Se connecter / S'enregistrer
Votre question

[Résolu] Pubs Intempestives sur mon LapTop

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Octobre 2009 14:42:41

Une fois que je me connecte quelques secondes suffisent pour des masses de pubs de casino et autres s'ouvrent sur ma bécane. J'ai utilisé plusieurs antivirus ou programme de désinfection mais je sais où poster les rapports pour obtenir de l'aide. On utilise Mc Afee au bureau et Nod32 à la maison. J'ai installé MBAM, Hijacks et autres rien à faire. Please HELP!!!

Autres pages sur : resolu pubs intempestives laptop

a c 267 8 Sécurité
a b 9 Windows
15 Octobre 2009 17:22:06

Bonjour,

Tu peux poster les rapports ici.
19 Octobre 2009 13:19:50

Destrio5 a dit :
Bonjour,

Tu peux poster les rapports ici.


Bonjour Destrio5,

Merci de ton aide. Ci dessous le rapport MBAM de ce jour. Je te posterai également ceux des jours précédents pour te donner une vue plus grande de ma situation.


Malwarebytes' Anti-Malware 1.41
Database version: 2966
Windows 5.1.2600 Service Pack 2

19/10/2009 11:14:30
mbam-log-2009-10-19 (11-14-23).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 172734
Time elapsed: 42 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Encore Merci
Contenus similaires
19 Octobre 2009 17:16:44

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2962
Windows 5.1.2600 Service Pack 2

14/10/2009 18:56:14
mbam-log-2009-10-14 (18-56-14).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|H:\|)
Eléments examinés: 298706
Temps écoulé: 1 hour(s), 45 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 21

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\1 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
F:\System Volume Information\_restore{A770478D-7D66-4F10-AA95-385D441AEC85}\RP82\A0030065.exe (Adware.ADON) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1052.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1207.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv1244.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2139.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2166.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv2355.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3087.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3102.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv3276.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4009.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4037.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4198.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4931.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv4969.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv5119.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv5853.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv6774.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv7696.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv8618.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\ctv9540.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
19 Octobre 2009 17:17:42

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2966
Windows 5.1.2600 Service Pack 2

15/10/2009 12:20:47
mbam-log-2009-10-15 (12-20-47).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 299029
Temps écoulé: 2 hour(s), 25 minute(s), 55 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
a c 267 8 Sécurité
a b 9 Windows
19 Octobre 2009 17:42:19

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    19 Octobre 2009 19:03:15

    Bonjour Destrio5,

    J'ai lancé RSIT.exe pendant que MBAM était en cours de recherche ci dessous les Résultats. Je relancerai une fois MBAM se termine si c'est nécessaire. Je te posterai les résultats. Merci encore de ton aide.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-19 16:58:22
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 62 GB (70%) free of 89 GB
    Total RAM: 2027 MB (46% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:59:44, on 19/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16281 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
    shell\AutoRun\command - I:\LaunchU3.exe -a


    ======List of files/folders created in the last 1 months======

    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-19 16:58:22 ----D---- C:\rsit
    2009-10-15 14:00:47 ----SHD---- C:\Config.Msi
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-08 18:31:45 ----A---- C:\1st _ wlsetup-custom.exe
    2009-10-08 18:30:07 ----A---- C:\MAJ _ Installation_WLMessenger2009.exe
    2009-10-08 14:39:47 ----A---- C:\rapvo.exe
    2009-10-08 14:39:07 ----A---- C:\kajcjgco.exe
    2009-10-08 14:38:45 ----A---- C:\jmaox.exe
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:42:11 ----A---- C:\WINDOWS\system32\SET1306.tmp
    2009-10-06 00:42:08 ----A---- C:\WINDOWS\system32\SET12DD.tmp
    2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12D0.tmp
    2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12CB.tmp
    2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12C6.tmp
    2009-10-06 00:42:07 ----A---- C:\WINDOWS\system32\SET12C5.tmp
    2009-10-06 00:38:23 ----A---- C:\WINDOWS\system32\SET5D2.tmp
    2009-10-06 00:38:23 ----A---- C:\WINDOWS\system32\SET5CE.tmp
    2009-10-06 00:38:22 ----A---- C:\WINDOWS\system32\SET5CA.tmp
    2009-10-06 00:38:22 ----A---- C:\WINDOWS\system32\SET5C7.tmp
    2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5C1.tmp
    2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5BE.tmp
    2009-10-06 00:38:21 ----A---- C:\WINDOWS\system32\SET5BD.tmp
    2009-10-06 00:38:20 ----A---- C:\WINDOWS\system32\SET5B9.tmp
    2009-10-06 00:38:20 ----A---- C:\WINDOWS\system32\SET5B4.tmp
    2009-10-06 00:38:19 ----A---- C:\WINDOWS\system32\SET5AD.tmp
    2009-10-06 00:38:19 ----A---- C:\WINDOWS\system32\SET5AB.tmp
    2009-10-06 00:38:18 ----A---- C:\WINDOWS\system32\SET5A8.tmp
    2009-10-06 00:38:17 ----A---- C:\WINDOWS\system32\SET5A0.tmp
    2009-10-06 00:38:17 ----A---- C:\WINDOWS\system32\SET59A.tmp
    2009-10-06 00:38:16 ----A---- C:\WINDOWS\system32\SET592.tmp
    2009-10-06 00:38:16 ----A---- C:\WINDOWS\system32\SET591.tmp
    2009-10-06 00:38:15 ----A---- C:\WINDOWS\system32\SET58C.tmp
    2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET58A.tmp
    2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET587.tmp
    2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET586.tmp
    2009-10-06 00:38:14 ----A---- C:\WINDOWS\system32\SET585.tmp
    2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET583.tmp
    2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET581.tmp
    2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET580.tmp
    2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET57F.tmp
    2009-10-06 00:38:13 ----A---- C:\WINDOWS\system32\SET57E.tmp
    2009-10-06 00:38:12 ----A---- C:\WINDOWS\system32\SET57B.tmp
    2009-10-06 00:38:11 ----A---- C:\WINDOWS\system32\SET573.tmp
    2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET54C.tmp
    2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET547.tmp
    2009-10-06 00:38:07 ----A---- C:\WINDOWS\system32\SET546.tmp
    2009-10-06 00:38:05 ----A---- C:\WINDOWS\system32\SET532.tmp
    2009-10-06 00:38:03 ----A---- C:\WINDOWS\system32\SET524.tmp
    2009-10-06 00:38:01 ----A---- C:\WINDOWS\system32\SET513.tmp
    2009-10-06 00:38:01 ----A---- C:\WINDOWS\system32\SET511.tmp
    2009-10-06 00:38:00 ----A---- C:\WINDOWS\system32\SET50F.tmp
    2009-10-06 00:38:00 ----A---- C:\WINDOWS\system32\SET50C.tmp
    2009-10-06 00:37:59 ----A---- C:\WINDOWS\system32\SET4FC.tmp
    2009-10-06 00:37:58 ----A---- C:\WINDOWS\system32\SET4F8.tmp
    2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4EE.tmp
    2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4ED.tmp
    2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4E7.tmp
    2009-10-06 00:37:57 ----A---- C:\WINDOWS\system32\SET4DA.tmp
    2009-10-06 00:37:56 ----A---- C:\WINDOWS\system32\SET4D5.tmp
    2009-10-06 00:37:55 ----A---- C:\WINDOWS\system32\SET4C9.tmp
    2009-10-06 00:37:55 ----A---- C:\WINDOWS\system32\SET4C5.tmp
    2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BF.tmp
    2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BD.tmp
    2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4BB.tmp
    2009-10-06 00:37:54 ----A---- C:\WINDOWS\system32\SET4B7.tmp
    2009-10-06 00:37:52 ----A---- C:\WINDOWS\system32\SET4A3.tmp
    2009-10-06 00:37:52 ----A---- C:\WINDOWS\system32\SET4A1.tmp
    2009-10-06 00:37:51 ----A---- C:\WINDOWS\system32\SET498.tmp
    2009-10-06 00:37:51 ----A---- C:\WINDOWS\system32\SET48D.tmp
    2009-10-06 00:37:50 ----A---- C:\WINDOWS\system32\SET481.tmp
    2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47D.tmp
    2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47C.tmp
    2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47B.tmp
    2009-10-06 00:37:49 ----A---- C:\WINDOWS\system32\SET47A.tmp
    2009-10-06 00:37:47 ----A---- C:\WINDOWS\system32\SET46B.tmp
    2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET461.tmp
    2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET460.tmp
    2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET45D.tmp
    2009-10-06 00:37:46 ----A---- C:\WINDOWS\system32\SET457.tmp
    2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET453.tmp
    2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET452.tmp
    2009-10-06 00:37:45 ----A---- C:\WINDOWS\system32\SET44C.tmp
    2009-10-06 00:37:43 ----A---- C:\WINDOWS\system32\SET43B.tmp
    2009-10-06 00:37:43 ----A---- C:\WINDOWS\system32\SET438.tmp
    2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET436.tmp
    2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET434.tmp
    2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET433.tmp
    2009-10-06 00:37:42 ----A---- C:\WINDOWS\system32\SET431.tmp
    2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET42F.tmp
    2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET42D.tmp
    2009-10-06 00:37:41 ----A---- C:\WINDOWS\system32\SET429.tmp
    2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET428.tmp
    2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET41F.tmp
    2009-10-06 00:37:40 ----A---- C:\WINDOWS\system32\SET41E.tmp
    2009-10-06 00:37:39 ----A---- C:\WINDOWS\system32\SET41B.tmp
    2009-10-06 00:37:39 ----A---- C:\WINDOWS\system32\SET419.tmp
    2009-10-06 00:37:38 ----A---- C:\WINDOWS\system32\SET404.tmp
    2009-10-06 00:37:37 ----A---- C:\WINDOWS\system32\SET3FD.tmp
    2009-10-06 00:37:37 ----A---- C:\WINDOWS\system32\SET3FC.tmp
    2009-10-06 00:37:36 ----A---- C:\WINDOWS\system32\SET3EE.tmp
    2009-10-06 00:37:36 ----A---- C:\WINDOWS\system32\SET3EB.tmp
    2009-10-06 00:37:35 ----A---- C:\WINDOWS\system32\SET3E3.tmp
    2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3D5.tmp
    2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3D2.tmp
    2009-10-06 00:37:34 ----A---- C:\WINDOWS\system32\SET3CF.tmp
    2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3C6.tmp
    2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3BC.tmp
    2009-10-06 00:37:33 ----A---- C:\WINDOWS\system32\SET3B0.tmp
    2009-10-06 00:37:32 ----A---- C:\WINDOWS\system32\SET3AF.tmp
    2009-10-06 00:37:32 ----A---- C:\WINDOWS\system32\SET3AD.tmp
    2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A4.tmp
    2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A2.tmp
    2009-10-06 00:37:31 ----A---- C:\WINDOWS\system32\SET3A1.tmp
    2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET3A0.tmp
    2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET39C.tmp
    2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET399.tmp
    2009-10-06 00:37:30 ----A---- C:\WINDOWS\system32\SET398.tmp
    2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET38A.tmp
    2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET385.tmp
    2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET384.tmp
    2009-10-06 00:37:29 ----A---- C:\WINDOWS\system32\SET383.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET381.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET380.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET37D.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET37A.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET379.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET376.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET375.tmp
    2009-10-06 00:37:28 ----A---- C:\WINDOWS\system32\SET372.tmp
    2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET370.tmp
    2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET36F.tmp
    2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET36C.tmp
    2009-10-06 00:37:27 ----A---- C:\WINDOWS\system32\SET368.tmp
    2009-10-06 00:37:26 ----A---- C:\WINDOWS\system32\SET35B.tmp
    2009-10-06 00:37:26 ----A---- C:\WINDOWS\system32\SET359.tmp
    2009-10-06 00:37:25 ----A---- C:\WINDOWS\system32\SET331.tmp
    2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET32C.tmp
    2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET328.tmp
    2009-10-06 00:37:24 ----A---- C:\WINDOWS\system32\SET325.tmp
    2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET31E.tmp
    2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET31B.tmp
    2009-10-06 00:37:23 ----A---- C:\WINDOWS\system32\SET318.tmp
    2009-10-06 00:37:22 ----A---- C:\WINDOWS\system32\SET30D.tmp
    2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET302.tmp
    2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FE.tmp
    2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FD.tmp
    2009-10-06 00:37:21 ----A---- C:\WINDOWS\system32\SET2FC.tmp
    2009-10-06 00:37:20 ----A---- C:\WINDOWS\system32\SET2F9.tmp
    2009-10-06 00:37:20 ----A---- C:\WINDOWS\system32\SET2F7.tmp
    2009-10-06 00:37:19 ----A---- C:\WINDOWS\system32\SET2DE.tmp
    2009-10-06 00:37:19 ----A---- C:\WINDOWS\system32\SET2DD.tmp
    2009-10-06 00:37:18 ----A---- C:\WINDOWS\system32\SET2D4.tmp
    2009-10-06 00:37:18 ----A---- C:\WINDOWS\system32\SET2CA.tmp
    2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2C8.tmp
    2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2C7.tmp
    2009-10-06 00:37:17 ----A---- C:\WINDOWS\system32\SET2BB.tmp
    2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29D.tmp
    2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29C.tmp
    2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29B.tmp
    2009-10-06 00:37:16 ----A---- C:\WINDOWS\system32\SET29A.tmp
    2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET294.tmp
    2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET291.tmp
    2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET290.tmp
    2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET28D.tmp
    2009-10-06 00:37:15 ----A---- C:\WINDOWS\system32\SET28C.tmp
    2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET27B.tmp
    2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET279.tmp
    2009-10-06 00:37:14 ----A---- C:\WINDOWS\system32\SET274.tmp
    2009-10-06 00:37:12 ----A---- C:\WINDOWS\system32\SET271.tmp
    2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET26F.tmp
    2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET26B.tmp
    2009-10-06 00:37:11 ----A---- C:\WINDOWS\system32\SET268.tmp
    2009-10-06 00:37:10 ----A---- C:\WINDOWS\system32\SET25E.tmp
    2009-10-06 00:37:09 ----A---- C:\WINDOWS\system32\SET22F.tmp
    2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22E.tmp
    2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22C.tmp
    2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET22A.tmp
    2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET226.tmp
    2009-10-06 00:37:08 ----A---- C:\WINDOWS\system32\SET21E.tmp
    2009-10-06 00:37:07 ----A---- C:\WINDOWS\system32\SET215.tmp
    2009-10-06 00:37:07 ----A---- C:\WINDOWS\system32\SET213.tmp
    2009-10-06 00:37:05 ----A---- C:\WINDOWS\system32\SET1E9.tmp
    2009-10-06 00:37:05 ----A---- C:\WINDOWS\system32\SET1E8.tmp
    2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1D6.tmp
    2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1D4.tmp
    2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1CD.tmp
    2009-10-06 00:37:04 ----A---- C:\WINDOWS\system32\SET1CA.tmp
    2009-10-06 00:37:03 ----A---- C:\WINDOWS\system32\SET1BF.tmp
    2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B3.tmp
    2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B2.tmp
    2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B1.tmp
    2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1B0.tmp
    2009-10-06 00:37:02 ----A---- C:\WINDOWS\system32\SET1AF.tmp
    2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1AA.tmp
    2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A8.tmp
    2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A7.tmp
    2009-10-06 00:37:01 ----A---- C:\WINDOWS\system32\SET1A2.tmp
    2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET198.tmp
    2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET197.tmp
    2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET194.tmp
    2009-10-06 00:37:00 ----A---- C:\WINDOWS\system32\SET191.tmp
    2009-10-06 00:36:59 ----A---- C:\WINDOWS\system32\SET18F.tmp
    2009-10-06 00:36:59 ----A---- C:\WINDOWS\system32\SET18E.tmp
    2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17D.tmp
    2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17C.tmp
    2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET17A.tmp
    2009-10-06 00:36:58 ----A---- C:\WINDOWS\system32\SET178.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET177.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET176.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET175.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET172.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16F.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16D.tmp
    2009-10-06 00:36:57 ----A---- C:\WINDOWS\system32\SET16B.tmp
    2009-10-06 00:36:56 ----A---- C:\WINDOWS\system32\SET15F.tmp
    2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET154.tmp
    2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET153.tmp
    2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET14B.tmp
    2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET147.tmp
    2009-10-06 00:36:55 ----A---- C:\WINDOWS\system32\SET145.tmp
    2009-10-06 00:36:54 ----A---- C:\WINDOWS\system32\SET143.tmp
    2009-10-06 00:36:54 ----A---- C:\WINDOWS\system32\SET141.tmp
    2009-10-06 00:35:48 ----A---- C:\WINDOWS\002957_.tmp
    2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 14:39:24 ----A---- C:\WINDOWS\system32\SET126B.tmp
    2009-10-05 14:39:22 ----A---- C:\WINDOWS\system32\SET1242.tmp
    2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET1235.tmp
    2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET1230.tmp
    2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET122B.tmp
    2009-10-05 14:39:21 ----A---- C:\WINDOWS\system32\SET122A.tmp
    2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET537.tmp
    2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET535.tmp
    2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET534.tmp
    2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET533.tmp
    2009-10-05 14:35:27 ----A---- C:\WINDOWS\system32\SET52F.tmp
    2009-10-05 14:35:26 ----A---- C:\WINDOWS\system32\SET52C.tmp
    2009-10-05 14:35:26 ----A---- C:\WINDOWS\system32\SET526.tmp
    2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET523.tmp
    2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET522.tmp
    2009-10-05 14:35:25 ----A---- C:\WINDOWS\system32\SET51E.tmp
    2009-10-05 14:35:24 ----A---- C:\WINDOWS\system32\SET519.tmp
    2009-10-05 14:35:23 ----A---- C:\WINDOWS\system32\SET512.tmp
    2009-10-05 14:35:22 ----A---- C:\WINDOWS\system32\SET510.tmp
    2009-10-05 14:35:21 ----A---- C:\WINDOWS\system32\SET50D.tmp
    2009-10-05 14:35:21 ----A---- C:\WINDOWS\system32\SET505.tmp
    2009-10-05 14:35:20 ----A---- C:\WINDOWS\system32\SET4FF.tmp
    2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F7.tmp
    2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F6.tmp
    2009-10-05 14:35:19 ----A---- C:\WINDOWS\system32\SET4F1.tmp
    2009-10-05 14:35:18 ----A---- C:\WINDOWS\system32\SET4EF.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EC.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EB.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4EA.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E8.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E6.tmp
    2009-10-05 14:35:16 ----A---- C:\WINDOWS\system32\SET4E5.tmp
    2009-10-05 14:35:15 ----A---- C:\WINDOWS\system32\SET4E4.tmp
    2009-10-05 14:35:15 ----A---- C:\WINDOWS\system32\SET4E3.tmp
    2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4E1.tmp
    2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4E0.tmp
    2009-10-05 14:35:14 ----A---- C:\WINDOWS\system32\SET4DF.tmp
    2009-10-05 14:35:13 ----A---- C:\WINDOWS\system32\SET4D8.tmp
    2009-10-05 14:35:11 ----A---- C:\WINDOWS\system32\SET4CB.tmp
    2009-10-05 14:35:09 ----A---- C:\WINDOWS\system32\SET4B1.tmp
    2009-10-05 14:35:08 ----A---- C:\WINDOWS\system32\SET4AC.tmp
    2009-10-05 14:35:08 ----A---- C:\WINDOWS\system32\SET4AB.tmp
    2009-10-05 14:35:07 ----A---- C:\WINDOWS\system32\SET49B.tmp
    2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET497.tmp
    2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET496.tmp
    2009-10-05 14:35:06 ----A---- C:\WINDOWS\system32\SET495.tmp
    2009-10-05 14:35:05 ----A---- C:\WINDOWS\system32\SET490.tmp
    2009-10-05 14:35:05 ----A---- C:\WINDOWS\system32\SET48C.tmp
    2009-10-05 14:35:04 ----A---- C:\WINDOWS\system32\SET484.tmp
    2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET483.tmp
    2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET482.tmp
    2009-10-05 14:35:03 ----A---- C:\WINDOWS\system32\SET480.tmp
    2009-10-05 14:35:01 ----A---- C:\WINDOWS\system32\SET472.tmp
    2009-10-05 14:35:01 ----A---- C:\WINDOWS\system32\SET46E.tmp
    2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET46A.tmp
    2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET468.tmp
    2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET467.tmp
    2009-10-05 14:35:00 ----A---- C:\WINDOWS\system32\SET465.tmp
    2009-10-05 14:34:59 ----A---- C:\WINDOWS\system32\SET45F.tmp
    2009-10-05 14:34:59 ----A---- C:\WINDOWS\system32\SET45C.tmp
    2009-10-05 14:34:58 ----A---- C:\WINDOWS\system32\SET451.tmp
    2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44F.tmp
    2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44D.tmp
    2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET44B.tmp
    2009-10-05 14:34:57 ----A---- C:\WINDOWS\system32\SET447.tmp
    2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET445.tmp
    2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET443.tmp
    2009-10-05 14:34:56 ----A---- C:\WINDOWS\system32\SET43F.tmp
    2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42E.tmp
    2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42C.tmp
    2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET42A.tmp
    2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET426.tmp
    2009-10-05 14:34:53 ----A---- C:\WINDOWS\system32\SET424.tmp
    2009-10-05 14:34:52 ----A---- C:\WINDOWS\system32\SET41D.tmp
    2009-10-05 14:34:51 ----A---- C:\WINDOWS\system32\SET415.tmp
    2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40F.tmp
    2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40E.tmp
    2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40D.tmp
    2009-10-05 14:34:50 ----A---- C:\WINDOWS\system32\SET40B.tmp
    2009-10-05 14:34:49 ----A---- C:\WINDOWS\system32\SET408.tmp
    2009-10-05 14:34:48 ----A---- C:\WINDOWS\system32\SET3F9.tmp
    2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3F1.tmp
    2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3F0.tmp
    2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3EC.tmp
    2009-10-05 14:34:47 ----A---- C:\WINDOWS\system32\SET3E5.tmp
    2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3E0.tmp
    2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DF.tmp
    2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DE.tmp
    2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3DB.tmp
    2009-10-05 14:34:46 ----A---- C:\WINDOWS\system32\SET3D9.tmp
    2009-10-05 14:34:44 ----A---- C:\WINDOWS\system32\SET3CB.tmp
    2009-10-05 14:34:44 ----A---- C:\WINDOWS\system32\SET3C4.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BF.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BE.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BB.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3BA.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B9.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B8.tmp
    2009-10-05 14:34:43 ----A---- C:\WINDOWS\system32\SET3B6.tmp
    2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B5.tmp
    2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B2.tmp
    2009-10-05 14:34:42 ----A---- C:\WINDOWS\system32\SET3B1.tmp
    2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AC.tmp
    2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AB.tmp
    2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3AA.tmp
    2009-10-05 14:34:41 ----A---- C:\WINDOWS\system32\SET3A9.tmp
    2009-10-05 14:34:40 ----A---- C:\WINDOWS\system32\SET3A7.tmp
    2009-10-05 14:34:40 ----A---- C:\WINDOWS\system32\SET3A5.tmp
    2009-10-05 14:34:39 ----A---- C:\WINDOWS\system32\SET39B.tmp
    2009-10-05 14:34:39 ----A---- C:\WINDOWS\system32\SET39A.tmp
    2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET397.tmp
    2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET396.tmp
    2009-10-05 14:34:38 ----A---- C:\WINDOWS\system32\SET394.tmp
    2009-10-05 14:34:37 ----A---- C:\WINDOWS\system32\SET38F.tmp
    2009-10-05 14:34:37 ----A---- C:\WINDOWS\system32\SET38D.tmp
    2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET386.tmp
    2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET37F.tmp
    2009-10-05 14:34:36 ----A---- C:\WINDOWS\system32\SET37E.tmp
    2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET37B.tmp
    2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET378.tmp
    2009-10-05 14:34:35 ----A---- C:\WINDOWS\system32\SET377.tmp
    2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET374.tmp
    2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET373.tmp
    2009-10-05 14:34:34 ----A---- C:\WINDOWS\system32\SET371.tmp
    2009-10-05 14:34:33 ----A---- C:\WINDOWS\system32\SET36E.tmp
    2009-10-05 14:34:33 ----A---- C:\WINDOWS\system32\SET36B.tmp
    2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET36A.tmp
    2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET369.tmp
    2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET365.tmp
    2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET364.tmp
    2009-10-05 14:34:32 ----A---- C:\WINDOWS\system32\SET363.tmp
    2009-10-05 14:34:31 ----A---- C:\WINDOWS\system32\SET35A.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET357.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET355.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET354.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET353.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET351.tmp
    2009-10-05 14:34:30 ----A---- C:\WINDOWS\system32\SET350.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34E.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34C.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET34A.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET349.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET348.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET347.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET346.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET343.tmp
    2009-10-05 14:34:29 ----A---- C:\WINDOWS\system32\SET341.tmp
    2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET340.tmp
    2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET338.tmp
    2009-10-05 14:34:28 ----A---- C:\WINDOWS\system32\SET337.tmp
    2009-10-05 14:34:27 ----A---- C:\WINDOWS\system32\SET336.tmp
    2009-10-05 14:34:25 ----A---- C:\WINDOWS\system32\SET327.tmp
    2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET321.tmp
    2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET31D.tmp
    2009-10-05 14:34:24 ----A---- C:\WINDOWS\system32\SET31A.tmp
    2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET317.tmp
    2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET316.tmp
    2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET315.tmp
    2009-10-05 14:34:23 ----A---- C:\WINDOWS\system32\SET314.tmp
    2009-10-05 14:34:21 ----A---- C:\WINDOWS\system32\SET30E.tmp
    2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET30C.tmp
    2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET30A.tmp
    2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET307.tmp
    2009-10-05 14:34:20 ----A---- C:\WINDOWS\system32\SET306.tmp
    2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET305.tmp
    2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET303.tmp
    2009-10-05 14:34:19 ----A---- C:\WINDOWS\system32\SET300.tmp
    2009-10-05 14:34:18 ----A---- C:\WINDOWS\system32\SET2F3.tmp
    2009-10-05 14:34:18 ----A---- C:\WINDOWS\system32\SET2F1.tmp
    2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E8.tmp
    2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E6.tmp
    2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E5.tmp
    2009-10-05 14:34:17 ----A---- C:\WINDOWS\system32\SET2E4.tmp
    2009-10-05 14:34:16 ----A---- C:\WINDOWS\system32\SET2E3.tmp
    2009-10-05 14:34:16 ----A---- C:\WINDOWS\system32\SET2DC.tmp
    2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2D0.tmp
    2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2CF.tmp
    2009-10-05 14:34:15 ----A---- C:\WINDOWS\system32\SET2CE.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2CB.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C5.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C4.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C3.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2C0.tmp
    2009-10-05 14:34:14 ----A---- C:\WINDOWS\system32\SET2BF.tmp
    2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B9.tmp
    2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B7.tmp
    2009-10-05 14:34:13 ----A---- C:\WINDOWS\system32\SET2B2.tmp
    2009-10-05 14:34:12 ----A---- C:\WINDOWS\system32\SET2AF.tmp
    2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2AC.tmp
    2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2AB.tmp
    2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2A9.tmp
    2009-10-05 14:34:10 ----A---- C:\WINDOWS\system32\SET2A7.tmp
    2009-10-05 14:34:09 ----A---- C:\WINDOWS\system32\SET29E.tmp
    2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET289.tmp
    2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET288.tmp
    2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET287.tmp
    2009-10-05 14:34:08 ----A---- C:\WINDOWS\system32\SET286.tmp
    2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET284.tmp
    2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET282.tmp
    2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET27F.tmp
    2009-10-05 14:34:07 ----A---- C:\WINDOWS\system32\SET27C.tmp
    2009-10-05 14:34:06 ----A---- C:\WINDOWS\system32\SET26C.tmp
    2009-10-05 14:34:06 ----A---- C:\WINDOWS\system32\SET267.tmp
    2009-10-05 14:34:05 ----A---- C:\WINDOWS\system32\SET264.tmp
    2009-10-05 14:34:05 ----A---- C:\WINDOWS\system32\SET262.tmp
    2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET25A.tmp
    2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET256.tmp
    2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET247.tmp
    2009-10-05 14:34:04 ----A---- C:\WINDOWS\system32\SET244.tmp
    2009-10-05 14:34:03 ----A---- C:\WINDOWS\system32\SET241.tmp
    2009-10-05 14:34:03 ----A---- C:\WINDOWS\system32\SET23C.tmp
    2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET236.tmp
    2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET235.tmp
    2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET233.tmp
    2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET232.tmp
    2009-10-05 14:34:02 ----A---- C:\WINDOWS\system32\SET231.tmp
    2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET229.tmp
    2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET224.tmp
    2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET223.tmp
    2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET222.tmp
    2009-10-05 14:34:01 ----A---- C:\WINDOWS\system32\SET220.tmp
    2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET21B.tmp
    2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET212.tmp
    2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET211.tmp
    2009-10-05 14:34:00 ----A---- C:\WINDOWS\system32\SET20F.tmp
    2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20C.tmp
    2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20B.tmp
    2009-10-05 14:33:59 ----A---- C:\WINDOWS\system32\SET20A.tmp
    2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1FA.tmp
    2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F9.tmp
    2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F8.tmp
    2009-10-05 14:33:58 ----A---- C:\WINDOWS\system32\SET1F5.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F4.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F3.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F2.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1F1.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EC.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EB.tmp
    2009-10-05 14:33:57 ----A---- C:\WINDOWS\system32\SET1EA.tmp
    2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1DA.tmp
    2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1D2.tmp
    2009-10-05 14:33:56 ----A---- C:\WINDOWS\system32\SET1D1.tmp
    2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C9.tmp
    2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C7.tmp
    2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C5.tmp
    2009-10-05 14:33:55 ----A---- C:\WINDOWS\system32\SET1C3.tmp
    2009-10-05 14:33:54 ----A---- C:\WINDOWS\system32\SET1C2.tmp
    2009-10-05 14:32:33 ----A---- C:\WINDOWS\002949_.tmp
    2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:52 ----A---- C:\WINDOWS\system32\SET1184.tmp
    2009-10-01 15:55:49 ----A---- C:\WINDOWS\system32\SET115B.tmp
    2009-10-01 15:55:48 ----A---- C:\WINDOWS\system32\SET114E.tmp
    2009-10-01 15:55:48 ----A---- C:\WINDOWS\system32\SET1149.tmp
    2009-10-01 15:55:47 ----N---- C:\WINDOWS\system32\SET1143.tmp
    2009-10-01 15:55:47 ----A---- C:\WINDOWS\system32\SET1144.tmp
    2009-10-01 15:55:46 ----A---- C:\WINDOWS\system32\SET1141.tmp
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:52:04 ----A---- C:\WINDOWS\system32\SET414.tmp
    2009-10-01 15:52:04 ----A---- C:\WINDOWS\system32\SET411.tmp
    2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET410.tmp
    2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET40C.tmp
    2009-10-01 15:52:03 ----A---- C:\WINDOWS\system32\SET409.tmp
    2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET403.tmp
    2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET400.tmp
    2009-10-01 15:52:02 ----A---- C:\WINDOWS\system32\SET3FF.tmp
    2009-10-01 15:52:01 ----A---- C:\WINDOWS\system32\SET3FB.tmp
    2009-10-01 15:52:01 ----A---- C:\WINDOWS\system32\SET3F6.tmp
    2009-10-01 15:52:00 ----A---- C:\WINDOWS\system32\SET3EF.tmp
    2009-10-01 15:52:00 ----A---- C:\WINDOWS\system32\SET3ED.tmp
    2009-10-01 15:51:59 ----A---- C:\WINDOWS\system32\SET3EA.tmp
    2009-10-01 15:51:59 ----A---- C:\WINDOWS\system32\SET3E7.tmp
    2009-10-01 15:51:58 ----A---- C:\WINDOWS\system32\SET3E2.tmp
    2009-10-01 15:51:57 ----A---- C:\WINDOWS\system32\SET3DC.tmp
    2009-10-01 15:51:56 ----A---- C:\WINDOWS\system32\SET3D4.tmp
    2009-10-01 15:51:56 ----A---- C:\WINDOWS\system32\SET3D3.tmp
    2009-10-01 15:51:55 ----A---- C:\WINDOWS\system32\SET3CE.tmp
    2009-10-01 15:51:55 ----A---- C:\WINDOWS\system32\
    19 Octobre 2009 19:51:48

    Voici le dernier rapport de MBAM et j'ai également vidé la quarantaine :

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 2966
    Windows 5.1.2600 Service Pack 2

    19/10/2009 17:49:54
    mbam-log-2009-10-19 (17-49-54).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 225168
    Temps écoulé: 1 hour(s), 13 minute(s), 2 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a c 267 8 Sécurité
    a b 9 Windows
    19 Octobre 2009 20:06:19

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Double-clique sur OTM.exe afin de le lancer.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :files
    C:\1st _ wlsetup-custom.exe
    C:\MAJ _ Installation_WLMessenger2009.exe
    C:\rapvo.exe
    C:\kajcjgco.exe
    C:\jmaox.exe

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    20 Octobre 2009 11:57:48

    Bonjour Destrio5,

    Ci dessous le rapport suite à l'exécution de OTM.exe
    Nom du Fichier : 10192009_181055.log- Bloc-notes.

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== FILES ==========
    C:\1st _ wlsetup-custom.exe moved successfully.
    C:\MAJ _ Installation_WLMessenger2009.exe moved successfully.
    C:\rapvo.exe moved successfully.
    C:\kajcjgco.exe moved successfully.
    C:\jmaox.exe moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: damware_user
    ->Temp folder emptied: 4907480 bytes
    ->Temporary Internet Files folder emptied: 11997928 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: FARES
    ->Temp folder emptied: 7617625 bytes
    ->Temporary Internet Files folder emptied: 63288846 bytes

    User: FARES JEAN - JACQUES
    ->Temp folder emptied: 175045337 bytes
    ->Temporary Internet Files folder emptied: 40534152 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    ->Temporary Internet Files folder emptied: 112094 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 402 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 2187293 bytes
    %systemroot%\System32 .tmp files removed: 181584546 bytes
    Windows Temp folder emptied: 141024319 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 599,23 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 10192009_181055

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    20 Octobre 2009 12:22:16

    C'est bizzare les pubs ne viennent plus mais le LapTop rame maintenant à l'allumage. C'est à dire reste pendant longtemps sur ''...Activations de vos paramètres personnels ... et parfois les touches Ctrl+Alt+Suppr deviennent inactive (à beau appliquer la combinaison le système n'affiche pas l'écran d'entrée de mot de pas et ne donne pas non plus la main. Résultat : il faut appliquer l'arrêt critique.)

    Le pire c'est pendant l'utilisation de la machine une fois le système démarré et le démarrage effective avec affichage du bureau. Toutes les fénêtres ouvertes restent bloquées et inactives pendant au moins cinq minutes avant de se remettre en activité et celà plusieurs fois dans la journée.

    Désolé de trop t'en demander mais frnachement j'en souffre. Merci d'avance pour ton expertise et ton aide.

    a c 267 8 Sécurité
    a b 9 Windows
    20 Octobre 2009 18:24:38

    Tu as deux antivirus, il faut en retirer un.
    20 Octobre 2009 20:58:17

    OK Destrio5, j'ai vidé le nod32 et conservé celui du Bureau. Dois je supprimé tous ceux que j'ai télécharger par tes conseils tels que HIJACKTHIS, RSIT.exe, OTM.exe, etc...?

    Je voudrais un antivirus, que pense tu de Nod32 pour mon ordi personnel à la maison, un conseil surement???

    Merci et en attente de l'étape suivante
    a c 267 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 00:29:21

    Le PC rame moins depuis la désinstallation de NOD32 ?

  • Refais un scan RSIT et poste le rapport log.
    21 Octobre 2009 17:26:43

    Bonjour Destrio5,
    Merci de ton aide,
    Ci dessous le rapport généré :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 63 GB (71%) free of 89 GB
    Total RAM: 2027 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:22:27, on 21/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16327 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
    shell\AutoRun\command - I:\LaunchU3.exe -a


    ======List of files/folders created in the last 3 months======

    2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
    2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
    2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-10-19 18:10:55 ----D---- C:\_OTM
    2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-19 16:58:22 ----D---- C:\rsit
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
    2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
    2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
    2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
    2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-09-30 17:43:35 ----D---- C:\Quarantine
    2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
    2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
    2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
    2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
    2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
    2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
    2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
    2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
    2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
    2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
    2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
    2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
    2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
    2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
    2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
    2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
    2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
    2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
    2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
    2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
    2009-09-30 10:32:23 ----D---- C:\Program Files\Google
    2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
    2009-09-30 10:30:49 ----D---- C:\Program Files\Real
    2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
    2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
    2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
    2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
    2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
    2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
    2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
    2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
    2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
    2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
    2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
    2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
    2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
    2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
    2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
    2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
    2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
    2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
    2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
    2009-09-29 17:59:46 ----D---- C:\MyriadPro
    2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
    2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
    2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
    2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
    2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
    2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
    2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
    2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
    2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
    2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
    2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-09-29 17:32:15 ----RHD---- C:\MSOCache
    2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
    2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
    2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
    2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
    2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
    2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
    2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
    2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
    2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
    2009-09-29 09:54:04 ----D---- C:\Program Files\Java
    2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
    2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
    2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
    2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
    2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
    2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
    2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
    2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
    2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
    2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
    2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
    2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
    2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
    2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
    2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
    2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
    2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
    2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
    2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
    2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
    2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
    2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
    2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
    2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
    2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-09-29 09:04:50 ----RD---- C:\Program Files
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
    2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
    2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
    2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
    2009-09-29 09:03:48 ----D---- C:\Documents and Settings
    2009-09-29 09:03:43 ----N---- C:\LANG.INI
    2009-09-29 09:03:02 ----SH---- C:\boot.ini
    2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
    2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
    2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
    2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
    2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
    2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
    2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
    2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
    2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
    2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
    2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
    2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
    2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
    2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
    2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
    2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
    2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
    2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
    2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
    2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
    2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
    2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
    2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
    2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
    2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
    2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
    2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
    2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
    2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
    2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
    2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
    2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
    2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
    2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
    2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
    2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
    2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
    2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
    2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
    2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
    2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
    2009-09-29 08:32:03 ----D---- C:\Intel
    2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
    2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
    2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
    2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
    2009-09-29 08:31:18 ----D---- C:\SWSetup
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
    2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
    2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia
    a c 267 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 17:49:08

    Et pour ma question ?
    21 Octobre 2009 18:26:08

    Sorry, Mieux qu'hier mais ralentissement tout de même !

    Peux tu me conseiller un antivirus pour la maison ?
    5 profils sur la Machine ! Chacun vient avec ses clés USB mais je suis le seul à avoir le profil Administrateur sur le poste de travail.

    Merci Destrio5
    a c 267 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 20:44:58

    Citation :
    Peux tu me conseiller un antivirus pour la maison ?

    --> AntiVir mais il a des problèmes avec les mises à jour en ce moment.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    21 Octobre 2009 21:03:06

    """"/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\ """"

    Comment je fais ça STP!

    21 Octobre 2009 21:49:43

    Bonsoir Destrio5

    J'ai lancé le programme et voilà le résultat ci dessous, encore merci:

    ComboFix 09-10-20.03 - FARES JEAN - JACQUES 21/10/2009 19:24.1.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2027.1258 [GMT 0:00]
    Lancé depuis: c:\documents and settings\FARES JEAN - JACQUES\Bureau\ComboFix.exe
    AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
    c:\recycler\S-1-5-21-1823786710-5432986853-162648092-4256
    c:\recycler\S-1-5-21-2337855295-9487429239-423964316-2489
    c:\recycler\S-1-5-21-2526832691-9512609701-930732188-7082
    c:\recycler\S-1-5-21-2657480434-2237066977-685518849-1576
    c:\recycler\S-1-5-21-5339435592-8917314007-218163294-1186
    c:\recycler\S-1-5-21-5445946500-9281122344-214705682-0881
    c:\recycler\S-1-5-21-5882702017-3277552525-894734308-3149
    c:\recycler\S-1-5-21-8377333903-9534122828-890641160-6264
    c:\recycler\S-1-5-21-8899406358-6711113134-092866476-0134
    c:\recycler\S-1-5-21-8952556325-7229592327-351828710-8101
    c:\windows\system32\_004512_.tmp.dll
    c:\windows\system32\_004513_.tmp.dll
    c:\windows\system32\_004514_.tmp.dll
    c:\windows\system32\_004515_.tmp.dll
    c:\windows\system32\_004520_.tmp.dll
    c:\windows\system32\_004521_.tmp.dll
    c:\windows\system32\_004522_.tmp.dll
    c:\windows\system32\_004523_.tmp.dll
    c:\windows\system32\_004524_.tmp.dll
    c:\windows\system32\_004525_.tmp.dll
    c:\windows\system32\_004526_.tmp.dll
    c:\windows\system32\_004527_.tmp.dll
    c:\windows\system32\_004528_.tmp.dll
    c:\windows\system32\_004529_.tmp.dll
    c:\windows\system32\_004530_.tmp.dll
    c:\windows\system32\_004531_.tmp.dll
    c:\windows\system32\_004532_.tmp.dll
    c:\windows\system32\_004533_.tmp.dll
    c:\windows\system32\_004534_.tmp.dll
    c:\windows\system32\_004535_.tmp.dll
    c:\windows\system32\_004536_.tmp.dll
    c:\windows\system32\_004537_.tmp.dll
    c:\windows\system32\_004538_.tmp.dll
    c:\windows\system32\_004539_.tmp.dll
    c:\windows\system32\_004541_.tmp.dll
    c:\windows\system32\_004542_.tmp.dll
    c:\windows\system32\_004544_.tmp.dll
    c:\windows\system32\_004545_.tmp.dll
    c:\windows\system32\_004546_.tmp.dll
    c:\windows\system32\_004547_.tmp.dll
    c:\windows\system32\_004548_.tmp.dll
    c:\windows\system32\_004549_.tmp.dll
    c:\windows\system32\_004551_.tmp.dll
    c:\windows\system32\_004552_.tmp.dll
    c:\windows\system32\_004553_.tmp.dll
    c:\windows\system32\_004554_.tmp.dll
    c:\windows\system32\_004555_.tmp.dll
    c:\windows\system32\_004556_.tmp.dll
    c:\windows\system32\_004557_.tmp.dll
    c:\windows\system32\_004558_.tmp.dll
    c:\windows\system32\_004559_.tmp.dll
    c:\windows\system32\_004561_.tmp.dll
    c:\windows\system32\_004562_.tmp.dll
    c:\windows\system32\_004563_.tmp.dll
    c:\windows\system32\_004564_.tmp.dll
    c:\windows\system32\_004565_.tmp.dll
    c:\windows\system32\_004566_.tmp.dll
    c:\windows\system32\_004567_.tmp.dll
    c:\windows\system32\_004569_.tmp.dll
    c:\windows\system32\_004570_.tmp.dll
    c:\windows\system32\_004571_.tmp.dll
    c:\windows\system32\_004572_.tmp.dll
    c:\windows\system32\_004573_.tmp.dll
    c:\windows\system32\_004575_.tmp.dll
    c:\windows\system32\_004576_.tmp.dll
    c:\windows\system32\_004577_.tmp.dll
    c:\windows\system32\_004578_.tmp.dll
    c:\windows\system32\_004579_.tmp.dll
    c:\windows\system32\_004580_.tmp.dll
    c:\windows\system32\_004582_.tmp.dll
    c:\windows\system32\_004583_.tmp.dll
    c:\windows\system32\_004584_.tmp.dll
    c:\windows\system32\_004585_.tmp.dll
    c:\windows\system32\_004586_.tmp.dll
    c:\windows\system32\_004587_.tmp.dll
    c:\windows\system32\_004589_.tmp.dll
    c:\windows\system32\_004590_.tmp.dll
    c:\windows\system32\_004591_.tmp.dll
    c:\windows\system32\_004592_.tmp.dll
    c:\windows\system32\_004593_.tmp.dll
    c:\windows\system32\_004594_.tmp.dll
    c:\windows\system32\_004595_.tmp.dll
    c:\windows\system32\_004597_.tmp.dll
    c:\windows\system32\_004598_.tmp.dll
    c:\windows\system32\_004599_.tmp.dll
    c:\windows\system32\_004600_.tmp.dll
    c:\windows\system32\_004601_.tmp.dll
    c:\windows\system32\_004602_.tmp.dll
    c:\windows\system32\_004603_.tmp.dll
    c:\windows\system32\_004604_.tmp.dll
    c:\windows\system32\_004606_.tmp.dll
    c:\windows\system32\_004607_.tmp.dll
    c:\windows\system32\_004608_.tmp.dll
    c:\windows\system32\_004611_.tmp.dll
    c:\windows\system32\_004612_.tmp.dll
    c:\windows\system32\_004616_.tmp.dll
    c:\windows\system32\_004617_.tmp.dll
    c:\windows\system32\_004619_.tmp.dll
    c:\windows\system32\_004622_.tmp.dll
    c:\windows\system32\_004624_.tmp.dll
    c:\windows\system32\_004625_.tmp.dll
    c:\windows\system32\_004626_.tmp.dll
    c:\windows\system32\_004627_.tmp.dll
    c:\windows\system32\_004630_.tmp.dll
    c:\windows\system32\_004631_.tmp.dll
    c:\windows\system32\_004632_.tmp.dll
    c:\windows\system32\_004633_.tmp.dll
    c:\windows\system32\_004634_.tmp.dll
    c:\windows\system32\_004639_.tmp.dll
    c:\windows\system32\_004641_.tmp.dll
    c:\windows\system32\accelerometerst .exe
    c:\windows\system32\ctfmon .exe
    c:\windows\system32\dwrcst .exe
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat . . . . impossible à supprimer
    c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat . . . . impossible à supprimer

    ----- BITS: Il y a peut-être des sites infectés -----

    hxxp://svr-ssowsus-01.mtn.ci
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-21 au 2009-10-21 ))))))))))))))))))))))))))))))))))))
    .

    2009-10-21 13:03 . 2009-10-21 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2009-10-19 18:10 . 2009-10-19 18:10 -------- d-----w- C:\_OTM
    2009-10-19 17:31 . 2004-08-19 16:09 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
    2009-10-19 17:31 . 2004-08-19 16:09 21504 ----a-w- c:\windows\system32\hidserv.dll
    2009-10-19 16:58 . 2009-10-21 15:22 -------- d-----w- c:\program files\trend micro
    2009-10-19 16:58 . 2009-10-19 16:59 -------- d-----w- C:\rsit
    2009-10-19 10:16 . 2001-08-17 22:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
    2009-10-19 10:16 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\TechSmith
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\Malwarebytes
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\PC Suite
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01 . 2009-09-10 14:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01 . 2009-09-10 14:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\program files\TechSmith
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\TechSmith
    2009-10-14 12:49 . 2009-10-14 12:49 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
    2009-10-14 10:51 . 2009-10-14 10:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
    2009-10-13 18:06 . 2008-03-21 13:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\PCSuite
    2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\Nokia
    2009-10-13 17:35 . 2008-08-26 10:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
    2009-10-13 13:02 . 2009-02-09 08:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
    2009-10-13 13:02 . 2009-10-13 17:36 -------- d-----w- c:\program files\Nokia
    2009-10-13 12:09 . 2009-10-13 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
    2009-10-13 10:56 . 2009-10-13 10:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\ESET
    2009-10-13 10:53 . 2009-10-20 18:32 -------- d-----w- c:\program files\ESET
    2009-10-13 10:53 . 2009-10-13 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
    2009-10-13 10:48 . 2009-10-13 10:48 -------- d-----w- c:\documents and settings\LocalService\Application Data\Windows Search
    2009-10-13 10:47 . 2009-10-14 18:20 -------- d-----r- c:\documents and settings\LocalService\Favoris
    2009-10-12 18:26 . 2009-10-12 18:27 -------- d-----w- c:\windows\system32\NtmsData
    2009-10-08 14:39 . 2009-10-08 14:39 9440 ----a-w- c:\windows\system32\drivers\mferkdetq.sys
    2009-10-08 14:38 . 2009-10-08 14:38 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Search
    2009-10-06 17:19 . 2009-10-06 17:19 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\WMTools Downloaded Files
    2009-10-06 17:13 . 2009-10-21 13:57 -------- d-----w- c:\documents and settings\FARES\Application Data\vlc
    2009-10-06 00:34 . 2006-03-02 11:00 938496 ----a-w- c:\windows\system32\dllcache\winbrand.dll
    2009-10-05 23:50 . 2009-10-05 23:50 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Adobe
    2009-10-05 17:04 . 2008-08-26 16:17 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
    2009-10-05 17:04 . 2008-07-24 12:02 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
    2009-10-05 17:04 . 2008-04-14 09:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
    2009-10-05 17:04 . 2007-08-09 04:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
    2009-10-05 17:04 . 2009-10-05 17:14 -------- d-----w- c:\program files\Mobile Partner
    2009-10-05 16:15 . 2009-10-05 16:15 -------- d-----w- c:\program files\Western Digital Corp
    2009-10-05 16:06 . 2009-10-05 16:06 -------- d-----w- c:\program files\Western Digital Corporation
    2009-10-05 14:31 . 2006-03-02 11:00 71040 ------w- c:\windows\system32\drivers\_004505_.tmp.dll
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\ATI
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\ATI
    2009-10-05 14:29 . 2009-10-05 14:29 83912 ----a-w- c:\documents and settings\damware_user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-10-05 14:29 . 2009-10-05 14:35 -------- d-----w- c:\documents and settings\damware_user\Application Data\CyberLink
    2009-10-05 14:28 . 2009-10-05 14:28 -------- d-----r- c:\documents and settings\damware_user\Favoris
    2009-10-05 14:28 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Microsoft Help
    2009-10-05 14:28 . 2009-09-29 09:52 -------- d-----w- c:\documents and settings\damware_user\Application Data\Intel
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage réseau
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage d'impression
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d-----r- c:\documents and settings\damware_user\Menu Démarrer
    2009-10-05 14:28 . 2009-09-29 07:08 -------- d--h--w- c:\documents and settings\damware_user\Modèles
    2009-10-05 14:28 . 2009-10-06 00:29 -------- d-----w- c:\documents and settings\damware_user
    2009-10-05 09:46 . 2009-10-05 09:52 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Adobe
    2009-10-05 09:46 . 2006-06-29 13:07 14048 ------w- c:\windows\system32\spmsg2.dll
    2009-10-02 10:25 . 2009-10-02 10:25 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Search
    2009-10-01 16:36 . 2009-10-01 16:36 45056 ----a-w- c:\windows\system32\unzip32.dll
    2009-10-01 16:00 . 2009-10-21 12:31 -------- d-----w- c:\documents and settings\FARES\Tracing
    2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\ATI
    2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Application Data\ATI
    2009-10-01 15:57 . 2009-10-01 17:22 -------- d-----w- c:\documents and settings\FARES\Application Data\CyberLink
    2009-10-01 15:57 . 2009-10-01 15:58 83912 ----a-w- c:\documents and settings\FARES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Bluetooth Software
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Identities
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Desktop Search
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Power2Go
    2009-10-01 15:56 . 2004-08-10 11:11 172098 ----a-w- c:\windows\UTLite33.exe
    2009-10-01 15:47 . 2006-03-02 11:00 71040 ------w- c:\windows\system32\drivers\_004494_.tmp.dll
    2009-10-01 15:42 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\CatRoot_bak
    2009-10-01 15:39 . 2009-10-01 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GroupPolicy
    2009-10-01 10:03 . 2009-10-01 10:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
    2009-10-01 09:09 . 2009-10-01 12:17 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09 . 2009-10-20 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
    2009-09-30 19:00 . 2009-09-30 19:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:58 . 2009-10-21 15:14 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Tracing
    2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
    2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Sync Framework
    2009-09-30 18:54 . 2009-09-30 18:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52 . 2009-09-30 18:52 -------- d-----w- c:\program files\Windows Live SkyDrive
    2009-09-30 18:51 . 2009-09-30 18:55 -------- d-----w- c:\program files\Windows Live
    2009-09-30 18:19 . 2009-09-30 18:19 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2009-09-30 17:43 . 2009-10-19 10:13 -------- d-----w- C:\Quarantine
    2009-09-30 17:13 . 2009-09-30 17:48 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Contacts
    2009-09-30 16:50 . 2009-10-19 17:59 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:46 . 2009-09-30 16:46 -------- d-----w- c:\program files\VideoLAN
    2009-09-30 16:41 . 2009-10-05 09:45 -------- d-----w- c:\windows\system32\XPSViewer
    2009-09-30 16:40 . 2009-09-30 16:40 -------- d-----w- c:\program files\Reference Assemblies
    2009-09-30 16:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-09-30 16:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-09-30 16:39 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-09-30 16:39 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-09-30 16:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-09-30 16:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-09-30 16:39 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-09-30 16:32 . 2009-09-30 16:32 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\program files\MSXML 6.0
    2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\windows\system32\DRM
    2009-09-30 16:29 . 2009-07-19 13:29 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2009-09-30 16:29 . 2009-06-29 15:57 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2009-09-30 16:29 . 2009-06-29 15:57 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2009-09-30 16:29 . 2009-06-29 15:57 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2009-09-30 16:29 . 2009-06-29 15:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
    2009-09-30 16:29 . 2009-06-29 15:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
    2009-09-30 16:29 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
    2009-09-30 16:29 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
    2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Identities
    2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:24 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\fr-FR
    2009-09-30 16:24 . 2009-10-01 12:19 -------- d-----w- c:\program files\Windows Desktop Search
    2009-09-30 16:24 . 2009-09-30 16:24 -------- d-----w- c:\windows\system32\GroupPolicy
    2009-09-30 16:19 . 2009-09-30 16:19 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Adobe
    2009-09-30 16:17 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
    2009-09-30 16:10 . 2009-10-06 00:46 -------- d-----w- c:\windows\ServicePackFiles
    2009-09-30 16:10 . 2009-10-07 09:21 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-09-30 16:09 . 2009-09-30 16:09 -------- d-----w- c:\program files\MSXML 4.0
    2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Power2Go
    2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\program files\Cyberlink
    2009-09-30 10:32 . 2009-09-30 10:32 -------- d-----w- c:\program files\Google

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-21 12:33 . 2006-03-02 11:00 95154 ----a-w- c:\windows\system32\perfc00C.dat
    2009-10-21 12:33 . 2006-03-02 11:00 535788 ----a-w- c:\windows\system32\perfh00C.dat
    2009-10-20 19:11 . 2009-10-13 13:03 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2009-10-13 17:35 . 2009-10-13 13:02 -------- d-----w- c:\program files\DIFX
    2009-10-13 17:35 . 2009-10-13 17:35 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
    2009-10-13 16:02 . 2009-10-13 16:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Desktop Search
    2009-09-30 18:19 . 2009-09-29 08:35 83912 ----a-w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-09-30 10:37 . 2009-09-29 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-09-30 10:35 . 2003-03-18 21:20 1066544 ----a-w- c:\windows\system32\mfc71.dll
    2009-09-29 17:01 . 2009-09-29 08:24 -------- d-----w- c:\program files\Hewlett-Packard
    2009-09-29 09:52 . 2009-10-01 15:55 -------- d-----w- c:\documents and settings\FARES\Application Data\Intel
    2009-09-29 09:52 . 2009-09-29 08:33 -------- d-----w- c:\program files\Fichiers communs\Intel
    2009-09-29 09:52 . 2009-09-29 08:32 -------- d-----w- c:\program files\Intel
    2009-09-29 09:22 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared
    2009-09-29 09:20 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Roxio Shared
    2009-09-29 09:16 . 2009-09-29 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
    2009-09-29 09:10 . 2009-09-29 08:35 -------- d-----w- c:\program files\HPQ
    2009-09-29 09:09 . 2009-09-29 07:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
    2009-09-29 08:55 . 2009-09-29 08:55 0 ----a-w- c:\windows\ativpsrm.bin
    2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
    2009-09-29 08:51 . 2009-09-29 08:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:50 . 2009-09-29 08:50 -------- d-----w- c:\program files\Synaptics
    2009-09-29 08:46 . 2009-09-29 08:44 -------- d-----w- c:\program files\ATI Technologies
    2009-09-29 08:38 . 2009-09-29 08:38 -------- d-----w- c:\program files\WIDCOMM
    2009-09-29 08:37 . 2009-09-29 08:37 1605 --sha-r- c:\windows\system32\drivers\103C_HP_NTBK_HP EliteBook 8530p_YN_0U_Q2CE9061WVT_EU_46_I30E7_SHP_VKBC Version 90.1F_B68PDV Ver. F.06_T081215_WXP2_L40C_M2028_J250_7Intel_8Pentium III Xeon_92.53_#090929_N_()_XMOBILE_CN10_Z_2F.06_G.MRK
    2009-09-29 08:35 . 2009-09-29 08:35 -------- d-----w- c:\program files\Common Files
    2009-09-29 08:26 . 2009-09-29 08:26 -------- d-----w- c:\program files\Analog Devices
    2009-09-29 07:11 . 2009-09-29 07:11 -------- d-----w- c:\program files\microsoft frontpage
    2009-09-29 07:10 . 2009-09-29 07:10 -------- d-----w- c:\program files\Services en ligne
    2009-09-29 07:08 . 2009-09-29 07:08 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2009-08-17 23:33 . 2009-08-17 23:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
    2009-08-06 19:24 . 2009-09-29 07:09 327896 ----a-w- c:\windows\system32\wucltui.dll
    2009-08-06 19:24 . 2009-09-29 07:09 209632 ----a-w- c:\windows\system32\wuweb.dll
    2009-08-06 19:24 . 2009-09-29 07:09 35552 ----a-w- c:\windows\system32\wups.dll
    2009-08-06 19:24 . 2008-01-23 16:34 44768 ----a-w- c:\windows\system32\wups2.dll
    2009-08-06 19:24 . 2009-09-29 07:09 53472 ----a-w- c:\windows\system32\wuauclt.exe
    2009-08-06 19:24 . 2006-03-02 11:00 96480 ----a-w- c:\windows\system32\cdm.dll
    2009-08-06 19:23 . 2009-09-29 07:09 575704 ----a-w- c:\windows\system32\wuapi.dll
    2009-08-06 19:23 . 2009-09-29 07:09 1929952 ----a-w- c:\windows\system32\wuaueng.dll
    2009-08-06 19:23 . 2009-08-06 19:23 215904 ----a-w- c:\windows\system32\muweb.dll
    2009-08-05 09:06 . 2006-03-02 11:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-29 10:23 . 2006-03-02 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-07-29 04:53 . 2006-03-02 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-07-26 16:44 . 2009-07-26 16:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FRYMXINS"="c:\program files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
    "CLJ"="0 (0x0)" [X]
    "picon"="c:\program files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-06-02 367128]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
    "WatchDog"="c:\program files\InterVideo\DVD Check\dvdcheck .exe" [2008-05-23 197904]
    "IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-04-30 1347584]
    "IntelWireless"="c:\program files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" [2008-04-30 1191936]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
    "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-09 124240]
    "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-11-10 136512]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
    "Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
    DVD Check.lnk - c:\program files\InterVideo\DVD Check\dvdcheck .exe [2009-9-29 197904]
    SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\0\0]
    "Script"=hdepls.vbe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\1\0]
    "Script"=UTLiteNT.bat

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\2\0]
    "Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-7857\Scripts\Logon\0\0]
    "Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

    R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [29/09/2009 08:26 24064]
    R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\drivers\dwvkbd.sys [15/02/2007 16:00 26624]
    R2 EnatelWGSS;E-SSO Security Services;c:\program files\Fichiers communs\Evidian\WGSS\WGSS.exe [05/03/2009 16:13 36864]
    R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [09/04/2009 18:07 21256]
    R2 mferkdetq;mferkdetq;c:\windows\system32\drivers\mferkdetq.sys [08/10/2009 14:39 9440]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29/09/2009 14:50 70216]
    R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [29/09/2009 09:11 576024]
    R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.EXE [29/09/2009 08:33 2058776]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [29/09/2009 08:51 193840]
    R3 DwMirror;DwMirror;c:\windows\system32\drivers\DamewareMini.sys [07/02/2007 16:00 3712]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [29/09/2009 08:49 244368]
    R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [29/09/2009 08:49 47616]
    S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [29/09/2009 18:11 87424]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29/09/2009 14:50 65224]
    S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [08/04/2008 12:12 1112560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyServer = proxy.mtn.ci:8081
    uInternet Settings,ProxyOverride = <local>
    IE: &Google Search - c:\program files\Google\googletoolbar.dll/cmsearch.html
    IE: Backward &Links - c:\program files\Google\googletoolbar.dll/cmbacklinks.html
    IE: Cac&hed Snapshot of Page - c:\program files\Google\googletoolbar.dll/cmcache.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Si&milar Pages - c:\program files\Google\googletoolbar.dll/cmsimilar.html
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
    HKCU-Run-SuperCopier2.exe - c:\program files\SuperCopier2\SuperCopier2.exe
    HKLM-Run-DameWare MRC Agent - c:\windows\system32\DWRCST.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-21 19:36
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    CLJ = 63

    Recherche de fichiers cachés ...


    c:\windows\TEMP\Cbmgr14300 0 bytes

    Scan terminé avec succès
    Fichiers cachés: 1

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
    "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(1092)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(4792)
    c:\windows\system32\btmmhook.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\btncopy.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre-ca.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\program files\Intel\WiFi\bin\S24EvMon.exe
    c:\windows\System32\SCardSvr.exe
    c:\windows\system32\agrsmsvc.exe
    c:\windows\SYSTEM32\DWRCS.EXE
    c:\program files\Intel\WiFi\bin\EvtEng.exe
    c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
    c:\program files\Intel\AMT\LMS.exe
    c:\program files\McAfee\Common Framework\FrameworkService.exe
    c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    c:\program files\McAfee\Common Framework\naPrdMgr.exe
    c:\program files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\system32\SearchIndexer.exe
    c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
    c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
    c:\windows\system32\Ati2evxx.exe
    c:\combofix\CF4095.exe
    c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
    c:\program files\McAfee\Common Framework\McTray.exe
    c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    c:\program files\TechSmith\SnagIt 9\TSCHelp.exe
    c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    c:\program files\PC Connectivity Solution\ServiceLayer.exe
    c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
    c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    c:\program files\TechSmith\SnagIt 9\snagiteditor.exe
    c:\combofix\PEV.cfxxe
    .
    **************************************************************************
    .
    Heure de fin: 2009-10-21 19:40 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-10-21 19:40

    Avant-CF: 65 756 286 976 octets libres
    Après-CF: 65 747 095 552 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

    - - End Of File - - 00E5B82344AF88F9E5721270478FCACC


    En attente de te lire encore ...


    Cordialement

    NB :
    Vu que j'utilise les mêmes clé USB pour les mêmes machines (c'est à dire le Desktop de bureau et mon DeskTop de la maison.) pourrais appliquer les mêmes étapes utilisée pour checker mon LapTop sur les autres postes et te les envoyer en t'indiquant biensûr chaque fois l'ordi en examen? Merci d'avance de ton retour.


    a c 267 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 22:30:06

    Citation :
    Vu que j'utilise les mêmes clé USB pour les mêmes machines (c'est à dire le Desktop de bureau et mon DeskTop de la maison.) pourrais appliquer les mêmes étapes utilisée pour checker mon LapTop sur les autres postes et te les envoyer en t'indiquant biensûr chaque fois l'ordi en examen? Merci d'avance de ton retour.

    --> Dans tes rapports, je n'ai pas vu d'infection se transmettant avec les clés USB.

    Le PC va mieux depuis ComboFix ?
    21 Octobre 2009 22:33:33

    Milles Fois Merci c'est Ok now ! Il est revenu à ses performances d'antant ! Je te remercie infiniment ! Pourrais je essayer la même méthode step by step pour les deux autres et te poster au fur et à mesure les éléments de rapports STP ?

    Et please comment on inscrit résolu lorsque tout est terminé sur le forum ! vraimentg désolée !
    a c 267 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 22:48:47

    /!\ Seul KAKOUL peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    File::
    c:\windows\system32\drivers\_004494_.tmp.dll
    c:\windows\system32\drivers\_004505_.tmp.dll

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    22 Octobre 2009 13:30:35

    ComboFix 09-10-20.03 - FARES JEAN - JACQUES 22/10/2009 11:09.2.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.2027.1137 [GMT 0:00]
    Lancé depuis: c:\documents and settings\FARES JEAN - JACQUES\Bureau\ComboFix.exe
    Commutateurs utilisés :: c:\documents and settings\FARES JEAN - JACQUES\Bureau\CFScript.txt
    AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

    FILE ::
    "c:\windows\system32\drivers\_004494_.tmp.dll"
    "c:\windows\system32\drivers\_004505_.tmp.dll"
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\drivers\_004494_.tmp.dll
    c:\windows\system32\drivers\_004505_.tmp.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2009-09-22 au 2009-10-22 ))))))))))))))))))))))))))))))))))))
    .

    2009-10-21 13:03 . 2009-10-21 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2009-10-19 18:10 . 2009-10-19 18:10 -------- d-----w- C:\_OTM
    2009-10-19 17:31 . 2004-08-19 16:09 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
    2009-10-19 17:31 . 2004-08-19 16:09 21504 ----a-w- c:\windows\system32\hidserv.dll
    2009-10-19 16:58 . 2009-10-21 15:22 -------- d-----w- c:\program files\trend micro
    2009-10-19 16:58 . 2009-10-19 16:59 -------- d-----w- C:\rsit
    2009-10-19 10:16 . 2001-08-17 22:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
    2009-10-19 10:16 . 2001-08-17 22:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\TechSmith
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\Malwarebytes
    2009-10-15 17:43 . 2009-10-15 17:43 -------- d-----w- c:\documents and settings\FARES\Application Data\PC Suite
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01 . 2009-09-10 14:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01 . 2009-09-10 14:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
    2009-10-14 17:01 . 2009-10-14 17:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\program files\TechSmith
    2009-10-14 12:51 . 2009-10-14 12:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\TechSmith
    2009-10-14 12:49 . 2009-10-14 12:49 -------- d-----w- c:\program files\Fichiers communs\Wise Installation Wizard
    2009-10-14 10:51 . 2009-10-14 10:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
    2009-10-13 18:06 . 2008-03-21 13:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\PCSuite
    2009-10-13 17:36 . 2009-10-13 17:36 -------- d-----w- c:\program files\Fichiers communs\Nokia
    2009-10-13 17:35 . 2008-08-26 10:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
    2009-10-13 13:02 . 2009-02-09 08:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
    2009-10-13 13:02 . 2009-10-13 17:36 -------- d-----w- c:\program files\Nokia
    2009-10-13 12:09 . 2009-10-13 17:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
    2009-10-13 10:56 . 2009-10-13 10:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\ESET
    2009-10-13 10:53 . 2009-10-20 18:32 -------- d-----w- c:\program files\ESET
    2009-10-13 10:53 . 2009-10-13 10:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
    2009-10-13 10:48 . 2009-10-13 10:48 -------- d-----w- c:\documents and settings\LocalService\Application Data\Windows Search
    2009-10-13 10:47 . 2009-10-14 18:20 -------- d-----r- c:\documents and settings\LocalService\Favoris
    2009-10-12 18:26 . 2009-10-12 18:27 -------- d-----w- c:\windows\system32\NtmsData
    2009-10-08 14:39 . 2009-10-08 14:39 9440 ----a-w- c:\windows\system32\drivers\mferkdetq.sys
    2009-10-08 14:38 . 2009-10-08 14:38 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Search
    2009-10-06 17:19 . 2009-10-06 17:19 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\WMTools Downloaded Files
    2009-10-06 17:13 . 2009-10-21 13:57 -------- d-----w- c:\documents and settings\FARES\Application Data\vlc
    2009-10-06 00:34 . 2006-03-02 11:00 938496 ----a-w- c:\windows\system32\dllcache\winbrand.dll
    2009-10-05 23:50 . 2009-10-05 23:50 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Adobe
    2009-10-05 17:04 . 2008-08-26 16:17 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
    2009-10-05 17:04 . 2008-07-24 12:02 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
    2009-10-05 17:04 . 2008-04-14 09:36 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
    2009-10-05 17:04 . 2007-08-09 04:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
    2009-10-05 17:04 . 2009-10-05 17:14 -------- d-----w- c:\program files\Mobile Partner
    2009-10-05 16:15 . 2009-10-05 16:15 -------- d-----w- c:\program files\Western Digital Corp
    2009-10-05 16:06 . 2009-10-05 16:06 -------- d-----w- c:\program files\Western Digital Corporation
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\ATI
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\ATI
    2009-10-05 14:29 . 2009-10-05 14:29 83912 ----a-w- c:\documents and settings\damware_user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-10-05 14:29 . 2009-10-05 14:35 -------- d-----w- c:\documents and settings\damware_user\Application Data\CyberLink
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Identities
    2009-10-05 14:28 . 2009-10-05 14:28 -------- d-----r- c:\documents and settings\damware_user\Favoris
    2009-10-05 14:28 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\damware_user\Local Settings\Application Data\Microsoft Help
    2009-10-05 14:28 . 2009-09-29 09:52 -------- d-----w- c:\documents and settings\damware_user\Application Data\Intel
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage réseau
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d--h--w- c:\documents and settings\damware_user\Voisinage d'impression
    2009-10-05 14:28 . 2009-09-29 09:04 -------- d-----r- c:\documents and settings\damware_user\Menu Démarrer
    2009-10-05 14:28 . 2009-09-29 07:08 -------- d--h--w- c:\documents and settings\damware_user\Modèles
    2009-10-05 14:28 . 2009-10-06 00:29 -------- d-----w- c:\documents and settings\damware_user
    2009-10-05 09:46 . 2009-10-05 09:52 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Adobe
    2009-10-05 09:46 . 2006-06-29 13:07 14048 ------w- c:\windows\system32\spmsg2.dll
    2009-10-02 10:25 . 2009-10-02 10:25 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Search
    2009-10-01 16:36 . 2009-10-01 16:36 45056 ----a-w- c:\windows\system32\unzip32.dll
    2009-10-01 16:00 . 2009-10-22 09:28 -------- d-----w- c:\documents and settings\FARES\Tracing
    2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\ATI
    2009-10-01 15:58 . 2009-10-01 15:58 -------- d-----w- c:\documents and settings\FARES\Application Data\ATI
    2009-10-01 15:57 . 2009-10-01 17:22 -------- d-----w- c:\documents and settings\FARES\Application Data\CyberLink
    2009-10-01 15:57 . 2009-10-01 15:58 83912 ----a-w- c:\documents and settings\FARES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Bluetooth Software
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Identities
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Application Data\Windows Desktop Search
    2009-10-01 15:57 . 2009-10-01 15:57 -------- d-----w- c:\documents and settings\FARES\Local Settings\Application Data\Power2Go
    2009-10-01 15:56 . 2004-08-10 11:11 172098 ----a-w- c:\windows\UTLite33.exe
    2009-10-01 15:42 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\CatRoot_bak
    2009-10-01 15:39 . 2009-10-01 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\GroupPolicy
    2009-10-01 10:03 . 2009-10-01 10:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Adobe
    2009-10-01 09:09 . 2009-10-01 12:17 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09 . 2009-10-20 18:42 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
    2009-09-30 19:00 . 2009-09-30 19:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:58 . 2009-10-22 10:23 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Tracing
    2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
    2009-09-30 18:55 . 2009-09-30 18:55 -------- d-----w- c:\program files\Microsoft Sync Framework
    2009-09-30 18:54 . 2009-09-30 18:54 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52 . 2009-09-30 18:52 -------- d-----w- c:\program files\Windows Live SkyDrive
    2009-09-30 18:51 . 2009-09-30 18:55 -------- d-----w- c:\program files\Windows Live
    2009-09-30 18:19 . 2009-09-30 18:19 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2009-09-30 17:43 . 2009-10-19 10:13 -------- d-----w- C:\Quarantine
    2009-09-30 17:13 . 2009-09-30 17:48 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Contacts
    2009-09-30 16:50 . 2009-10-21 20:34 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:46 . 2009-09-30 16:46 -------- d-----w- c:\program files\VideoLAN
    2009-09-30 16:41 . 2009-10-05 09:45 -------- d-----w- c:\windows\system32\XPSViewer
    2009-09-30 16:40 . 2009-09-30 16:40 -------- d-----w- c:\program files\Reference Assemblies
    2009-09-30 16:39 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-09-30 16:39 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-09-30 16:39 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2009-09-30 16:39 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2009-09-30 16:39 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-09-30 16:39 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2009-09-30 16:39 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2009-09-30 16:32 . 2009-09-30 16:32 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\program files\MSXML 6.0
    2009-09-30 16:31 . 2009-09-30 16:31 -------- d-----w- c:\windows\system32\DRM
    2009-09-30 16:29 . 2009-07-19 13:29 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2009-09-30 16:29 . 2009-06-29 15:57 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2009-09-30 16:29 . 2009-06-29 15:57 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2009-09-30 16:29 . 2009-06-29 15:57 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2009-09-30 16:29 . 2009-06-29 15:57 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
    2009-09-30 16:29 . 2009-06-29 15:57 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
    2009-09-30 16:29 . 2009-06-29 11:07 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
    2009-09-30 16:29 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
    2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Identities
    2009-09-30 16:28 . 2009-09-30 16:28 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:24 . 2009-10-06 00:42 -------- d-----w- c:\windows\system32\fr-FR
    2009-09-30 16:24 . 2009-10-01 12:19 -------- d-----w- c:\program files\Windows Desktop Search
    2009-09-30 16:24 . 2009-09-30 16:24 -------- d-----w- c:\windows\system32\GroupPolicy
    2009-09-30 16:19 . 2009-09-30 16:19 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Adobe
    2009-09-30 16:17 . 2009-09-30 16:17 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
    2009-09-30 16:10 . 2009-10-06 00:46 -------- d-----w- c:\windows\ServicePackFiles
    2009-09-30 16:10 . 2009-10-07 09:21 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-09-30 16:09 . 2009-09-30 16:09 -------- d-----w- c:\program files\MSXML 4.0
    2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\Power2Go
    2009-09-30 10:36 . 2009-09-30 10:36 -------- d-----w- c:\program files\Cyberlink
    2009-09-30 10:32 . 2009-09-30 10:32 -------- d-----w- c:\program files\Google
    2009-09-30 10:30 . 2009-10-14 15:00 -------- d-----w- c:\program files\Fichiers communs\Real

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-22 09:30 . 2006-03-02 11:00 95154 ----a-w- c:\windows\system32\perfc00C.dat
    2009-10-22 09:30 . 2006-03-02 11:00 535788 ----a-w- c:\windows\system32\perfh00C.dat
    2009-10-20 19:11 . 2009-10-13 13:03 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
    2009-10-13 18:06 . 2009-10-13 18:06 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
    2009-10-13 17:35 . 2009-10-13 13:02 -------- d-----w- c:\program files\DIFX
    2009-10-13 17:35 . 2009-10-13 17:35 -------- d-----w- c:\program files\PC Connectivity Solution
    2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:03 . 2009-10-13 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
    2009-10-13 16:02 . 2009-10-13 16:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
    2009-10-05 14:29 . 2009-10-05 14:29 -------- d-----w- c:\documents and settings\damware_user\Application Data\Windows Desktop Search
    2009-09-30 18:19 . 2009-09-29 08:35 83912 ----a-w- c:\documents and settings\FARES JEAN - JACQUES\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2009-09-30 10:37 . 2009-09-29 07:31 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-09-30 10:35 . 2003-03-18 21:20 1066544 ----a-w- c:\windows\system32\mfc71.dll
    2009-09-29 17:01 . 2009-09-29 08:24 -------- d-----w- c:\program files\Hewlett-Packard
    2009-09-29 09:52 . 2009-10-01 15:55 -------- d-----w- c:\documents and settings\FARES\Application Data\Intel
    2009-09-29 09:52 . 2009-09-29 08:33 -------- d-----w- c:\program files\Fichiers communs\Intel
    2009-09-29 09:52 . 2009-09-29 08:32 -------- d-----w- c:\program files\Intel
    2009-09-29 09:22 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Sonic Shared
    2009-09-29 09:20 . 2009-09-29 09:16 -------- d-----w- c:\program files\Fichiers communs\Roxio Shared
    2009-09-29 09:16 . 2009-09-29 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
    2009-09-29 09:10 . 2009-09-29 08:35 -------- d-----w- c:\program files\HPQ
    2009-09-29 09:09 . 2009-09-29 07:30 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56 . 2009-09-29 08:56 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
    2009-09-29 08:55 . 2009-09-29 08:55 0 ----a-w- c:\windows\ativpsrm.bin
    2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2009-09-29 08:53 . 2009-09-29 08:53 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
    2009-09-29 08:51 . 2009-09-29 08:51 -------- d-----w- c:\documents and settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:50 . 2009-09-29 08:50 -------- d-----w- c:\program files\Synaptics
    2009-09-29 08:46 . 2009-09-29 08:44 -------- d-----w- c:\program files\ATI Technologies
    2009-09-29 08:38 . 2009-09-29 08:38 -------- d-----w- c:\program files\WIDCOMM
    2009-09-29 08:37 . 2009-09-29 08:37 1605 --sha-r- c:\windows\system32\drivers\103C_HP_NTBK_HP EliteBook 8530p_YN_0U_Q2CE9061WVT_EU_46_I30E7_SHP_VKBC Version 90.1F_B68PDV Ver. F.06_T081215_WXP2_L40C_M2028_J250_7Intel_8Pentium III Xeon_92.53_#090929_N_()_XMOBILE_CN10_Z_2F.06_G.MRK
    2009-09-29 08:35 . 2009-09-29 08:35 -------- d-----w- c:\program files\Common Files
    2009-09-29 08:26 . 2009-09-29 08:26 -------- d-----w- c:\program files\Analog Devices
    2009-09-29 07:11 . 2009-09-29 07:11 -------- d-----w- c:\program files\microsoft frontpage
    2009-09-29 07:10 . 2009-09-29 07:10 -------- d-----w- c:\program files\Services en ligne
    2009-09-29 07:08 . 2009-09-29 07:08 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2009-08-17 23:33 . 2009-08-17 23:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
    2009-08-06 19:24 . 2009-09-29 07:09 327896 ----a-w- c:\windows\system32\wucltui.dll
    2009-08-06 19:24 . 2009-09-29 07:09 209632 ----a-w- c:\windows\system32\wuweb.dll
    2009-08-06 19:24 . 2009-09-29 07:09 35552 ----a-w- c:\windows\system32\wups.dll
    2009-08-06 19:24 . 2008-01-23 16:34 44768 ----a-w- c:\windows\system32\wups2.dll
    2009-08-06 19:24 . 2009-09-29 07:09 53472 ------w- c:\windows\system32\wuauclt.exe
    2009-08-06 19:24 . 2006-03-02 11:00 96480 ----a-w- c:\windows\system32\cdm.dll
    2009-08-06 19:23 . 2009-09-29 07:09 575704 ----a-w- c:\windows\system32\wuapi.dll
    2009-08-06 19:23 . 2009-09-29 07:09 1929952 ----a-w- c:\windows\system32\wuaueng.dll
    2009-08-06 19:23 . 2009-08-06 19:23 215904 ----a-w- c:\windows\system32\muweb.dll
    2009-08-05 09:06 . 2006-03-02 11:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-29 10:23 . 2006-03-02 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
    2009-07-29 04:53 . 2006-03-02 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
    2009-07-26 16:44 . 2009-07-26 16:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
    .

    ((((((((((((((((((((((((((((( SnapShot@2009-10-21_19.36.10 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2006-03-02 11:00 . 2009-10-21 19:37 72180 c:\windows\system32\perfc009.dat
    + 2006-03-02 11:00 . 2009-10-22 09:30 72180 c:\windows\system32\perfc009.dat
    + 2006-03-02 11:00 . 2009-10-22 09:30 443922 c:\windows\system32\perfh009.dat
    - 2006-03-02 11:00 . 2009-10-21 19:37 443922 c:\windows\system32\perfh009.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "LightScribe Control Panel"="c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]
    "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "FRYMXINS"="c:\program files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
    "CLJ"="0 (0x0)" [X]
    "picon"="c:\program files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" [2008-06-02 367128]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
    "WatchDog"="c:\program files\InterVideo\DVD Check\dvdcheck .exe" [2008-05-23 197904]
    "IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2008-04-30 1347584]
    "IntelWireless"="c:\program files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" [2008-04-30 1191936]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
    "ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-04-09 124240]
    "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2008-11-10 136512]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
    "Power2GoExpress"="c:\program files\CyberLink\Power2Go\Power2GoExpress.exe" [2007-09-29 2680104]
    "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
    "DameWare MRC Agent"="c:\windows\system32\DWRCST.exe" [BU]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-12 576104]
    DVD Check.lnk - c:\program files\InterVideo\DVD Check\dvdcheck .exe [2009-9-29 197904]
    SnagIt 9.lnk - c:\program files\TechSmith\SnagIt 9\SnagIt32.exe [2008-5-15 6822728]
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\0\0]
    "Script"=hdepls.vbe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\1\0]
    "Script"=UTLiteNT.bat

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-3591\Scripts\Logon\2\0]
    "Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1529685670-1727552398-1405978390-7857\Scripts\Logon\0\0]
    "Script"=\\mtn.ci\SysVol\mtn.ci\scripts\msrtrun-v2-U.CMD

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

    R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [29/09/2009 08:26 24064]
    R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver;c:\windows\system32\drivers\dwvkbd.sys [15/02/2007 16:00 26624]
    R2 EnatelWGSS;E-SSO Security Services;c:\program files\Fichiers communs\Evidian\WGSS\WGSS.exe [05/03/2009 16:13 36864]
    R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [09/04/2009 18:07 21256]
    R2 mferkdetq;mferkdetq;c:\windows\system32\drivers\mferkdetq.sys [08/10/2009 14:39 9440]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29/09/2009 14:50 70216]
    R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [29/09/2009 09:11 576024]
    R2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.EXE [29/09/2009 08:33 2058776]
    R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [29/09/2009 08:51 193840]
    R3 DwMirror;DwMirror;c:\windows\system32\drivers\DamewareMini.sys [07/02/2007 16:00 3712]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [29/09/2009 08:49 244368]
    R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [29/09/2009 08:49 47616]
    S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [29/09/2009 18:11 87424]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29/09/2009 14:50 65224]
    S3 RoxMediaDB10;RoxMediaDB10;c:\program files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [08/04/2008 12:12 1112560]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    "c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe"
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Settings,ProxyServer = proxy.mtn.ci:8081
    uInternet Settings,ProxyOverride = <local>
    IE: &Google Search - c:\program files\Google\googletoolbar.dll/cmsearch.html
    IE: Backward &Links - c:\program files\Google\googletoolbar.dll/cmbacklinks.html
    IE: Cac&hed Snapshot of Page - c:\program files\Google\googletoolbar.dll/cmcache.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Envoyer à Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Si&milar Pages - c:\program files\Google\googletoolbar.dll/cmsimilar.html
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
    WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-22 11:14
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
    CLJ = 63

    Recherche de fichiers cachés ...


    c:\documents and settings\FARES JEAN - JACQUES\Application Data\Microsoft\MSN Messenger\sqmdata00.sqm 508 bytes
    c:\documents and settings\FARES JEAN - JACQUES\Application Data\Microsoft\MSN Messenger\sqmnoopt00.sqm 296 bytes

    Scan terminé avec succès
    Fichiers cachés: 2

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
    "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(1080)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(2824)
    c:\windows\system32\btmmhook.dll
    c:\windows\system32\msi.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\btncopy.dll
    c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
    c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
    c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre-ca.nlr
    c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\program files\Intel\WiFi\bin\S24EvMon.exe
    c:\windows\System32\SCardSvr.exe
    c:\windows\system32\agrsmsvc.exe
    c:\windows\SYSTEM32\DWRCS.EXE
    c:\program files\Intel\WiFi\bin\EvtEng.exe
    c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
    c:\program files\Intel\AMT\LMS.exe
    c:\program files\McAfee\Common Framework\FrameworkService.exe
    c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    c:\program files\McAfee\Common Framework\naPrdMgr.exe
    c:\program files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\windows\system32\SearchIndexer.exe
    c:\program files\McAfee\VirusScan Enterprise\Mcshield.exe
    c:\program files\McAfee\VirusScan Enterprise\mfeann.exe
    c:\windows\system32\Ati2evxx.exe
    c:\combofix\CF20456.exe
    c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
    c:\program files\McAfee\Common Framework\McTray.exe
    c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    c:\program files\TechSmith\SnagIt 9\TSCHelp.exe
    c:\program files\TechSmith\SnagIt 9\SnagPriv.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    c:\windows\system32\wbem\unsecapp.exe
    c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    c:\program files\Windows Live\Contacts\wlcomm.exe
    c:\program files\TechSmith\SnagIt 9\snagiteditor.exe
    c:\program files\PC Connectivity Solution\ServiceLayer.exe
    c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
    c:\program files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    c:\windows\system32\SearchProtocolHost.exe
    c:\windows\system32\SearchFilterHost.exe
    c:\combofix\PEV.cfxxe
    .
    **************************************************************************
    .
    Heure de fin: 2009-10-22 11:19 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-10-22 11:19
    ComboFix2.txt 2009-10-21 19:40

    Avant-CF: 65 692 160 000 octets libres
    Après-CF: 65 682 989 056 octets libres

    - - End Of File - - 2EC7FD56D4CF6B9B17AB1201D6F39C9B
    22 Octobre 2009 13:34:32

    bonjour Destrio5,
    Ci dessus le rapport généré après exécution de la procédure. Merci.

    NB : Mon Desktop de la maison n'arrive plus à démarrer. il demande de paramétrer le CMOS avant de continuer et 10 seconde plus tard il s'éteint ? Dans quel sujet de Forum je peux le classer?
    Merci
    a c 267 8 Sécurité
    a b 9 Windows
    22 Octobre 2009 15:51:50

    Citation :
    NB : Mon Desktop de la maison n'arrive plus à démarrer. il demande de paramétrer le CMOS avant de continuer et 10 seconde plus tard il s'éteint ? Dans quel sujet de Forum je peux le classer?

    --> Dans Hardware je pense.

  • Menu Démarrer > Exécuter > Tape ComboFix /u et valide.

  • Poste le rapport info situé dans C:\rsit.
    22 Octobre 2009 16:29:21

    Le voilà !

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 63 GB (71%) free of 89 GB
    Total RAM: 2027 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:22:27, on 21/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16327 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
    shell\AutoRun\command - I:\LaunchU3.exe -a


    ======List of files/folders created in the last 3 months======

    2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
    2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
    2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-10-19 18:10:55 ----D---- C:\_OTM
    2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-19 16:58:22 ----D---- C:\rsit
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
    2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
    2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
    2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
    2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-09-30 17:43:35 ----D---- C:\Quarantine
    2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
    2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
    2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
    2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
    2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
    2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
    2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
    2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
    2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
    2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
    2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
    2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
    2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
    2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
    2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
    2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
    2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
    2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
    2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
    2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
    2009-09-30 10:32:23 ----D---- C:\Program Files\Google
    2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
    2009-09-30 10:30:49 ----D---- C:\Program Files\Real
    2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
    2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
    2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
    2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
    2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
    2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
    2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
    2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
    2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
    2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
    2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
    2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
    2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
    2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
    2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
    2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
    2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
    2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
    2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
    2009-09-29 17:59:46 ----D---- C:\MyriadPro
    2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
    2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
    2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
    2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
    2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
    2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
    2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
    2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
    2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
    2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
    2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-09-29 17:32:15 ----RHD---- C:\MSOCache
    2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
    2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
    2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
    2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
    2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
    2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
    2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
    2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
    2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
    2009-09-29 09:54:04 ----D---- C:\Program Files\Java
    2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
    2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
    2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
    2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
    2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
    2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
    2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
    2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
    2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
    2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
    2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
    2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
    2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
    2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
    2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
    2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
    2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
    2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
    2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
    2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
    2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
    2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
    2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
    2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
    2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-09-29 09:04:50 ----RD---- C:\Program Files
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
    2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
    2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
    2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
    2009-09-29 09:03:48 ----D---- C:\Documents and Settings
    2009-09-29 09:03:43 ----N---- C:\LANG.INI
    2009-09-29 09:03:02 ----SH---- C:\boot.ini
    2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
    2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
    2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
    2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
    2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
    2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
    2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
    2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
    2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
    2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
    2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
    2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
    2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
    2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
    2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
    2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
    2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
    2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
    2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
    2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
    2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
    2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
    2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
    2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
    2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
    2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
    2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
    2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
    2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
    2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
    2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
    2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
    2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
    2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
    2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
    2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
    2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
    2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
    2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
    2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
    2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
    2009-09-29 08:32:03 ----D---- C:\Intel
    2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
    2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
    2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
    2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
    2009-09-29 08:31:18 ----D---- C:\SWSetup
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
    2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
    2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
    2009-09-29 08:26:01 ----D---- C:\Program Files\Analog D
    a c 267 8 Sécurité
    a b 9 Windows
    22 Octobre 2009 16:37:43

    C'est le rapport log que tu m'as posté.
    22 Octobre 2009 18:56:24

    c'est le seul que j'ai trouvé avec un du 19/10/2009 appelé Info.txt

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-21 15:22:25
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 63 GB (71%) free of 89 GB
    Total RAM: 2027 MB (52% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:22:27, on 21/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16327 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe []
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages"=
    scecli
    scecli
    scecli

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
    shell\AutoRun\command - I:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866fb0f1-adaa-11de-8ae8-00216a0b83da}]
    shell\AutoRun\command - I:\LaunchU3.exe -a


    ======List of files/folders created in the last 3 months======

    2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
    2009-10-21 13:03:42 ----D---- C:\Program Files\NOS
    2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-10-19 18:10:55 ----D---- C:\_OTM
    2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-19 16:58:22 ----D---- C:\rsit
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:34:58 ----A---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 14:31:45 ----N---- C:\WINDOWS\system32\_004641_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004639_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004634_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004633_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004632_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004631_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004630_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004627_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004626_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004625_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004624_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004622_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004619_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004617_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004616_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004612_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004611_.tmp.dll
    2009-10-05 14:31:12 ----N---- C:\WINDOWS\system32\_004607_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004604_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004603_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004602_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004595_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004590_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004587_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004585_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004582_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004580_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004577_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004576_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004539_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004537_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004536_.tmp.dll
    2009-10-05 14:31:11 ----N---- C:\WINDOWS\system32\_004533_.tmp.dll
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:48:15 ----N---- C:\WINDOWS\system32\_004608_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004606_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004601_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004600_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004599_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004598_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004597_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004594_.tmp.dll
    2009-10-01 15:47:38 ----N---- C:\WINDOWS\system32\_004593_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004592_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004591_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004589_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004586_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004584_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004583_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004579_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004578_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004575_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004573_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004571_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004569_.tmp.dll
    2009-10-01 15:47:37 ----N---- C:\WINDOWS\system32\_004567_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004566_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004559_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004553_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004551_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004548_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004545_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004544_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004530_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004526_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004521_.tmp.dll
    2009-10-01 15:47:36 ----N---- C:\WINDOWS\system32\_004520_.tmp.dll
    2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
    2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
    2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
    2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-09-30 17:43:35 ----D---- C:\Quarantine
    2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
    2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
    2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
    2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
    2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
    2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
    2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
    2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
    2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
    2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
    2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
    2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
    2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
    2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
    2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
    2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
    2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
    2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
    2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
    2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
    2009-09-30 10:32:23 ----D---- C:\Program Files\Google
    2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
    2009-09-30 10:30:49 ----D---- C:\Program Files\Real
    2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
    2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
    2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
    2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
    2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
    2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
    2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
    2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
    2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
    2009-09-29 18:18:46 ----A---- C:\WINDOWS\system32\dwrcst .exe
    2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
    2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
    2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
    2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
    2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
    2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
    2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
    2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
    2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
    2009-09-29 17:59:46 ----D---- C:\MyriadPro
    2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
    2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
    2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
    2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
    2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
    2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
    2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
    2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
    2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
    2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
    2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-09-29 17:32:15 ----RHD---- C:\MSOCache
    2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
    2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
    2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
    2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
    2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
    2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
    2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
    2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
    2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
    2009-09-29 09:54:04 ----D---- C:\Program Files\Java
    2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
    2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
    2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
    2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
    2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
    2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
    2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
    2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
    2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
    2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
    2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
    2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
    2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
    2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
    2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
    2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
    2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
    2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
    2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
    2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
    2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
    2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
    2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
    2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
    2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-09-29 09:04:50 ----RD---- C:\Program Files
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
    2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
    2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
    2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
    2009-09-29 09:03:48 ----D---- C:\Documents and Settings
    2009-09-29 09:03:43 ----N---- C:\LANG.INI
    2009-09-29 09:03:02 ----SH---- C:\boot.ini
    2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
    2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
    2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
    2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Temp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
    2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
    2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
    2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
    2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
    2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
    2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
    2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
    2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
    2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
    2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
    2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
    2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
    2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
    2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
    2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
    2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
    2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
    2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
    2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
    2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
    2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
    2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
    2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
    2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
    2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
    2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
    2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
    2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
    2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
    2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
    2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
    2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
    2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
    2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
    2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
    2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
    2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
    2009-09-29 08:32:03 ----D---- C:\Intel
    2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
    2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
    2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
    2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
    2009-09-29 08:31:18 ----D---- C:\SWSetup
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
    2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
    2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
    22 Octobre 2009 18:57:44

    Dois je rechercher un autre ? Le système m'a annoncé que combo.exe a été bien désinstallé.
    a c 267 8 Sécurité
    a b 9 Windows
    22 Octobre 2009 20:05:49

    1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    28 Octobre 2009 10:37:04

    Salut Destrio5,

    Désolé pour le temps de réponse si long. But je suis maintenant de retour. Ci dessous tu trouvreras les éléments des rapports.

    1 / TCLEANER

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Combofix.txt: trouvé !
    C:\Combofix: trouvé !
    C:\_OTM: trouvé !
    C:\Rsit: trouvé !
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\OTM.exe: trouvé !
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\OTM.exe: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\Combofix.txt: supprimé !
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\Combofix: supprimé !
    C:\_OTM: supprimé !
    C:\Rsit: supprimé !


    2/ RSIT

    A/ Logfile

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-28 09:27:26
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 69 GB (77%) free of 89 GB
    Total RAM: 2027 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:27:43, on 28/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
    C:\DOCUME~1\FARESJ~1\LOCALS~1\Temp\jre-6u16-windows-i586-iftw_a02a0d4e.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'FARES')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'FARES')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16420 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    ======List of files/folders created in the last 3 months======

    2009-10-28 09:27:26 ----D---- C:\rsit
    2009-10-26 16:44:07 ----A---- C:\TCleaner.txt
    2009-10-26 16:40:43 ----D---- C:\WINDOWS\Temp
    2009-10-21 19:23:14 ----A---- C:\Boot.bak
    2009-10-21 19:23:11 ----RASHD---- C:\cmdcons
    2009-10-21 19:21:25 ----D---- C:\WINDOWS\ERDNT
    2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
    2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:34:58 ----N---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
    2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
    2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
    2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-09-30 17:43:35 ----D---- C:\Quarantine
    2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
    2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
    2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
    2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
    2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
    2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
    2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
    2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
    2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
    2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
    2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
    2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
    2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
    2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
    2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
    2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
    2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
    2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
    2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
    2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
    2009-09-30 10:32:23 ----D---- C:\Program Files\Google
    2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
    2009-09-30 10:30:49 ----D---- C:\Program Files\Real
    2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
    2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
    2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
    2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
    2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
    2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
    2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
    2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
    2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
    2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
    2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
    2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
    2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
    2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
    2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
    2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
    2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
    2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
    2009-09-29 17:59:46 ----D---- C:\MyriadPro
    2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
    2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
    2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
    2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
    2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
    2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
    2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
    2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
    2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
    2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
    2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-09-29 17:32:15 ----RHD---- C:\MSOCache
    2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
    2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
    2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
    2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
    2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
    2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
    2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
    2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
    2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
    2009-09-29 09:54:04 ----D---- C:\Program Files\Java
    2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
    2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
    2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
    2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
    2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
    2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
    2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
    2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
    2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
    2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
    2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
    2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
    2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
    2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
    2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
    2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
    2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
    2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
    2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
    2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
    2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
    2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
    2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
    2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
    2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-09-29 09:04:50 ----RD---- C:\Program Files
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
    2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
    2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
    2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
    2009-09-29 09:03:48 ----D---- C:\Documents and Settings
    2009-09-29 09:03:43 ----N---- C:\LANG.INI
    2009-09-29 09:03:02 ----RASH---- C:\boot.ini
    2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
    2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
    2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
    2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
    2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
    2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
    2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
    2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
    2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
    2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
    2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
    2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
    2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
    2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
    2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
    2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
    2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
    2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
    2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
    2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
    2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
    2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
    2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
    2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
    2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
    2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
    2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
    2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
    2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
    2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
    2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
    2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
    2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
    2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
    2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
    2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
    2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
    2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
    2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
    2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
    2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
    2009-09-29 08:32:03 ----D---- C:\Intel
    2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
    2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
    2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
    2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
    2009-09-29 08:31:18 ----D---- C:\SWSetup
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
    2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
    2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
    2009-09-29 08:26:01 ----D---- C:\Program Files\Analog Devices
    2009-09-29 08:26:01 ----A---- C:\WINDOWS\system32\DSndUp.exe
    2009-09-29 08:25:05 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2009-09-29 08:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2009-09-29 08:24:46 ----D---- C:\Program Files\Hewlett-Packard
    2009-09-29 08:21:34 ----D---- C:\SYSTEM.SAV
    2009-09-29 07:31:16 ----A---- C:\WINDOWS\system32\wnaspi32.dll
    2009-09-29 07:31:08 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-29 07:30:48 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-09-29 07:16:55 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Identities
    2009-09-29 07:16:53 ----HD---- C:\Program Files\Uninstall Information
    2009-09-29 07:16:49 ----ASH---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\desktop.ini
    2009-09-29 07:16:48 ----SD---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Microsoft
    2009-09-29 07:16:05 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-09-29 07:16:04 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-09-29 07:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-29 07:11:48 ----D---- C:\WINDOWS\system32\xircom
    2009-09-29 07:11:48 ----D---- C:\Program Files\xerox
    2009-09-29 07:11:48 ----D---- C:\Program Files\microsoft frontpage
    2009-09-29 07:11:27 ----HD---- C:\WINDOWS\$hf_mig$
    2009-09-29 07:11:20 ----A---- C:\WINDOWS\control.ini
    2009-09-29 07:11:20 ----A---- C:\AUTOEXEC.BAT
    2009-09-29 07:11:14 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-09-29 07:11:12 ----A---- C:\WINDOWS\system32\mapi32.dll
    2009-09-29 07:10:42 ----RD---- C:\WINDOWS\Offline Web Pages
    2009-09-29 07:10:41 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-09-29 07:10:41 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-09-29 07:10:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-09-29 07:10:34 ----HD---- C:\Program Files\WindowsUpdate
    2009-09-29 07:10:33 ----D---- C:\Program Files\Services en ligne
    2009-09-29 07:10:20 ----D---- C:\WINDOWS\system32\DirectX
    2009-09-29 07:09:59 ----A---- C:\WINDOWS\system32\atrace.dll
    2009-09-29 07:09:56 ----A---- C:\WINDOWS\system32\desktop.ini
    2009-09-29 07:09:56 ----A---- C:\WINDOWS\desktop.ini
    2009-09-29 07:09:49 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2009-09-29 07:09:48 ----A---- C:\WINDOWS\system32\acctres.dll
    2009-09-29 07:09:47 ----D---- C:\Program Files\Fichiers communs\Services
    2009-09-29 07:09:44 ----SD---- C:\WINDOWS\Tasks
    2009-09-29 07:09:44 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2009-09-29 07:09:43 ----D---- C:\Program Files\Fichiers communs\MSSoap
    2009-09-29 07:09:39 ----D---- C:\WINDOWS\srchasst
    2009-09-29 07:09:38 ----D---- C:\WINDOWS\system32\Macromed
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuweb.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wups.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wucltui.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2009-09-29 07:09:34 ----N---- C:\WINDOWS\system32\wuauclt.exe
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuapi.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2009-09-29 07:09:30 ----D---- C:\Program Files\Movie Maker
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrslv.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrdm.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2009-09-29 07:09:23 ----A---- C:\WINDOWS\system32\fltlib.dll
    2009-09-29 07:09:22 ----N---- C:\WINDOWS\system32\srsvc.dll
    2009-09-29 07:09:22 ----D---- C:\WINDO
    28 Octobre 2009 10:44:33

    Je pense avoir fait une erreur de poste donc ci dessous les éléments RSIT avec en 1er les Log et 2nd l'info :

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by FARES JEAN - JACQUES at 2009-10-28 09:27:26
    Microsoft Windows XP Professionnel Service Pack 2
    System drive C: has 69 GB (77%) free of 89 GB
    Total RAM: 2027 MB (55% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:27:43, on 28/10/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\WINDOWS\SYSTEM32\DWRCS.EXE
    C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\PDF Complete\pdfsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\TechSmith\SnagIt 9\TSCHelp.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\TechSmith\SnagIt 9\SnagPriv.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\TechSmith\SnagIt 9\snagiteditor.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\RSIT.exe
    C:\Program Files\trend micro\FARES JEAN - JACQUES.exe
    C:\DOCUME~1\FARESJ~1\LOCALS~1\Temp\jre-6u16-windows-i586-iftw_a02a0d4e.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yello
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.microsoft.com/r/rlidOfficeUserRegSetup?...
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.mtn.ci:8081
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [picon] "C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
    O4 - HKLM\..\Run: [FRYMXINS] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
    O4 - HKLM\..\Run: [Power2GoExpress] "C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'FARES')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden (User 'FARES')
    O4 - HKUS\S-1-5-21-1529685670-1727552398-1405978390-3591\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'FARES')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    O4 - Global Startup: SnagIt 9.lnk = C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mtn.ci
    O17 - HKLM\Software\..\Telephony: DomainName = mtn.ci
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mtn.ci
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE
    O23 - Service: E-SSO Security Services (EnatelWGSS) - Evidian - C:\Program Files\Fichiers communs\Evidian\WGSS\WGSS.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
    O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Fichiers communs\Intel\Privacy Icon\UNS\UNS.exe

    --
    End of file - 16420 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
    SnagIt Toolbar Loader - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15 66888]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78104A01-8E71-4F30-9A36-3793799615B4}]
    ViewerHelper Class - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll [2005-01-27 356352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
    scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2009-04-09 67120]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar.dll [2009-09-30 745472]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
    MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar.dll [2009-09-30 745472]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82784]
    {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - SnagIt - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15 161096]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "picon"=C:\Program Files\Fichiers communs\Intel\Privacy Icon\PrivacyIconClient.exe [2008-06-02 367128]
    "FRYMXINS"=C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl []
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
    "WatchDog"=C:\Program Files\InterVideo\DVD Check\dvdcheck .exe [2008-05-23 197904]
    "IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2008-04-30 1347584]
    "IntelWireless"=C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [2008-04-30 1191936]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]
    "ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2009-04-09 124240]
    "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2008-11-10 136512]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
    "CLMLServer"=C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe [2007-09-27 122880]
    "Power2GoExpress"=C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2007-09-29 2680104]
    "CLJ"=0 []
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
    "DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe []

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
    "LightScribe Control Panel"=C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]
    "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\dvdcheck .exe
    SnagIt 9.lnk - C:\Program Files\TechSmith\SnagIt 9\SnagIt32.exe
    Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    C:\WINDOWS\system32\Ati2evxx.dll [2008-06-27 143360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=323
    "NoDriveAutoRun"=67108863
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=
    "NoDriveAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare"

    ======List of files/folders created in the last 3 months======

    2009-10-28 09:27:26 ----D---- C:\rsit
    2009-10-26 16:44:07 ----A---- C:\TCleaner.txt
    2009-10-26 16:40:43 ----D---- C:\WINDOWS\Temp
    2009-10-21 19:23:14 ----A---- C:\Boot.bak
    2009-10-21 19:23:11 ----RASHD---- C:\cmdcons
    2009-10-21 19:21:25 ----D---- C:\WINDOWS\ERDNT
    2009-10-21 13:04:56 ----A---- C:\WINDOWS\wininit.ini
    2009-10-21 13:03:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
    2009-10-19 17:31:04 ----A---- C:\WINDOWS\system32\hidserv.dll
    2009-10-19 16:58:25 ----D---- C:\Program Files\trend micro
    2009-10-14 17:01:34 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Malwarebytes
    2009-10-14 17:01:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2009-10-14 17:01:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-14 12:51:35 ----D---- C:\Documents and Settings\All Users\Application Data\TechSmith
    2009-10-14 12:51:30 ----D---- C:\Program Files\TechSmith
    2009-10-14 12:49:54 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2009-10-13 18:06:10 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
    2009-10-13 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
    2009-10-13 17:36:12 ----D---- C:\Program Files\Fichiers communs\PCSuite
    2009-10-13 17:36:05 ----D---- C:\Program Files\Fichiers communs\Nokia
    2009-10-13 17:35:07 ----D---- C:\Program Files\PC Connectivity Solution
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
    2009-10-13 17:34:41 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\PC Suite
    2009-10-13 16:00:04 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
    2009-10-13 13:03:37 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Nokia
    2009-10-13 13:02:42 ----D---- C:\Program Files\DIFX
    2009-10-13 13:02:08 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
    2009-10-13 13:02:07 ----D---- C:\Program Files\Nokia
    2009-10-13 12:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
    2009-10-13 10:53:49 ----D---- C:\Program Files\ESET
    2009-10-13 10:53:49 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
    2009-10-12 18:26:25 ----D---- C:\WINDOWS\system32\NtmsData
    2009-10-06 10:33:29 ----D---- C:\WINDOWS\Prefetch
    2009-10-06 00:34:58 ----N---- C:\WINDOWS\system32\qmgr.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\msgsvc.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\kernel32.dll
    2009-10-06 00:34:22 ----N---- C:\WINDOWS\system32\comctl32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\mgmtapi.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lsasrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\locator.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\localspl.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\lmhsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\imagehlp.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\ftp.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\format.com
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\comdlg32.dll
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cmd.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\cacls.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autoconv.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\autochk.exe
    2009-10-06 00:34:22 ----A---- C:\WINDOWS\system32\advapi32.dll
    2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\userinit.exe
    2009-10-06 00:34:21 ----N---- C:\WINDOWS\system32\services.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\wkssvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\win32spl.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\untfs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ulib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\syssetup.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\srvsvc.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\smss.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\setupapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\schannel.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\scardsvr.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\savedump.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samsrv.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\samlib.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rshx32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rastapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasman.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasdlg.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasauto.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\printui.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\perfctrs.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\olecnv32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\oleaut32.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nwprovau.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntvdm.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntprint.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntlsapi.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\ntdll.dll
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\nslookup.exe
    2009-10-06 00:34:21 ----A---- C:\WINDOWS\system32\msv1_0.dll
    2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntoskrnl.exe
    2009-10-06 00:34:19 ----N---- C:\WINDOWS\system32\ntkrnlpa.exe
    2009-10-06 00:34:19 ----A---- C:\WINDOWS\system32\hal.dll
    2009-10-05 17:15:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
    2009-10-05 17:04:04 ----D---- C:\Program Files\Mobile Partner
    2009-10-05 16:15:24 ----D---- C:\Program Files\Western Digital Corp
    2009-10-05 16:06:24 ----D---- C:\Program Files\Western Digital Corporation
    2009-10-05 09:46:18 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2009-10-05 09:46:17 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
    2009-10-01 16:36:47 ----A---- C:\WINDOWS\system32\unzip32.dll
    2009-10-01 15:56:21 ----A---- C:\WINDOWS\UTLite33.exe
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\fr
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\system32\bits
    2009-10-01 15:55:42 ----D---- C:\WINDOWS\l2schemas
    2009-10-01 15:42:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
    2009-10-01 15:39:55 ----D---- C:\Documents and Settings\All Users\Application Data\GroupPolicy
    2009-10-01 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
    2009-10-01 12:21:47 ----HDC---- C:\WINDOWS\$NtUninstallKB943729$
    2009-10-01 12:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
    2009-10-01 12:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
    2009-10-01 12:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
    2009-10-01 09:09:26 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\CyberLink
    2009-10-01 09:09:19 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
    2009-09-30 19:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2009-09-30 19:01:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
    2009-09-30 19:00:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Search
    2009-09-30 18:55:54 ----D---- C:\Program Files\Microsoft Office Outlook Connector
    2009-09-30 18:55:21 ----D---- C:\Program Files\Microsoft Sync Framework
    2009-09-30 18:54:20 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
    2009-09-30 18:52:09 ----D---- C:\Program Files\Windows Live SkyDrive
    2009-09-30 18:51:46 ----D---- C:\Program Files\Windows Live
    2009-09-30 18:19:10 ----D---- C:\Program Files\Fichiers communs\Windows Live
    2009-09-30 17:43:35 ----D---- C:\Quarantine
    2009-09-30 17:09:22 ----SHD---- C:\RECYCLER
    2009-09-30 17:04:55 ----A---- C:\WINDOWS\cdplayer.ini
    2009-09-30 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2009-09-30 16:52:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2009-09-30 16:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
    2009-09-30 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2009-09-30 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2009-09-30 16:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
    2009-09-30 16:50:36 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\vlc
    2009-09-30 16:49:50 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
    2009-09-30 16:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$
    2009-09-30 16:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2009-09-30 16:49:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
    2009-09-30 16:49:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
    2009-09-30 16:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
    2009-09-30 16:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
    2009-09-30 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$
    2009-09-30 16:46:48 ----D---- C:\Program Files\VideoLAN
    2009-09-30 16:41:09 ----D---- C:\WINDOWS\system32\XPSViewer
    2009-09-30 16:40:49 ----D---- C:\WINDOWS\system32\en-US
    2009-09-30 16:40:42 ----D---- C:\Program Files\Reference Assemblies
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
    2009-09-30 16:39:56 ----N---- C:\WINDOWS\system32\prntvpt.dll
    2009-09-30 16:39:55 ----N---- C:\WINDOWS\system32\xpssvcs.dll
    2009-09-30 16:36:49 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2009-09-30 16:32:24 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2009-09-30 16:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
    2009-09-30 16:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
    2009-09-30 16:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
    2009-09-30 16:31:43 ----D---- C:\Program Files\MSXML 6.0
    2009-09-30 16:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
    2009-09-30 16:31:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
    2009-09-30 16:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
    2009-09-30 16:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
    2009-09-30 16:31:16 ----D---- C:\WINDOWS\system32\DRM
    2009-09-30 16:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
    2009-09-30 16:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB916846$
    2009-09-30 16:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
    2009-09-30 16:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
    2009-09-30 16:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
    2009-09-30 16:29:33 ----D---- C:\WINDOWS\ie7updates
    2009-09-30 16:28:53 ----D---- C:\WINDOWS\WBEM
    2009-09-30 16:28:24 ----HDC---- C:\WINDOWS\ie7
    2009-09-30 16:28:15 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Windows Desktop Search
    2009-09-30 16:28:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2009-09-30 16:27:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2009-09-30 16:26:21 ----D---- C:\WINDOWS\network diagnostic
    2009-09-30 16:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
    2009-09-30 16:24:09 ----D---- C:\WINDOWS\system32\fr-FR
    2009-09-30 16:24:09 ----D---- C:\Program Files\Windows Desktop Search
    2009-09-30 16:24:08 ----D---- C:\WINDOWS\system32\GroupPolicy
    2009-09-30 16:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
    2009-09-30 16:23:46 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
    2009-09-30 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
    2009-09-30 16:23:22 ----A---- C:\WINDOWS\system32\xmllite.dll
    2009-09-30 16:23:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
    2009-09-30 16:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
    2009-09-30 16:22:08 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2009-09-30 16:18:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
    2009-09-30 16:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
    2009-09-30 16:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2009-09-30 16:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
    2009-09-30 16:11:59 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
    2009-09-30 16:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
    2009-09-30 16:11:44 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
    2009-09-30 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2009-09-30 16:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2009-09-30 16:10:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
    2009-09-30 16:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
    2009-09-30 16:10:28 ----D---- C:\WINDOWS\ServicePackFiles
    2009-09-30 16:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
    2009-09-30 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
    2009-09-30 16:10:16 ----D---- C:\Program Files\Microsoft Silverlight
    2009-09-30 16:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
    2009-09-30 16:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
    2009-09-30 16:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
    2009-09-30 16:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
    2009-09-30 16:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
    2009-09-30 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
    2009-09-30 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
    2009-09-30 16:09:08 ----D---- C:\Program Files\MSXML 4.0
    2009-09-30 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2009-09-30 16:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
    2009-09-30 16:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
    2009-09-30 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
    2009-09-30 16:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
    2009-09-30 10:36:33 ----D---- C:\Program Files\Cyberlink
    2009-09-30 10:32:23 ----D---- C:\Program Files\Google
    2009-09-30 10:30:50 ----D---- C:\Program Files\Fichiers communs\Real
    2009-09-30 10:30:49 ----D---- C:\Program Files\Real
    2009-09-30 10:30:19 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Real
    2009-09-30 10:26:27 ----D---- C:\Program Files\SuperCopier2
    2009-09-30 10:19:20 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InterVideo
    2009-09-30 10:17:59 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    2009-09-30 10:17:58 ----D---- C:\Program Files\DVD Shrink
    2009-09-30 09:59:31 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Macromedia
    2009-09-30 09:59:30 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Adobe
    2009-09-29 18:18:51 ----HD---- C:\WINDOWS\system32\dwrcssft
    2009-09-29 18:18:50 ----A---- C:\WINDOWS\system32\DWRCSh32.dll
    2009-09-29 18:18:49 ----A---- C:\WINDOWS\system32\DWRCSET.DLL
    2009-09-29 18:18:42 ----A---- C:\WINDOWS\system32\DWRCK.DLL
    2009-09-29 18:18:38 ----A---- C:\WINDOWS\system32\DWRCS.EXE
    2009-09-29 18:12:55 ----N---- C:\WINDOWS\system32\tzchange.exe
    2009-09-29 18:12:01 ----D---- C:\Program Files\Fichiers communs\Evidian
    2009-09-29 18:12:01 ----D---- C:\Program Files\Evidian
    2009-09-29 18:11:38 ----D---- C:\Program Files\Microsoft
    2009-09-29 18:11:10 ----D---- C:\Program Files\Gemalto
    2009-09-29 18:03:46 ----A---- C:\WINDOWS\system32\MRT.exe
    2009-09-29 18:03:16 ----D---- C:\WINDOWS\system32\PreInstall
    2009-09-29 18:03:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
    2009-09-29 17:59:48 ----D---- C:\MyriadWebPro
    2009-09-29 17:59:46 ----D---- C:\MyriadPro
    2009-09-29 17:58:30 ----D---- C:\Program Files\WinRAR
    2009-09-29 17:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Fichiers communs\Adobe
    2009-09-29 17:57:19 ----D---- C:\Program Files\Adobe
    2009-09-29 17:51:48 ----D---- C:\Program Files\GPLGS
    2009-09-29 17:51:21 ----A---- C:\WINDOWS\system32\cpwmon2k.dll
    2009-09-29 17:51:17 ----D---- C:\Program Files\Acro Software
    2009-09-29 17:50:23 ----D---- C:\Program Files\MSECache
    2009-09-29 17:39:33 ----A---- C:\WINDOWS\system32\mdimon.dll
    2009-09-29 17:38:40 ----D---- C:\Program Files\Microsoft Works
    2009-09-29 17:38:19 ----D---- C:\Program Files\MSBuild
    2009-09-29 17:38:05 ----D---- C:\Program Files\Microsoft Visual Studio
    2009-09-29 17:38:04 ----D---- C:\Program Files\Fichiers communs\DESIGNER
    2009-09-29 17:37:27 ----D---- C:\Program Files\Microsoft.NET
    2009-09-29 17:33:56 ----D---- C:\Program Files\Microsoft Visual Studio 8
    2009-09-29 17:33:02 ----D---- C:\WINDOWS\SHELLNEW
    2009-09-29 17:32:47 ----D---- C:\Program Files\Microsoft Office
    2009-09-29 17:32:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2009-09-29 17:32:15 ----RHD---- C:\MSOCache
    2009-09-29 17:16:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2009-09-29 17:03:09 ----D---- C:\Program Files\File Scavenger 3.2
    2009-09-29 14:59:24 ----SHD---- C:\WINDOWS\CSC
    2009-09-29 14:56:29 ----D---- C:\WINDOWS\SchCache
    2009-09-29 14:50:20 ----A---- C:\WINDOWS\system32\mfevtps.exe
    2009-09-29 14:49:53 ----D---- C:\Program Files\Fichiers communs\Cisco Systems
    2009-09-29 14:49:48 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\McAfee
    2009-09-29 14:49:42 ----D---- C:\Program Files\Fichiers communs\McAfee
    2009-09-29 14:48:00 ----D---- C:\WINDOWS\system32\appmgmt
    2009-09-29 09:55:58 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
    2009-09-29 09:55:54 ----N---- C:\WINDOWS\system32\spmsg.dll
    2009-09-29 09:55:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2009-09-29 09:55:47 ----A---- C:\WINDOWS\system32\wmpns.dll
    2009-09-29 09:55:44 ----D---- C:\Program Files\Windows Media Connect 2
    2009-09-29 09:55:37 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2009-09-29 09:55:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2009-09-29 09:54:54 ----D---- C:\WINDOWS\system32\LogFiles
    2009-09-29 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaws.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\javaw.exe
    2009-09-29 09:54:20 ----A---- C:\WINDOWS\system32\java.exe
    2009-09-29 09:54:04 ----D---- C:\Program Files\Java
    2009-09-29 09:54:03 ----D---- C:\Program Files\Fichiers communs\Java
    2009-09-29 09:53:59 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Sun
    2009-09-29 09:53:37 ----D---- C:\Program Files\Fichiers communs\LightScribe
    2009-09-29 09:52:57 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Intel
    2009-09-29 09:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
    2009-09-29 09:51:41 ----A---- C:\WINDOWS\HPMProp.INI
    2009-09-29 09:51:26 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmprein.dll
    2009-09-29 09:51:16 ----RA---- C:\WINDOWS\system32\hpmco081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmtp081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpw081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmpm081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmml081.dll
    2009-09-29 09:51:15 ----A---- C:\WINDOWS\system32\hpmja081.dll
    2009-09-29 09:51:14 ----A---- C:\WINDOWS\system32\hpcpn081.dll
    2009-09-29 09:51:13 ----A---- C:\WINDOWS\system32\fxcompchannel.dll
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNQUE.DLL
    2009-09-29 09:51:12 ----A---- C:\WINDOWS\system32\HPMNNDPS.DLL
    2009-09-29 09:22:50 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall
    2009-09-29 09:18:21 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
    2009-09-29 09:17:39 ----D---- C:\WINDOWS\RegisteredPackages
    2009-09-29 09:17:12 ----D---- C:\Program Files\Fichiers communs\SureThing Shared
    2009-09-29 09:17:11 ----D---- C:\Program Files\Roxio
    2009-09-29 09:16:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
    2009-09-29 09:16:43 ----D---- C:\Program Files\Fichiers communs\Sonic Shared
    2009-09-29 09:16:24 ----D---- C:\Program Files\Fichiers communs\Roxio Shared
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xinput1_3.dll
    2009-09-29 09:16:20 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
    2009-09-29 09:16:19 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
    2009-09-29 09:16:18 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
    2009-09-29 09:16:17 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
    2009-09-29 09:16:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2009-09-29 09:16:10 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2009-09-29 09:16:09 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2009-09-29 09:16:08 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2009-09-29 09:11:59 ----A---- C:\WINDOWS\system32\oeminfo.ini
    2009-09-29 09:11:48 ----A---- C:\WINDOWS\system32\pdfc_port.dll
    2009-09-29 09:11:45 ----D---- C:\Program Files\PDF Complete
    2009-09-29 09:10:20 ----D---- C:\Program Files\Hp
    2009-09-29 09:09:58 ----D---- C:\WINDOWS\Hewlett-Packard
    2009-09-29 09:09:28 ----D---- C:\WINDOWS\Downloaded Installations
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
    2009-09-29 09:07:57 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
    2009-09-29 09:07:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
    2009-09-29 09:07:46 ----D---- C:\Program Files\InterVideo
    2009-09-29 09:07:32 ----D---- C:\Program Files\Fichiers communs\InterVideo
    2009-09-29 09:07:24 ----A---- C:\WINDOWS\system32\h323log.txt
    2009-09-29 09:05:30 ----A---- C:\WINDOWS\system32\usbui.dll
    2009-09-29 09:04:56 ----A---- C:\WINDOWS\imsins.BAK
    2009-09-29 09:04:53 ----SHD---- C:\WINDOWS\Installer
    2009-09-29 09:04:53 ----D---- C:\Program Files\Fichiers communs\ODBC
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2009-09-29 09:04:53 ----A---- C:\WINDOWS\ODBCINST.INI
    2009-09-29 09:04:50 ----RD---- C:\Program Files
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\SpeechEngines
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
    2009-09-29 09:04:50 ----D---- C:\Program Files\Fichiers communs
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2009-09-29 09:04:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2009-09-29 09:04:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2009-09-29 09:04:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2009-09-29 09:04:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2009-09-29 09:04:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2009-09-29 09:04:38 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\irclass.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2009-09-29 09:04:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2009-09-29 09:04:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\TASKMAN.EXE
    2009-09-29 09:04:33 ----A---- C:\WINDOWS\system32\batt.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\system32\storprop.dll
    2009-09-29 09:04:32 ----A---- C:\WINDOWS\notepad.exe
    2009-09-29 09:04:28 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot2
    2009-09-29 09:04:18 ----D---- C:\WINDOWS\system32\CatRoot
    2009-09-29 09:04:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2009-09-29 09:04:01 ----D---- C:\WINDOWS\system32\URTTEMP
    2009-09-29 09:03:51 ----A---- C:\WINDOWS\setuplog.txt
    2009-09-29 09:03:48 ----D---- C:\Documents and Settings
    2009-09-29 09:03:43 ----N---- C:\LANG.INI
    2009-09-29 09:03:02 ----RASH---- C:\boot.ini
    2009-09-29 09:01:13 ----SHD---- C:\System Volume Information
    2009-09-29 08:57:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2009-09-29 08:57:42 ----RSD---- C:\WINDOWS\Fonts
    2009-09-29 08:57:42 ----RD---- C:\WINDOWS\Web
    2009-09-29 08:57:42 ----HD---- C:\WINDOWS\inf
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\WinSxS
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\twain_32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\wbem
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\usmt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\spool
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ShellExt
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\Setup
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ras
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\oobe
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\npp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\inetsrv
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\IME
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\icsxml
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\ias
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\export
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\drivers
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\dhcp
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3com_dmi
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\3076
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\2052
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1054
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1042
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1041
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1037
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1036
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1033
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1031
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1028
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32\1025
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system32
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\system
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\security
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Resources
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\repair
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Provisioning
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\PeerNet
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\pchealth
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\mui
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msapps
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\msagent
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Media
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\java
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ime
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Help
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\ehome
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Driver Cache
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Debug
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Cursors
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Connection Wizard
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\Config
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\AppPatch
    2009-09-29 08:57:42 ----D---- C:\WINDOWS\addins
    2009-09-29 08:57:42 ----D---- C:\WINDOWS
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\ATI
    2009-09-29 08:56:46 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
    2009-09-29 08:53:33 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmns.dll
    2009-09-29 08:51:57 ----A---- C:\WINDOWS\system32\BttnCmn.dll
    2009-09-29 08:51:54 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\InstallShield
    2009-09-29 08:51:25 ----N---- C:\WINDOWS\HPWWANVersion.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5r32.dll
    2009-09-29 08:50:54 ----RA---- C:\WINDOWS\system32\NETw5c32.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
    2009-09-29 08:50:34 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCtrl.dll
    2009-09-29 08:50:33 ----A---- C:\WINDOWS\system32\SynCOM.dll
    2009-09-29 08:50:31 ----D---- C:\Program Files\Synaptics
    2009-09-29 08:49:50 ----RA---- C:\WINDOWS\system32\PROUnstl.exe
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicInstE.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\NicCo2.dll
    2009-09-29 08:49:49 ----RA---- C:\WINDOWS\system32\e1000msg.dll
    2009-09-29 08:49:23 ----A---- C:\WINDOWS\system32\snymsico.dll
    2009-09-29 08:49:22 ----A---- C:\WINDOWS\system32\rixdicon.dll
    2009-09-29 08:48:34 ----D---- C:\WINDOWS\system32\FRA
    2009-09-29 08:48:31 ----RA---- C:\WINDOWS\system32\imsmudlg.exe
    2009-09-29 08:47:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2009-09-29 08:47:23 ----RA---- C:\WINDOWS\system32\CSVer.dll
    2009-09-29 08:44:58 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
    2009-09-29 08:44:57 ----RA---- C:\WINDOWS\system32\ATIDEMGX.dll
    2009-09-29 08:44:38 ----D---- C:\Program Files\ATI Technologies
    2009-09-29 08:44:01 ----D---- C:\WINDOWS\system32\HP3DG
    2009-09-29 08:38:42 ----A---- C:\WINDOWS\system32\btw_ci.dll
    2009-09-29 08:38:35 ----D---- C:\Program Files\WIDCOMM
    2009-09-29 08:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB949764$
    2009-09-29 08:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915326$
    2009-09-29 08:37:09 ----HDC---- C:\WINDOWS\$NtUninstallKB889673$
    2009-09-29 08:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888402$
    2009-09-29 08:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB885464$
    2009-09-29 08:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB883667$
    2009-09-29 08:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918005$
    2009-09-29 08:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB912436$
    2009-09-29 08:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB909667$
    2009-09-29 08:36:26 ----HDC---- C:\WINDOWS\$NtUninstallKB909095$
    2009-09-29 08:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB896256$
    2009-09-29 08:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB892559-v3$
    2009-09-29 08:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB888239$
    2009-09-29 08:35:56 ----HDC---- C:\WINDOWS\$NtUninstallKB885855$
    2009-09-29 08:35:48 ----D---- C:\Program Files\HPQ
    2009-09-29 08:35:07 ----A---- C:\WINDOWS\system32\log.txt
    2009-09-29 08:35:06 ----RA---- C:\WINDOWS\system32\mesoludlg.exe
    2009-09-29 08:35:06 ----D---- C:\Program Files\Common Files
    2009-09-29 08:33:44 ----RSD---- C:\WINDOWS\assembly
    2009-09-29 08:33:24 ----D---- C:\WINDOWS\Microsoft.NET
    2009-09-29 08:33:02 ----D---- C:\Program Files\Fichiers communs\Intel
    2009-09-29 08:32:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2009-09-29 08:32:19 ----RA---- C:\WINDOWS\system32\difxapi.dll
    2009-09-29 08:32:19 ----D---- C:\WINDOWS\system32\Lang
    2009-09-29 08:32:19 ----D---- C:\Program Files\Intel
    2009-09-29 08:32:18 ----RA---- C:\WINDOWS\system32\heciudlg.exe
    2009-09-29 08:32:03 ----D---- C:\Intel
    2009-09-29 08:31:43 ----N---- C:\WINDOWS\HPModemVersion.dll
    2009-09-29 08:31:42 ----N---- C:\WINDOWS\system32\agrsmdel.exe
    2009-09-29 08:31:34 ----D---- C:\WINDOWS\Options
    2009-09-29 08:31:18 ----N---- C:\WINDOWS\system32\agrscoin.dll
    2009-09-29 08:31:18 ----D---- C:\SWSetup
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\system32\agrsmsvc.exe
    2009-09-29 08:31:18 ----A---- C:\WINDOWS\agrsmdel.exe
    2009-09-29 08:26:08 ----RA---- C:\WINDOWS\system32\PostProc.dll
    2009-09-29 08:26:07 ----A---- C:\WINDOWS\system32\ksuser.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\wdmioctl.dll
    2009-09-29 08:26:02 ----N---- C:\WINDOWS\system32\SMMedia.dll
    2009-09-29 08:26:01 ----D---- C:\Program Files\Analog Devices
    2009-09-29 08:26:01 ----A---- C:\WINDOWS\system32\DSndUp.exe
    2009-09-29 08:25:05 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2009-09-29 08:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
    2009-09-29 08:24:46 ----D---- C:\Program Files\Hewlett-Packard
    2009-09-29 08:21:34 ----D---- C:\SYSTEM.SAV
    2009-09-29 07:31:16 ----A---- C:\WINDOWS\system32\wnaspi32.dll
    2009-09-29 07:31:08 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-29 07:30:48 ----D---- C:\Program Files\Fichiers communs\InstallShield
    2009-09-29 07:16:55 ----D---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Identities
    2009-09-29 07:16:53 ----HD---- C:\Program Files\Uninstall Information
    2009-09-29 07:16:49 ----ASH---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\desktop.ini
    2009-09-29 07:16:48 ----SD---- C:\Documents and Settings\FARES JEAN - JACQUES\Application Data\Microsoft
    2009-09-29 07:16:05 ----D---- C:\WINDOWS\SoftwareDistribution
    2009-09-29 07:16:04 ----SD---- C:\WINDOWS\system32\Microsoft
    2009-09-29 07:16:04 ----A---- C:\WINDOWS\SchedLgU.Txt
    2009-09-29 07:11:48 ----D---- C:\WINDOWS\system32\xircom
    2009-09-29 07:11:48 ----D---- C:\Program Files\xerox
    2009-09-29 07:11:48 ----D---- C:\Program Files\microsoft frontpage
    2009-09-29 07:11:27 ----HD---- C:\WINDOWS\$hf_mig$
    2009-09-29 07:11:20 ----A---- C:\WINDOWS\control.ini
    2009-09-29 07:11:20 ----A---- C:\AUTOEXEC.BAT
    2009-09-29 07:11:14 ----A---- C:\WINDOWS\OEWABLog.txt
    2009-09-29 07:11:12 ----A---- C:\WINDOWS\system32\mapi32.dll
    2009-09-29 07:10:42 ----RD---- C:\WINDOWS\Offline Web Pages
    2009-09-29 07:10:41 ----SD---- C:\WINDOWS\Downloaded Program Files
    2009-09-29 07:10:41 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2009-09-29 07:10:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2009-09-29 07:10:34 ----HD---- C:\Program Files\WindowsUpdate
    2009-09-29 07:10:33 ----D---- C:\Program Files\Services en ligne
    2009-09-29 07:10:20 ----D---- C:\WINDOWS\system32\DirectX
    2009-09-29 07:09:59 ----A---- C:\WINDOWS\system32\atrace.dll
    2009-09-29 07:09:56 ----A---- C:\WINDOWS\system32\desktop.ini
    2009-09-29 07:09:56 ----A---- C:\WINDOWS\desktop.ini
    2009-09-29 07:09:49 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2009-09-29 07:09:48 ----A---- C:\WINDOWS\system32\acctres.dll
    2009-09-29 07:09:47 ----D---- C:\Program Files\Fichiers communs\Services
    2009-09-29 07:09:44 ----SD---- C:\WINDOWS\Tasks
    2009-09-29 07:09:44 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2009-09-29 07:09:43 ----D---- C:\Program Files\Fichiers communs\MSSoap
    2009-09-29 07:09:39 ----D---- C:\WINDOWS\srchasst
    2009-09-29 07:09:38 ----D---- C:\WINDOWS\system32\Macromed
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuweb.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wups.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wucltui.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2009-09-29 07:09:35 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2009-09-29 07:09:34 ----N---- C:\WINDOWS\system32\wuauclt.exe
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\wuapi.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2009-09-29 07:09:34 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2009-09-29 07:09:30 ----D---- C:\Program Files\Movie Maker
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrslv.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrdm.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2009-09-29 07:09:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2009-09-29 07:09:23 ----A---- C:\WINDOWS\system32\fltlib.dll
    2009-09-29 07:09:22 ----N---- C:\WINDOWS\system32\srsvc.dll
    2009-09-29 07:09:22 ----D---- C:\WINDOWS\system32\Restore
    2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\srrstr.dll
    2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\srclient.dll
    2009-09-29 07:09:22 ----A---- C:\WINDOWS\system32\fltmc.exe
    2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2009-09-29 07:09:21 ----A---- C:\WINDOWS\system32\ils.dll
    2009-09-29 07:09:20 ----A---- C:\WINDOWS\system32\msconf.dll
    2009-09-29 07:09:20 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2009-09-29 07:09:17 ----D---- C:\Program Files\NetMeeting
    2009-09-29 07:09:17 ----A---- C:\WINDOWS\system32\msoert2.dll
    2009-09-29 07:09:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2009-09-29 07:09:16 ----A---- C:\WINDOWS\system32\inetres.dll
    2009-09-29 07:09:16 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2009-09-29 07:09:14 ----N---- C:\WINDOWS\system32\schedsvc.dll
    200
    a c 267 8 Sécurité
    a b 9 Windows
    28 Octobre 2009 15:45:46

    Le rapport log est tellement long qu'il ne passe pas entièrement sur le forum.

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie ce lien dans ta réponse.
    a c 267 8 Sécurité
    a b 9 Windows
    28 Octobre 2009 17:20:26

  • Désinstalle Java 6 Update 6.

  • Mets à jour Java.

    Plus de souci ?
    4 Novembre 2009 11:36:16

    Salut Destrio5,
    A ta question la réponse est non! Maintenant au démarrage il se plaint de ''winlogon.exe'' avec un message d'erreur. Quand je click sur OK, ilreboot et à l'ouverture me demande de soumettre l'erreur à microsoft. J'ai lancé MBAM et RSIT, pour prévoir au cas tu demanderais! je te poste les files une fois compléter.

    Merci
    4 Novembre 2009 13:51:35

    Le dernier Rapport :

    [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

    --> Recherche:

    C:\Rsit: trouvé !
    C:\Documents and Settings\All Users\Bureau\Rsit: trouvé !
    C:\Documents and Settings\FARES\Bureau\SAVAHOME\ComboFix.exe: trouvé !
    C:\Documents and Settings\FARES\Bureau\SAVAHOME\Rsit.exe: trouvé !
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: trouvé !
    C:\Program Files\trend micro\HijackThis.exe: trouvé !
    C:\Program Files\trend micro\hijackthis.log: trouvé !

    ---------------------------------
    --> Suppression:

    C:\Documents and Settings\FARES\Bureau\SAVAHOME\ComboFix.exe: supprimé !
    C:\Program Files\trend micro\HijackThis.exe: supprimé !
    C:\Documents and Settings\FARES\Bureau\SAVAHOME\Rsit.exe: supprimé !
    C:\Documents and Settings\FARES JEAN - JACQUES\Bureau\Rsit.exe: supprimé !
    C:\Program Files\trend micro\hijackthis.log: supprimé !
    C:\Rsit: supprimé !
    C:\Documents and Settings\All Users\Bureau\Rsit: supprimé !
    a c 267 8 Sécurité
    a b 9 Windows
    6 Novembre 2009 02:20:39

    Pour MBAM, mets-le à jour avant de faire un scan.
    10 Novembre 2009 14:13:42

    Ci dessous le dernier Scan. Merci beaucoup :

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3138
    Windows 5.1.2600 Service Pack 2

    10/11/2009 13:00:49
    mbam-log-2009-11-10 (13-00-49).txt

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 207582
    Temps écoulé: 50 minute(s), 44 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\System Volume Information\_restore{A770478D-7D66-4F10-AA95-385D441AEC85}\RP2\A0000216.exe (Trojan.Buzus) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\mferkdetq.sys (Trojan.RootKit) -> Quarantined and deleted successfully.

    Conduite à tenir...?
    a c 267 8 Sécurité
    a b 9 Windows
    11 Novembre 2009 01:45:26

    Tu as toujours le problème avec winlogon.exe ?
    11 Novembre 2009 11:46:03

    Non. Merci beaucoup il s'est estompé. Plus de souci non plus de lentenr au démarrage. Les Pubs ont également complètement disparus.
    La connexion internet bloquée ou lente doit être due à des éléments de sécurité interne à la structure ou je bosse puisqu'à la maison ça fait pas ça. Merci beaucoup à toi Destrio5.
    Je reste en ligne pour d'éventuelles actions correctrices.

    Merci Beaucoup.

    a c 267 8 Sécurité
    a b 9 Windows
    11 Novembre 2009 15:15:27

    1/

  • Désinstalle HijackThis.

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner Slim.
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyser. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    12 Novembre 2009 13:22:10

    Merci Infiniment Destrio5 et je vais suivre ton conseil sur les P2P et autres sites XXX.
    Je vais faire miens les conseils des liens transmis et les diffuser à mon entourage.
    Un dernier avis est nécessaire : Sur quel sites peut on scanner un fichier ou téléchargement avant de l'installer !
    J'ai fini par acheter une licence Nod32 V4.

    God Bless You for your Help !!!!
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS