Votre question

Pages qui souvre toute seul cdi

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
19 Octobre 2009 21:37:45

bonjour

j'ai un petit probleme avec mon pc, j'ai des pages qui s'ouvrent seules et sans arrêt!!

si quelqu'un peut m'aider.
un grand merci d'avance.

Autres pages sur : pages souvre seul cdi

a c 327 8 Sécurité
a b 9 Windows
19 Octobre 2009 22:15:12

Bonjour,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
    (Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit.
    19 Octobre 2009 22:50:28

    Citation :
    Logfile of random's system information tool 1.06 (written by random/random)
    Run by isa at 2009-10-19 22:48:11
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 10 GB (14%) free of 71 GB
    Total RAM: 3066 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:48:14, on 19/10/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
    C:\Users\isa\Desktop\RSIT.exe
    C:\Program Files\trend micro\isa.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yoower.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [lessextra] "C:\ProgramData\dentanteante.l71ly01"
    O4 - HKCU\..\Run: [memo site kind that] "C:\ProgramData\OKAY REAL ONLINE.l58a6p"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/F...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpld...
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.bellapix.com/ImageUploader5.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/Gam...
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{52FB6713-E604-4868-9EB9-6605EB7E0428}: NameServer = 212.27.40.241,212.27.40.240
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

    --
    End of file - 11112 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-29 470512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-14 259696]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-08 6273568]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-24 39408]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
    "lessextra"=C:\ProgramData\dentanteante.l71ly01 [2009-10-16 303120]
    "memo site kind that"=C:\ProgramData\OKAY REAL ONLINE.l58a6p [2009-10-15 172048]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Users\isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}]
    shell\AutoRun\command - F:\setup\rsrc\Autorun.exe
    shell\dinstall\command - F:\Directx\dxsetup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86d6478d-1448-11de-915d-001377ad94ba}]
    shell\1\command - I:\.\RECYCLER\RECYCLER.exe
    shell\2\command - I:\.\RECYCLER\RECYCLER.exe
    shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\.\RECYCLER\RECYCLER.exe


    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-10-19 22:37:47 ----D---- C:\rsit
    2009-10-16 10:04:49 ----D---- C:\Windows\system32\eu-ES
    2009-10-16 10:04:49 ----D---- C:\Windows\system32\ca-ES
    2009-10-16 10:04:44 ----D---- C:\Windows\system32\vi-VN
    2009-10-16 09:51:17 ----A---- C:\Windows\system32\jscript.dll
    2009-10-16 09:13:48 ----D---- C:\Windows\system32\EventProviders
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\occache.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeeds.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\jsproxy.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\iepeers.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\wininet.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\ieui.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\iesetup.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\iernonce.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\urlmon.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\msfeedssync.exe
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\ieUnatt.exe
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iesysprep.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iertutil.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-10-16 08:18:45 ----A---- C:\Windows\system32\ieframe.dll
    2009-10-16 08:18:44 ----A---- C:\Windows\system32\mshtml.dll
    2009-10-16 08:17:41 ----A---- C:\Windows\system32\mshtmled.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\msls31.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\mshtmler.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\ieakeng.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\icardie.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\corpol.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\admparse.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\licmgr10.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\inseng.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\imgutil.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\ieaksie.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtrans.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\WinFXDocObj.exe
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\wextract.exe
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\webcheck.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\pngfilt.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\mstime.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\msrating.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\ieakui.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\advpack.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\vbscript.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\url.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetDepNx.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\PDMSetup.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\mshta.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\iexpress.exe
    2009-10-16 07:00:08 ----D---- C:\Windows\SQL9_KB970892_ENU
    2009-10-15 20:13:06 ----A---- C:\Windows\system32\msv1_0.dll
    2009-10-15 20:12:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2009-10-15 20:12:52 ----A---- C:\Windows\system32\ntoskrnl.exe
    2009-10-15 20:11:36 ----A---- C:\Windows\system32\msasn1.dll
    2009-10-15 20:11:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
    2009-10-15 17:56:53 ----D---- C:\Users\isa\AppData\Roaming\ESET
    2009-10-15 17:41:06 ----D---- C:\ProgramData\Grid Blue Memo Site
    2009-10-15 17:40:47 ----D---- C:\ProgramData\Browse Defy
    2009-10-15 17:40:40 ----D---- C:\Program Files\Torrent101
    2009-10-12 07:27:49 ----A---- C:\Windows\system32\d3dx9.dll
    2009-10-12 07:27:49 ----A---- C:\Windows\system32\D3DX81ab.dll
    2009-10-12 07:27:46 ----D---- C:\Program Files\Cheat Engine
    2009-10-09 08:18:03 ----D---- C:\ProgramData\Office Genuine Advantage
    2009-10-08 22:21:35 ----A---- C:\Windows\system32\lsasrv.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\wdigest.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\schannel.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\kerberos.dll
    2009-10-08 22:21:33 ----A---- C:\Windows\system32\secur32.dll
    2009-10-08 22:21:33 ----A---- C:\Windows\system32\lsass.exe
    2009-10-08 21:18:45 ----D---- C:\ProgramData\NOS
    2009-10-08 21:18:45 ----D---- C:\Program Files\NOS
    2009-10-08 21:16:03 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-06 07:21:36 ----A---- C:\Windows\system32\wups2.dll
    2009-10-06 07:21:36 ----A---- C:\Windows\system32\wuauclt.exe
    2009-10-06 07:21:34 ----A---- C:\Windows\system32\wucltux.dll
    2009-10-06 07:21:34 ----A---- C:\Windows\system32\wuaueng.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wups.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wudriver.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wuapi.dll
    2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuwebv.dll
    2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuapp.exe
    2009-10-03 14:37:36 ----D---- C:\Users\isa\AppData\Roaming\COWON
    2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files\COWON
    2009-10-03 14:35:32 ----D---- C:\Program Files\JetAudio
    2009-10-03 08:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
    2009-09-24 07:16:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLsvc.exe
    2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLCExt.dll
    2009-09-24 07:16:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
    2009-09-24 07:16:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
    2009-09-24 07:16:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2009-09-24 07:16:03 ----A---- C:\Windows\system32\mssrch.dll
    2009-09-24 07:16:01 ----A---- C:\Windows\system32\tquery.dll
    2009-09-24 07:15:58 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-09-24 07:15:57 ----A---- C:\Windows\system32\scavenge.dll
    2009-09-24 07:15:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-09-24 07:15:56 ----A---- C:\Windows\system32\RMActivate.exe
    2009-09-24 07:15:56 ----A---- C:\Windows\system32\msi.dll
    2009-09-24 07:15:55 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\WscEapPr.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\wcnwiz2.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-09-24 07:15:53 ----A---- C:\Windows\system32\sysmain.dll
    2009-09-24 07:15:52 ----A---- C:\Windows\system32\icardagt.exe
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\spreview.exe
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\EhStorShell.dll
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-09-24 07:15:49 ----A---- C:\Windows\system32\spinstall.exe
    2009-09-24 07:15:49 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\spwizui.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\shell32.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\secproc.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\p2psvc.dll
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\mssvp.dll
    2009-09-24 07:15:44 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-09-24 07:15:44 ----A---- C:\Windows\system32\mscoree.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssphtb.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssph.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\imapi2.dll
    2009-09-24 07:15:42 ----A---- C:\Windows\system32\sdohlp.dll
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\esent.dll
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\DevicePairing.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\wevtsvc.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\sperror.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\SLC.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\msshsq.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\IasMigReader.exe
    2009-09-24 07:15:37 ----A---- C:\Windows\system32\msjet40.dll
    2009-09-24 07:15:37 ----A---- C:\Windows\system32\MPSSVC.dll
    2009-09-24 07:15:36 ----A---- C:\Windows\system32\msxml6.dll
    2009-09-24 07:15:35 ----A---- C:\Windows\system32\Query.dll
    2009-09-24 07:15:35 ----A---- C:\Windows\system32\qmgr.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\ole32.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\msexch40.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\diagperf.dll
    2009-09-24 07:15:33 ----A---- C:\Windows\system32\ntdll.dll
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\winload.exe
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\srchadmin.dll
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\msxml3.dll
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\uDWM.dll
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\mmc.exe
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\mblctr.exe
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\EncDec.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\riched20.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\dfsr.exe
    2009-09-24 07:15:29 ----A---- C:\Windows\system32\fdBth.dll
    2009-09-24 07:15:28 ----A---- C:\Windows\system32\RacEngn.dll
    2009-09-24 07:15:27 ----A---- C:\Windows\system32\kernel32.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\milcore.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\EhStorAPI.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\spoolss.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\schedsvc.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\msvcp60.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\msjtes40.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\infocardapi.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\gpedit.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
    2009-09-24 07:15:22 ----A---- C:\Windows\system32\WinSAT.exe
    2009-09-24 07:15:22 ----A---- C:\Windows\system32\es.dll
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\PresentationSettings.exe
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\mstext40.dll
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\Magnify.exe
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
    2009-09-24 07:15:20 ----A---- C:\Windows\system32\advapi32.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\WebClnt.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\msexcl40.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\slwmi.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\msxbde40.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\comsvcs.dll
    2009-09-24 07:15:16 ----A---- C:\Windows\system32\vssapi.dll
    2009-09-24 07:15:15 ----A---- C:\Windows\system32\authui.dll
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\NetProjW.dll
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\msrepl40.dll
    2009-09-24 07:15:13 ----A---- C:\Windows\system32\newdev.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\propsys.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\iasrecst.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\gpsvc.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\eudcedit.exe
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\crypt32.dll
    2009-09-24 07:15:10 ----A---- C:\Windows\explorer.exe
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\setupapi.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\rpcss.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\mspbde40.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\d3d9.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\wevtapi.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\shlwapi.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msltus40.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msdtctm.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\mfc42.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\davclnt.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\browseui.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\user32.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\samsrv.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\photowiz.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\nlhtml.dll
    2009-09-24 07:15:03 ----A---- C:\Windows\system32\quartz.dll
    2009-09-24 07:15:03 ----A---- C:\Windows\system32\ci.dll
    2009-09-24 07:15:02 ----A---- C:\Windows\system32\win32spl.dll
    2009-09-24 07:15:01 ----A---- C:\Windows\system32\WcnNetsh.dll
    2009-09-24 07:15:01 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\IKEEXT.DLL
    2009-09-24 07:14:56 ----A---- C:\Windows\system32\netshell.dll
    2009-09-24 07:14:56 ----A---- C:\Windows\system32\compcln.exe
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\winhttp.dll
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\mswstr10.dll
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\apds.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\QAGENTRT.DLL
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\msvcrt.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\msctf.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\gdi32.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\emdmgmt.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\audiosrv.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\VSSVC.exe
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\SLUI.exe
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\msrd2x40.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\mfc42u.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\iphlpsvc.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\eapphost.dll
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\winresume.exe
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\propdefs.dll
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\odbc32.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\wevtutil.exe
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\shdocvw.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\mssitlb.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\dbgeng.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\vds.exe
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\usp10.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\swprv.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\Wldap32.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\netlogon.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\msscb.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\msctfp.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\fdBthProxy.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\evr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\drvinst.exe
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\devmgr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\BFE.DLL
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\adsldpc.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WSDApi.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\wercon.exe
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\services.exe
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\mimefilt.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\comdlg32.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\adtschema.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\taskeng.exe
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\rtffilt.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\reg.exe
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\mswdat10.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msjter40.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdrm.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\certcli.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\WMNetMgr.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\w32time.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\umpnpmgr.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\msshooks.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\msscntrs.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\dnsapi.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\certutil.exe
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\bcrypt.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\rsaenh.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\msstrc.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\msihnd.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\inetcomm.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\dfshim.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\bthserv.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\netapi32.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\mtxclu.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\mscories.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\inetpp.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\hidserv.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\fundisc.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\termsrv.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\shsvcs.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\profsvc.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\msiexec.exe
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\imapi.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\wdc.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\rasmans.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\pnidui.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\icardres.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\iassdo.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\wersvc.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\slmgr.vbs
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\scrrun.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\PSHED.DLL
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\pdh.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\azroles.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\autofmt.exe
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\wmpmde.dll
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\winlogon.exe
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\pidgenx.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\untfs.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\spp.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\SLUINotify.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\sethc.exe
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\scrobj.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\ncrypt.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\kd1394.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\iassam.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\comuid.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\certmgr.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\wisptis.exe
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\taskcomp.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\rtutils.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\printui.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\iasnap.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\dwm.exe
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\autochk.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\wow32.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\winsrv.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\userenv.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\onex.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\kdcom.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\cscript.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\basecsp.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\autoconv.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\audiodg.exe
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\WinSCard.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\winmm.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\spcmsg.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\RelMon.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\rdpencom.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\osk.exe
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\mswsock.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\kdusb.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\offfilt.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\msftedit.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\dnsrslvr.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wsepno.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wscript.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wiaservc.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\WerFault.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\Utilman.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\ulib.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\sysclass.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\stobject.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\SndVol.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\prnntfy.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\odbccp32.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\msnetobj.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mscms.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mfplat.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mcmde.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\diskraid.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\apphelp.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\adsmsext.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\wscntfy.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\wlangpui.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\rastapi.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\fdProxy.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\dsound.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\cryptui.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\brcpl.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\wusa.exe
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\wscsvc.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\regsvc.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\rastls.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\rasapi32.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\ntprint.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\mscorier.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\logman.exe
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\iasrad.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\iashlpr.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\gpapi.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\diskpart.exe
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\zipfldr.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wshext.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wpccpl.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wer.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\themecpl.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\rasdlg.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\netcenter.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\iassvcs.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\findstr.exe
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\uxsms.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\tsbyuv.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\srvsvc.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\slcc.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\scansetting.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\ntmarta.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\msutb.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\mssprxy.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\iasads.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\powrprof.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\powercpl.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\networkmap.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\mstsc.exe
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\iasacct.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\authz.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\usercpl.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\themeui.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\systemcpl.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\sud.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\samlib.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\qdvd.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\pcaui.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\newdev.exe
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\mmci.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\dot3svc.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\connect.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\autoplay.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\wpcao.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\wlanpref.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\vdsutil.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\tapisrv.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\scksp.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\scesrv.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\rpchttp.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\regapi.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\psisdecd.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\oleprn.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\msinfo32.exe
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\mpr.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\feclient.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\AudioSes.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\wscisvif.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\sdclt.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\qedit.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\pnpui.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\perfdisk.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\ncryptui.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\imm32.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\Faultrep.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\dpapimig.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\dot3msm.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\DeviceEject.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\certreq.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\whealogr.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\TSTheme.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpmon.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\srcore.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\spwinsat.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\scecli.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasplap.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasgcw.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\PnPUnattend.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\hdwwiz.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\fdWSD.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\conime.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmmon32.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmdial32.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\wlanui.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\wiaaut.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\SnippingTool.exe
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\rasppp.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\raschap.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\PnPutil.exe
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\fontext.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\dsprop.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\dimsroam.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\shsetup.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\rasmontr.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\oobefldr.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\mscandui.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\modemui.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\rdpwsx.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\dataclen.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\blackbox.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\WSDMon.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\wmpeffects.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\smss.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\netplwiz.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\msscp.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\logagent.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\InkEd.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\ifmon.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\credui.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\cipher.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\certprop.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\wscapi.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\thawbrkr.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\softkbd.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\sendmail.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\puiapi.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\olepro32.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\msimtf.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\msctfui.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\input.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\gpresult.exe
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\dmsynth.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\cdd.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\wshbth.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\version.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\SLLUA.exe
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\msjint40.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\msisip.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\mprapi.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\l2nacp.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\fc.exe
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\dmusic.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\cscapi.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\wsdchngr.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\Storprop.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\slcinst.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdial.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdiag.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\ipconfig.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\ftp.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\fdWCN.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\eappcfg.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\cscdll.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthudtask.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthci.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\PNPXAssoc.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\ocsetup.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\nslookup.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\mmcico.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\hbaapi.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\gpupdate.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\fdeploy.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\eappgnui.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\csrstub.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\cbsra.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\bitsigd.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\slwga.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\odbcconf.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\NcdProp.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\iscsilog.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\winrnr.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\midimap.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\inetppui.dll
    2009-09-24 07:14:13 ----A---- C:\Windows\system32\msimsg.dll
    2009-09-24 07:14:13 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-09-24 07:13:54 ----A---- C:\Windows\system32\SmiEngine.dll
    2009-09-24 07:13:52 ----A---- C:\Windows\system32\wdscore.dll
    2009-09-24 07:13:52 ----A---- C:\Windows\system32\PkgMgr.exe
    2009-09-24 07:13:49 ----A---- C:\Windows\system32\drvstore.dll
    2009-09-23 22:37:42 ----D---- C:\ProgramData\Babylon
    2009-09-23 22:37:41 ----D---- C:\Users\isa\AppData\Roaming\Babylon

    ======List of files/folders modified in the last 1 months======

    2009-10-19 22:48:13 ----D---- C:\Program Files\Trend Micro
    2009-10-19 22:48:12 ----D---- C:\Windows\Temp
    2009-10-19 22:45:25 ----D---- C:\Windows\Prefetch
    2009-10-19 17:26:01 ----D---- C:\Windows\System32
    2009-10-19 17:26:00 ----D---- C:\Windows\inf
    2009-10-19 17:26:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-10-19 09:20:58 ----SHD---- C:\System Volume Information
    2009-10-17 15:08:51 ----D---- C:\Windows\system32\catroot2
    2009-10-16 23:18:53 ----HD---- C:\ProgramData
    2009-10-16 23:10:53 ----RD---- C:\Program Files
    2009-10-16 23:09:06 ----SHD---- C:\Windows\Installer
    2009-10-16 23:03:56 ----D---- C:\Windows\Debug
    2009-10-16 23:03:56 ----D---- C:\Windows
    2009-10-16 22:55:02 ----D---- C:\Windows\Microsoft.NET
    2009-10-16 22:54:52 ----D---- C:\Windows\winsxs
    2009-10-16 22:54:26 ----D---- C:\Windows\system32\catroot
    2009-10-16 10:25:38 ----D---- C:\Windows\rescache
    2009-10-16 10:24:36 ----RSD---- C:\Windows\assembly
    2009-10-16 10:13:12 ----D---- C:\ProgramData\NVIDIA
    2009-10-16 10:12:01 ----SHD---- C:\Boot
    2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Mail
    2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Calendar
    2009-10-16 10:06:26 ----D---- C:\Program Files\Movie Maker
    2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Sidebar
    2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Media Player
    2009-10-16 10:06:24 ----D---- C:\Program Files\Internet Explorer
    2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Journal
    2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Collaboration
    2009-10-16 10:06:21 ----D---- C:\Program Files\Common Files\System
    2009-10-16 10:06:20 ----D---- C:\Program Files\Windows Photo Gallery
    2009-10-16 10:06:07 ----D---- C:\Windows\servicing
    2009-10-16 10:06:07 ----D---- C:\Program Files\Windows Defender
    2009-10-16 10:06:03 ----D---- C:\Windows\ehome
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\XPSViewer
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\lv-LV
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\hr-HR
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\et-EE
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\da-DK
    2009-10-16 10:05:52 ----D---- C:\Windows\IME
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\sk-SK
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\oobe
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\ko-KR
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\it-IT
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\en-US
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\el-GR
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\de-DE
    2009-10-16 10:05:50 ----D---- C:\Windows\system32\migration
    2009-10-16 10:05:50 ----D---- C:\Windows\system32\fr
    2009-10-16 10:05:48 ----D---- C:\Windows\system32\ru-RU
    2009-10-16 10:05:48 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-10-16 10:05:46 ----D---- C:\Windows\system32\fr-FR
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-TW
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-CN
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\uk-UA
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sv-SE
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sr-Latn-CS
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\SLUI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sl-SI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\setup
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\pt-PT
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\pl-PL
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\manifeststore
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\ja-JP
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\hu-HU
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\he-IL
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\fi-FI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\es-ES
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\cs-CZ
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\bg-BG
    2009-10-16 10:05:43 ----D---- C:\Windows\system32\th-TH
    2009-10-16 10:05:43 ----D---- C:\Windows\system32\ro-RO
    2009-10-16 10:05:43 ----D---- C:\Windows\system32\drivers
    2009-10-16 10:05:42 ----D---- C:\Windows\system32\tr-TR
    2009-10-16 10:05:41 ----D---- C:\Windows\system32\wbem
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\nl-NL
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\nb-NO
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\migwiz
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\lt-LT
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\ar-SA
    2009-10-16 10:05:39 ----D---- C:\Windows\system32\pt-BR
    2009-10-16 10:04:56 ----RSD---- C:\Windows\Fonts
    2009-10-16 10:04:56 ----D---- C:\Windows\AppPatch
    2009-10-16 10:04:44 ----D---- C:\Windows\system32\Boot
    2009-10-16 08:26:16 ----D---- C:\Windows\PolicyDefinitions
    2009-10-16 07:03:34 ----D---- C:\ProgramData\Microsoft Help
    2009-10-16 07:00:35 ----D---- C:\Program Files\Microsoft SQL Server
    2009-10-15 22:22:29 ----D---- C:\Program Files\Everest Poker
    2009-10-15 18:06:31 ----D---- C:\Program Files\ESET
    2009-10-15 17:55:51 ----D---- C:\ProgramData\ESET
    2009-10-15 17:40:42 ----D---- C:\Windows\system32\Tasks
    2009-10-13 17:27:20 ----D---- C:\Users\isa\AppData\Roaming\uTorrent
    2009-10-10 08:57:40 ----D---- C:\Program Files\Common Files\microsoft shared
    2009-10-10 08:57:18 ----D---- C:\Program Files\Microsoft Works
    2009-10-10 08:55:46 ----A---- C:\Windows\win.ini
    2009-10-09 06:59:37 ----D---- C:\Windows\system32\zh-HK
    2009-10-08 21:16:21 ----D---- C:\Users\isa\AppData\Roaming\Mozilla
    2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files
    2009-10-03 14:35:30 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-10-03 14:32:13 ----D---- C:\Users\isa\AppData\Roaming\dvdcss
    2009-10-02 20:01:57 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
    R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2008-03-31 73728]
    R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
    R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-07 2152088]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-22 51232]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
    R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-06-05 242048]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-06-27 303616]
    S3 ADDMEM;ADDMEM; \??\C:\Users\isa\AppData\Local\Temp\__Sam
    Contenus similaires
    19 Octobre 2009 22:51:55

    Citation :
    info.txt logfile of random's system information tool 1.06 2009-10-19 22:38:27

    ======Uninstall list======

    -->MsiExec /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
    2007 Microsoft Office system-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
    3DMark Vantage-->C:\Program Files\InstallShield Installation Information\{C40C3C3D-97CF-44B5-836C-766E374464B3}\setup.exe -runfromtemp -l0x0009 -removeonly
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
    Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 8.1.5 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
    adsl TV-->C:\Program Files\adslTV\Uninstal.exe
    Agere Systems HDA Modem-->agrsmdel
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
    Atheros WLAN Client-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04983D37-2202-4295-94A2-8B547C66133F}\setup.exe" -l0x9
    Barre d'outils MSN-->C:\Program Files\MSN Toolbar\01.01.2607.0\fr\mtbs.exe c
    Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
    Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Cheat Engine 5.5-->"C:\Program Files\Cheat Engine\unins000.exe"
    Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Counter-Strike Source LAN Edition-->C:\Windows\Counter-Strike Source LAN Edition Uninstaller.exe
    Diamond Drop-->MsiExec.exe /I{B84040B8-AC93-4A6E-94DB-D6643636835A}
    Easy Battery Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}\setup.exe" -l0x9 Remove
    Easy Display Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17283B95-21A8-4996-97DA-547A48DB266F}\setup.exe" -l0x9 -removeonly
    Easy Network Manager 4.0-->C:\Program Files\InstallShield Installation Information\{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}\setup.exe -runfromtemp -l0x040c
    Easy SpeedUp Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF367AA4-070B-493C-9575-85BE59D789C9}\setup.exe" -l0x9 Remove
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
    Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)-->MsiExec.exe /X{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
    Folderico 3.7.2-->C:\Program Files\Folderico\uninst.exe
    Futuremark SystemInfo-->C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
    Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
    GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)-->C:\Windows\SQL9_KB970892_ENU\Hotfix.exe /Uninstall
    Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->"C:\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {69ca8988-1c6c-4285-b8af-db780a6e42af}
    Gestionnaire de contacts professionnels pour Outlook 2007 SP2-->MsiExec.exe /X{69CA8988-1C6C-4285-B8AF-DB780A6E42AF}
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x40c -removeonly
    Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x40c -removeonly
    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    iColorFolder-->C:\Program Files\iColorFolder\uninstall.exe
    imagine digital freedom - Samsung-->MsiExec.exe /X{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
    Intel PROSet Wireless-->Intel PROSet Wireless
    Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
    Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
    jetAudio Basic-->C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe -runfromtemp -l0x0c0c -removeonly
    Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
    La Chaîne Météo-->MsiExec.exe /X{095E78D4-1A02-D0CE-839C-B61734C39116}
    Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Office 2003 Web Components-->MsiExec.exe /I{90A4040C-6000-11D3-8CFE-0150048383C9}
    Microsoft Office 2007 Primary Interop Assemblies-->MsiExec.exe /X{50120000-1105-0000-0000-0000000FF1CE}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Groove MUI (French) 2007-->MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Small Business Connectivity Components-->MsiExec.exe /X{A939D341-5A04-4E0A-BB55-3E65B386432D}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SOAP Toolkit 2.0 SP2-->MsiExec.exe /I{36BEAD11-8577-49AD-9250-E06A50AE87B0}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{480DBB60-F0B6-45F2-B26F-1A2E11197791}
    Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
    Microsoft SQL Server Native Client-->MsiExec.exe /I{1F24E48F-7692-4E89-8784-68DD4D2712A0}
    Microsoft SQL Server VSS Writer-->MsiExec.exe /I{A30179B7-997A-4D47-AA43-57AE59A9C78B}
    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Monopoly Deluxe-->"C:\Program Files\Zylom Games\Monopoly Deluxe\GameInstlr.exe" --uninstall UnInstall.log
    Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Navilog1 3.7.2-->"C:\Program Files\Navilog1\unins000.exe"
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NOD32 FiX-->"C:\Users\isa\AppData\Local\Temp\Rar$EX02.039\Obsolete\unins000.exe"
    NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
    NVIDIA PhysX-->MsiExec.exe /X{8AAB4176-A747-493A-A42C-B63CFADFD8E3}
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    OpenOffice.org 3.1-->MsiExec.exe /I{E6B87DC4-2B3D-4483-ADFF-E483BF718991}
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
    PlayCamera-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{804F1285-8CBF-408D-8CDC-D4D40003B2E4}\setup.exe" -l0x40c
    PokerStars-->"C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:p okerStars
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    Samsung Magic Doctor-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}\Setup.exe" -l0x9 Remove
    Samsung Recovery Solution III-->"C:\Program Files\InstallShield Installation Information\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung Update Plus-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{685707A4-911C-468D-BFC4-64A50E5E3A0C} /l1036
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
    Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
    Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
    Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
    Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    UltraISO Premium V9.12-->"C:\Program Files\UltraISO\unins000.exe"
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
    Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}
    User Guide-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}\setup.exe" -l0x9 Remove
    Vimicro UVC Camera-->C:\Program Files\InstallShield Installation Information\{71A51B09-E7D3-11DB-A386-005056C00008}\setup.exe -runfromtemp -l0x0009 -removeonly
    VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WIDCOMM Bluetooth Software 6.0.1.6300-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
    Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
    Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
    Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
    Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
    Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
    Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
    Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
    Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}

    ======Hosts File======

    127.0.0.1 localhost

    ======Security center information======

    AS: Windows Defender

    ======System event log======

    Computer Name: PC-de-isa
    Event Code: 15016
    Message: Impossible d’initialiser le package de sécurité Kerberos pour l’authentification côté serveur. Le champ de données contient le numéro de l’erreur.
    Record Number: 84686
    Source Name: Microsoft-Windows-HttpEvent
    Time Written: 20090719192242.622535-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-isa
    Event Code: 4001
    Message: Le Service d’autoconfiguration WLAN s’est arrêté correctement.

    Record Number: 84673
    Source Name: Microsoft-Windows-WLAN-AutoConfig
    Time Written: 20090718125020.281800-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-isa
    Event Code: 10002
    Message: Le module d’extensibilité WLAN s’est arrêté.

    Chemin d’accès du module : C:\Windows\system32\athihvs.dll

    Record Number: 84672
    Source Name: Microsoft-Windows-WLAN-AutoConfig
    Time Written: 20090718125020.281800-000
    Event Type: Avertissement
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-isa
    Event Code: 7000
    Message: Le service PLFlash DeviceIoControl Service n'a pas pu démarrer en raison de l'erreur :
    Le fichier spécifié est introuvable.
    Record Number: 84579
    Source Name: Service Control Manager
    Time Written: 20090718072237.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-isa
    Event Code: 7000
    Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
    Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
    Record Number: 84571
    Source Name: Service Control Manager
    Time Written: 20090718072237.000000-000
    Event Type: Erreur
    User:

    =====Application event log=====

    Computer Name: PC-de-isa
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
    Record Number: 1437
    Source Name: Microsoft-Windows-WMI
    Time Written: 20081130043603.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-isa
    Event Code: 10
    Message: Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms
    19 Octobre 2009 22:52:29

    bonsoir
    merci pour ta réponse rapide,

    en espèrant que j'ai fait comme il fallait.

    merci d'avance.
    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    19 Octobre 2009 23:19:26

    Tu as une infection Lop/Swizzor mais Lop S&D n'est pas compatible avec ton Vista à cause du SP2 donc on verra après.

  • Télécharge UsbFix (de Chiquitine29 & C_XX) sur ton Bureau.
  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix pour l'exécuter.
  • Choisis l'option 1 (Recherche).
  • Laisse travailler l'outil.
  • Poste le rapport UsbFix.txt.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).

    "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    20 Octobre 2009 07:01:36

    Citation :

    ############################## | UsbFix V6.042 |

    User : isa (Administrateurs) # PC-DE-ISA
    Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 06:59:32 | 20/10/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18828
    Windows Firewall Status : Disabled

    C:\ -> Disque fixe local # 69,05 Go (9,28 Go free) # NTFS
    D:\ -> Disque fixe local # 70 Go (11,71 Go free) # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM
    G:\ -> Disque amovible # 243,88 Mo (211,33 Mo free) [CANON_DC] # FAT
    H:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
    C:\Program Files\PokerStars\PokerStarsUpdate.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wbem\wmiprvse.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}
    shell\AutoRun\command =F:\setup\rsrc\Autorun.exe
    shell\dinstall\command =F:\Directx\dxsetup.exe

    HKCU\..\..\Explorer\MountPoints2\{86d6478d-1448-11de-915d-001377ad94ba}
    shell\1\Command =I:\.\RECYCLER\RECYCLER.exe
    shell\2\Command =I:\.\RECYCLER\RECYCLER.exe
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\.\RECYCLER\RECYCLER.exe

    ################## | ! Fin du rapport # UsbFix V6.042 ! |



    bonjour,


    voilà le rapport.

    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    20 Octobre 2009 18:18:29

  • Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.
  • Double-clique sur UsbFix présent sur ton Bureau pour le lancer.
  • Choisis l'option 2 (Suppression).
  • Ton Bureau disparaîtra et le PC redémarrera.
  • Au redémarrage, UsbFix scannera ton PC, laisse travailler l'outil.
  • Ensuite, poste le rapport UsbFix.txt qui apparaîtra avec le Bureau.

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque (C:\UsbFix.txt).
    20 Octobre 2009 19:03:27

    voilà le rapport


    ############################## | UsbFix V6.042 |

    User : isa (Administrateurs) # PC-DE-ISA
    Update on 15/10/2009 by Chiquitine29, C_XX & Chimay8
    Start at: 18:55:50 | 20/10/2009
    Website : http://pagesperso-orange.fr/NosTools/index.html

    Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18828
    Windows Firewall Status : Disabled

    C:\ -> Disque fixe local # 69,05 Go (9,1 Go free) # NTFS
    D:\ -> Disque fixe local # 70 Go (11,71 Go free) # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque CD-ROM
    H:\ -> Disque CD-ROM

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\agrsmsvc.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Windows\system32\WerCon.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\runonce.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\PresentationSettings.exe

    ################## | Fichiers # Dossiers infectieux |


    ################## | Registre # Clés Run infectieuses |


    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{6a412933-bef9-11dd-bbe1-001377ad94ba}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{86d6478d-1448-11de-915d-001377ad94ba}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [18/09/2006 23:43|--a------|24] C:\autoexec.bat
    [11/04/2009 08:36|-rahs----|333257] C:\bootmgr
    [08/02/2008 11:31|-ra-s----|8192] C:\BOOTSECT.BAK
    [08/02/2009 14:32|--a------|3241] C:\cleannavi.txt
    [08/02/2009 14:34|--a------|3241] C:\cleannavi1.txt
    [18/09/2006 23:43|--a------|10] C:\config.sys
    [08/02/2009 13:25|--a------|2971] C:\fixnavi.txt
    [?|?|?] C:\hiberfil.sys
    [26/10/2008 07:01|-rahs----|0] C:\IO.SYS
    [30/11/2008 18:51|--a------|0] C:\log_lobby.txt
    [30/11/2008 18:51|--a------|0] C:\log_lobby_dumper.txt
    [08/09/2008 04:08|-ra------|352] C:\Marvell0.log
    [26/10/2008 07:01|-rahs----|0] C:\MSDOS.SYS
    [29/02/2004 17:44|--a------|52576] C:\orange.bmp
    [?|?|?] C:\pagefile.sys
    [08/09/2008 04:07|--a------|366] C:\RHDSetup.log
    [30/11/2008 05:18|--a------|86] C:\Setup.log
    [20/10/2009 19:00|--a------|4060] C:\UsbFix.txt
    [05/10/2007 11:28|--a------|167936] D:\binkw32.dll
    [05/10/2007 11:28|--a------|1105976] D:\cod.bmp
    [29/08/2007 03:35|--a------|216358] D:\cod4.ico
    [05/10/2007 11:28|--a------|109976] D:\codlogo.bmp
    [01/05/2009 21:28|--a------|6804] D:\install.log
    [20/06/2008 15:43|--a------|3330048] D:\iw3mp.exe
    [06/11/2007 23:33|--a------|3017216] D:\iw3sp.exe
    [05/10/2007 11:28|--a------|2857] D:\localization.txt
    [05/10/2007 11:28|--a------|434688] D:\mss32.dll
    [24/08/2009 14:58|--a------|3139984] D:\servercache.dat
    [23/06/2008 17:11|--a------|155] D:\version.inf

    ################## | Vaccination |

    # C:\autorun.inf -> Folder created by UsbFix.
    # D:\autorun.inf -> Folder created by UsbFix.

    ################## | ! Fin du rapport # UsbFix V6.042 ! |
    a c 327 8 Sécurité
    a b 9 Windows
    20 Octobre 2009 19:34:17

  • Relance UsbFix puis choisis l'option 5 pour le désinstaller.

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    20 Octobre 2009 21:25:25

    voilà ce qu'il m'a trouvé:

    Malwarebytes' Anti-Malware 1.41
    Version de la base de données: 3000
    Windows 6.0.6002 Service Pack 2

    20/10/2009 21:22:25
    mbam-log-2009-10-20 (21-22-21).txt

    Type de recherche: Examen rapide
    Eléments examinés: 92292
    Temps écoulé: 4 minute(s), 37 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\Torrent101 (Trojan.Swizzor) -> No action taken.

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)



    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 00:24:25

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Désactive l'UAC le temps de la désinfection.
  • Télécharge Lop S&D (par Eric_71) sur ton Bureau.
  • Puis double-clique sur Lop S&D présent sur ton Bureau.
    (Sous Vista, il faut cliquer droit sur Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche).
  • Patiente jusqu'à la fin du scan.
  • Poste le rapport généré (C:\lopR.txt).

    21 Octobre 2009 10:02:38

    voilà le rapport:


    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
    BIOS : Phoenix SecureCore(tm) NB Version 02LK.MP00.20080926.SCY
    USER : isa ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:69 Go (Free:10 Go)
    D:\ (Local Disk) - NTFS - Total:69 Go (Free:11 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    H:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 21/10/2009| 9:55 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [05/12/2008|22:05] C:\Users\isa\AppData\Local\Adobe
    [09/02/2009|00:34] C:\Users\isa\AppData\Local\Ahead
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Application Data
    [23/09/2009|22:39] C:\Users\isa\AppData\Local\Babylon
    [14/10/2009|08:30] C:\Users\isa\AppData\Local\d3d9caps.dat
    [17/10/2009|03:02] C:\Users\isa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [21/01/2009|16:47] C:\Users\isa\AppData\Local\eMule
    [26/12/2008|23:59] C:\Users\isa\AppData\Local\ESET
    [10/10/2009|09:02] C:\Users\isa\AppData\Local\GDIPFONTCACHEV1.DAT
    [21/10/2009|09:46] C:\Users\isa\AppData\Local\Google
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Historique
    [08/02/2009|14:22] C:\Users\isa\AppData\Local\ibwjealg.bat
    [21/10/2009|09:48] C:\Users\isa\AppData\Local\IconCache.db
    [20/10/2009|18:57] C:\Users\isa\AppData\Local\Microsoft
    [28/02/2009|12:59] C:\Users\isa\AppData\Local\Microsoft Games
    [30/11/2008|18:23] C:\Users\isa\AppData\Local\Microsoft Help
    [08/10/2009|21:16] C:\Users\isa\AppData\Local\Mozilla
    [06/03/2009|17:31] C:\Users\isa\AppData\Local\My Games
    [20/10/2009|07:04] C:\Users\isa\AppData\Local\PokerStars
    [01/05/2009|21:22] C:\Users\isa\AppData\Local\PunkBuster
    [21/10/2009|09:54] C:\Users\isa\AppData\Local\Temp
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Temporary Internet Files
    [02/12/2008|18:41] C:\Users\isa\AppData\Local\Thunderbird
    [01/05/2009|20:45] C:\Users\isa\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [21/10/2009 09:45][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job
    [21/10/2009 09:49][--ah-----] C:\Windows\tasks\SA.DAT
    [21/10/2009 09:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [08/09/2008|04:29] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [16/07/2009|12:14] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [09/09/2009|18:07] C:\ProgramData\Avira
    [30/09/2009|19:11] C:\ProgramData\Babylon
    [16/10/2009|23:17] C:\ProgramData\Browse Defy
    [30/11/2008|05:16] C:\ProgramData\Bureau
    [15/10/2009|17:40] C:\ProgramData\dentanteante.8gc64
    [16/10/2009|23:18] C:\ProgramData\dentanteante.l71ly01
    [15/10/2009|17:40] C:\ProgramData\dentanteante.yzw8qb
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/01/2009|16:47] C:\ProgramData\eMule
    [15/10/2009|17:55] C:\ProgramData\ESET
    [30/11/2008|05:16] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [17/03/2009|17:12] C:\ProgramData\GameHouse
    [24/01/2009|23:48] C:\ProgramData\Google
    [15/10/2009|17:41] C:\ProgramData\Grid Blue Memo Site
    [08/09/2008|04:08] C:\ProgramData\Intel
    [04/03/2009|10:17] C:\ProgramData\Kaspersky Lab
    [04/03/2009|00:09] C:\ProgramData\Kaspersky Lab Setup Files
    [08/02/2009|17:16] C:\ProgramData\Malwarebytes
    [30/11/2008|17:42] C:\ProgramData\McAfee
    [30/11/2008|05:16] C:\ProgramData\Menu D‚marrer
    [28/08/2009|19:33] C:\ProgramData\Microsoft
    [16/10/2009|07:03] C:\ProgramData\Microsoft Help
    [30/11/2008|05:16] C:\ProgramData\ModŠles
    [27/12/2008|00:17] C:\ProgramData\MumboJumbo
    [03/03/2009|19:48] C:\ProgramData\Nero
    [08/10/2009|21:18] C:\ProgramData\NOS
    [16/10/2009|10:10] C:\ProgramData\ntuser.pol
    [16/10/2009|10:13] C:\ProgramData\NVIDIA
    [21/10/2009|09:50] C:\ProgramData\nvModes.001
    [21/10/2009|09:50] C:\ProgramData\nvModes.dat
    [09/10/2009|08:18] C:\ProgramData\Office Genuine Advantage
    [15/10/2009|17:41] C:\ProgramData\OKAY REAL ONLINE.l58a6p
    [08/09/2008|04:09] C:\ProgramData\Roaming
    [03/03/2009|18:52] C:\ProgramData\Simply Super Software
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [03/03/2009|19:39] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [30/11/2008|03:27] C:\ProgramData\WLInstaller
    [20/03/2009|20:25] C:\ProgramData\Zylom

    --------------------\\ Listing des dossiers dans C:\Program Files

    [08/09/2008|04:29] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [15/01/2009|21:47] C:\Program Files\Adobe
    [08/01/2009|22:23] C:\Program Files\adslTV
    [21/04/2009|18:07] C:\Program Files\AGEIA Technologies
    [02/03/2009|13:20] C:\Program Files\Alwil Software
    [03/03/2009|19:45] C:\Program Files\AskTBar
    [08/09/2008|04:09] C:\Program Files\Atheros WLAN Client
    [07/02/2009|22:40] C:\Program Files\CCleaner
    [14/10/2009|21:52] C:\Program Files\Cheat Engine
    [08/09/2008|04:08] C:\Program Files\Cisco
    [03/10/2009|14:35] C:\Program Files\Common Files
    [30/11/2008|18:12] C:\Program Files\DAEMON Tools Lite
    [21/01/2009|16:47] C:\Program Files\eMule
    [15/10/2009|18:06] C:\Program Files\ESET
    [15/10/2009|22:22] C:\Program Files\Everest Poker
    [30/11/2008|05:16] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [28/12/2008|21:47] C:\Program Files\Folderico
    [31/12/2008|21:26] C:\Program Files\Futuremark
    [19/09/2009|12:10] C:\Program Files\Google
    [28/12/2008|18:55] C:\Program Files\iColorFolder
    [03/10/2009|14:35] C:\Program Files\InstallShield Installation Information
    [08/09/2008|04:14] C:\Program Files\Intel
    [16/10/2009|10:06] C:\Program Files\Internet Explorer
    [29/08/2009|11:47] C:\Program Files\Java
    [03/10/2009|14:35] C:\Program Files\JetAudio
    [01/06/2009|13:23] C:\Program Files\JRE
    [21/08/2009|21:09] C:\Program Files\La ChaŒne M‚t‚o
    [20/10/2009|21:22] C:\Program Files\Malwarebytes' Anti-Malware
    [08/09/2008|04:07] C:\Program Files\Marvell
    [24/06/2009|00:13] C:\Program Files\Microsoft
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/09/2008|04:32] C:\Program Files\Microsoft Office
    [10/09/2009|08:14] C:\Program Files\Microsoft Silverlight
    [08/09/2008|04:32] C:\Program Files\Microsoft Small Business
    [16/10/2009|07:00] C:\Program Files\Microsoft SQL Server
    [24/06/2009|00:13] C:\Program Files\Microsoft SQL Server Compact Edition
    [24/06/2009|00:14] C:\Program Files\Microsoft Sync Framework
    [08/09/2008|04:28] C:\Program Files\Microsoft Visual Studio
    [30/11/2008|18:23] C:\Program Files\Microsoft Visual Studio 8
    [10/10/2009|08:57] C:\Program Files\Microsoft Works
    [08/09/2008|04:31] C:\Program Files\Microsoft.NET
    [16/10/2009|10:06] C:\Program Files\Movie Maker
    [20/10/2009|21:12] C:\Program Files\Mozilla Firefox
    [22/08/2009|12:27] C:\Program Files\Mozilla Thunderbird
    [30/11/2008|18:27] C:\Program Files\MSBuild
    [23/06/2009|22:36] C:\Program Files\MSN Toolbar
    [08/09/2008|04:19] C:\Program Files\MSSOAP
    [09/02/2009|23:03] C:\Program Files\MSXML 4.0
    [08/02/2009|14:32] C:\Program Files\Navilog1
    [09/02/2009|00:18] C:\Program Files\Nero
    [08/10/2009|21:18] C:\Program Files\NOS
    [01/06/2009|13:23] C:\Program Files\OpenOffice.org 3
    [23/04/2009|21:17] C:\Program Files\PokerStars
    [08/09/2008|04:06] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [30/11/2008|05:17] C:\Program Files\Samsung
    [21/12/2008|23:50] C:\Program Files\SDLL
    [08/09/2008|04:13] C:\Program Files\Synaptics
    [20/10/2009|18:52] C:\Program Files\Trend Micro
    [03/03/2009|18:58] C:\Program Files\Trojan Remover
    [13/12/2008|23:15] C:\Program Files\Ubisoft
    [09/05/2009|09:52] C:\Program Files\UltraISO
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [30/11/2008|22:18] C:\Program Files\uTorrent
    [03/12/2008|22:24] C:\Program Files\VideoLAN
    [08/09/2008|04:13] C:\Program Files\Vimicro Corporation
    [08/09/2008|04:11] C:\Program Files\WIDCOMM
    [16/10/2009|10:06] C:\Program Files\Windows Calendar
    [16/10/2009|10:06] C:\Program Files\Windows Collaboration
    [16/10/2009|10:06] C:\Program Files\Windows Defender
    [16/10/2009|10:06] C:\Program Files\Windows Journal
    [24/06/2009|00:14] C:\Program Files\Windows Live
    [20/07/2009|22:40] C:\Program Files\Windows Live Safety Center
    [12/01/2009|14:09] C:\Program Files\Windows Live SkyDrive
    [16/10/2009|10:06] C:\Program Files\Windows Mail
    [16/10/2009|10:06] C:\Program Files\Windows Media Player
    [30/11/2008|05:16] C:\Program Files\Windows NT
    [16/10/2009|10:06] C:\Program Files\Windows Photo Gallery
    [16/10/2009|10:06] C:\Program Files\Windows Sidebar
    [15/12/2008|01:02] C:\Program Files\WinRAR
    [13/03/2009|23:24] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [15/01/2009|21:47] C:\Program Files\Common Files\Adobe
    [16/07/2009|12:14] C:\Program Files\Common Files\Adobe AIR
    [03/10/2009|14:35] C:\Program Files\Common Files\COWON
    [08/09/2008|04:28] C:\Program Files\Common Files\DESIGNER
    [09/05/2009|09:52] C:\Program Files\Common Files\EZB Systems
    [31/12/2008|21:27] C:\Program Files\Common Files\Futuremark Shared
    [08/09/2008|04:18] C:\Program Files\Common Files\InstallShield
    [08/09/2008|04:08] C:\Program Files\Common Files\Intel
    [10/10/2009|08:57] C:\Program Files\Common Files\microsoft shared
    [08/09/2008|04:19] C:\Program Files\Common Files\MSSoap
    [03/03/2009|19:48] C:\Program Files\Common Files\Nero
    [27/05/2009|22:13] C:\Program Files\Common Files\PX Storage Engine
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [16/10/2009|10:06] C:\Program Files\Common Files\System
    [12/01/2009|12:50] C:\Program Files\Common Files\Windows Live
    [30/11/2008|03:36] C:\Program Files\Common Files\WindowsLiveInstaller
    [21/04/2009|18:07] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 76 Processes )

    iexplore.exe ~ [PID:3836]
    iexplore.exe ~ [PID:2980]
    iexplore.exe ~ [PID:1964]
    iexplore.exe ~ [PID:4420]

    --------------------\\ Recherche avec S_Lop

    C:\ProgramData\dentanteante.8gc64
    C:\ProgramData\dentanteante.yzw8qb
    C:\ProgramData\OKAY REAL ONLINE.l58a6p
    C:\ProgramData\dentanteante.l71ly01

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\ProgramData\Grid Blue Memo Site
    C:\ProgramData\Grid Blue Memo Site\32 Program.dat
    C:\ProgramData\Grid Blue Memo Site\32 Program.exe
    C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@advertising[2].txt

    --------------------\\ Verification du Registre

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "lessextra"="\"C:\\ProgramData\\dentanteante.l71ly01\""
    "memo site kind that"="\"C:\\ProgramData\\OKAY REAL ONLINE.l58a6p\""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-21 09:55:20
    Windows 6.0.6002 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\Windows\System32\wbem\Performance\WmiApRpl_new.ini 41898 bytes
    C:\Users\isa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPF3TMHX\ajax[2].htm
    scan completed successfully
    hidden processes: 0
    hidden files: 928

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\isa\AppData\Roaming\uTorrent\Crackwhore Confessions.torrent
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.001
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.sfv
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cod4.nfo
    C:\Users\isa\Downloads\eMule\Incoming\nod 32 2.70.39 fr + crack + pass.rar


    [F:11][D:21]-> C:\Users\isa\AppData\Local\Temp
    [F:318][D:1]-> C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:1135][D:5]-> C:\Users\isa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:1][D:1]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009| 9:59 - Option : [1]

    --------------------\\ Fin du rapport a 9:59:50
    [ UAC => 1 ]



    merci pour ton aide

    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 14:19:54

    Impeccable, Lop S&D fonctionne avec Vista SP2.

  • Relance Lop S&D.
    (Sous Vista, il faut cliquer droit sur le raccourci Lop S&D et choisir Exécuter en tant qu'administrateur)
  • Choisis cette fois-ci l'option 2 (Suppression).
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt).

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)
    21 Octobre 2009 18:30:08

    voici le raport.

    Citation :
    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz )
    BIOS : Phoenix SecureCore(tm) NB Version 02LK.MP00.20080926.SCY
    USER : isa ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:69 Go (Free:15 Go)
    D:\ (Local Disk) - NTFS - Total:69 Go (Free:11 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    H:\ (CD or DVD)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [2] ( 21/10/2009|18:15 )

    [ UAC => 1 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

    Supprime! - C:\ProgramData\Grid Blue Memo Site\32 Program.dat
    Supprime! - C:\ProgramData\Grid Blue Memo Site\32 Program.exe
    Supprime! - C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@advertising[2].txt
    Supprime! - C:\ProgramData\dentanteante.8gc64
    Supprime! - C:\ProgramData\dentanteante.yzw8qb
    Supprime! - C:\ProgramData\OKAY REAL ONLINE.l58a6p
    Supprime! - C:\ProgramData\dentanteante.l71ly01
    Supprime! - C:\ProgramData\Grid Blue Memo Site

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    --------------------\\ Listing des dossiers dans Local

    [05/12/2008|22:05] C:\Users\isa\AppData\Local\Adobe
    [09/02/2009|00:34] C:\Users\isa\AppData\Local\Ahead
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Application Data
    [23/09/2009|22:39] C:\Users\isa\AppData\Local\Babylon
    [14/10/2009|08:30] C:\Users\isa\AppData\Local\d3d9caps.dat
    [17/10/2009|03:02] C:\Users\isa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [21/01/2009|16:47] C:\Users\isa\AppData\Local\eMule
    [26/12/2008|23:59] C:\Users\isa\AppData\Local\ESET
    [10/10/2009|09:02] C:\Users\isa\AppData\Local\GDIPFONTCACHEV1.DAT
    [21/10/2009|09:46] C:\Users\isa\AppData\Local\Google
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Historique
    [08/02/2009|14:22] C:\Users\isa\AppData\Local\ibwjealg.bat
    [21/10/2009|09:48] C:\Users\isa\AppData\Local\IconCache.db
    [20/10/2009|18:57] C:\Users\isa\AppData\Local\Microsoft
    [28/02/2009|12:59] C:\Users\isa\AppData\Local\Microsoft Games
    [30/11/2008|18:23] C:\Users\isa\AppData\Local\Microsoft Help
    [08/10/2009|21:16] C:\Users\isa\AppData\Local\Mozilla
    [06/03/2009|17:31] C:\Users\isa\AppData\Local\My Games
    [20/10/2009|07:04] C:\Users\isa\AppData\Local\PokerStars
    [01/05/2009|21:22] C:\Users\isa\AppData\Local\PunkBuster
    [21/10/2009|18:15] C:\Users\isa\AppData\Local\Temp
    [30/11/2008|05:17] C:\Users\isa\AppData\Local\Temporary Internet Files
    [02/12/2008|18:41] C:\Users\isa\AppData\Local\Thunderbird
    [01/05/2009|20:45] C:\Users\isa\AppData\Local\VirtualStore

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [21/10/2009 12:03][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job
    [21/10/2009 09:49][--ah-----] C:\Windows\tasks\SA.DAT
    [21/10/2009 09:48][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [08/09/2008|04:29] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
    [16/07/2009|12:14] C:\ProgramData\Adobe
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [09/09/2009|18:07] C:\ProgramData\Avira
    [30/09/2009|19:11] C:\ProgramData\Babylon
    [16/10/2009|23:17] C:\ProgramData\Browse Defy
    [30/11/2008|05:16] C:\ProgramData\Bureau
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [21/01/2009|16:47] C:\ProgramData\eMule
    [15/10/2009|17:55] C:\ProgramData\ESET
    [30/11/2008|05:16] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [17/03/2009|17:12] C:\ProgramData\GameHouse
    [24/01/2009|23:48] C:\ProgramData\Google
    [08/09/2008|04:08] C:\ProgramData\Intel
    [04/03/2009|10:17] C:\ProgramData\Kaspersky Lab
    [04/03/2009|00:09] C:\ProgramData\Kaspersky Lab Setup Files
    [08/02/2009|17:16] C:\ProgramData\Malwarebytes
    [30/11/2008|17:42] C:\ProgramData\McAfee
    [30/11/2008|05:16] C:\ProgramData\Menu D‚marrer
    [28/08/2009|19:33] C:\ProgramData\Microsoft
    [16/10/2009|07:03] C:\ProgramData\Microsoft Help
    [30/11/2008|05:16] C:\ProgramData\ModŠles
    [27/12/2008|00:17] C:\ProgramData\MumboJumbo
    [03/03/2009|19:48] C:\ProgramData\Nero
    [08/10/2009|21:18] C:\ProgramData\NOS
    [16/10/2009|10:10] C:\ProgramData\ntuser.pol
    [16/10/2009|10:13] C:\ProgramData\NVIDIA
    [21/10/2009|09:50] C:\ProgramData\nvModes.001
    [21/10/2009|09:50] C:\ProgramData\nvModes.dat
    [09/10/2009|08:18] C:\ProgramData\Office Genuine Advantage
    [08/09/2008|04:09] C:\ProgramData\Roaming
    [03/03/2009|18:52] C:\ProgramData\Simply Super Software
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [03/03/2009|19:39] C:\ProgramData\TEMP
    [02/11/2006|15:02] C:\ProgramData\Templates
    [30/11/2008|03:27] C:\ProgramData\WLInstaller
    [20/03/2009|20:25] C:\ProgramData\Zylom

    --------------------\\ Listing des dossiers dans C:\Program Files

    [08/09/2008|04:29] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [15/01/2009|21:47] C:\Program Files\Adobe
    [08/01/2009|22:23] C:\Program Files\adslTV
    [21/04/2009|18:07] C:\Program Files\AGEIA Technologies
    [02/03/2009|13:20] C:\Program Files\Alwil Software
    [03/03/2009|19:45] C:\Program Files\AskTBar
    [08/09/2008|04:09] C:\Program Files\Atheros WLAN Client
    [07/02/2009|22:40] C:\Program Files\CCleaner
    [14/10/2009|21:52] C:\Program Files\Cheat Engine
    [08/09/2008|04:08] C:\Program Files\Cisco
    [03/10/2009|14:35] C:\Program Files\Common Files
    [30/11/2008|18:12] C:\Program Files\DAEMON Tools Lite
    [21/01/2009|16:47] C:\Program Files\eMule
    [15/10/2009|18:06] C:\Program Files\ESET
    [15/10/2009|22:22] C:\Program Files\Everest Poker
    [30/11/2008|05:16] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [28/12/2008|21:47] C:\Program Files\Folderico
    [31/12/2008|21:26] C:\Program Files\Futuremark
    [19/09/2009|12:10] C:\Program Files\Google
    [28/12/2008|18:55] C:\Program Files\iColorFolder
    [03/10/2009|14:35] C:\Program Files\InstallShield Installation Information
    [08/09/2008|04:14] C:\Program Files\Intel
    [16/10/2009|10:06] C:\Program Files\Internet Explorer
    [29/08/2009|11:47] C:\Program Files\Java
    [03/10/2009|14:35] C:\Program Files\JetAudio
    [01/06/2009|13:23] C:\Program Files\JRE
    [21/08/2009|21:09] C:\Program Files\La ChaŒne M‚t‚o
    [20/10/2009|21:22] C:\Program Files\Malwarebytes' Anti-Malware
    [08/09/2008|04:07] C:\Program Files\Marvell
    [24/06/2009|00:13] C:\Program Files\Microsoft
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/09/2008|04:32] C:\Program Files\Microsoft Office
    [10/09/2009|08:14] C:\Program Files\Microsoft Silverlight
    [08/09/2008|04:32] C:\Program Files\Microsoft Small Business
    [16/10/2009|07:00] C:\Program Files\Microsoft SQL Server
    [24/06/2009|00:13] C:\Program Files\Microsoft SQL Server Compact Edition
    [24/06/2009|00:14] C:\Program Files\Microsoft Sync Framework
    [08/09/2008|04:28] C:\Program Files\Microsoft Visual Studio
    [30/11/2008|18:23] C:\Program Files\Microsoft Visual Studio 8
    [10/10/2009|08:57] C:\Program Files\Microsoft Works
    [08/09/2008|04:31] C:\Program Files\Microsoft.NET
    [16/10/2009|10:06] C:\Program Files\Movie Maker
    [21/10/2009|11:04] C:\Program Files\Mozilla Firefox
    [22/08/2009|12:27] C:\Program Files\Mozilla Thunderbird
    [30/11/2008|18:27] C:\Program Files\MSBuild
    [23/06/2009|22:36] C:\Program Files\MSN Toolbar
    [08/09/2008|04:19] C:\Program Files\MSSOAP
    [09/02/2009|23:03] C:\Program Files\MSXML 4.0
    [08/02/2009|14:32] C:\Program Files\Navilog1
    [09/02/2009|00:18] C:\Program Files\Nero
    [08/10/2009|21:18] C:\Program Files\NOS
    [01/06/2009|13:23] C:\Program Files\OpenOffice.org 3
    [23/04/2009|21:17] C:\Program Files\PokerStars
    [08/09/2008|04:06] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [30/11/2008|05:17] C:\Program Files\Samsung
    [21/12/2008|23:50] C:\Program Files\SDLL
    [08/09/2008|04:13] C:\Program Files\Synaptics
    [20/10/2009|18:52] C:\Program Files\Trend Micro
    [03/03/2009|18:58] C:\Program Files\Trojan Remover
    [13/12/2008|23:15] C:\Program Files\Ubisoft
    [09/05/2009|09:52] C:\Program Files\UltraISO
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [30/11/2008|22:18] C:\Program Files\uTorrent
    [03/12/2008|22:24] C:\Program Files\VideoLAN
    [08/09/2008|04:13] C:\Program Files\Vimicro Corporation
    [08/09/2008|04:11] C:\Program Files\WIDCOMM
    [16/10/2009|10:06] C:\Program Files\Windows Calendar
    [16/10/2009|10:06] C:\Program Files\Windows Collaboration
    [16/10/2009|10:06] C:\Program Files\Windows Defender
    [16/10/2009|10:06] C:\Program Files\Windows Journal
    [24/06/2009|00:14] C:\Program Files\Windows Live
    [20/07/2009|22:40] C:\Program Files\Windows Live Safety Center
    [12/01/2009|14:09] C:\Program Files\Windows Live SkyDrive
    [16/10/2009|10:06] C:\Program Files\Windows Mail
    [16/10/2009|10:06] C:\Program Files\Windows Media Player
    [30/11/2008|05:16] C:\Program Files\Windows NT
    [16/10/2009|10:06] C:\Program Files\Windows Photo Gallery
    [16/10/2009|10:06] C:\Program Files\Windows Sidebar
    [15/12/2008|01:02] C:\Program Files\WinRAR
    [13/03/2009|23:24] C:\Program Files\Zylom Games

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [15/01/2009|21:47] C:\Program Files\Common Files\Adobe
    [16/07/2009|12:14] C:\Program Files\Common Files\Adobe AIR
    [03/10/2009|14:35] C:\Program Files\Common Files\COWON
    [08/09/2008|04:28] C:\Program Files\Common Files\DESIGNER
    [09/05/2009|09:52] C:\Program Files\Common Files\EZB Systems
    [31/12/2008|21:27] C:\Program Files\Common Files\Futuremark Shared
    [08/09/2008|04:18] C:\Program Files\Common Files\InstallShield
    [08/09/2008|04:08] C:\Program Files\Common Files\Intel
    [10/10/2009|08:57] C:\Program Files\Common Files\microsoft shared
    [08/09/2008|04:19] C:\Program Files\Common Files\MSSoap
    [03/03/2009|19:48] C:\Program Files\Common Files\Nero
    [27/05/2009|22:13] C:\Program Files\Common Files\PX Storage Engine
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [16/10/2009|10:06] C:\Program Files\Common Files\System
    [12/01/2009|12:50] C:\Program Files\Common Files\Windows Live
    [30/11/2008|03:36] C:\Program Files\Common Files\WindowsLiveInstaller
    [21/04/2009|18:07] C:\Program Files\Common Files\Wise Installation Wizard

    --------------------\\ Process

    ( 69 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@cotedazurpalace[1].txt
    C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@serve.cotedazurpalace[1].txt
    C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@www.cotedazurpalace[1].txt
    C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies\isa@serve.32vegas[1].txt

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE


    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-21 18:15:20
    Windows 6.0.6002 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 926

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\isa\AppData\Roaming\uTorrent\Crackwhore Confessions.torrent
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call.Of.Duty.4.Modern.Warfare_KEYGEN-FFF.exe
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.001
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f.sfv
    C:\Users\isa\Desktop\CALL.OF.DUTY 4\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cod4.nfo
    C:\Users\isa\Downloads\eMule\Incoming\nod 32 2.70.39 fr + crack + pass.rar


    [F:8][D:21]-> C:\Users\isa\AppData\Local\Temp
    [F:355][D:1]-> C:\Users\isa\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2652][D:5]-> C:\Users\isa\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:1][D:1]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 21/10/2009| 9:59 - Option : [1]
    2 - "C:\Lop SD\LopR_2.txt" - 21/10/2009|18:18 - Option : [2]

    --------------------\\ Fin du rapport a 18:18:17
    [ UAC => 1 ]



    merci

    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 20:42:23

    J'ai un doute sur un dossier.

  • Télécharge SystemLook sur ton Bureau.
  • Clique droit sur SystemLook.exe et choisis Exécuter en tant qu'administrateur.
  • Copie-colle le contenu du cadre ci-dessous dans la zone texte de SystemLook :

    :dir
    C:\ProgramData\Browse Defy

  • Clique sur le bouton Look pour démarrer l'examen.
  • A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
    Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
    21 Octobre 2009 21:24:25

    voilà:

    SystemLook v1.0 by jpshortstuff (29.08.09)
    Log created at 21:23 on 21/10/2009 by isa (Administrator - Elevation successful)

    ========== dir ==========

    C:\ProgramData\Browse Defy - Parameters: "(none)"

    ---Files---
    tflifaum.exe --a--- 724992 bytes [15:41 15/10/2009] [15:41 15/10/2009]

    ---Folders---
    None found.

    -=End Of File=-
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 22:26:39

    C'est bien un dossier Lop.

  • Refais un scan RSIT et poste le rapport log.
    21 Octobre 2009 22:46:43

    voilà:

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by isa at 2009-10-21 22:40:53
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 16 GB (23%) free of 71 GB
    Total RAM: 3066 MB (45% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:41:01, on 21/10/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
    C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
    C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
    C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Java\jre6\bin\jucheck.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
    C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live\Toolbar\wltuser.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\isa\Desktop\RSIT.exe
    C:\Program Files\trend micro\isa.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{52FB6713-E604-4868-9EB9-6605EB7E0428}: NameServer = 212.27.40.241,212.27.40.240
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
    O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\Windows\system32\IoctlSvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

    --
    End of file - 9581 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\User_Feed_Synchronization-{212D5E7B-A934-4AB0-BBF0-5684B6A311A7}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll [2009-09-27 762864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-10-20 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Barre d'outils MSN - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll [2005-02-07 203464]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-10-20 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-07-08 6273568]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
    "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
    "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-04-09 2029640]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-24 39408]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Users\isa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OneNote 2007 - Capture d'écran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "FilterAdministratorToken"=1
    "EnableUIADesktopToggle"=0
    "UacDisableNotify"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=FFFFFFFF
    "NoDriveTypeAutoRun"=255
    "HonorAutoRunSetting"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "BindDirectlyToPropertySetStorage"=
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "HonorAutoRunSetting"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2009-10-21 09:55:07 ----A---- C:\lopR.txt
    2009-10-21 09:54:49 ----D---- C:\Lop SD
    2009-10-21 09:45:34 ----SHD---- C:\Config.Msi
    2009-10-20 21:16:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-10-20 19:00:54 ----RASHD---- C:\autorun.inf
    2009-10-20 06:59:02 ----D---- C:\UsbFix
    2009-10-19 22:37:47 ----D---- C:\rsit
    2009-10-16 10:04:49 ----D---- C:\Windows\system32\eu-ES
    2009-10-16 10:04:49 ----D---- C:\Windows\system32\ca-ES
    2009-10-16 10:04:44 ----D---- C:\Windows\system32\vi-VN
    2009-10-16 09:51:17 ----A---- C:\Windows\system32\jscript.dll
    2009-10-16 09:13:48 ----D---- C:\Windows\system32\EventProviders
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\occache.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\msfeeds.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\jsproxy.dll
    2009-10-16 08:18:48 ----A---- C:\Windows\system32\iepeers.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\wininet.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\ieui.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\iesetup.dll
    2009-10-16 08:18:47 ----A---- C:\Windows\system32\iernonce.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\urlmon.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\msfeedssync.exe
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\ieUnatt.exe
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iesysprep.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iertutil.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-10-16 08:18:46 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-10-16 08:18:45 ----A---- C:\Windows\system32\ieframe.dll
    2009-10-16 08:18:44 ----A---- C:\Windows\system32\mshtml.dll
    2009-10-16 08:17:41 ----A---- C:\Windows\system32\mshtmled.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\msls31.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\mshtmler.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\ieakeng.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\icardie.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\corpol.dll
    2009-10-16 08:17:40 ----A---- C:\Windows\system32\admparse.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\licmgr10.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\inseng.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\imgutil.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\ieaksie.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtrans.dll
    2009-10-16 08:17:39 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\WinFXDocObj.exe
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\wextract.exe
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\webcheck.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\pngfilt.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\mstime.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\msrating.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\ieakui.dll
    2009-10-16 08:17:38 ----A---- C:\Windows\system32\advpack.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\vbscript.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\url.dll
    2009-10-16 08:17:37 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\SetDepNx.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\PDMSetup.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\mshta.exe
    2009-10-16 08:17:36 ----A---- C:\Windows\system32\iexpress.exe
    2009-10-16 07:00:08 ----D---- C:\Windows\SQL9_KB970892_ENU
    2009-10-15 20:13:06 ----A---- C:\Windows\system32\msv1_0.dll
    2009-10-15 20:12:56 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2009-10-15 20:12:52 ----A---- C:\Windows\system32\ntoskrnl.exe
    2009-10-15 20:11:36 ----A---- C:\Windows\system32\msasn1.dll
    2009-10-15 20:11:31 ----A---- C:\Windows\system32\WMSPDMOD.DLL
    2009-10-15 17:56:53 ----D---- C:\Users\isa\AppData\Roaming\ESET
    2009-10-15 17:40:47 ----D---- C:\ProgramData\Browse Defy
    2009-10-12 07:27:49 ----A---- C:\Windows\system32\d3dx9.dll
    2009-10-12 07:27:49 ----A---- C:\Windows\system32\D3DX81ab.dll
    2009-10-12 07:27:46 ----D---- C:\Program Files\Cheat Engine
    2009-10-09 08:18:03 ----D---- C:\ProgramData\Office Genuine Advantage
    2009-10-08 22:21:35 ----A---- C:\Windows\system32\lsasrv.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\wdigest.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\schannel.dll
    2009-10-08 22:21:34 ----A---- C:\Windows\system32\kerberos.dll
    2009-10-08 22:21:33 ----A---- C:\Windows\system32\secur32.dll
    2009-10-08 22:21:33 ----A---- C:\Windows\system32\lsass.exe
    2009-10-08 21:18:45 ----D---- C:\ProgramData\NOS
    2009-10-08 21:18:45 ----D---- C:\Program Files\NOS
    2009-10-08 21:16:03 ----D---- C:\Program Files\Mozilla Firefox
    2009-10-06 07:21:36 ----A---- C:\Windows\system32\wups2.dll
    2009-10-06 07:21:36 ----A---- C:\Windows\system32\wuauclt.exe
    2009-10-06 07:21:34 ----A---- C:\Windows\system32\wucltux.dll
    2009-10-06 07:21:34 ----A---- C:\Windows\system32\wuaueng.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wups.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wudriver.dll
    2009-10-06 07:21:19 ----A---- C:\Windows\system32\wuapi.dll
    2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuwebv.dll
    2009-10-06 07:21:00 ----A---- C:\Windows\system32\wuapp.exe
    2009-10-03 14:37:36 ----D---- C:\Users\isa\AppData\Roaming\COWON
    2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files\COWON
    2009-10-03 14:35:32 ----D---- C:\Program Files\JetAudio
    2009-10-03 08:55:14 ----N---- C:\Windows\system32\MpSigStub.exe
    2009-09-24 07:16:17 ----A---- C:\Windows\system32\NlsLexicons0007.dll
    2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLsvc.exe
    2009-09-24 07:16:11 ----A---- C:\Windows\system32\SLCExt.dll
    2009-09-24 07:16:09 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
    2009-09-24 07:16:09 ----A---- C:\Windows\system32\DevicePairingWizard.exe
    2009-09-24 07:16:07 ----A---- C:\Windows\system32\NlsLexicons0009.dll
    2009-09-24 07:16:03 ----A---- C:\Windows\system32\mssrch.dll
    2009-09-24 07:16:01 ----A---- C:\Windows\system32\tquery.dll
    2009-09-24 07:15:58 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-09-24 07:15:57 ----A---- C:\Windows\system32\scavenge.dll
    2009-09-24 07:15:57 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-09-24 07:15:56 ----A---- C:\Windows\system32\RMActivate.exe
    2009-09-24 07:15:56 ----A---- C:\Windows\system32\msi.dll
    2009-09-24 07:15:55 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\WscEapPr.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\wcnwiz2.dll
    2009-09-24 07:15:54 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-09-24 07:15:53 ----A---- C:\Windows\system32\sysmain.dll
    2009-09-24 07:15:52 ----A---- C:\Windows\system32\icardagt.exe
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\spreview.exe
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\EhStorShell.dll
    2009-09-24 07:15:50 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-09-24 07:15:49 ----A---- C:\Windows\system32\spinstall.exe
    2009-09-24 07:15:49 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\spwizui.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\shell32.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\secproc.dll
    2009-09-24 07:15:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\p2psvc.dll
    2009-09-24 07:15:46 ----A---- C:\Windows\system32\mssvp.dll
    2009-09-24 07:15:44 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-09-24 07:15:44 ----A---- C:\Windows\system32\mscoree.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssphtb.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\mssph.dll
    2009-09-24 07:15:43 ----A---- C:\Windows\system32\imapi2.dll
    2009-09-24 07:15:42 ----A---- C:\Windows\system32\sdohlp.dll
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\esent.dll
    2009-09-24 07:15:41 ----A---- C:\Windows\system32\DevicePairing.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\wevtsvc.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\sperror.dll
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-09-24 07:15:40 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\SLC.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\msshsq.dll
    2009-09-24 07:15:39 ----A---- C:\Windows\system32\IasMigReader.exe
    2009-09-24 07:15:37 ----A---- C:\Windows\system32\msjet40.dll
    2009-09-24 07:15:37 ----A---- C:\Windows\system32\MPSSVC.dll
    2009-09-24 07:15:36 ----A---- C:\Windows\system32\msxml6.dll
    2009-09-24 07:15:35 ----A---- C:\Windows\system32\Query.dll
    2009-09-24 07:15:35 ----A---- C:\Windows\system32\qmgr.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\ole32.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\msexch40.dll
    2009-09-24 07:15:34 ----A---- C:\Windows\system32\diagperf.dll
    2009-09-24 07:15:33 ----A---- C:\Windows\system32\ntdll.dll
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\winload.exe
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\srchadmin.dll
    2009-09-24 07:15:32 ----A---- C:\Windows\system32\msxml3.dll
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\uDWM.dll
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\mmc.exe
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\mblctr.exe
    2009-09-24 07:15:31 ----A---- C:\Windows\system32\EncDec.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\riched20.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-09-24 07:15:30 ----A---- C:\Windows\system32\dfsr.exe
    2009-09-24 07:15:29 ----A---- C:\Windows\system32\fdBth.dll
    2009-09-24 07:15:28 ----A---- C:\Windows\system32\RacEngn.dll
    2009-09-24 07:15:27 ----A---- C:\Windows\system32\kernel32.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\milcore.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\EhStorAPI.dll
    2009-09-24 07:15:26 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\spoolss.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\schedsvc.dll
    2009-09-24 07:15:25 ----A---- C:\Windows\system32\NaturalLanguage6.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\msvcp60.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\msjtes40.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\infocardapi.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\gpedit.dll
    2009-09-24 07:15:24 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
    2009-09-24 07:15:22 ----A---- C:\Windows\system32\WinSAT.exe
    2009-09-24 07:15:22 ----A---- C:\Windows\system32\es.dll
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\PresentationSettings.exe
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\mstext40.dll
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\Magnify.exe
    2009-09-24 07:15:21 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
    2009-09-24 07:15:20 ----A---- C:\Windows\system32\advapi32.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\WebClnt.dll
    2009-09-24 07:15:18 ----A---- C:\Windows\system32\msexcl40.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\slwmi.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\msxbde40.dll
    2009-09-24 07:15:17 ----A---- C:\Windows\system32\comsvcs.dll
    2009-09-24 07:15:16 ----A---- C:\Windows\system32\vssapi.dll
    2009-09-24 07:15:15 ----A---- C:\Windows\system32\authui.dll
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\NetProjW.dll
    2009-09-24 07:15:14 ----A---- C:\Windows\system32\msrepl40.dll
    2009-09-24 07:15:13 ----A---- C:\Windows\system32\newdev.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\propsys.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\iasrecst.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\gpsvc.dll
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\eudcedit.exe
    2009-09-24 07:15:12 ----A---- C:\Windows\system32\crypt32.dll
    2009-09-24 07:15:10 ----A---- C:\Windows\explorer.exe
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\setupapi.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\rpcss.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\mspbde40.dll
    2009-09-24 07:15:06 ----A---- C:\Windows\system32\d3d9.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\wevtapi.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\shlwapi.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msltus40.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\msdtctm.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\mfc42.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\EhStorAuthn.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\davclnt.dll
    2009-09-24 07:15:05 ----A---- C:\Windows\system32\browseui.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\user32.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\samsrv.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\photowiz.dll
    2009-09-24 07:15:04 ----A---- C:\Windows\system32\nlhtml.dll
    2009-09-24 07:15:03 ----A---- C:\Windows\system32\quartz.dll
    2009-09-24 07:15:03 ----A---- C:\Windows\system32\ci.dll
    2009-09-24 07:15:02 ----A---- C:\Windows\system32\win32spl.dll
    2009-09-24 07:15:01 ----A---- C:\Windows\system32\WcnNetsh.dll
    2009-09-24 07:15:01 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\oleaut32.dll
    2009-09-24 07:14:57 ----A---- C:\Windows\system32\IKEEXT.DLL
    2009-09-24 07:14:56 ----A---- C:\Windows\system32\netshell.dll
    2009-09-24 07:14:56 ----A---- C:\Windows\system32\compcln.exe
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\winhttp.dll
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\mswstr10.dll
    2009-09-24 07:14:55 ----A---- C:\Windows\system32\apds.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\QAGENTRT.DLL
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\msvcrt.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\msctf.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\gdi32.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\emdmgmt.dll
    2009-09-24 07:14:54 ----A---- C:\Windows\system32\audiosrv.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\VSSVC.exe
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\SLUI.exe
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\msrd2x40.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\mfc42u.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\iphlpsvc.dll
    2009-09-24 07:14:53 ----A---- C:\Windows\system32\eapphost.dll
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\winresume.exe
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\propdefs.dll
    2009-09-24 07:14:52 ----A---- C:\Windows\system32\odbc32.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\wevtutil.exe
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\shdocvw.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\mssitlb.dll
    2009-09-24 07:14:51 ----A---- C:\Windows\system32\dbgeng.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\vds.exe
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\usp10.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\swprv.dll
    2009-09-24 07:14:50 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\Wldap32.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\netlogon.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\msscb.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\msctfp.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\fdBthProxy.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\evr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\drvinst.exe
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\devmgr.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\DevicePairingProxy.dll
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\BFE.DLL
    2009-09-24 07:14:49 ----A---- C:\Windows\system32\adsldpc.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WSDApi.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\WindowsCodecs.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\wercon.exe
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\services.exe
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\mimefilt.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\comdlg32.dll
    2009-09-24 07:14:48 ----A---- C:\Windows\system32\adtschema.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\taskeng.exe
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\rtffilt.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\reg.exe
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\mswdat10.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msjter40.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\msdrm.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-09-24 07:14:47 ----A---- C:\Windows\system32\certcli.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\WMNetMgr.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\w32time.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\umpnpmgr.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\msshooks.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\msscntrs.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\IPSECSVC.DLL
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\dnsapi.dll
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\certutil.exe
    2009-09-24 07:14:46 ----A---- C:\Windows\system32\bcrypt.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\rsaenh.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\msstrc.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\msihnd.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\inetcomm.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\dfshim.dll
    2009-09-24 07:14:45 ----A---- C:\Windows\system32\bthserv.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\netapi32.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\mtxclu.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\mscories.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\inetpp.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\hidserv.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\fundisc.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-09-24 07:14:44 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\termsrv.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\shsvcs.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\profsvc.dll
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\msiexec.exe
    2009-09-24 07:14:43 ----A---- C:\Windows\system32\imapi.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\wdc.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\rasmans.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\pnidui.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\icardres.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\iassdo.dll
    2009-09-24 07:14:42 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\wersvc.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\spoolsv.exe
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\slmgr.vbs
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\scrrun.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\PSHED.DLL
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\pdh.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\azroles.dll
    2009-09-24 07:14:41 ----A---- C:\Windows\system32\autofmt.exe
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\wmpmde.dll
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\winlogon.exe
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-09-24 07:14:40 ----A---- C:\Windows\system32\pidgenx.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\untfs.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\spp.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\SLUINotify.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\sethc.exe
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\scrobj.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\ncrypt.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\kd1394.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\iassam.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\comuid.dll
    2009-09-24 07:14:39 ----A---- C:\Windows\system32\certmgr.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\wisptis.exe
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\taskcomp.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\rtutils.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\printui.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\iasnap.dll
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\dwm.exe
    2009-09-24 07:14:38 ----A---- C:\Windows\system32\autochk.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\wow32.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\winsrv.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\userenv.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\onex.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\kdcom.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\cscript.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\basecsp.dll
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\autoconv.exe
    2009-09-24 07:14:37 ----A---- C:\Windows\system32\audiodg.exe
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\WinSCard.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\winmm.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\spcmsg.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\RelMon.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\rdpencom.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\osk.exe
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\mswsock.dll
    2009-09-24 07:14:36 ----A---- C:\Windows\system32\kdusb.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\offfilt.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\msftedit.dll
    2009-09-24 07:14:35 ----A---- C:\Windows\system32\dnsrslvr.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wsepno.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wscript.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\wiaservc.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\WerFault.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\Utilman.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\ulib.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\sysclass.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\stobject.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\SndVol.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\prnntfy.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\odbccp32.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\msnetobj.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mscms.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mfplat.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\mcmde.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\diskraid.exe
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\apphelp.dll
    2009-09-24 07:14:34 ----A---- C:\Windows\system32\adsmsext.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\wscntfy.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\wlangpui.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\rastapi.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\fdProxy.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\dsound.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\cryptui.dll
    2009-09-24 07:14:33 ----A---- C:\Windows\system32\brcpl.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\wusa.exe
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\wscsvc.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\regsvc.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\rastls.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\rasapi32.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\ntprint.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\mscorier.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\logman.exe
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\iasrad.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\iashlpr.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\gpapi.dll
    2009-09-24 07:14:32 ----A---- C:\Windows\system32\diskpart.exe
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\zipfldr.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wshext.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wpccpl.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\wer.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\themecpl.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\rasdlg.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\netcenter.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\iassvcs.dll
    2009-09-24 07:14:31 ----A---- C:\Windows\system32\findstr.exe
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\uxsms.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\tsbyuv.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\srvsvc.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\slcc.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\scansetting.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\ntmarta.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\msutb.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\mssprxy.dll
    2009-09-24 07:14:30 ----A---- C:\Windows\system32\iasads.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\powrprof.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\powercpl.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\networkmap.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\mstsc.exe
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\iasacct.dll
    2009-09-24 07:14:29 ----A---- C:\Windows\system32\authz.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\usercpl.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\themeui.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\systemcpl.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\sud.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\samlib.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\qdvd.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\pcaui.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\newdev.exe
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\mmci.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\dot3svc.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\connect.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\autoplay.dll
    2009-09-24 07:14:28 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\wpcao.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\wlanpref.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\vdsutil.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\tapisrv.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\scksp.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\scesrv.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\rpchttp.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\regapi.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\psisdecd.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\oleprn.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\msinfo32.exe
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\mpr.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\feclient.dll
    2009-09-24 07:14:27 ----A---- C:\Windows\system32\AudioSes.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\wscisvif.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\sdclt.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\qedit.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\pnpui.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\perfdisk.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\ncryptui.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\imm32.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\Faultrep.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\dpapimig.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\dot3msm.dll
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\DeviceEject.exe
    2009-09-24 07:14:26 ----A---- C:\Windows\system32\certreq.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\whealogr.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\TSTheme.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpmon.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\srcore.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\spwinsat.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\scecli.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasplap.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\rasgcw.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\PnPUnattend.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\hdwwiz.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\fdWSD.dll
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\conime.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmmon32.exe
    2009-09-24 07:14:25 ----A---- C:\Windows\system32\cmdial32.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\wlanui.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\wiaaut.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\SnippingTool.exe
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\rasppp.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\raschap.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\PnPutil.exe
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\fontext.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\dsprop.dll
    2009-09-24 07:14:24 ----A---- C:\Windows\system32\dimsroam.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\shsetup.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\rasmontr.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\oobefldr.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\mscandui.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\modemui.dll
    2009-09-24 07:14:23 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\rdpwsx.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\dataclen.dll
    2009-09-24 07:14:22 ----A---- C:\Windows\system32\blackbox.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\WSDMon.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\wmpeffects.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\smss.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\netplwiz.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\msscp.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\logagent.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\InkEd.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\ifmon.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\credui.dll
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\cipher.exe
    2009-09-24 07:14:21 ----A---- C:\Windows\system32\certprop.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\wscapi.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\thawbrkr.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\softkbd.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\sendmail.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\puiapi.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\olepro32.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\msimtf.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\msctfui.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\input.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\gpresult.exe
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\dmsynth.dll
    2009-09-24 07:14:20 ----A---- C:\Windows\system32\cdd.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\wshbth.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\version.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\SLLUA.exe
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\msjint40.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\msisip.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\mprapi.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\l2nacp.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\fc.exe
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\dmusic.dll
    2009-09-24 07:14:19 ----A---- C:\Windows\system32\cscapi.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\wsdchngr.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\Storprop.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\slcinst.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdial.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\rasdiag.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\ipconfig.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\ftp.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\fdWCN.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\eappcfg.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\cscdll.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthudtask.exe
    2009-09-24 07:14:18 ----A---- C:\Windows\system32\bthci.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\PNPXAssoc.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\ocsetup.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\nslookup.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\mmcico.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\hbaapi.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\gpupdate.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\FwRemoteSvr.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\fdeploy.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\eappgnui.dll
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\csrstub.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\cbsra.exe
    2009-09-24 07:14:17 ----A---- C:\Windows\system32\bitsigd.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\slwga.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\odbcconf.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\NcdProp.dll
    2009-09-24 07:14:16 ----A---- C:\Windows\system32\iscsilog.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\winrnr.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\midimap.dll
    2009-09-24 07:14:15 ----A---- C:\Windows\system32\inetppui.dll
    2009-09-24 07:14:13 ----A---- C:\Windows\system32\msimsg.dll
    2009-09-24 07:14:13 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-09-24 07:13:54 ----A---- C:\Windows\system32\SmiEngine.dll
    2009-09-24 07:13:52 ----A---- C:\Windows\system32\wdscore.dll
    2009-09-24 07:13:52 ----A---- C:\Windows\system32\PkgMgr.exe
    2009-09-24 07:13:49 ----A---- C:\Windows\system32\drvstore.dll
    2009-09-23 22:37:42 ----D---- C:\ProgramData\Babylon
    2009-09-23 22:37:41 ----D---- C:\Users\isa\AppData\Roaming\Babylon

    ======List of files/folders modified in the last 1 months======

    2009-10-21 22:41:01 ----D---- C:\Windows\Prefetch
    2009-10-21 22:40:58 ----D---- C:\Windows\Temp
    2009-10-21 22:40:57 ----D---- C:\Program Files\Trend Micro
    2009-10-21 21:21:52 ----D---- C:\Users\isa\AppData\Roaming\uTorrent
    2009-10-21 18:15:10 ----HD---- C:\ProgramData
    2009-10-21 15:25:47 ----SHD---- C:\System Volume Information
    2009-10-21 10:38:20 ----D---- C:\Windows
    2009-10-21 09:56:53 ----D---- C:\Windows\System32
    2009-10-21 09:56:53 ----D---- C:\Windows\inf
    2009-10-21 09:56:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-10-21 09:45:45 ----SHD---- C:\Windows\Installer
    2009-10-20 21:26:04 ----RD---- C:\Program Files
    2009-10-20 21:16:21 ----D---- C:\Windows\system32\drivers
    2009-10-20 19:00:50 ----SD---- C:\Windows\Downloaded Program Files
    2009-10-20 18:57:16 ----SHD---- C:\$Recycle.Bin
    2009-10-17 15:08:51 ----D---- C:\Windows\system32\catroot2
    2009-10-16 23:03:56 ----D---- C:\Windows\Debug
    2009-10-16 22:55:02 ----D---- C:\Windows\Microsoft.NET
    2009-10-16 22:54:52 ----D---- C:\Windows\winsxs
    2009-10-16 22:54:26 ----D---- C:\Windows\system32\catroot
    2009-10-16 10:25:38 ----D---- C:\Windows\rescache
    2009-10-16 10:24:36 ----RSD---- C:\Windows\assembly
    2009-10-16 10:13:12 ----D---- C:\ProgramData\NVIDIA
    2009-10-16 10:12:01 ----SHD---- C:\Boot
    2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Mail
    2009-10-16 10:06:27 ----D---- C:\Program Files\Windows Calendar
    2009-10-16 10:06:26 ----D---- C:\Program Files\Movie Maker
    2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Sidebar
    2009-10-16 10:06:24 ----D---- C:\Program Files\Windows Media Player
    2009-10-16 10:06:24 ----D---- C:\Program Files\Internet Explorer
    2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Journal
    2009-10-16 10:06:23 ----D---- C:\Program Files\Windows Collaboration
    2009-10-16 10:06:21 ----D---- C:\Program Files\Common Files\System
    2009-10-16 10:06:20 ----D---- C:\Program Files\Windows Photo Gallery
    2009-10-16 10:06:07 ----D---- C:\Windows\servicing
    2009-10-16 10:06:07 ----D---- C:\Program Files\Windows Defender
    2009-10-16 10:06:03 ----D---- C:\Windows\ehome
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\XPSViewer
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\lv-LV
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\hr-HR
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\et-EE
    2009-10-16 10:05:52 ----D---- C:\Windows\system32\da-DK
    2009-10-16 10:05:52 ----D---- C:\Windows\IME
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\sk-SK
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\oobe
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\ko-KR
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\it-IT
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\en-US
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\el-GR
    2009-10-16 10:05:51 ----D---- C:\Windows\system32\de-DE
    2009-10-16 10:05:50 ----D---- C:\Windows\system32\migration
    2009-10-16 10:05:50 ----D---- C:\Windows\system32\fr
    2009-10-16 10:05:48 ----D---- C:\Windows\system32\ru-RU
    2009-10-16 10:05:48 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-10-16 10:05:46 ----D---- C:\Windows\system32\fr-FR
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-TW
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\zh-CN
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\uk-UA
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sv-SE
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sr-Latn-CS
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\SLUI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\sl-SI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\setup
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\pt-PT
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\pl-PL
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\manifeststore
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\ja-JP
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\hu-HU
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\he-IL
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\fi-FI
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\es-ES
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\cs-CZ
    2009-10-16 10:05:44 ----D---- C:\Windows\system32\bg-BG
    2009-10-16 10:05:43 ----D---- C:\Windows\system32\th-TH
    2009-10-16 10:05:43 ----D---- C:\Windows\system32\ro-RO
    2009-10-16 10:05:42 ----D---- C:\Windows\system32\tr-TR
    2009-10-16 10:05:41 ----D---- C:\Windows\system32\wbem
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\nl-NL
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\nb-NO
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\migwiz
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\lt-LT
    2009-10-16 10:05:40 ----D---- C:\Windows\system32\ar-SA
    2009-10-16 10:05:39 ----D---- C:\Windows\system32\pt-BR
    2009-10-16 10:04:56 ----RSD---- C:\Windows\Fonts
    2009-10-16 10:04:56 ----D---- C:\Windows\AppPatch
    2009-10-16 10:04:44 ----D---- C:\Windows\system32\Boot
    2009-10-16 08:26:16 ----D---- C:\Windows\PolicyDefinitions
    2009-10-16 07:03:34 ----D---- C:\ProgramData\Microsoft Help
    2009-10-16 07:00:35 ----D---- C:\Program Files\Microsoft SQL Server
    2009-10-15 22:22:29 ----D---- C:\Program Files\Everest Poker
    2009-10-15 18:06:31 ----D---- C:\Program Files\ESET
    2009-10-15 17:55:51 ----D---- C:\ProgramData\ESET
    2009-10-15 17:40:42 ----D---- C:\Windows\system32\Tasks
    2009-10-10 08:57:40 ----D---- C:\Program Files\Common Files\microsoft shared
    2009-10-10 08:57:18 ----D---- C:\Program Files\Microsoft Works
    2009-10-10 08:55:46 ----A---- C:\Windows\win.ini
    2009-10-09 06:59:37 ----D---- C:\Windows\system32\zh-HK
    2009-10-08 21:16:21 ----D---- C:\Users\isa\AppData\Roaming\Mozilla
    2009-10-03 14:35:33 ----D---- C:\Program Files\Common Files
    2009-10-03 14:35:30 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-10-03 14:32:13 ----D---- C:\Users\isa\AppData\Roaming\dvdcss
    2009-10-02 20:01:57 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
    R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2008-03-31 73728]
    R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-04-09 113960]
    R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
    R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824]
    R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-07-07 2152088]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-12-22 51232]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
    R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-06-05 242048]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-06-27 303616]
    S3 acu4y1nu;acu4y1nu; C:\Windows\system32\drivers\acu4y1nu.sys []
    S3 ADDMEM;ADDMEM; \??\C:\Users\isa\AppData\Local\Temp\__Samsung_Update\ADDMEM.SYS []
    S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
    S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
    S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
    S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
    S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
    S3 btwaudio;Périphérique audio Bluetooth; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
    S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
    S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 NETw
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 22:53:21

    C'est mieux.

  • Télécharge OTM (OldTimer) sur ton Bureau.
  • Clique droit sur OTM.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    :files
    C:\ProgramData\Browse Defy
    C:\Program Files\AskTBar

    :commands
    [purity]
    [emptytemp]
    [reboot]

  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTM.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    21 Octobre 2009 23:29:27

    oh lala cette galère j'espère que je vais m'en sortir.
    voilà le rapport:

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    ========== REGISTRY ==========
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    ========== FILES ==========
    C:\ProgramData\Browse Defy moved successfully.
    C:\Program Files\AskTBar\bar\Settings moved successfully.
    C:\Program Files\AskTBar\bar\History moved successfully.
    C:\Program Files\AskTBar\bar\Cache moved successfully.
    C:\Program Files\AskTBar\bar moved successfully.
    C:\Program Files\AskTBar moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: isa
    ->Temp folder emptied: 36328062 bytes
    ->Temporary Internet Files folder emptied: 106853900 bytes
    ->Java cache emptied: 27268979 bytes
    ->FireFox cache emptied: 63145287 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 83811 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 222,89 mb


    OTM by OldTimer - Version 3.0.0.6 log created on 10212009_232023

    Files moved on Reboot...

    Registry entries deleted on Reboot...
    a c 327 8 Sécurité
    a b 9 Windows
    21 Octobre 2009 23:32:08

  • Désinstalle Java 6 Update 15.

  • Mets à jour Java.

  • Mets à jour Adobe Reader.

    Plus de souci ?
    22 Octobre 2009 07:12:16

    merci beaucoup pour ton aide, c'est sure que seule je n'aurais jamais pu faire tout ca!

    pour l'instant ca a l'air d'aller, par contre j'ai pu d'antivirus, en as tu un a me conseiller?
    il me semble que c'était ca qui déconner car c'est quand je l'ai installé, d'ailleurs il ne se désinstalle pas, j'ai nod32.

    bonne journée.
    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    22 Octobre 2009 15:53:31

    Citation :
    d'ailleurs il ne se désinstalle pas, j'ai nod32.

    --> http://www.commentcamarche.net/faq/sujet-7367-desinstal...

  • Installe AntiVir et mets-le à jour.
  • Double-clique sur l'icône d'AntiVir (Parapluie) dans la barre des tâches.
  • Dans AntiVir, choisis Outils puis Configuration.
  • Coche Mode Expert et coche Rech. Rootkit au dém. de la recherche à droite dans Autres réglages puis valide.
  • Fais un scan complet, clique sur Tout réparer si AntiVir trouve quelque chose et poste le rapport.

    Tutoriel : Scanner le(s) disque(s) dur(s)
    23 Octobre 2009 07:22:19

    merci beaucoup pour ton aide, rien a déclarer depuis hier, tout fonctionne!!

    merci encore et à bientôt
    isabelle
    a c 327 8 Sécurité
    a b 9 Windows
    23 Octobre 2009 13:20:38

    Tu as réussi à retirer NOD32 ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS