A---- C:\Windows\system32\msscntrs.dll
2009-09-25 07:55:47 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-25 07:55:47 ----A---- C:\Windows\system32\bcrypt.dll
2009-09-25 07:55:46 ----A---- C:\Windows\system32\rsaenh.dll
2009-09-25 07:55:46 ----A---- C:\Windows\system32\bthserv.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-09-25 07:55:45 ----A---- C:\Windows\system32\scrptadm.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\netapi32.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\msstrc.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\msihnd.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-25 07:55:45 ----A---- C:\Windows\system32\dfshim.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\termsrv.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\profsvc.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\mtxclu.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\mscories.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\inetpp.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\hidserv.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\fundisc.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-25 07:55:44 ----A---- C:\Windows\system32\cryptsvc.dll
2009-09-25 07:55:43 ----A---- C:\Windows\system32\imapi.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\wdc.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\shsvcs.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\rasmans.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\pnidui.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\msiexec.exe
2009-09-25 07:55:42 ----A---- C:\Windows\system32\iassdo.dll
2009-09-25 07:55:42 ----A---- C:\Windows\system32\chsbrkr.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\wersvc.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\spoolsv.exe
2009-09-25 07:55:41 ----A---- C:\Windows\system32\slmgr.vbs
2009-09-25 07:55:41 ----A---- C:\Windows\system32\scrrun.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\PSHED.DLL
2009-09-25 07:55:41 ----A---- C:\Windows\system32\pdh.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\icardres.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\azroles.dll
2009-09-25 07:55:41 ----A---- C:\Windows\system32\autofmt.exe
2009-09-25 07:55:40 ----A---- C:\Windows\system32\wmpmde.dll
2009-09-25 07:55:40 ----A---- C:\Windows\system32\winlogon.exe
2009-09-25 07:55:40 ----A---- C:\Windows\system32\SyncCenter.dll
2009-09-25 07:55:40 ----A---- C:\Windows\system32\pidgenx.dll
2009-09-25 07:55:40 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-09-25 07:55:39 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-25 07:55:39 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-09-25 07:55:39 ----A---- C:\Windows\system32\comuid.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\untfs.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\spp.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\sethc.exe
2009-09-25 07:55:38 ----A---- C:\Windows\system32\scrobj.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\ncrypt.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\kd1394.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\iassam.dll
2009-09-25 07:55:38 ----A---- C:\Windows\system32\certmgr.dll
2009-09-25 07:55:37 ----A---- C:\Windows\system32\wisptis.exe
2009-09-25 07:55:37 ----A---- C:\Windows\system32\taskcomp.dll
2009-09-25 07:55:37 ----A---- C:\Windows\system32\rtutils.dll
2009-09-25 07:55:37 ----A---- C:\Windows\system32\dwm.exe
2009-09-25 07:55:37 ----A---- C:\Windows\system32\cscui.dll
2009-09-25 07:55:37 ----A---- C:\Windows\system32\autochk.exe
2009-09-25 07:55:36 ----A---- C:\Windows\system32\printui.dll
2009-09-25 07:55:36 ----A---- C:\Windows\system32\iasnap.dll
2009-09-25 07:55:36 ----A---- C:\Windows\system32\autoconv.exe
2009-09-25 07:55:35 ----A---- C:\Windows\system32\winsrv.dll
2009-09-25 07:55:35 ----A---- C:\Windows\system32\cscript.exe
2009-09-25 07:55:34 ----A---- C:\Windows\system32\wow32.dll
2009-09-25 07:55:34 ----A---- C:\Windows\system32\userenv.dll
2009-09-25 07:55:34 ----A---- C:\Windows\system32\osk.exe
2009-09-25 07:55:34 ----A---- C:\Windows\system32\onex.dll
2009-09-25 07:55:34 ----A---- C:\Windows\system32\kdcom.dll
2009-09-25 07:55:34 ----A---- C:\Windows\system32\basecsp.dll
2009-09-25 07:55:34 ----A---- C:\Windows\system32\audiodg.exe
2009-09-25 07:55:33 ----A---- C:\Windows\system32\spcmsg.dll
2009-09-25 07:55:33 ----A---- C:\Windows\system32\RelMon.dll
2009-09-25 07:55:33 ----A---- C:\Windows\system32\mswsock.dll
2009-09-25 07:55:33 ----A---- C:\Windows\system32\kdusb.dll
2009-09-25 07:55:32 ----A---- C:\Windows\system32\WinSCard.dll
2009-09-25 07:55:32 ----A---- C:\Windows\system32\winmm.dll
2009-09-25 07:55:32 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-09-25 07:55:32 ----A---- C:\Windows\system32\rdpencom.dll
2009-09-25 07:55:32 ----A---- C:\Windows\system32\offfilt.dll
2009-09-25 07:55:32 ----A---- C:\Windows\system32\msftedit.dll
2009-09-25 07:55:31 ----A---- C:\Windows\system32\Utilman.exe
2009-09-25 07:55:31 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\wsepno.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\wiaservc.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\WerFault.exe
2009-09-25 07:55:30 ----A---- C:\Windows\system32\sysclass.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\stobject.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\SndVol.exe
2009-09-25 07:55:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\prnntfy.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\msnetobj.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\mscms.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\mfplat.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\diskraid.exe
2009-09-25 07:55:30 ----A---- C:\Windows\system32\apphelp.dll
2009-09-25 07:55:30 ----A---- C:\Windows\system32\adsmsext.dll
2009-09-25 07:55:29 ----A---- C:\Windows\system32\wscript.exe
2009-09-25 07:55:29 ----A---- C:\Windows\system32\ulib.dll
2009-09-25 07:55:29 ----A---- C:\Windows\system32\odbccp32.dll
2009-09-25 07:55:29 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-09-25 07:55:29 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-25 07:55:29 ----A---- C:\Windows\system32\dsound.dll
2009-09-25 07:55:29 ----A---- C:\Windows\system32\cryptui.dll
2009-09-25 07:55:28 ----A---- C:\Windows\system32\wscntfy.dll
2009-09-25 07:55:28 ----A---- C:\Windows\system32\rastapi.dll
2009-09-25 07:55:28 ----A---- C:\Windows\system32\pnpsetup.dll
2009-09-25 07:55:28 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-09-25 07:55:28 ----A---- C:\Windows\system32\fdProxy.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\wscsvc.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-09-25 07:55:27 ----A---- C:\Windows\system32\wlangpui.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\vdsdyn.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\rastls.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\rasapi32.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\logman.exe
2009-09-25 07:55:27 ----A---- C:\Windows\system32\iashlpr.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\gpapi.dll
2009-09-25 07:55:27 ----A---- C:\Windows\system32\diskpart.exe
2009-09-25 07:55:27 ----A---- C:\Windows\system32\brcpl.dll
2009-09-25 07:55:26 ----A---- C:\Windows\system32\wusa.exe
2009-09-25 07:55:26 ----A---- C:\Windows\system32\regsvc.dll
2009-09-25 07:55:26 ----A---- C:\Windows\system32\ntprint.dll
2009-09-25 07:55:26 ----A---- C:\Windows\system32\mscorier.dll
2009-09-25 07:55:26 ----A---- C:\Windows\system32\iasrad.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\zipfldr.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\wshext.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\wer.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\rasdlg.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\netcenter.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\iassvcs.dll
2009-09-25 07:55:25 ----A---- C:\Windows\system32\findstr.exe
2009-09-25 07:55:24 ----A---- C:\Windows\system32\wsnmp32.dll
2009-09-25 07:55:24 ----A---- C:\Windows\system32\uxsms.dll
2009-09-25 07:55:24 ----A---- C:\Windows\system32\themecpl.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\tsbyuv.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\srvsvc.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\scansetting.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\ntmarta.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\msutb.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\mstlsapi.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\mssprxy.dll
2009-09-25 07:55:23 ----A---- C:\Windows\system32\iasads.dll
2009-09-25 07:55:22 ----A---- C:\Windows\system32\slcc.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\umrdp.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\powrprof.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\powercpl.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\newdev.exe
2009-09-25 07:55:21 ----A---- C:\Windows\system32\networkmap.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\mstsc.exe
2009-09-25 07:55:21 ----A---- C:\Windows\system32\iasacct.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\connect.dll
2009-09-25 07:55:21 ----A---- C:\Windows\system32\authz.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\usercpl.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\themeui.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\systemcpl.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\sud.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\samlib.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\qdvd.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\pcaui.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\mmci.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\dot3svc.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\brcplsiw.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\autoplay.dll
2009-09-25 07:55:20 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-09-25 07:55:19 ----A---- C:\Windows\system32\wlanpref.dll
2009-09-25 07:55:19 ----A---- C:\Windows\system32\vdsutil.dll
2009-09-25 07:55:19 ----A---- C:\Windows\system32\rpchttp.dll
2009-09-25 07:55:19 ----A---- C:\Windows\system32\regapi.dll
2009-09-25 07:55:19 ----A---- C:\Windows\system32\msinfo32.exe
2009-09-25 07:55:19 ----A---- C:\Windows\system32\cscobj.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\wscisvif.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\tapisrv.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\scksp.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\scesrv.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\rekeywiz.exe
2009-09-25 07:55:18 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\oleprn.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\mpr.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\imm32.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\iaspolcy.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\feclient.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\Faultrep.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\dot3msm.dll
2009-09-25 07:55:18 ----A---- C:\Windows\system32\AudioSes.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\sdclt.exe
2009-09-25 07:55:17 ----A---- C:\Windows\system32\scecli.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\rasgcw.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\qedit.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\pnpui.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\perfdisk.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\ncryptui.dll
2009-09-25 07:55:17 ----A---- C:\Windows\system32\hdwwiz.exe
2009-09-25 07:55:17 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-09-25 07:55:17 ----A---- C:\Windows\system32\dpapimig.exe
2009-09-25 07:55:17 ----A---- C:\Windows\system32\DeviceEject.exe
2009-09-25 07:55:17 ----A---- C:\Windows\system32\certreq.exe
2009-09-25 07:55:16 ----A---- C:\Windows\system32\TSTheme.exe
2009-09-25 07:55:16 ----A---- C:\Windows\system32\spwinsat.dll
2009-09-25 07:55:16 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-09-25 07:55:16 ----A---- C:\Windows\system32\rasplap.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\whealogr.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\tcpmon.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\srcore.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\SnippingTool.exe
2009-09-25 07:55:15 ----A---- C:\Windows\system32\SCardSvr.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\raschap.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-09-25 07:55:15 ----A---- C:\Windows\system32\fdWSD.dll
2009-09-25 07:55:15 ----A---- C:\Windows\system32\conime.exe
2009-09-25 07:55:15 ----A---- C:\Windows\system32\cmmon32.exe
2009-09-25 07:55:15 ----A---- C:\Windows\system32\cmdial32.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-09-25 07:55:14 ----A---- C:\Windows\system32\wlanui.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\wiaaut.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\shwebsvc.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\rasppp.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\PnPutil.exe
2009-09-25 07:55:14 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\fontext.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\dsprop.dll
2009-09-25 07:55:14 ----A---- C:\Windows\system32\dimsroam.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\shsetup.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\rasmontr.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\oobefldr.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\mscandui.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\modemui.dll
2009-09-25 07:55:13 ----A---- C:\Windows\system32\chtbrkr.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\WSDMon.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\smss.exe
2009-09-25 07:55:12 ----A---- C:\Windows\system32\rdpwsx.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\netplwiz.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\dataclen.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\CscMig.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\credui.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\blackbox.dll
2009-09-25 07:55:12 ----A---- C:\Windows\system32\appmgmts.dll
2009-09-25 07:55:11 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-25 07:55:11 ----A---- C:\Windows\system32\networkexplorer.dll
2009-09-25 07:55:11 ----A---- C:\Windows\system32\logagent.exe
2009-09-25 07:55:11 ----A---- C:\Windows\system32\ifmon.dll
2009-09-25 07:55:11 ----A---- C:\Windows\system32\cipher.exe
2009-09-25 07:55:11 ----A---- C:\Windows\system32\certprop.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\wscapi.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\thawbrkr.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\softkbd.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\sendmail.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\msscp.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\msimtf.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\msctfui.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\InkEd.dll
2009-09-25 07:55:10 ----A---- C:\Windows\system32\gpresult.exe
2009-09-25 07:55:09 ----A---- C:\Windows\system32\rdpclip.exe
2009-09-25 07:55:09 ----A---- C:\Windows\system32\puiapi.dll
2009-09-25 07:55:09 ----A---- C:\Windows\system32\olepro32.dll
2009-09-25 07:55:09 ----A---- C:\Windows\system32\gpprnext.dll
2009-09-25 07:55:09 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-09-25 07:55:09 ----A---- C:\Windows\system32\dmsynth.dll
2009-09-25 07:55:09 ----A---- C:\Windows\system32\cdd.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\wshbth.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\version.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-25 07:55:08 ----A---- C:\Windows\system32\msisip.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\mprapi.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\input.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\fdSSDP.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\fc.exe
2009-09-25 07:55:08 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-09-25 07:55:08 ----A---- C:\Windows\system32\dmusic.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\wsdchngr.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\rdpendp.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\msjint40.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\l2nacp.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\ftp.exe
2009-09-25 07:55:07 ----A---- C:\Windows\system32\eapp3hst.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\cscdll.dll
2009-09-25 07:55:07 ----A---- C:\Windows\system32\cscapi.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\Storprop.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\rasdial.exe
2009-09-25 07:55:06 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-09-25 07:55:06 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\ipconfig.exe
2009-09-25 07:55:06 ----A---- C:\Windows\system32\gpscript.exe
2009-09-25 07:55:06 ----A---- C:\Windows\system32\fdWCN.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\eappcfg.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\dot3cfg.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-09-25 07:55:06 ----A---- C:\Windows\system32\bthudtask.exe
2009-09-25 07:55:06 ----A---- C:\Windows\system32\bthci.dll
2009-09-25 07:55:05 ----A---- C:\Windows\system32\tscupgrd.exe
2009-09-25 07:55:05 ----A---- C:\Windows\system32\slcinst.dll
2009-09-25 07:55:05 ----A---- C:\Windows\system32\nslookup.exe
2009-09-25 07:55:05 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-09-25 07:55:05 ----A---- C:\Windows\system32\gpscript.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\qprocess.exe
2009-09-25 07:55:04 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\ocsetup.exe
2009-09-25 07:55:04 ----A---- C:\Windows\system32\mmcico.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\hbaapi.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\fdeploy.dll
2009-09-25 07:55:04 ----A---- C:\Windows\system32\eappgnui.dll
2009-09-25 07:55:03 ----A---- C:\Windows\system32\tscon.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\logoff.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\gpupdate.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\csrstub.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\chgusr.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\chgport.exe
2009-09-25 07:55:03 ----A---- C:\Windows\system32\cbsra.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\tskill.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\shadow.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\rwinsta.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\qappsrv.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\NcdProp.dll
2009-09-25 07:55:02 ----A---- C:\Windows\system32\iscsilog.dll
2009-09-25 07:55:02 ----A---- C:\Windows\system32\chglogon.exe
2009-09-25 07:55:02 ----A---- C:\Windows\system32\bitsigd.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\winrnr.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\vdmdbg.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\tsdiscon.exe
2009-09-25 07:55:01 ----A---- C:\Windows\system32\slwga.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\reset.exe
2009-09-25 07:55:01 ----A---- C:\Windows\system32\query.exe
2009-09-25 07:55:01 ----A---- C:\Windows\system32\odbcconf.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\inetppui.dll
2009-09-25 07:55:01 ----A---- C:\Windows\system32\change.exe
2009-09-25 07:55:00 ----A---- C:\Windows\system32\midimap.dll
2009-09-25 07:54:56 ----A---- C:\Windows\system32\msimsg.dll
2009-09-25 07:54:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-25 07:54:35 ----A---- C:\Windows\system32\SmiEngine.dll
2009-09-25 07:54:30 ----A---- C:\Windows\system32\wdscore.dll
2009-09-25 07:54:30 ----A---- C:\Windows\system32\PkgMgr.exe
2009-09-25 07:54:21 ----A---- C:\Windows\system32\drvstore.dll
2009-09-17 21:13:13 ----D---- C:\Users\2L@CONSULTING\AppData\Roaming\Apple Computer
2009-09-17 21:12:38 ----DC---- C:\Windows\system32\DRVSTORE
2009-09-17 21:12:38 ----A---- C:\Windows\system32\GEARAspi.dll
2009-09-17 21:11:38 ----D---- C:\Program Files\iPod
2009-09-17 21:11:36 ----D---- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-17 21:11:36 ----D---- C:\Program Files\iTunes
2009-09-17 21:10:21 ----D---- C:\Program Files\QuickTime
2009-09-17 21:10:20 ----D---- C:\ProgramData\Apple Computer
2009-09-17 21:06:22 ----D---- C:\Program Files\Common Files\Apple
2009-09-14 10:35:06 ----D---- C:\Program Files\Common Files\Deterministic Networks
2009-09-13 21:04:01 ----D---- C:\Windows\F3C1DE9E5E164BA9B8547B53A45E3579.TMP

======List of files/folders modified in the last 1 months======

2009-10-12 21:09:00 ----D---- C:\Windows\Temp
2009-10-12 21:03:06 ----D---- C:\Windows\Prefetch
2009-10-12 20:13:13 ----D---- C:\Windows\System32
2009-10-12 20:13:13 ----D---- C:\Windows\inf
2009-10-12 20:13:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-12 20:09:08 ----D---- C:\Users\2L@CONSULTING\AppData\Roaming\Mozilla
2009-10-12 20:06:58 ----A---- C:\Windows\system32\log.txt
2009-10-12 20:00:01 ----RD---- C:\Program Files
2009-10-12 19:44:20 ----SHD---- C:\System Volume Information
2009-10-11 22:03:14 ----D---- C:\Windows\system32\WDI
2009-10-11 19:40:09 ----HD---- C:\ProgramData
2009-10-11 19:38:24 ----SHD---- C:\Windows\Installer
2009-10-11 19:37:57 ----D---- C:\Windows\system32\drivers
2009-10-10 10:17:17 ----D---- C:\Windows\Tasks
2009-10-10 10:17:17 ----D---- C:\Windows\system32\Tasks
2009-10-10 10:17:12 ----D---- C:\Windows\system32\catroot
2009-10-08 07:35:24 ----D---- C:\Windows
2009-10-07 22:31:42 ----D---- C:\Windows\Debug
2009-10-07 20:26:21 ----D---- C:\Windows\rescache
2009-10-07 06:44:20 ----D---- C:\Windows\system32\fr-FR
2009-10-06 21:45:53 ----D---- C:\Windows\winsxs
2009-10-06 19:50:55 ----D---- C:\Windows\system32\zh-TW
2009-10-06 19:50:55 ----D---- C:\Windows\system32\zh-HK
2009-10-06 19:50:55 ----D---- C:\Windows\system32\tr-TR
2009-10-06 19:50:55 ----D---- C:\Windows\system32\sv-SE
2009-1

Afficher la suite

A voir également:

Je hais les rootkits
Rootkits download - Télécharger - Antivirus & Antimalwares

1 réponse

Réponse 1 / 1

pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503

Bonsoir,

Le rapport RSIt n'est pas complet. Le rapport log.txt n'est pas complet et il manque le rapport info.txt, peux tu essayer de me joindre le rapports comme ceci :

( C:\RSIT\log.txt et C:\RSIT\info.txt )

CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller

Petite chose à faire pour les rapports générés par RSIT avant de continuer

▶ Vous devez fusionner les deux rapports.
▶ C'est-à-dire, copier/coller le contenu du rapport info.txt à la suite du rapport log.txt dans un bloc note pour ne faire qu'un seul rapport.
▶ Ensuite enregistrer le rapport log.txt.

Ensuite :

▶ Rendez-vous à cette adresse d'hébergement gratuit : http://www.cijoint.fr/

▶ Cliquez sur parcourir, chercher le rapport log.txt puis cliquez sur ici pour déposer le fichier

▶ Une fois le lien crée en dessous de c'est ce même lien que vous devrez transmettre à vos correspondants, faite un clique droit dessus et copier l'adresse du lien pour venir le coller dans votre réponse

Discussions similaires

Malwarebytes bloque sur l'étape "Recherche de rootkits"

Discussions similaires

Newsletters