[Résolu] Pubs Intempestives sur mon LapTop
Forum Sécurité - Virus : [Résolu] Pubs Intempestives sur mon LapTop
Une fois que je me connecte quelques secondes suffisent pour des masses de pubs de casino et autres s'ouvrent sur ma bécane. J'ai utilisé plusieurs antivirus ou programme de désinfection mais je sais où poster les rapports pour obtenir de l'aide. On utilise Mc Afee au bureau et Nod32 à la maison. J'ai installé MBAM, Hijacks et autres rien à faire. Please HELP!!!
Message édité par kakoul le 12-11-2009 à 13:15:44
Bonjour,
Tu peux poster les rapports ici.
| Destrio5 a écrit : Bonjour,
|
Bonjour Destrio5,
Merci de ton aide. Ci dessous le rapport MBAM de ce jour. Je te posterai également ceux des jours précédents pour te donner une vue plus grande de ma situation.
Malwarebytes' Anti-Malware 1.41
Database version: 2966
Windows 5.1.2600 Service Pack 2
19/10/2009 11:14:30
mbam-log-2009-10-19 (11-14-23).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 172734
Time elapsed: 42 minute(s), 58 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Encore Merci
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2962
Windows 5.1.2600 Service Pack 2
14/10/2009 18:56:14
mbam-log-2009-10-14 (18-56-14).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|H:\|)
Eléments examinés: 298706
Temps écoulé: 1 hour(s), 45 minute(s), 1 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 21
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\1 (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
F:\System Volume Information\_restore{A770478D-7D66-4F10-AA95-385D441AEC85}\RP82\A0030065.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1052.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1207.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1244.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2139.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2166.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2355.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3087.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3102.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3276.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4009.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4037.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4198.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4931.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4969.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv5119.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv5853.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv6774.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv7696.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv8618.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv9540.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2966
Windows 5.1.2600 Service Pack 2
15/10/2009 12:20:47
mbam-log-2009-10-15 (12-20-47).txt
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 299029
Temps écoulé: 2 hour(s), 25 minute(s), 55 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
- Relance MBAM, va dans Quarantaine et supprime tout.
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Bonjour Destrio5,
J'ai lancé RSIT.exe pendant que MBAM était en cours de recherche ci dessous les Résultats. Je relancerai une fois MBAM se termine si c'est nécessaire. Je te posterai les résultats. Merci encore de ton aide.
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-19 16:58:22
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 62 GB (70%) free of 89 GB
Total RAM: 2027 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59:44, on 19/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16281 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
shell\AutoRun\command - I:\LaunchU3.exe -a
======List of files/folders created in the last 1 months======
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-19 16:58:22 ----D---- C:\rsit
2009-10-15 14:00:47 ----SHD---- C:\Config.Msi
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-08 18:31:45 ----A---- C:\1st _ wlsetup-custom.exe
2009-10-08 18:30:07 ----A---- C:\MAJ _ Installation_WLMessenger2009.exe
2009-10-08 14:39:47 ----A---- C:\rapvo.exe
2009-10-08 14:39:07 ----A---- C:\kajcjgco.exe
2009-10-08 14:38:45 ----A---- C:\jmaox.exe
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:42:11 ----A---- C:\WINDOWS\system32\SET1306.tmp
2009-10-06 00:42:08 ----A---- C:\WINDOWS\system32\SET12DD.tmp
2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12D0.tmp
2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12CB.tmp
2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12C6.tmp
2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12C5.tmp
2009-10-06 00:38:23 ----A---- C:\WINDOWS\system32\SET5D2.tmp
2009-10-06 00:38:23 ----A---- C:\WINDOWS\system32\SET5CE.tmp
2009-10-06 00:38:22 ----A---- C:\WINDOWS\system32\SET5CA.tmp
2009-10-06 00:38:22 ----A---- C:\WINDOWS\system32\SET5C7.tmp
2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5C1.tmp
2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5BE.tmp
2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5BD.tmp
2009-10-06 00:38:20 ----A---- C:\WINDOWS\system32\SET5B9.tmp
2009-10-06 00:38:20 ----A---- C:\WINDOWS\system32\SET5B4.tmp
2009-10-06 00:38:19 ----A---- C:\WINDOWS\system32\SET5AD.tmp
2009-10-06 00:38:19 ----A---- C:\WINDOWS\system32\SET5AB.tmp
2009-10-06 00:38:18 ----A---- C:\WINDOWS\system32\SET5A8.tmp
2009-10-06 00:38:17 ----A---- C:\WINDOWS\system32\SET5A0.tmp
2009-10-06 00:38:17 ----A---- C:\WINDOWS\system32\SET59A.tmp
2009-10-06 00:38:16 ----A---- C:\WINDOWS\system32\SET592.tmp
2009-10-06 00:38:16 ----A---- C:\WINDOWS\system32\SET591.tmp
2009-10-06 00:38:15 ----A---- C:\WINDOWS\system32\SET58C.tmp
2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET58A.tmp
2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET587.tmp
2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET586.tmp
2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET585.tmp
2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET583.tmp
2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET581.tmp
2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET580.tmp
2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET57F.tmp
2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET57E.tmp
2009-10-06 00:38:12 ----A---- C:\WINDOWS\system32\SET57B.tmp
2009-10-06 00:38:11 ----A---- C:\WINDOWS\system32\SET573.tmp
2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET54C.tmp
2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET547.tmp
2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET546.tmp
2009-10-06 00:38:05 ----A---- C:\WINDOWS\system32\SET532.tmp
2009-10-06 00:38:03 ----A---- C:\WINDOWS\system32\SET524.tmp
2009-10-06 00:38:01 ----A---- C:\WINDOWS\system32\SET513.tmp
2009-10-06 00:38:01 ----A---- C:\WINDOWS\system32\SET511.tmp
2009-10-06 00:38:00 ----A---- C:\WINDOWS\system32\SET50F.tmp
2009-10-06 00:38:00 ----A---- C:\WINDOWS\system32\SET50C.tmp
2009-10-06 00:37:59 ----A---- C:\WINDOWS\system32\SET4FC.tmp
2009-10-06 00:37:58 ----A---- C:\WINDOWS\system32\SET4F8.tmp
2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4EE.tmp
2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4ED.tmp
2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4E7.tmp
2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4DA.tmp
2009-10-06 00:37:56 ----A---- C:\WINDOWS\system32\SET4D5.tmp
2009-10-06 00:37:55 ----A---- C:\WINDOWS\system32\SET4C9.tmp
2009-10-06 00:37:55 ----A---- C:\WINDOWS\system32\SET4C5.tmp
2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BF.tmp
2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BD.tmp
2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BB.tmp
2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4B7.tmp
2009-10-06 00:37:52 ----A---- C:\WINDOWS\system32\SET4A3.tmp
2009-10-06 00:37:52 ----A---- C:\WINDOWS\system32\SET4A1.tmp
2009-10-06 00:37:51 ----A---- C:\WINDOWS\system32\SET498.tmp
2009-10-06 00:37:51 ----A---- C:\WINDOWS\system32\SET48D.tmp
2009-10-06 00:37:50 ----A---- C:\WINDOWS\system32\SET481.tmp
2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47D.tmp
2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47C.tmp
2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47B.tmp
2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47A.tmp
2009-10-06 00:37:47 ----A---- C:\WINDOWS\system32\SET46B.tmp
2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET461.tmp
2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET460.tmp
2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET45D.tmp
2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET457.tmp
2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET453.tmp
2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET452.tmp
2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET44C.tmp
2009-10-06 00:37:43 ----A---- C:\WINDOWS\system32\SET43B.tmp
2009-10-06 00:37:43 ----A---- C:\WINDOWS\system32\SET438.tmp
2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET436.tmp
2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET434.tmp
2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET433.tmp
2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET431.tmp
2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET42F.tmp
2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET42D.tmp
2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET429.tmp
2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET428.tmp
2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET41F.tmp
2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET41E.tmp
2009-10-06 00:37:39 ----A---- C:\WINDOWS\system32\SET41B.tmp
2009-10-06 00:37:39 ----A---- C:\WINDOWS\system32\SET419.tmp
2009-10-06 00:37:38 ----A---- C:\WINDOWS\system32\SET404.tmp
2009-10-06 00:37:37 ----A---- C:\WINDOWS\system32\SET3FD.tmp
2009-10-06 00:37:37 ----A---- C:\WINDOWS\system32\SET3FC.tmp
2009-10-06 00:37:36 ----A---- C:\WINDOWS\system32\SET3EE.tmp
2009-10-06 00:37:36 ----A---- C:\WINDOWS\system32\SET3EB.tmp
2009-10-06 00:37:35 ----A---- C:\WINDOWS\system32\SET3E3.tmp
2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3D5.tmp
2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3D2.tmp
2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3CF.tmp
2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3C6.tmp
2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3BC.tmp
2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3B0.tmp
2009-10-06 00:37:32 ----A---- C:\WINDOWS\system32\SET3AF.tmp
2009-10-06 00:37:32 ----A---- C:\WINDOWS\system32\SET3AD.tmp
2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A4.tmp
2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A2.tmp
2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A1.tmp
2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET3A0.tmp
2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET39C.tmp
2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET399.tmp
2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET398.tmp
2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET38A.tmp
2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET385.tmp
2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET384.tmp
2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET383.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET381.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET380.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET37D.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET37A.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET379.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET376.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET375.tmp
2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET372.tmp
2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET370.tmp
2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET36F.tmp
2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET36C.tmp
2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET368.tmp
2009-10-06 00:37:26 ----A---- C:\WINDOWS\system32\SET35B.tmp
2009-10-06 00:37:26 ----A---- C:\WINDOWS\system32\SET359.tmp
2009-10-06 00:37:25 ----A---- C:\WINDOWS\system32\SET331.tmp
2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET32C.tmp
2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET328.tmp
2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET325.tmp
2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET31E.tmp
2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET31B.tmp
2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET318.tmp
2009-10-06 00:37:22 ----A---- C:\WINDOWS\system32\SET30D.tmp
2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET302.tmp
2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FE.tmp
2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FD.tmp
2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FC.tmp
2009-10-06 00:37:20 ----A---- C:\WINDOWS\system32\SET2F9.tmp
2009-10-06 00:37:20 ----A---- C:\WINDOWS\system32\SET2F7.tmp
2009-10-06 00:37:19 ----A---- C:\WINDOWS\system32\SET2DE.tmp
2009-10-06 00:37:19 ----A---- C:\WINDOWS\system32\SET2DD.tmp
2009-10-06 00:37:18 ----A---- C:\WINDOWS\system32\SET2D4.tmp
2009-10-06 00:37:18 ----A---- C:\WINDOWS\system32\SET2CA.tmp
2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2C8.tmp
2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2C7.tmp
2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2BB.tmp
2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29D.tmp
2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29C.tmp
2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29B.tmp
2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29A.tmp
2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET294.tmp
2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET291.tmp
2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET290.tmp
2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET28D.tmp
2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET28C.tmp
2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET27B.tmp
2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET279.tmp
2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET274.tmp
2009-10-06 00:37:12 ----A---- C:\WINDOWS\system32\SET271.tmp
2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET26F.tmp
2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET26B.tmp
2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET268.tmp
2009-10-06 00:37:10 ----A---- C:\WINDOWS\system32\SET25E.tmp
2009-10-06 00:37:09 ----A---- C:\WINDOWS\system32\SET22F.tmp
2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22E.tmp
2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22C.tmp
2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22A.tmp
2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET226.tmp
2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET21E.tmp
2009-10-06 00:37:07 ----A---- C:\WINDOWS\system32\SET215.tmp
2009-10-06 00:37:07 ----A---- C:\WINDOWS\system32\SET213.tmp
2009-10-06 00:37:05 ----A---- C:\WINDOWS\system32\SET1E9.tmp
2009-10-06 00:37:05 ----A---- C:\WINDOWS\system32\SET1E8.tmp
2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1D6.tmp
2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1D4.tmp
2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1CD.tmp
2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1CA.tmp
2009-10-06 00:37:03 ----A---- C:\WINDOWS\system32\SET1BF.tmp
2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B3.tmp
2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B2.tmp
2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B1.tmp
2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B0.tmp
2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1AF.tmp
2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1AA.tmp
2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A8.tmp
2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A7.tmp
2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A2.tmp
2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET198.tmp
2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET197.tmp
2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET194.tmp
2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET191.tmp
2009-10-06 00:36:59 ----A---- C:\WINDOWS\system32\SET18F.tmp
2009-10-06 00:36:59 ----A---- C:\WINDOWS\system32\SET18E.tmp
2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17D.tmp
2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17C.tmp
2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17A.tmp
2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET178.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET177.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET176.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET175.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET172.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16F.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16D.tmp
2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16B.tmp
2009-10-06 00:36:56 ----A---- C:\WINDOWS\system32\SET15F.tmp
2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET154.tmp
2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET153.tmp
2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET14B.tmp
2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET147.tmp
2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET145.tmp
2009-10-06 00:36:54 ----A---- C:\WINDOWS\system32\SET143.tmp
2009-10-06 00:36:54 ----A---- C:\WINDOWS\system32\SET141.tmp
2009-10-06 00:35:48 ----A---- C:\WINDOWS\002957_.tmp
2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 14:39:24 ----A---- C:\WINDOWS\system32\SET126B.tmp
2009-10-05 14:39:22 ----A---- C:\WINDOWS\system32\SET1242.tmp
2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET1235.tmp
2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET1230.tmp
2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET122B.tmp
2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET122A.tmp
2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET537.tmp
2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET535.tmp
2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET534.tmp
2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET533.tmp
2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET52F.tmp
2009-10-05 14:35:26 ----A---- C:\WINDOWS\system32\SET52C.tmp
2009-10-05 14:35:26 ----A---- C:\WINDOWS\system32\SET526.tmp
2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET523.tmp
2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET522.tmp
2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET51E.tmp
2009-10-05 14:35:24 ----A---- C:\WINDOWS\system32\SET519.tmp
2009-10-05 14:35:23 ----A---- C:\WINDOWS\system32\SET512.tmp
2009-10-05 14:35:22 ----A---- C:\WINDOWS\system32\SET510.tmp
2009-10-05 14:35:21 ----A---- C:\WINDOWS\system32\SET50D.tmp
2009-10-05 14:35:21 ----A---- C:\WINDOWS\system32\SET505.tmp
2009-10-05 14:35:20 ----A---- C:\WINDOWS\system32\SET4FF.tmp
2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F7.tmp
2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F6.tmp
2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F1.tmp
2009-10-05 14:35:18 ----A---- C:\WINDOWS\system32\SET4EF.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EC.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EB.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EA.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E8.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E6.tmp
2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E5.tmp
2009-10-05 14:35:15 ----A---- C:\WINDOWS\system32\SET4E4.tmp
2009-10-05 14:35:15 ----A---- C:\WINDOWS\system32\SET4E3.tmp
2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4E1.tmp
2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4E0.tmp
2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4DF.tmp
2009-10-05 14:35:13 ----A---- C:\WINDOWS\system32\SET4D8.tmp
2009-10-05 14:35:11 ----A---- C:\WINDOWS\system32\SET4CB.tmp
2009-10-05 14:35:09 ----A---- C:\WINDOWS\system32\SET4B1.tmp
2009-10-05 14:35:08 ----A---- C:\WINDOWS\system32\SET4AC.tmp
2009-10-05 14:35:08 ----A---- C:\WINDOWS\system32\SET4AB.tmp
2009-10-05 14:35:07 ----A---- C:\WINDOWS\system32\SET49B.tmp
2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET497.tmp
2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET496.tmp
2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET495.tmp
2009-10-05 14:35:05 ----A---- C:\WINDOWS\system32\SET490.tmp
2009-10-05 14:35:05 ----A---- C:\WINDOWS\system32\SET48C.tmp
2009-10-05 14:35:04 ----A---- C:\WINDOWS\system32\SET484.tmp
2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET483.tmp
2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET482.tmp
2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET480.tmp
2009-10-05 14:35:01 ----A---- C:\WINDOWS\system32\SET472.tmp
2009-10-05 14:35:01 ----A---- C:\WINDOWS\system32\SET46E.tmp
2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET46A.tmp
2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET468.tmp
2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET467.tmp
2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET465.tmp
2009-10-05 14:34:59 ----A---- C:\WINDOWS\system32\SET45F.tmp
2009-10-05 14:34:59 ----A---- C:\WINDOWS\system32\SET45C.tmp
2009-10-05 14:34:58 ----A---- C:\WINDOWS\system32\SET451.tmp
2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44F.tmp
2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44D.tmp
2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44B.tmp
2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET447.tmp
2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET445.tmp
2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET443.tmp
2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET43F.tmp
2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42E.tmp
2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42C.tmp
2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42A.tmp
2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET426.tmp
2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET424.tmp
2009-10-05 14:34:52 ----A---- C:\WINDOWS\system32\SET41D.tmp
2009-10-05 14:34:51 ----A---- C:\WINDOWS\system32\SET415.tmp
2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40F.tmp
2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40E.tmp
2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40D.tmp
2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40B.tmp
2009-10-05 14:34:49 ----A---- C:\WINDOWS\system32\SET408.tmp
2009-10-05 14:34:48 ----A---- C:\WINDOWS\system32\SET3F9.tmp
2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3F1.tmp
2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3F0.tmp
2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3EC.tmp
2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3E5.tmp
2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3E0.tmp
2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DF.tmp
2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DE.tmp
2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DB.tmp
2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3D9.tmp
2009-10-05 14:34:44 ----A---- C:\WINDOWS\system32\SET3CB.tmp
2009-10-05 14:34:44 ----A---- C:\WINDOWS\system32\SET3C4.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BF.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BE.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BB.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BA.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B9.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B8.tmp
2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B6.tmp
2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B5.tmp
2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B2.tmp
2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B1.tmp
2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AC.tmp
2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AB.tmp
2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AA.tmp
2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3A9.tmp
2009-10-05 14:34:40 ----A---- C:\WINDOWS\system32\SET3A7.tmp
2009-10-05 14:34:40 ----A---- C:\WINDOWS\system32\SET3A5.tmp
2009-10-05 14:34:39 ----A---- C:\WINDOWS\system32\SET39B.tmp
2009-10-05 14:34:39 ----A---- C:\WINDOWS\system32\SET39A.tmp
2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET397.tmp
2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET396.tmp
2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET394.tmp
2009-10-05 14:34:37 ----A---- C:\WINDOWS\system32\SET38F.tmp
2009-10-05 14:34:37 ----A---- C:\WINDOWS\system32\SET38D.tmp
2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET386.tmp
2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET37F.tmp
2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET37E.tmp
2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET37B.tmp
2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET378.tmp
2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET377.tmp
2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET374.tmp
2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET373.tmp
2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET371.tmp
2009-10-05 14:34:33 ----A---- C:\WINDOWS\system32\SET36E.tmp
2009-10-05 14:34:33 ----A---- C:\WINDOWS\system32\SET36B.tmp
2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET36A.tmp
2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET369.tmp
2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET365.tmp
2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET364.tmp
2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET363.tmp
2009-10-05 14:34:31 ----A---- C:\WINDOWS\system32\SET35A.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET357.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET355.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET354.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET353.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET351.tmp
2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET350.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34E.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34C.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34A.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET349.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET348.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET347.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET346.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET343.tmp
2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET341.tmp
2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET340.tmp
2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET338.tmp
2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET337.tmp
2009-10-05 14:34:27 ----A---- C:\WINDOWS\system32\SET336.tmp
2009-10-05 14:34:25 ----A---- C:\WINDOWS\system32\SET327.tmp
2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET321.tmp
2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET31D.tmp
2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET31A.tmp
2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET317.tmp
2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET316.tmp
2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET315.tmp
2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET314.tmp
2009-10-05 14:34:21 ----A---- C:\WINDOWS\system32\SET30E.tmp
2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET30C.tmp
2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET30A.tmp
2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET307.tmp
2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET306.tmp
2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET305.tmp
2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET303.tmp
2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET300.tmp
2009-10-05 14:34:18 ----A---- C:\WINDOWS\system32\SET2F3.tmp
2009-10-05 14:34:18 ----A---- C:\WINDOWS\system32\SET2F1.tmp
2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E8.tmp
2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E6.tmp
2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E5.tmp
2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E4.tmp
2009-10-05 14:34:16 ----A---- C:\WINDOWS\system32\SET2E3.tmp
2009-10-05 14:34:16 ----A---- C:\WINDOWS\system32\SET2DC.tmp
2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2D0.tmp
2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2CF.tmp
2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2CE.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2CB.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C5.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C4.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C3.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C0.tmp
2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2BF.tmp
2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B9.tmp
2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B7.tmp
2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B2.tmp
2009-10-05 14:34:12 ----A---- C:\WINDOWS\system32\SET2AF.tmp
2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2AC.tmp
2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2AB.tmp
2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2A9.tmp
2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2A7.tmp
2009-10-05 14:34:09 ----A---- C:\WINDOWS\system32\SET29E.tmp
2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET289.tmp
2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET288.tmp
2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET287.tmp
2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET286.tmp
2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET284.tmp
2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET282.tmp
2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET27F.tmp
2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET27C.tmp
2009-10-05 14:34:06 ----A---- C:\WINDOWS\system32\SET26C.tmp
2009-10-05 14:34:06 ----A---- C:\WINDOWS\system32\SET267.tmp
2009-10-05 14:34:05 ----A---- C:\WINDOWS\system32\SET264.tmp
2009-10-05 14:34:05 ----A---- C:\WINDOWS\system32\SET262.tmp
2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET25A.tmp
2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET256.tmp
2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET247.tmp
2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET244.tmp
2009-10-05 14:34:03 ----A---- C:\WINDOWS\system32\SET241.tmp
2009-10-05 14:34:03 ----A---- C:\WINDOWS\system32\SET23C.tmp
2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET236.tmp
2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET235.tmp
2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET233.tmp
2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET232.tmp
2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET231.tmp
2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET229.tmp
2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET224.tmp
2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET223.tmp
2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET222.tmp
2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET220.tmp
2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET21B.tmp
2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET212.tmp
2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET211.tmp
2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET20F.tmp
2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20C.tmp
2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20B.tmp
2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20A.tmp
2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1FA.tmp
2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F9.tmp
2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F8.tmp
2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F5.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F4.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F3.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F2.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F1.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EC.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EB.tmp
2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EA.tmp
2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1DA.tmp
2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1D2.tmp
2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1D1.tmp
2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C9.tmp
2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C7.tmp
2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C5.tmp
2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C3.tmp
2009-10-05 14:33:54 ----A---- C:\WINDOWS\system32\SET1C2.tmp
2009-10-05 14:32:33 ----A---- C:\WINDOWS\002949_.tmp
2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:52 ----A---- C:\WINDOWS\system32\SET1184.tmp
2009-10-01 15:55:49 ----A---- C:\WINDOWS\system32\SET115B.tmp
2009-10-01 15:55:48 ----A---- C:\WINDOWS\system32\SET114E.tmp
2009-10-01 15:55:48 ----A---- C:\WINDOWS\system32\SET1149.tmp
2009-10-01 15:55:47 ----N---- C:\WINDOWS\system32\SET1143.tmp
2009-10-01 15:55:47 ----A---- C:\WINDOWS\system32\SET1144.tmp
2009-10-01 15:55:46 ----A---- C:\WINDOWS\system32\SET1141.tmp
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:52:04 ----A---- C:\WINDOWS\system32\SET414.tmp
2009-10-01 15:52:04 ----A---- C:\WINDOWS\system32\SET411.tmp
2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET410.tmp
2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET40C.tmp
2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET409.tmp
2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET403.tmp
2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET400.tmp
2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET3FF.tmp
2009-10-01 15:52:01 ----A---- C:\WINDOWS\system32\SET3FB.tmp
2009-10-01 15:52:01 ----A---- C:\WINDOWS\system32\SET3F6.tmp
2009-10-01 15:52:00 ----A---- C:\WINDOWS\system32\SET3EF.tmp
2009-10-01 15:52:00 ----A---- C:\WINDOWS\system32\SET3ED.tmp
2009-10-01 15:51:59 ----A---- C:\WINDOWS\system32\SET3EA.tmp
2009-10-01 15:51:59 ----A---- C:\WINDOWS\system32\SET3E7.tmp
2009-10-01 15:51:58 ----A---- C:\WINDOWS\system32\SET3E2.tmp
2009-10-01 15:51:57 ----A---- C:\WINDOWS\system32\SET3DC.tmp
2009-10-01 15:51:56 ----A---- C:\WINDOWS\system32\SET3D4.tmp
2009-10-01 15:51:56 ----A---- C:\WINDOWS\system32\SET3D3.tmp
2009-10-01 15:51:55 ----A---- C:\WINDOWS\system32\SET3CE.tmp
2009-10-01 15:51:55 ----A---- C:\WINDOWS\system32\
Voici le dernier rapport de MBAM et j'ai également vidé la quarantaine :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2966
Windows 5.1.2600 Service Pack 2
19/10/2009 17:49:54
mbam-log-2009-10-19 (17-49-54).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 225168
Temps écoulé: 1 hour(s), 13 minute(s), 2 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
- Télécharge OTM (OldTimer) sur ton Bureau.
- Double-clique sur OTM.exe afin de le lancer.
- Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
|
- Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
- Clique maintenant sur le bouton MoveIt! puis ferme OTM.
---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
- Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
Bonjour Destrio5,
Ci dessous le rapport suite à l'exécution de OTM.exe
Nom du Fichier : 10192009_181055.log- Bloc-notes.
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\1st _ wlsetup-custom.exe moved successfully.
C:\MAJ _ Installation_WLMessenger2009.exe moved successfully.
C:\rapvo.exe moved successfully.
C:\kajcjgco.exe moved successfully.
C:\jmaox.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: damware_user
->Temp folder emptied: 4907480 bytes
->Temporary Internet Files folder emptied: 11997928 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: FARES
->Temp folder emptied: 7617625 bytes
->Temporary Internet Files folder emptied: 63288846 bytes
User: FARES JEAN - JACQUES
->Temp folder emptied: 175045337 bytes
->Temporary Internet Files folder emptied: 40534152 bytes
User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 112094 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2187293 bytes
%systemroot%\System32 .tmp files removed: 181584546 bytes
Windows Temp folder emptied: 141024319 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 599,23 mb
OTM by OldTimer - Version 3.0.0.6 log created on 10192009_181055
Files moved on Reboot...
Registry entries deleted on Reboot...
C'est bizzare les pubs ne viennent plus mais le LapTop rame maintenant à l'allumage. C'est à dire reste pendant longtemps sur ''...Activations de vos paramètres personnels ... et parfois les touches Ctrl+Alt+Suppr deviennent inactive (à beau appliquer la combinaison le système n'affiche pas l'écran d'entrée de mot de pas et ne donne pas non plus la main. Résultat : il faut appliquer l'arrêt critique.)
Le pire c'est pendant l'utilisation de la machine une fois le système démarré et le démarrage effective avec affichage du bureau. Toutes les fénêtres ouvertes restent bloquées et inactives pendant au moins cinq minutes avant de se remettre en activité et celà plusieurs fois dans la journée.
Désolé de trop t'en demander mais frnachement j'en souffre. Merci d'avance pour ton expertise et ton aide.
Tu as deux antivirus, il faut en retirer un.
OK Destrio5, j'ai vidé le nod32 et conservé celui du Bureau. Dois je supprimé tous ceux que j'ai télécharger par tes conseils tels que HIJACKTHIS, RSIT.exe, OTM.exe, etc...?
Je voudrais un antivirus, que pense tu de Nod32 pour mon ordi personnel à la maison, un conseil surement???
Merci et en attente de l'étape suivante
Le PC rame moins depuis la désinstallation de NOD32 ?
- Refais un scan RSIT et poste le rapport log.
Bonjour Destrio5,
Merci de ton aide,
Ci dessous le rapport généré :
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 63 GB (71%) free of 89 GB
Total RAM: 2027 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:27, on 21/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16327 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
shell\AutoRun\command - I:\LaunchU3.exe -a
======List of files/folders created in the last 3 months======
2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 18:10:55 ----D---- C:\_OTM
2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-19 16:58:22 ----D---- C:\rsit
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-30 17:43:35 ----D---- C:\Quarantine
2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
2009-09-30 10:32:23 ----D---- C:\Program Files\Google
2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 10:30:49 ----D---- C:\Program Files\Real
2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
2009-09-29 17:59:46 ----D---- C:\MyriadPro
2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-29 17:32:15 ----RHD---- C:\MSOCache
2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
2009-09-29 09:54:04 ----D---- C:\Program Files\Java
2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-29 09:04:50 ----RD---- C:\Program Files
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
2009-09-29 09:03:48 ----D---- C:\Documents and Settings
2009-09-29 09:03:43 ----N---- C:\LANG.INI
2009-09-29 09:03:02 ----SH---- C:\boot.ini
2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
2009-09-29 08:57:42 ----D---- C:\WINDOWS
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
2009-09-29 08:32:03 ----D---- C:\Intel
2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
2009-09-29 08:31:18 ----D---- C:\SWSetup
2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia
Et pour ma question ?
Sorry, Mieux qu'hier mais ralentissement tout de même !
Peux tu me conseiller un antivirus pour la maison ?
5 profils sur la Machine ! Chacun vient avec ses clés USB mais je suis le seul à avoir le profil Administrateur sur le poste de travail.
Merci Destrio5
| Citation : Peux tu me conseiller un antivirus pour la maison ? |
--> AntiVir mais il a des problèmes avec les mises à jour en ce moment.
/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\
- Télécharge ComboFix (sUBs) sur ton Bureau.
- Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
- Il va te demander d'installer la console de récupération : accepte.
- Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
""""/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\ """"
Comment je fais ça STP!
Bonsoir Destrio5
J'ai lancé le programme et voilà le résultat ci dessous, encore merci:
ComboFix 09-10-20.03 - FARES JEAN - JACQUES 21/10/2009 19:24.1.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2027.1258 [GMT 0:00]
Lancé depuis: c:\documents and settings\FARES JEAN - JACQUES\Bureau\ComboFix.exe
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\recycler\S-1-5-21-1823786710-5432986853-162648092-4256
c:\recycler\S-1-5-21-2337855295-9487429239-423964316-2489
c:\recycler\S-1-5-21-2526832691-9512609701-930732188-7082
c:\recycler\S-1-5-21-2657480434-2237066977-685518849-1576
c:\recycler\S-1-5-21-5339435592-8917314007-218163294-1186
c:\recycler\S-1-5-21-5445946500-9281122344-214705682-0881
c:\recycler\S-1-5-21-5882702017-3277552525-894734308-3149
c:\recycler\S-1-5-21-8377333903-9534122828-890641160-6264
c:\recycler\S-1-5-21-8899406358-6711113134-092866476-0134
c:\recycler\S-1-5-21-8952556325-7229592327-351828710-8101
c:\windows\system32\_004512_.tmp.dll
c:\windows\system32\_004513_.tmp.dll
c:\windows\system32\_004514_.tmp.dll
c:\windows\system32\_004515_.tmp.dll
c:\windows\system32\_004520_.tmp.dll
c:\windows\system32\_004521_.tmp.dll
c:\windows\system32\_004522_.tmp.dll
c:\windows\system32\_004523_.tmp.dll
c:\windows\system32\_004524_.tmp.dll
c:\windows\system32\_004525_.tmp.dll
c:\windows\system32\_004526_.tmp.dll
c:\windows\system32\_004527_.tmp.dll
c:\windows\system32\_004528_.tmp.dll
c:\windows\system32\_004529_.tmp.dll
c:\windows\system32\_004530_.tmp.dll
c:\windows\system32\_004531_.tmp.dll
c:\windows\system32\_004532_.tmp.dll
c:\windows\system32\_004533_.tmp.dll
c:\windows\system32\_004534_.tmp.dll
c:\windows\system32\_004535_.tmp.dll
c:\windows\system32\_004536_.tmp.dll
c:\windows\system32\_004537_.tmp.dll
c:\windows\system32\_004538_.tmp.dll
c:\windows\system32\_004539_.tmp.dll
c:\windows\system32\_004541_.tmp.dll
c:\windows\system32\_004542_.tmp.dll
c:\windows\system32\_004544_.tmp.dll
c:\windows\system32\_004545_.tmp.dll
c:\windows\system32\_004546_.tmp.dll
c:\windows\system32\_004547_.tmp.dll
c:\windows\system32\_004548_.tmp.dll
c:\windows\system32\_004549_.tmp.dll
c:\windows\system32\_004551_.tmp.dll
c:\windows\system32\_004552_.tmp.dll
c:\windows\system32\_004553_.tmp.dll
c:\windows\system32\_004554_.tmp.dll
c:\windows\system32\_004555_.tmp.dll
c:\windows\system32\_004556_.tmp.dll
c:\windows\system32\_004557_.tmp.dll
c:\windows\system32\_004558_.tmp.dll
c:\windows\system32\_004559_.tmp.dll
c:\windows\system32\_004561_.tmp.dll
c:\windows\system32\_004562_.tmp.dll
c:\windows\system32\_004563_.tmp.dll
c:\windows\system32\_004564_.tmp.dll
c:\windows\system32\_004565_.tmp.dll
c:\windows\system32\_004566_.tmp.dll
c:\windows\system32\_004567_.tmp.dll
c:\windows\system32\_004569_.tmp.dll
c:\windows\system32\_004570_.tmp.dll
c:\windows\system32\_004571_.tmp.dll
c:\windows\system32\_004572_.tmp.dll
c:\windows\system32\_004573_.tmp.dll
c:\windows\system32\_004575_.tmp.dll
c:\windows\system32\_004576_.tmp.dll
c:\windows\system32\_004577_.tmp.dll
c:\windows\system32\_004578_.tmp.dll
c:\windows\system32\_004579_.tmp.dll
c:\windows\system32\_004580_.tmp.dll
c:\windows\system32\_004582_.tmp.dll
c:\windows\system32\_004583_.tmp.dll
c:\windows\system32\_004584_.tmp.dll
c:\windows\system32\_004585_.tmp.dll
c:\windows\system32\_004586_.tmp.dll
c:\windows\system32\_004587_.tmp.dll
c:\windows\system32\_004589_.tmp.dll
c:\windows\system32\_004590_.tmp.dll
c:\windows\system32\_004591_.tmp.dll
c:\windows\system32\_004592_.tmp.dll
c:\windows\system32\_004593_.tmp.dll
c:\windows\system32\_004594_.tmp.dll
c:\windows\system32\_004595_.tmp.dll
c:\windows\system32\_004597_.tmp.dll
c:\windows\system32\_004598_.tmp.dll
c:\windows\system32\_004599_.tmp.dll
c:\windows\system32\_004600_.tmp.dll
c:\windows\system32\_004601_.tmp.dll
c:\windows\system32\_004602_.tmp.dll
c:\windows\system32\_004603_.tmp.dll
c:\windows\system32\_004604_.tmp.dll
c:\windows\system32\_004606_.tmp.dll
c:\windows\system32\_004607_.tmp.dll
c:\windows\system32\_004608_.tmp.dll
c:\windows\system32\_004611_.tmp.dll
c:\windows\system32\_004612_.tmp.dll
c:\windows\system32\_004616_.tmp.dll
c:\windows\system32\_004617_.tmp.dll
c:\windows\system32\_004619_.tmp.dll
c:\windows\system32\_004622_.tmp.dll
c:\windows\system32\_004624_.tmp.dll
c:\windows\system32\_004625_.tmp.dll
c:\windows\system32\_004626_.tmp.dll
c:\windows\system32\_004627_.tmp.dll
c:\windows\system32\_004630_.tmp.dll
c:\windows\system32\_004631_.tmp.dll
c:\windows\system32\_004632_.tmp.dll
c:\windows\system32\_004633_.tmp.dll
c:\windows\system32\_004634_.tmp.dll
c:\windows\system32\_004639_.tmp.dll
c:\windows\system32\_004641_.tmp.dll
c:\windows\system32\accelerometerst .exe
c:\windows\system32\ctfmon .exe
c:\windows\system32\dwrcst .exe
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat . . . . impossible à supprimer
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat . . . . impossible à supprimer
----- BITS: Il y a peut-être des sites infectés -----
hxxp://svr-ssowsus-01.mtn.ci
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-21 au 2009-10-21 ))))))))))))))))))))))))))))))))))))
.
2009-10-21 13:03 . 2009-10-21 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-19 18:10 . 2009-10-19 18:10 -------- d-----w- C:\_OTM
2009-10-19 17:31 . 2004-08-19 16:09 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-10-19 17:31 . 2004-08-19 16:09 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-10-19 16:58 . 2009-10-21 15:22 -------- d-----w- c:\program files\trend micro
2009-10-19 16:58 . 2009-10-19 16:59 -------- d-----w- C:\rsit
2009-10-19 10:16 . 2001-08-17 22:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-10-19 10:16 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\TechSmith
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\Malwarebytes
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\PC Suite
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01 . 2009-09-10 14:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01 . 2009-09-10 14:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\program files\TechSmith
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\TechSmith
2009-10-14 12:49 . 2009-10-14 12:49 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-10-14 10:51 . 2009-10-14 10:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-10-13 18:06 . 2008-03-21 13:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\PCSuite
2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\Nokia
2009-10-13 17:35 . 2008-08-26 10:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-10-13 13:02 . 2009-02-09 08:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-10-13 13:02 . 2009-10-13 17:36 -------- d-----w- c:\program files\Nokia
2009-10-13 12:09 . 2009-10-13 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-10-13 10:56 . 2009-10-13 10:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\ESET
2009-10-13 10:53 . 2009-10-20 18:32 -------- d-----w- c:\program files\ESET
2009-10-13 10:53 . 2009-10-13 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-13 10:48 . 2009-10-13 10:48 -------- d-----w- c:\documents and settings\LocalService\Application Data\Windows Search
2009-10-13 10:47 . 2009-10-14 18:20 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-10-12 18:26 . 2009-10-12 18:27 -------- d-----w- c:\windows\system32\NtmsData
2009-10-08 14:39 . 2009-10-08 14:39 9440 ----a-w- c:\windows\system32\drivers\mferkdetq.sys
2009-10-08 14:38 . 2009-10-08 14:38 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Search
2009-10-06 17:19 . 2009-10-06 17:19 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\WMTools Downloaded Files
2009-10-06 17:13 . 2009-10-21 13:57 -------- d-----w- c:\documents and settings\FARES\Application Data\vlc
2009-10-06 00:34 . 2006-03-02 11:00 938496 ----a-w- c:\windows\system32\dllcache\winbrand.dll
2009-10-05 23:50 . 2009-10-05 23:50 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Adobe
2009-10-05 17:04 . 2008-08-26 16:17 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-10-05 17:04 . 2008-07-24 12:02 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-10-05 17:04 . 2008-04-14 09:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-10-05 17:04 . 2007-08-09 04:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-10-05 17:04 . 2009-10-05 17:14 -------- d-----w- c:\program files\Mobile Partner
2009-10-05 16:15 . 2009-10-05 16:15 -------- d-----w- c:\program files\Western Digital Corp
2009-10-05 16:06 . 2009-10-05 16:06 -------- d-----w- c:\program files\Western Digital Corporation
2009-10-05 14:31 . 2006-03-02 11:00 71040 ------w- c:\windows\system32\drivers\_004505_.tmp.dll
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\ATI
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\ATI
2009-10-05 14:29 . 2009-10-05 14:29 83912 ----a-w- c:\documents and settings\damware_user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-05 14:29 . 2009-10-05 14:35 -------- d-----w- c:\documents and settings\damware_user\Application Data\CyberLink
2009-10-05 14:28 . 2009-10-05 14:28 -------- d-----r- c:\documents and settings\damware_user\Favoris
2009-10-05 14:28 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Microsoft Help
2009-10-05 14:28 . 2009-09-29 09:52 -------- d-----w- c:\documents and settings\damware_user\Application Data\Intel
2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage réseau
2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage d'impression
2009-10-05 14:28 . 2009-09-29 09:04 -------- d-----r- c:\documents and settings\damware_user\Menu Démarrer
2009-10-05 14:28 . 2009-09-29 07:08 -------- d--h--w- c:\documents and settings\damware_user\Modèles
2009-10-05 14:28 . 2009-10-06 00:29 -------- d-----w- c:\documents and settings\damware_user
2009-10-05 09:46 . 2009-10-05 09:52 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Adobe
2009-10-05 09:46 . 2006-06-29 13:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-10-02 10:25 . 2009-10-02 10:25 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Search
2009-10-01 16:36 . 2009-10-01 16:36 45056 ----a-w- c:\windows\system32\unzip32.dll
2009-10-01 16:00 . 2009-10-21 12:31 -------- d-----w- c:\documents and settings\FARES\Tracing
2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\ATI
2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Application Data\ATI
2009-10-01 15:57 . 2009-10-01 17:22 -------- d-----w- c:\documents and settings\FARES\Application Data\CyberLink
2009-10-01 15:57 . 2009-10-01 15:58 83912 ----a-w- c:\documents and settings\FARES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Bluetooth Software
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Identities
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Desktop Search
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Power2Go
2009-10-01 15:56 . 2004-08-10 11:11 172098 ----a-w- c:\windows\UTLite33.exe
2009-10-01 15:47 . 2006-03-02 11:00 71040 ------w- c:\windows\system32\drivers\_004494_.tmp.dll
2009-10-01 15:42 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-10-01 15:39 . 2009-10-01 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GroupPolicy
2009-10-01 10:03 . 2009-10-01 10:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-10-01 09:09 . 2009-10-01 12:17 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09 . 2009-10-20 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-09-30 19:00 . 2009-09-30 19:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:58 . 2009-10-21 15:14 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Tracing
2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-30 18:54 . 2009-09-30 18:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-30 18:52 . 2009-09-30 18:52 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 18:51 . 2009-09-30 18:55 -------- d-----w- c:\program files\Windows Live
2009-09-30 18:19 . 2009-09-30 18:19 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-30 17:43 . 2009-10-19 10:13 -------- d-----w- C:\Quarantine
2009-09-30 17:13 . 2009-09-30 17:48 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Contacts
2009-09-30 16:50 . 2009-10-19 17:59 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:46 . 2009-09-30 16:46 -------- d-----w- c:\program files\VideoLAN
2009-09-30 16:41 . 2009-10-05 09:45 -------- d-----w- c:\windows\system32\XPSViewer
2009-09-30 16:40 . 2009-09-30 16:40 -------- d-----w- c:\program files\Reference Assemblies
2009-09-30 16:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-30 16:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-30 16:39 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-30 16:39 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-30 16:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-30 16:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-30 16:39 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-30 16:32 . 2009-09-30 16:32 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\program files\MSXML 6.0
2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\windows\system32\DRM
2009-09-30 16:29 . 2009-07-19 13:29 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-09-30 16:29 . 2009-06-29 15:57 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-30 16:29 . 2009-06-29 15:57 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-30 16:29 . 2009-06-29 15:57 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-30 16:29 . 2009-06-29 15:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-09-30 16:29 . 2009-06-29 15:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-09-30 16:29 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-09-30 16:29 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Identities
2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:24 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\fr-FR
2009-09-30 16:24 . 2009-10-01 12:19 -------- d-----w- c:\program files\Windows Desktop Search
2009-09-30 16:24 . 2009-09-30 16:24 -------- d-----w- c:\windows\system32\GroupPolicy
2009-09-30 16:19 . 2009-09-30 16:19 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Adobe
2009-09-30 16:17 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2009-09-30 16:10 . 2009-10-06 00:46 -------- d-----w- c:\windows\ServicePackFiles
2009-09-30 16:10 . 2009-10-07 09:21 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-30 16:09 . 2009-09-30 16:09 -------- d-----w- c:\program files\MSXML 4.0
2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Power2Go
2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\program files\Cyberlink
2009-09-30 10:32 . 2009-09-30 10:32 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-21 12:33 . 2006-03-02 11:00 95154 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-21 12:33 . 2006-03-02 11:00 535788 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-20 19:11 . 2009-10-13 13:03 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-10-13 17:35 . 2009-10-13 13:02 -------- d-----w- c:\program files\DIFX
2009-10-13 17:35 . 2009-10-13 17:35 -------- d-----w- c:\program files\PC Connectivity Solution
2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-10-13 16:02 . 2009-10-13 16:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Desktop Search
2009-09-30 18:19 . 2009-09-29 08:35 83912 ----a-w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-30 10:37 . 2009-09-29 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 10:35 . 2003-03-18 21:20 1066544 ----a-w- c:\windows\system32\mfc71.dll
2009-09-29 17:01 . 2009-09-29 08:24 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-29 09:52 . 2009-10-01 15:55 -------- d-----w- c:\documents and settings\FARES\Application Data\Intel
2009-09-29 09:52 . 2009-09-29 08:33 -------- d-----w- c:\program files\Fichiers communs\Intel
2009-09-29 09:52 . 2009-09-29 08:32 -------- d-----w- c:\program files\Intel
2009-09-29 09:22 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared
2009-09-29 09:20 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Roxio Shared
2009-09-29 09:16 . 2009-09-29 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-09-29 09:10 . 2009-09-29 08:35 -------- d-----w- c:\program files\HPQ
2009-09-29 09:09 . 2009-09-29 07:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-09-29 08:55 . 2009-09-29 08:55 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2009-09-29 08:51 . 2009-09-29 08:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:50 . 2009-09-29 08:50 -------- d-----w- c:\program files\Synaptics
2009-09-29 08:46 . 2009-09-29 08:44 -------- d-----w- c:\program files\ATI Technologies
2009-09-29 08:38 . 2009-09-29 08:38 -------- d-----w- c:\program files\WIDCOMM
2009-09-29 08:37 . 2009-09-29 08:37 1605 --sha-r- c:\windows\system32\drivers\103C_HP_NTBK_HP EliteBook 8530p_YN_0U_Q2CE9061WVT_EU_46_I30E7_SHP_VKBC Version 90.1F_B68PDV Ver. F.06_T081215_WXP2_L40C_M2028_J250_7Intel_8Pentium III Xeon_92.53_#090929_N_()_XMOBILE_CN10_Z_2F.06_G.MRK
2009-09-29 08:35 . 2009-09-29 08:35 -------- d-----w- c:\program files\Common Files
2009-09-29 08:26 . 2009-09-29 08:26 -------- d-----w- c:\program files\Analog Devices
2009-09-29 07:11 . 2009-09-29 07:11 -------- d-----w- c:\program files\microsoft frontpage
2009-09-29 07:10 . 2009-09-29 07:10 -------- d-----w- c:\program files\Services en ligne
2009-09-29 07:08 . 2009-09-29 07:08 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-17 23:33 . 2009-08-17 23:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 19:24 . 2009-09-29 07:09 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 19:24 . 2009-09-29 07:09 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 19:24 . 2009-09-29 07:09 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 19:24 . 2008-01-23 16:34 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 19:24 . 2009-09-29 07:09 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 19:24 . 2006-03-02 11:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 19:23 . 2009-09-29 07:09 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 19:23 . 2009-09-29 07:09 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 19:23 . 2009-08-06 19:23 215904 ----a-w- c:\windows\system32\muweb.dll
2009-08-05 09:06 . 2006-03-02 11:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 10:23 . 2006-03-02 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:53 . 2006-03-02 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 16:44 . 2009-07-26 16:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FRYMXINS"="c:\program files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
"CLJ"="0 (0x0)" [X]
"picon"="c:\program files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-06-02 367128]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\dvdcheck .exe" [2008-05-23 197904]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-04-30 1347584]
"IntelWireless"="c:\program files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" [2008-04-30 1191936]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-09 124240]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-11-10 136512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
"Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\dvdcheck .exe [2009-9-29 197904]
SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\0\0]
"Script"=hdepls.vbe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\1\0]
"Script"=UTLiteNT.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\2\0]
"Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-7857\Scripts\Logon\0\0]
"Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [29/09/2009 08:26 24064]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\drivers\dwvkbd.sys [15/02/2007 16:00 26624]
R2 EnatelWGSS;E-SSO Security Services;c:\program files\Fichiers communs\Evidian\WGSS\WGSS.exe [05/03/2009 16:13 36864]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [09/04/2009 18:07 21256]
R2 mferkdetq;mferkdetq;c:\windows\system32\drivers\mferkdetq.sys [08/10/2009 14:39 9440]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29/09/2009 14:50 70216]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [29/09/2009 09:11 576024]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.EXE [29/09/2009 08:33 2058776]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [29/09/2009 08:51 193840]
R3 DwMirror;DwMirror;c:\windows\system32\drivers\DamewareMini.sys [07/02/2007 16:00 3712]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [29/09/2009 08:49 244368]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [29/09/2009 08:49 47616]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [29/09/2009 18:11 87424]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29/09/2009 14:50 65224]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [08/04/2008 12:12 1112560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyServer = proxy.mtn.ci:8081
uInternet Settings,ProxyOverride = <local>
IE: &Google Search - c:\program files\Google\googletoolbar.dll/cmsearch.html
IE: Backward &Links - c:\program files\Google\googletoolbar.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\Google\googletoolbar.dll/cmcache.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Si&milar Pages - c:\program files\Google\googletoolbar.dll/cmsimilar.html
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
HKCU-Run-SuperCopier2.exe - c:\program files\SuperCopier2\SuperCopier2.exe
HKLM-Run-DameWare MRC Agent - c:\windows\system32\DWRCST.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-21 19:36
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CLJ = 63
Recherche de fichiers cachés ...
c:\windows\TEMP\Cbmgr14300 0 bytes
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1092)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(4792)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre-ca.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\SYSTEM32\DWRCS.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\program files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
c:\windows\system32\Ati2evxx.exe
c:\combofix\CF4095.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\McAfee\Common Framework\McTray.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\TechSmith\SnagIt 9\TSCHelp.exe
c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
c:\program files\TechSmith\SnagIt 9\snagiteditor.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Heure de fin: 2009-10-21 19:40 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-21 19:40
Avant-CF: 65 756 286 976 octets libres
Après-CF: 65 747 095 552 octets libres
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
- - End Of File - - 00E5B82344AF88F9E5721270478FCACC
En attente de te lire encore ...
Cordialement
NB :
Vu que j'utilise les mêmes clé USB pour les mêmes machines (c'est à dire le Desktop de bureau et mon DeskTop de la maison.) pourrais appliquer les mêmes étapes utilisée pour checker mon LapTop sur les autres postes et te les envoyer en t'indiquant biensûr chaque fois l'ordi en examen? Merci d'avance de ton retour.
| Citation : Vu que j'utilise les mêmes clé USB pour les mêmes machines (c'est à dire le Desktop de bureau et mon DeskTop de la maison.) pourrais appliquer les mêmes étapes utilisée pour checker mon LapTop sur les autres postes et te les envoyer en t'indiquant biensûr chaque fois l'ordi en examen? Merci d'avance de ton retour. |
--> Dans tes rapports, je n'ai pas vu d'infection se transmettant avec les clés USB.
Le PC va mieux depuis ComboFix ?
Milles Fois Merci c'est Ok now ! Il est revenu à ses performances d'antant ! Je te remercie infiniment ! Pourrais je essayer la même méthode step by step pour les deux autres et te poster au fur et à mesure les éléments de rapports STP ?
Et please comment on inscrit résolu lorsque tout est terminé sur le forum ! vraimentg désolée !
/!\ Seul KAKOUL peut suivre cette procédure /!\
Désactive toute protection résidente (Antivirus...) !
---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :
KillAll::
|
---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.
- Colle (CTRL+V) le texte dans le Bloc-notes.
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer.
- Quitte le Bloc-notes.
---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
- Cela va relancer Combofix : au message qui apparaît, accepte.
- Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
- Ne touche à rien tant que le scan n'est pas terminé.
- Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
- Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
ComboFix 09-10-20.03 - FARES JEAN - JACQUES 22/10/2009 11:09.2.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2027.1137 [GMT 0:00]
Lancé depuis: c:\documents and settings\FARES JEAN - JACQUES\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\FARES JEAN - JACQUES\Bureau\CFScript.txt
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FILE ::
"c:\windows\system32\drivers\_004494_.tmp.dll"
"c:\windows\system32\drivers\_004505_.tmp.dll"
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\_004494_.tmp.dll
c:\windows\system32\drivers\_004505_.tmp.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-09-22 au 2009-10-22 ))))))))))))))))))))))))))))))))))))
.
2009-10-21 13:03 . 2009-10-21 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-10-19 18:10 . 2009-10-19 18:10 -------- d-----w- C:\_OTM
2009-10-19 17:31 . 2004-08-19 16:09 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-10-19 17:31 . 2004-08-19 16:09 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-10-19 16:58 . 2009-10-21 15:22 -------- d-----w- c:\program files\trend micro
2009-10-19 16:58 . 2009-10-19 16:59 -------- d-----w- C:\rsit
2009-10-19 10:16 . 2001-08-17 22:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-10-19 10:16 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\TechSmith
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\Malwarebytes
2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\PC Suite
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01 . 2009-09-10 14:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01 . 2009-09-10 14:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\program files\TechSmith
2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\TechSmith
2009-10-14 12:49 . 2009-10-14 12:49 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
2009-10-14 10:51 . 2009-10-14 10:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-10-13 18:06 . 2008-03-21 13:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\PCSuite
2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\Nokia
2009-10-13 17:35 . 2008-08-26 10:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-10-13 13:02 . 2009-02-09 08:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-10-13 13:02 . 2009-10-13 17:36 -------- d-----w- c:\program files\Nokia
2009-10-13 12:09 . 2009-10-13 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-10-13 10:56 . 2009-10-13 10:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\ESET
2009-10-13 10:53 . 2009-10-20 18:32 -------- d-----w- c:\program files\ESET
2009-10-13 10:53 . 2009-10-13 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-10-13 10:48 . 2009-10-13 10:48 -------- d-----w- c:\documents and settings\LocalService\Application Data\Windows Search
2009-10-13 10:47 . 2009-10-14 18:20 -------- d-----r- c:\documents and settings\LocalService\Favoris
2009-10-12 18:26 . 2009-10-12 18:27 -------- d-----w- c:\windows\system32\NtmsData
2009-10-08 14:39 . 2009-10-08 14:39 9440 ----a-w- c:\windows\system32\drivers\mferkdetq.sys
2009-10-08 14:38 . 2009-10-08 14:38 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Search
2009-10-06 17:19 . 2009-10-06 17:19 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\WMTools Downloaded Files
2009-10-06 17:13 . 2009-10-21 13:57 -------- d-----w- c:\documents and settings\FARES\Application Data\vlc
2009-10-06 00:34 . 2006-03-02 11:00 938496 ----a-w- c:\windows\system32\dllcache\winbrand.dll
2009-10-05 23:50 . 2009-10-05 23:50 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Adobe
2009-10-05 17:04 . 2008-08-26 16:17 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-10-05 17:04 . 2008-07-24 12:02 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-10-05 17:04 . 2008-04-14 09:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-10-05 17:04 . 2007-08-09 04:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-10-05 17:04 . 2009-10-05 17:14 -------- d-----w- c:\program files\Mobile Partner
2009-10-05 16:15 . 2009-10-05 16:15 -------- d-----w- c:\program files\Western Digital Corp
2009-10-05 16:06 . 2009-10-05 16:06 -------- d-----w- c:\program files\Western Digital Corporation
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\ATI
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\ATI
2009-10-05 14:29 . 2009-10-05 14:29 83912 ----a-w- c:\documents and settings\damware_user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-05 14:29 . 2009-10-05 14:35 -------- d-----w- c:\documents and settings\damware_user\Application Data\CyberLink
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Identities
2009-10-05 14:28 . 2009-10-05 14:28 -------- d-----r- c:\documents and settings\damware_user\Favoris
2009-10-05 14:28 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Microsoft Help
2009-10-05 14:28 . 2009-09-29 09:52 -------- d-----w- c:\documents and settings\damware_user\Application Data\Intel
2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage réseau
2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage d'impression
2009-10-05 14:28 . 2009-09-29 09:04 -------- d-----r- c:\documents and settings\damware_user\Menu Démarrer
2009-10-05 14:28 . 2009-09-29 07:08 -------- d--h--w- c:\documents and settings\damware_user\Modèles
2009-10-05 14:28 . 2009-10-06 00:29 -------- d-----w- c:\documents and settings\damware_user
2009-10-05 09:46 . 2009-10-05 09:52 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Adobe
2009-10-05 09:46 . 2006-06-29 13:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-10-02 10:25 . 2009-10-02 10:25 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Search
2009-10-01 16:36 . 2009-10-01 16:36 45056 ----a-w- c:\windows\system32\unzip32.dll
2009-10-01 16:00 . 2009-10-22 09:28 -------- d-----w- c:\documents and settings\FARES\Tracing
2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\ATI
2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Application Data\ATI
2009-10-01 15:57 . 2009-10-01 17:22 -------- d-----w- c:\documents and settings\FARES\Application Data\CyberLink
2009-10-01 15:57 . 2009-10-01 15:58 83912 ----a-w- c:\documents and settings\FARES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Bluetooth Software
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Identities
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Desktop Search
2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Power2Go
2009-10-01 15:56 . 2004-08-10 11:11 172098 ----a-w- c:\windows\UTLite33.exe
2009-10-01 15:42 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-10-01 15:39 . 2009-10-01 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GroupPolicy
2009-10-01 10:03 . 2009-10-01 10:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
2009-10-01 09:09 . 2009-10-01 12:17 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09 . 2009-10-20 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-09-30 19:00 . 2009-09-30 19:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:58 . 2009-10-22 10:23 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Tracing
2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-30 18:54 . 2009-09-30 18:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-30 18:52 . 2009-09-30 18:52 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-30 18:51 . 2009-09-30 18:55 -------- d-----w- c:\program files\Windows Live
2009-09-30 18:19 . 2009-09-30 18:19 -------- d-----w- c:\program files\Fichiers communs\Windows Live
2009-09-30 17:43 . 2009-10-19 10:13 -------- d-----w- C:\Quarantine
2009-09-30 17:13 . 2009-09-30 17:48 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Contacts
2009-09-30 16:50 . 2009-10-21 20:34 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:46 . 2009-09-30 16:46 -------- d-----w- c:\program files\VideoLAN
2009-09-30 16:41 . 2009-10-05 09:45 -------- d-----w- c:\windows\system32\XPSViewer
2009-09-30 16:40 . 2009-09-30 16:40 -------- d-----w- c:\program files\Reference Assemblies
2009-09-30 16:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-30 16:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-30 16:39 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-30 16:39 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-30 16:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-30 16:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-30 16:39 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-30 16:32 . 2009-09-30 16:32 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\program files\MSXML 6.0
2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\windows\system32\DRM
2009-09-30 16:29 . 2009-07-19 13:29 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-09-30 16:29 . 2009-06-29 15:57 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-30 16:29 . 2009-06-29 15:57 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-30 16:29 . 2009-06-29 15:57 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-30 16:29 . 2009-06-29 15:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2009-09-30 16:29 . 2009-06-29 15:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2009-09-30 16:29 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2009-09-30 16:29 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Identities
2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:24 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\fr-FR
2009-09-30 16:24 . 2009-10-01 12:19 -------- d-----w- c:\program files\Windows Desktop Search
2009-09-30 16:24 . 2009-09-30 16:24 -------- d-----w- c:\windows\system32\GroupPolicy
2009-09-30 16:19 . 2009-09-30 16:19 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Adobe
2009-09-30 16:17 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2009-09-30 16:10 . 2009-10-06 00:46 -------- d-----w- c:\windows\ServicePackFiles
2009-09-30 16:10 . 2009-10-07 09:21 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-30 16:09 . 2009-09-30 16:09 -------- d-----w- c:\program files\MSXML 4.0
2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Power2Go
2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\program files\Cyberlink
2009-09-30 10:32 . 2009-09-30 10:32 -------- d-----w- c:\program files\Google
2009-09-30 10:30 . 2009-10-14 15:00 -------- d-----w- c:\program files\Fichiers communs\Real
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-22 09:30 . 2006-03-02 11:00 95154 ----a-w- c:\windows\system32\perfc00C.dat
2009-10-22 09:30 . 2006-03-02 11:00 535788 ----a-w- c:\windows\system32\perfh00C.dat
2009-10-20 19:11 . 2009-10-13 13:03 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-10-13 17:35 . 2009-10-13 13:02 -------- d-----w- c:\program files\DIFX
2009-10-13 17:35 . 2009-10-13 17:35 -------- d-----w- c:\program files\PC Connectivity Solution
2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-10-13 16:02 . 2009-10-13 16:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Desktop Search
2009-09-30 18:19 . 2009-09-29 08:35 83912 ----a-w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-30 10:37 . 2009-09-29 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 10:35 . 2003-03-18 21:20 1066544 ----a-w- c:\windows\system32\mfc71.dll
2009-09-29 17:01 . 2009-09-29 08:24 -------- d-----w- c:\program files\Hewlett-Packard
2009-09-29 09:52 . 2009-10-01 15:55 -------- d-----w- c:\documents and settings\FARES\Application Data\Intel
2009-09-29 09:52 . 2009-09-29 08:33 -------- d-----w- c:\program files\Fichiers communs\Intel
2009-09-29 09:52 . 2009-09-29 08:32 -------- d-----w- c:\program files\Intel
2009-09-29 09:22 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared
2009-09-29 09:20 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Roxio Shared
2009-09-29 09:16 . 2009-09-29 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-09-29 09:10 . 2009-09-29 08:35 -------- d-----w- c:\program files\HPQ
2009-09-29 09:09 . 2009-09-29 07:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-09-29 08:55 . 2009-09-29 08:55 0 ----a-w- c:\windows\ativpsrm.bin
2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2009-09-29 08:51 . 2009-09-29 08:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:50 . 2009-09-29 08:50 -------- d-----w- c:\program files\Synaptics
2009-09-29 08:46 . 2009-09-29 08:44 -------- d-----w- c:\program files\ATI Technologies
2009-09-29 08:38 . 2009-09-29 08:38 -------- d-----w- c:\program files\WIDCOMM
2009-09-29 08:37 . 2009-09-29 08:37 1605 --sha-r- c:\windows\system32\drivers\103C_HP_NTBK_HP EliteBook 8530p_YN_0U_Q2CE9061WVT_EU_46_I30E7_SHP_VKBC Version 90.1F_B68PDV Ver. F.06_T081215_WXP2_L40C_M2028_J250_7Intel_8Pentium III Xeon_92.53_#090929_N_()_XMOBILE_CN10_Z_2F.06_G.MRK
2009-09-29 08:35 . 2009-09-29 08:35 -------- d-----w- c:\program files\Common Files
2009-09-29 08:26 . 2009-09-29 08:26 -------- d-----w- c:\program files\Analog Devices
2009-09-29 07:11 . 2009-09-29 07:11 -------- d-----w- c:\program files\microsoft frontpage
2009-09-29 07:10 . 2009-09-29 07:10 -------- d-----w- c:\program files\Services en ligne
2009-09-29 07:08 . 2009-09-29 07:08 21892 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-17 23:33 . 2009-08-17 23:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-06 19:24 . 2009-09-29 07:09 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 19:24 . 2009-09-29 07:09 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 19:24 . 2009-09-29 07:09 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 19:24 . 2008-01-23 16:34 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 19:24 . 2009-09-29 07:09 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 19:24 . 2006-03-02 11:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 19:23 . 2009-09-29 07:09 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 19:23 . 2009-09-29 07:09 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 19:23 . 2009-08-06 19:23 215904 ----a-w- c:\windows\system32\muweb.dll
2009-08-05 09:06 . 2006-03-02 11:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 10:23 . 2006-03-02 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-29 04:53 . 2006-03-02 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-07-26 16:44 . 2009-07-26 16:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-10-21_19.36.10 )))))))))))))))))))))))))))))))))))))))))
.
- 2006-03-02 11:00 . 2009-10-21 19:37 72180 c:\windows\system32\perfc009.dat
+ 2006-03-02 11:00 . 2009-10-22 09:30 72180 c:\windows\system32\perfc009.dat
+ 2006-03-02 11:00 . 2009-10-22 09:30 443922 c:\windows\system32\perfh009.dat
- 2006-03-02 11:00 . 2009-10-21 19:37 443922 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FRYMXINS"="c:\program files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
"CLJ"="0 (0x0)" [X]
"picon"="c:\program files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-06-02 367128]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"WatchDog"="c:\program files\InterVideo\DVD Check\dvdcheck .exe" [2008-05-23 197904]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-04-30 1347584]
"IntelWireless"="c:\program files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" [2008-04-30 1191936]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-09 124240]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-11-10 136512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
"Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"DameWare MRC Agent"="c:\windows\system32\DWRCST.exe" [BU]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
DVD Check.lnk - c:\program files\InterVideo\DVD Check\dvdcheck .exe [2009-9-29 197904]
SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\0\0]
"Script"=hdepls.vbe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\1\0]
"Script"=UTLiteNT.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\2\0]
"Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-7857\Scripts\Logon\0\0]
"Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [29/09/2009 08:26 24064]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\drivers\dwvkbd.sys [15/02/2007 16:00 26624]
R2 EnatelWGSS;E-SSO Security Services;c:\program files\Fichiers communs\Evidian\WGSS\WGSS.exe [05/03/2009 16:13 36864]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [09/04/2009 18:07 21256]
R2 mferkdetq;mferkdetq;c:\windows\system32\drivers\mferkdetq.sys [08/10/2009 14:39 9440]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29/09/2009 14:50 70216]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [29/09/2009 09:11 576024]
R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.EXE [29/09/2009 08:33 2058776]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [29/09/2009 08:51 193840]
R3 DwMirror;DwMirror;c:\windows\system32\drivers\DamewareMini.sys [07/02/2007 16:00 3712]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [29/09/2009 08:49 244368]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [29/09/2009 08:49 47616]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [29/09/2009 18:11 87424]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29/09/2009 14:50 65224]
S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [08/04/2008 12:12 1112560]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyServer = proxy.mtn.ci:8081
uInternet Settings,ProxyOverride = <local>
IE: &Google Search - c:\program files\Google\googletoolbar.dll/cmsearch.html
IE: Backward &Links - c:\program files\Google\googletoolbar.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\Google\googletoolbar.dll/cmcache.html
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Si&milar Pages - c:\program files\Google\googletoolbar.dll/cmsimilar.html
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.
- - - - ORPHELINS SUPPRIMES - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-22 11:14
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CLJ = 63
Recherche de fichiers cachés ...
c:\documents and settings\FARES JEAN - JACQUES\Application Data\Microsoft\MSN Messenger\sqmdata00.sqm 508 bytes
c:\documents and settings\FARES JEAN - JACQUES\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm 296 bytes
Scan terminé avec succès
Fichiers cachés: 2
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(1080)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2824)
c:\windows\system32\btmmhook.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre-ca.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\SYSTEM32\DWRCS.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\program files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
c:\windows\system32\Ati2evxx.exe
c:\combofix\CF20456.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\McAfee\Common Framework\McTray.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\TechSmith\SnagIt 9\TSCHelp.exe
c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Windows Live\Contacts\wlcomm.exe
c:\program files\TechSmith\SnagIt 9\snagiteditor.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Heure de fin: 2009-10-22 11:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-10-22 11:19
ComboFix2.txt 2009-10-21 19:40
Avant-CF: 65 692 160 000 octets libres
Après-CF: 65 682 989 056 octets libres
- - End Of File - - 2EC7FD56D4CF6B9B17AB1201D6F39C9B
bonjour Destrio5,
Ci dessus le rapport généré après exécution de la procédure. Merci.
NB : Mon Desktop de la maison n'arrive plus à démarrer. il demande de paramétrer le CMOS avant de continuer et 10 seconde plus tard il s'éteint ? Dans quel sujet de Forum je peux le classer?
Merci
| Citation : NB : Mon Desktop de la maison n'arrive plus à démarrer. il demande de paramétrer le CMOS avant de continuer et 10 seconde plus tard il s'éteint ? Dans quel sujet de Forum je peux le classer? |
--> Dans Hardware je pense.
- Menu Démarrer > Exécuter > Tape ComboFix /u et valide.
- Poste le rapport info situé dans C:\rsit.
Le voilà !
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 63 GB (71%) free of 89 GB
Total RAM: 2027 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:27, on 21/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16327 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
shell\AutoRun\command - I:\LaunchU3.exe -a
======List of files/folders created in the last 3 months======
2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 18:10:55 ----D---- C:\_OTM
2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-19 16:58:22 ----D---- C:\rsit
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-30 17:43:35 ----D---- C:\Quarantine
2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
2009-09-30 10:32:23 ----D---- C:\Program Files\Google
2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 10:30:49 ----D---- C:\Program Files\Real
2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
2009-09-29 17:59:46 ----D---- C:\MyriadPro
2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-29 17:32:15 ----RHD---- C:\MSOCache
2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
2009-09-29 09:54:04 ----D---- C:\Program Files\Java
2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-29 09:04:50 ----RD---- C:\Program Files
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
2009-09-29 09:03:48 ----D---- C:\Documents and Settings
2009-09-29 09:03:43 ----N---- C:\LANG.INI
2009-09-29 09:03:02 ----SH---- C:\boot.ini
2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
2009-09-29 08:57:42 ----D---- C:\WINDOWS
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
2009-09-29 08:32:03 ----D---- C:\Intel
2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
2009-09-29 08:31:18 ----D---- C:\SWSetup
2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-09-29 08:26:01 ----D---- C:\Program Files\Analog D
C'est le rapport log que tu m'as posté.
c'est le seul que j'ai trouvé avec un du 19/10/2009 appelé Info.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 63 GB (71%) free of 89 GB
Total RAM: 2027 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:27, on 21/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16327 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
shell\AutoRun\command - I:\LaunchU3.exe -a
======List of files/folders created in the last 3 months======
2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 18:10:55 ----D---- C:\_OTM
2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-19 16:58:22 ----D---- C:\rsit
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-30 17:43:35 ----D---- C:\Quarantine
2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
2009-09-30 10:32:23 ----D---- C:\Program Files\Google
2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 10:30:49 ----D---- C:\Program Files\Real
2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
2009-09-29 17:59:46 ----D---- C:\MyriadPro
2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-29 17:32:15 ----RHD---- C:\MSOCache
2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
2009-09-29 09:54:04 ----D---- C:\Program Files\Java
2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-29 09:04:50 ----RD---- C:\Program Files
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
2009-09-29 09:03:48 ----D---- C:\Documents and Settings
2009-09-29 09:03:43 ----N---- C:\LANG.INI
2009-09-29 09:03:02 ----SH---- C:\boot.ini
2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
2009-09-29 08:57:42 ----D---- C:\WINDOWS
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
2009-09-29 08:32:03 ----D---- C:\Intel
2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
2009-09-29 08:31:18 ----D---- C:\SWSetup
2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
Dois je rechercher un autre ? Le système m'a annoncé que combo.exe a été bien désinstallé.
1/
- Télécharge ToolsCleaner2 sur ton Bureau.
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : les rapports sont sauvegardés dans le dossier C:\rsit.
Salut Destrio5,
Désolé pour le temps de réponse si long. But je suis maintenant de retour. Ci dessous tu trouvreras les éléments des rapports.
1 / TCLEANER
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\Combofix.txt: trouvé !
C:\Combofix: trouvé !
C:\_OTM: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\OTM.exe: trouvé !
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\OTM.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Combofix.txt: supprimé !
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Combofix: supprimé !
C:\_OTM: supprimé !
C:\Rsit: supprimé !
2/ RSIT
A/ Logfile
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-28 09:27:26
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 69 GB (77%) free of 89 GB
Total RAM: 2027 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:43, on 28/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
C:\DOCUME~1\FARESJ~1\LOCALS~1\Temp\jre-6u16-windows-i586-iftw_a02a0d4e.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'FARES')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'FARES')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16420 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
======List of files/folders created in the last 3 months======
2009-10-28 09:27:26 ----D---- C:\rsit
2009-10-26 16:44:07 ----A---- C:\TCleaner.txt
2009-10-26 16:40:43 ----D---- C:\WINDOWS\Temp
2009-10-21 19:23:14 ----A---- C:\Boot.bak
2009-10-21 19:23:11 ----RASHD---- C:\cmdcons
2009-10-21 19:21:25 ----D---- C:\WINDOWS\ERDNT
2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:34:58 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-30 17:43:35 ----D---- C:\Quarantine
2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
2009-09-30 10:32:23 ----D---- C:\Program Files\Google
2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 10:30:49 ----D---- C:\Program Files\Real
2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
2009-09-29 17:59:46 ----D---- C:\MyriadPro
2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-29 17:32:15 ----RHD---- C:\MSOCache
2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
2009-09-29 09:54:04 ----D---- C:\Program Files\Java
2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-29 09:04:50 ----RD---- C:\Program Files
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
2009-09-29 09:03:48 ----D---- C:\Documents and Settings
2009-09-29 09:03:43 ----N---- C:\LANG.INI
2009-09-29 09:03:02 ----RASH---- C:\boot.ini
2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
2009-09-29 08:57:42 ----D---- C:\WINDOWS
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
2009-09-29 08:32:03 ----D---- C:\Intel
2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
2009-09-29 08:31:18 ----D---- C:\SWSetup
2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-09-29 08:26:01 ----D---- C:\Program Files\Analog Devices
2009-09-29 08:26:01 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-09-29 08:25:05 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-29 08:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-09-29 08:24:46 ----D---- C:\Program Files\Hewlett-Packard
2009-09-29 08:21:34 ----D---- C:\SYSTEM.SAV
2009-09-29 07:31:16 ----A---- C:\WINDOWS\system32\wnaspi32.dll
2009-09-29 07:31:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-29 07:30:48 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-09-29 07:16:55 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Identities
2009-09-29 07:16:53 ----HD---- C:\Program Files\Uninstall Information
2009-09-29 07:16:49 ----ASH---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\desktop.ini
2009-09-29 07:16:48 ----SD---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Microsoft
2009-09-29 07:16:05 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-29 07:16:04 ----SD---- C:\WINDOWS\system32\Microsoft
2009-09-29 07:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-29 07:11:48 ----D---- C:\WINDOWS\system32\xircom
2009-09-29 07:11:48 ----D---- C:\Program Files\xerox
2009-09-29 07:11:48 ----D---- C:\Program Files\microsoft frontpage
2009-09-29 07:11:27 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-29 07:11:20 ----A---- C:\WINDOWS\control.ini
2009-09-29 07:11:20 ----A---- C:\AUTOEXEC.BAT
2009-09-29 07:11:14 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-29 07:11:12 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-09-29 07:10:42 ----RD---- C:\WINDOWS\Offline Web Pages
2009-09-29 07:10:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-29 07:10:41 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-09-29 07:10:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-09-29 07:10:34 ----HD---- C:\Program Files\WindowsUpdate
2009-09-29 07:10:33 ----D---- C:\Program Files\Services en ligne
2009-09-29 07:10:20 ----D---- C:\WINDOWS\system32\DirectX
2009-09-29 07:09:59 ----A---- C:\WINDOWS\system32\atrace.dll
2009-09-29 07:09:56 ----A---- C:\WINDOWS\system32\desktop.ini
2009-09-29 07:09:56 ----A---- C:\WINDOWS\desktop.ini
2009-09-29 07:09:49 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-09-29 07:09:48 ----A---- C:\WINDOWS\system32\acctres.dll
2009-09-29 07:09:47 ----D---- C:\Program Files\Fichiers communs\Services
2009-09-29 07:09:44 ----SD---- C:\WINDOWS\Tasks
2009-09-29 07:09:44 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-09-29 07:09:43 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-09-29 07:09:39 ----D---- C:\WINDOWS\srchasst
2009-09-29 07:09:38 ----D---- C:\WINDOWS\system32\Macromed
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-29 07:09:34 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-29 07:09:30 ----D---- C:\Program Files\Movie Maker
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-29 07:09:23 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-09-29 07:09:22 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-09-29 07:09:22 ----D---- C:\WINDO
Je pense avoir fait une erreur de poste donc ci dessous les éléments RSIT avec en 1er les Log et 2nd l'info :
Logfile of random's system information tool 1.06 (written by random/random)
Run by FARES JEAN - JACQUES at 2009-10-28 09:27:26
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 69 GB (77%) free of 89 GB
Total RAM: 2027 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:43, on 28/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\SYSTEM32\DWRCS.EXE
C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
C:\DOCUME~1\FARESJ~1\LOCALS~1\Temp\jre-6u16-windows-i586-iftw_a02a0d4e.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rl [...] ?clid=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'FARES')
O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'FARES')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 5610067562
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] ader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 16420 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
"FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
"IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
"Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
"CLJ"=0 []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"
======List of files/folders created in the last 3 months======
2009-10-28 09:27:26 ----D---- C:\rsit
2009-10-26 16:44:07 ----A---- C:\TCleaner.txt
2009-10-26 16:40:43 ----D---- C:\WINDOWS\Temp
2009-10-21 19:23:14 ----A---- C:\Boot.bak
2009-10-21 19:23:11 ----RASHD---- C:\cmdcons
2009-10-21 19:21:25 ----D---- C:\WINDOWS\ERDNT
2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
2009-10-06 00:34:58 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\msgsvc.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\kernel32.dll
2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\comctl32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\userinit.exe
2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\services.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntoskrnl.exe
2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
2009-09-30 17:43:35 ----D---- C:\Quarantine
2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
2009-09-30 10:32:23 ----D---- C:\Program Files\Google
2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
2009-09-30 10:30:49 ----D---- C:\Program Files\Real
2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
2009-09-29 17:59:46 ----D---- C:\MyriadPro
2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-09-29 17:32:15 ----RHD---- C:\MSOCache
2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
2009-09-29 09:54:04 ----D---- C:\Program Files\Java
2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
2009-09-29 09:04:50 ----RD---- C:\Program Files
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
2009-09-29 09:03:48 ----D---- C:\Documents and Settings
2009-09-29 09:03:43 ----N---- C:\LANG.INI
2009-09-29 09:03:02 ----RASH---- C:\boot.ini
2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
2009-09-29 08:57:42 ----D---- C:\WINDOWS
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
2009-09-29 08:32:03 ----D---- C:\Intel
2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
2009-09-29 08:31:18 ----D---- C:\SWSetup
2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
2009-09-29 08:26:01 ----D---- C:\Program Files\Analog Devices
2009-09-29 08:26:01 ----A---- C:\WINDOWS\system32\DSndUp.exe
2009-09-29 08:25:05 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-09-29 08:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-09-29 08:24:46 ----D---- C:\Program Files\Hewlett-Packard
2009-09-29 08:21:34 ----D---- C:\SYSTEM.SAV
2009-09-29 07:31:16 ----A---- C:\WINDOWS\system32\wnaspi32.dll
2009-09-29 07:31:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-29 07:30:48 ----D---- C:\Program Files\Fichiers communs\InstallShield
2009-09-29 07:16:55 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Identities
2009-09-29 07:16:53 ----HD---- C:\Program Files\Uninstall Information
2009-09-29 07:16:49 ----ASH---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\desktop.ini
2009-09-29 07:16:48 ----SD---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Microsoft
2009-09-29 07:16:05 ----D---- C:\WINDOWS\SoftwareDistribution
2009-09-29 07:16:04 ----SD---- C:\WINDOWS\system32\Microsoft
2009-09-29 07:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-09-29 07:11:48 ----D---- C:\WINDOWS\system32\xircom
2009-09-29 07:11:48 ----D---- C:\Program Files\xerox
2009-09-29 07:11:48 ----D---- C:\Program Files\microsoft frontpage
2009-09-29 07:11:27 ----HD---- C:\WINDOWS\$hf_mig$
2009-09-29 07:11:20 ----A---- C:\WINDOWS\control.ini
2009-09-29 07:11:20 ----A---- C:\AUTOEXEC.BAT
2009-09-29 07:11:14 ----A---- C:\WINDOWS\OEWABLog.txt
2009-09-29 07:11:12 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-09-29 07:10:42 ----RD---- C:\WINDOWS\Offline Web Pages
2009-09-29 07:10:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-09-29 07:10:41 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-09-29 07:10:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-09-29 07:10:34 ----HD---- C:\Program Files\WindowsUpdate
2009-09-29 07:10:33 ----D---- C:\Program Files\Services en ligne
2009-09-29 07:10:20 ----D---- C:\WINDOWS\system32\DirectX
2009-09-29 07:09:59 ----A---- C:\WINDOWS\system32\atrace.dll
2009-09-29 07:09:56 ----A---- C:\WINDOWS\system32\desktop.ini
2009-09-29 07:09:56 ----A---- C:\WINDOWS\desktop.ini
2009-09-29 07:09:49 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-09-29 07:09:48 ----A---- C:\WINDOWS\system32\acctres.dll
2009-09-29 07:09:47 ----D---- C:\Program Files\Fichiers communs\Services
2009-09-29 07:09:44 ----SD---- C:\WINDOWS\Tasks
2009-09-29 07:09:44 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-09-29 07:09:43 ----D---- C:\Program Files\Fichiers communs\MSSoap
2009-09-29 07:09:39 ----D---- C:\WINDOWS\srchasst
2009-09-29 07:09:38 ----D---- C:\WINDOWS\system32\Macromed
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wups.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-09-29 07:09:34 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-09-29 07:09:30 ----D---- C:\Program Files\Movie Maker
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-09-29 07:09:23 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-09-29 07:09:22 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-09-29 07:09:22 ----D---- C:\WINDOWS\system32\Restore
2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\srclient.dll
2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\ils.dll
2009-09-29 07:09:20 ----A---- C:\WINDOWS\system32\msconf.dll
2009-09-29 07:09:20 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-09-29 07:09:17 ----D---- C:\Program Files\NetMeeting
2009-09-29 07:09:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-09-29 07:09:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-09-29 07:09:16 ----A---- C:\WINDOWS\system32\inetres.dll
2009-09-29 07:09:16 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-09-29 07:09:14 ----N---- C:\WINDOWS\system32\schedsvc.dll
200
Le rapport log est tellement long qu'il ne passe pas entièrement sur le forum.
Pour me transmettre les rapports :
- Clique sur ce lien : http://www.cijoint.fr/
- Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
- Clique sur Ouvrir.
- Clique sur Cliquez ici pour déposer le fichier.
- Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
- Copie ce lien dans ta réponse.
http://www.cijoint.fr/cjlink.php?f [...] SXatgJ.txt
http://www.cijoint.fr/cjlink.php?f [...] 6qMGrg.txt
Ci joint les deux liens relatifs aux rapport log.txt et info.txt
Merci Destrio5
Salut Destrio5,
A ta question la réponse est non! Maintenant au démarrage il se plaint de ''winlogon.exe'' avec un message d'erreur. Quand je click sur OK, ilreboot et à l'ouverture me demande de soumettre l'erreur à microsoft. J'ai lancé MBAM et RSIT, pour prévoir au cas tu demanderais! je te poste les files une fois compléter.
Merci
MBAM
mbam-log-2009-11-04 (12-26-03).txt
http://www.cijoint.fr/cjlink.php?f [...] oor6AZ.txt
RSIT
[Log.txt] http://www.cijoint.fr/cjlink.php?f [...] eIVQap.txt
[Info.txt] http://www.cijoint.fr/cjlink.php?f [...] ppE6Ag.txt
Le dernier Rapport :
[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]
--> Recherche:
C:\Rsit: trouvé !
C:\Documents and Settings\All Users\Bureau\Rsit: trouvé !
C:\Documents and Settings\FARES\Bureau\SAVAHOME\ComboFix.exe: trouvé !
C:\Documents and Settings\FARES\Bureau\SAVAHOME\Rsit.exe: trouvé !
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: trouvé !
C:\Program Files\trend micro\HijackThis.exe: trouvé !
C:\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
--> Suppression:
C:\Documents and Settings\FARES\Bureau\SAVAHOME\ComboFix.exe: supprimé !
C:\Program Files\trend micro\HijackThis.exe: supprimé !
C:\Documents and Settings\FARES\Bureau\SAVAHOME\Rsit.exe: supprimé !
C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: supprimé !
C:\Program Files\trend micro\hijackthis.log: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\All Users\Bureau\Rsit: supprimé !
Pour MBAM, mets-le à jour avant de faire un scan.
Ci dessous le dernier Scan. Merci beaucoup :
Malwarebytes' Anti-Malware 1.41
Version de la base de données: 3138
Windows 5.1.2600 Service Pack 2
10/11/2009 13:00:49
mbam-log-2009-11-10 (13-00-49).txt
Type de recherche: Examen complet (C:\|D:\|E:\|)
Eléments examinés: 207582
Temps écoulé: 50 minute(s), 44 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\System Volume Information\_restore{A770478D-7D66-4F10-AA95-385D441AEC85}\RP2\A0000216.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\mferkdetq.sys (Trojan.RootKit) -> Quarantined and deleted successfully.
Conduite à tenir...?
Tu as toujours le problème avec winlogon.exe ?
Non. Merci beaucoup il s'est estompé. Plus de souci non plus de lentenr au démarrage. Les Pubs ont également complètement disparus.
La connexion internet bloquée ou lente doit être due à des éléments de sécurité interne à la structure ou je bosse puisqu'à la maison ça fait pas ça. Merci beaucoup à toi Destrio5.
Je reste en ligne pour d'éventuelles actions correctrices.
Merci Beaucoup.
1/
- Désinstalle HijackThis.
- Télécharge ToolsCleaner2 sur ton Bureau.
- Double-clique sur ToolsCleaner2.exe pour le lancer.
- Clique sur Recherche et laisse le scan agir.
- Clique sur Suppression pour finaliser.
- Tu peux, si tu le souhaites, te servir des Options Facultatives.
- Clique sur Quitter pour obtenir le rapport.
- Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
2/
- Télécharge et installe CCleaner Slim.
- Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
- Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.
3/
- Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.
==Prévention==
Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.
Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.
Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).
Par rapport au P2P : Lien
Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
- Clique, dans ton premier message, sur le bouton Editer
.
- Ajoute la mention [Résolu] devant le titre.
- Clique ensuite sur Valider votre message.
Sois plus vigilant(e) sur Internet
Merci Infiniment Destrio5 et je vais suivre ton conseil sur les P2P et autres sites XXX.
Je vais faire miens les conseils des liens transmis et les diffuser à mon entourage.
Un dernier avis est nécessaire : Sur quel sites peut on scanner un fichier ou téléchargement avant de l'installer !
J'ai fini par acheter une licence Nod32 V4.
God Bless You for your Help !!!!
Il y a 1491 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
