Votre question

Probleme de Virus

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Février 2009 18:07:59

Bonjour à vous.
Après une brève recherche sur Google afin de trouver des personnes aimables pour m'aider je suis tomber sur ce forum. Depuis quelques jours j'ai un eptit problème viral, une amie avait un virus qui envoyait des messages sur Msn avec un lien, venant d'elle je me suis pas mefié et j'me suis fait avoir comme un bleu. J'ai de suite desinstallé msn des j'ai vu j'envoyais moi aussi ce lien. J'aimerai pouvoir résoudre ce problème sans avoir à formater (ultime recours) si possible. Je poste ce dissous mon rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:51, on 18/02/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16809)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
C:\Windows\fxstaller.exe
C:\Windows\System32\frmwrk32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Windows\system32\svchost.exe
C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\OrangeHSS\systray\systrayapp.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.postarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\Windows\system32\iexplore.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Window UDP Control Servic] winlogon.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mappy.com
O15 - Trusted Zone: http://*.orange.fr
O15 - Trusted Zone: http://rw.search.ke.voila.fr
O15 - Trusted Zone: http://orange.weborama.fr
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JSCDL/jre/6u6-b90/jin...
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)

--
End of file - 12662 bytes

Merci d'avance pour ce travail bénévole que vous faites à merveille.

Autres pages sur : probleme virus

a c 296 8 Sécurité
a b 9 Windows
18 Février 2009 18:30:49

Salut,

  • Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
  • Double-clique sur RSIT.exe afin de lancer le programme.
  • Clique sur Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparait à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

    Note : les rapports sont sauvegardés dans le dossier C:\rsit\.
    18 Février 2009 18:47:04

    Merci de ta réponse.
    Voila le fichier log.
    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Brian at 2009-02-18 18:41:31
    Microsoft® Windows Vista™ Édition Familiale Premium
    System drive C: has 42 GB (28%) free of 148 GB
    Total RAM: 3071 MB (62% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:41:38, on 18/02/2009
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16809)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PnkBstrB.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Trillian\trillian.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\wuauclt.exe
    \?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Users\Brian\Downloads\RSIT.exe
    D:\Brian.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.postarticles.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
    O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
    O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
    O4 - HKLM\..\Run: [Microsoft Internet Explorer] C:\Windows\system32\iexplore.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Window UDP Control Servic] winlogon.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://*.mappy.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD42/JSCDL/jre/6u6-b90/jin...
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)

    --
    End of file - 12739 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Norton Internet Security - Analyse système complète - Brian.job
    C:\Windows\tasks\User_Feed_Synchronization-{33502C18-A3D8-4069-9918-43AA2C501E70}.job
    C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    Windows Live OneCare Family Safety Browser Helper Class - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll [2007-12-17 56360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
    ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
    free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
    {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acer Tour"= []
    "eRecoveryService"= []
    "Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll []
    "SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [2007-09-10 6460696]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
    "Windows UDP Control Center"=C:\Windows\fxstaller.exe [2009-02-10 48690]
    "Framework Windows"=C:\Windows\system32\frmwrk32.exe [2009-02-12 24064]
    "Microsoft Internet Explorer"=C:\Windows\system32\iexplore.exe [2008-10-29 54272]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-12-04 79224]
    "Window UDP Control Servic"=C:\Windows\system32\winlogon.exe [2006-11-02 308224]
    "ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-08-25 1168264]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
    C:\Acer\Empowering Technology\SysMonitor.exe [2007-09-07 326176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
    C:\Acer\AcerTour\Reminder.exe [2007-08-01 151552]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apanel]
    C:\ACERSW\config\NewSetApanel.cmd [2008-02-19 244]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
    C:\Program Files\Windows Live\Contrôle parental\fssui.exe [2007-12-17 243240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
    C:\Program Files\Internet Download Manager\IDMan.exe /onboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\Windows\system32\NvCpl.dll [2007-12-05 8530464]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\Windows\system32\NvMcTray.dll [2007-12-05 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
    C:\Windows\system32\nvraidservice.exe [2007-12-07 196128]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    C:\Windows\system32\nvsvc.dll [2007-12-05 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
    c:\Program Files\Norton Internet Security\osCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-06-21 204908]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    C:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-15 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    C:\Windows\RtHDVCpl.exe [2007-10-11 4702208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setresolution]
    C:\ACERSW\config\1680x1050.cmd [2007-10-18 199]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    C:\Program Files\Windows Sidebar\sidebar.exe [2008-07-02 1232896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
    C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    C:\Program Files\Windows Defender\MSASCui.exe [2007-12-03 1006264]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
    C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
    C:\PROGRA~1\Xfire\Xfire.exe [2006-06-07 4154504]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=1
    "NoActiveDesktopChanges"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2009-02-18 18:41:31 ----D---- C:\rsit
    2009-02-18 18:28:42 ----A---- C:\Windows\system32\ntdll64.exe
    2009-02-18 12:03:21 ----D---- C:\Program Files\Ask.com
    2009-02-18 12:01:46 ----D---- C:\Program Files\Trillian
    2009-02-15 06:31:27 ----A---- C:\Windows\system32\winlogon2.exe
    2009-02-15 04:20:33 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-15 04:20:31 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-15 04:20:30 ----A---- C:\Windows\system32\mcmde.dll
    2009-02-12 17:44:51 ----A---- C:\Windows\system32\iumxcj.exe
    2009-02-12 17:34:15 ----AD---- C:\ProgramData\TEMP
    2009-02-12 17:33:03 ----D---- C:\Users\Brian\AppData\Roaming\PC Tools
    2009-02-12 17:33:03 ----D---- C:\Program Files\Spyware Doctor
    2009-02-12 16:13:10 ----RASH---- C:\Windows\winlogon.exe
    2009-02-12 16:13:09 ----A---- C:\U.exe
    2009-02-12 15:03:52 ----A---- C:\Windows\system32\uhnsd.exe
    2009-02-12 12:23:18 ----A---- C:\Windows\system32\aswBoot.exe
    2009-02-12 12:23:13 ----D---- C:\Program Files\Alwil Software
    2009-02-12 12:17:44 ----A---- C:\resultat_clean.txt
    2009-02-12 12:17:24 ----A---- C:\rapport_clean.txt
    2009-02-12 07:31:18 ----D---- C:\PerfLogs
    2009-02-12 06:59:02 ----D---- C:\7ae63ebdb0b9608f4168cd
    2009-02-12 05:16:33 ----D---- C:\Windows\Minidump
    2009-02-12 03:30:47 ----A---- C:\Windows\system32\frmwrk32.exe
    2009-02-12 03:30:47 ----A---- C:\Windows\system32\303369.exe
    2009-02-11 22:53:28 ----A---- C:\Windows\system32\ieUnatt.exe
    2009-02-11 22:53:28 ----A---- C:\Windows\system32\iernonce.dll
    2009-02-11 22:53:28 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-02-11 22:53:27 ----A---- C:\Windows\system32\pngfilt.dll
    2009-02-11 22:53:27 ----A---- C:\Windows\system32\mshtml.dll
    2009-02-11 22:53:27 ----A---- C:\Windows\system32\jsproxy.dll
    2009-02-11 22:53:27 ----A---- C:\Windows\system32\iesetup.dll
    2009-02-11 22:53:27 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\wininet.dll
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\msfeeds.dll
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\iertutil.dll
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\dxtrans.dll
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\mstime.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\mshtmled.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\ieframe.dll
    2009-02-11 22:53:23 ----A---- C:\Windows\system32\urlmon.dll
    2009-02-11 22:53:23 ----A---- C:\Windows\system32\advpack.dll
    2009-02-11 22:53:22 ----A---- C:\Windows\system32\ieui.dll
    2009-02-11 22:53:22 ----A---- C:\Windows\system32\icardie.dll
    2009-02-11 07:18:23 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
    2009-02-10 21:01:01 ----RSH---- C:\Windows\fxstaller.exe
    2009-02-01 18:13:19 ----D---- C:\Users\Brian\AppData\Roaming\Acreon

    ======List of files/folders modified in the last 1 months======

    2009-02-19 02:09:42 ----D---- C:\Windows\system32\config
    2009-02-19 02:09:38 ----D---- C:\Windows\Tasks
    2009-02-19 02:09:38 ----D---- C:\Windows\system32\spool
    2009-02-19 02:09:36 ----D---- C:\Windows\system32\wbem
    2009-02-19 02:09:35 ----D---- C:\Windows\registration
    2009-02-18 18:41:38 ----D---- C:\Windows\Prefetch
    2009-02-18 18:41:18 ----D---- C:\Windows\Temp
    2009-02-18 18:40:19 ----D---- C:\Program Files\Mozilla Firefox
    2009-02-18 18:37:36 ----D---- C:\Users\Brian\AppData\Roaming\IM
    2009-02-18 18:37:23 ----D---- C:\Windows\system32\drivers
    2009-02-18 18:35:35 ----D---- C:\Windows\system32\catroot2
    2009-02-18 18:35:35 ----D---- C:\Windows\System32
    2009-02-18 18:35:35 ----D---- C:\Windows\inf
    2009-02-18 18:35:35 ----D---- C:\Windows\ehome
    2009-02-18 18:35:35 ----D---- C:\Windows
    2009-02-18 18:33:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-02-18 18:31:58 ----SHD---- C:\System Volume Information
    2009-02-18 17:14:45 ----SHD---- C:\Windows\Installer
    2009-02-18 17:14:39 ----D---- C:\Windows\system32\Tasks
    2009-02-18 12:03:21 ----RD---- C:\Program Files
    2009-02-16 07:27:32 ----RSD---- C:\Windows\assembly
    2009-02-16 07:26:54 ----D---- C:\Windows\Microsoft.NET
    2009-02-16 06:43:37 ----D---- C:\Windows\winsxs
    2009-02-15 18:38:58 ----D---- C:\Users\Brian\AppData\Roaming\LimeWire
    2009-02-15 04:10:33 ----D---- C:\Windows\system32\catroot
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\ru-RU
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\RTCOM
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\ro-RO
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\pt-PT
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\pt-BR
    2009-02-14 15:17:20 ----D---- C:\Windows\system32\pl-PL
    2009-02-14 15:17:19 ----D---- C:\Windows\system32\oobe
    2009-02-14 15:17:18 ----D---- C:\Windows\system32\nl-NL
    2009-02-14 15:17:18 ----D---- C:\Windows\system32\nb-NO
    2009-02-14 15:17:17 ----D---- C:\Windows\system32\migwiz
    2009-02-14 15:17:17 ----D---- C:\Windows\system32\migration
    2009-02-14 15:17:17 ----D---- C:\Windows\system32\manifeststore
    2009-02-14 15:17:16 ----D---- C:\Windows\system32\ko-KR
    2009-02-14 15:17:16 ----D---- C:\Windows\system32\ja-JP
    2009-02-14 15:17:16 ----D---- C:\Windows\system32\it-IT
    2009-02-14 15:17:15 ----D---- C:\Windows\system32\ias
    2009-02-14 15:17:15 ----D---- C:\Windows\system32\hu-HU
    2009-02-14 15:17:15 ----D---- C:\Windows\system32\he-IL
    2009-02-14 15:17:15 ----D---- C:\Windows\system32\fr-FR
    2009-02-14 15:17:15 ----D---- C:\Windows\system32\fr
    2009-02-14 15:17:14 ----D---- C:\Windows\system32\fi-FI
    2009-02-14 15:17:14 ----D---- C:\Windows\system32\es-ES
    2009-02-14 15:17:14 ----D---- C:\Windows\system32\en-US
    2009-02-14 15:17:14 ----D---- C:\Windows\system32\el-GR
    2009-02-14 15:17:11 ----D---- C:\Windows\system32\de-DE
    2009-02-14 15:17:11 ----D---- C:\Windows\system32\da-DK
    2009-02-14 15:17:11 ----D---- C:\Windows\system32\cs-CZ
    2009-02-14 15:17:11 ----D---- C:\Windows\system32\com
    2009-02-14 15:17:10 ----D---- C:\Windows\system32\CodeIntegrity
    2009-02-14 15:17:10 ----D---- C:\Windows\system32\Boot
    2009-02-14 15:17:09 ----D---- C:\Windows\system32\ar-SA
    2009-02-14 15:17:09 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-02-14 15:17:09 ----D---- C:\Windows\servicing
    2009-02-14 15:16:56 ----D---- C:\Windows\rescache
    2009-02-14 15:16:56 ----D---- C:\Windows\PolicyDefinitions
    2009-02-14 15:16:56 ----D---- C:\Windows\MSAgent
    2009-02-14 15:16:55 ----D---- C:\Windows\L2Schemas
    2009-02-14 15:16:54 ----D---- C:\Windows\IME
    2009-02-14 15:16:53 ----D---- C:\Windows\DigitalLocker
    2009-02-14 15:16:51 ----RD---- C:\Users
    2009-02-14 15:16:51 ----D---- C:\Windows\AppPatch
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Sidebar
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Photo Gallery
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Media Player
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Mail
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Journal
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Defender
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Collaboration
    2009-02-14 15:16:50 ----D---- C:\Program Files\Windows Calendar
    2009-02-14 15:16:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
    2009-02-14 15:16:49 ----D---- C:\Program Files\Movie Maker
    2009-02-14 15:16:49 ----D---- C:\Program Files\Internet Explorer
    2009-02-14 15:16:49 ----D---- C:\Program Files\Common Files\System
    2009-02-12 20:59:28 ----D---- C:\Windows\tapi
    2009-02-12 20:59:28 ----D---- C:\Windows\system32\zh-TW
    2009-02-12 20:59:28 ----D---- C:\Windows\system32\zh-CN
    2009-02-12 20:59:28 ----D---- C:\Windows\system32\XPSViewer
    2009-02-12 20:59:27 ----D---- C:\Windows\system32\tr-TR
    2009-02-12 20:59:27 ----D---- C:\Windows\system32\sysprep
    2009-02-12 20:59:27 ----D---- C:\Windows\system32\sv-SE
    2009-02-12 20:59:27 ----D---- C:\Windows\system32\SLUI
    2009-02-12 20:59:27 ----D---- C:\Windows\system32\setup
    2009-02-12 20:59:26 ----D---- C:\Windows\system32\Msdtc
    2009-02-12 20:59:13 ----D---- C:\Program Files\MSN
    2009-02-12 20:52:49 ----D---- C:\Windows\system32\LogFiles
    2009-02-12 17:34:15 ----HD---- C:\ProgramData
    2009-02-12 13:18:41 ----D---- C:\Windows\system32\NDF
    2009-02-12 12:34:35 ----SD---- C:\ProgramData\Microsoft
    2009-02-12 12:23:42 ----D---- C:\Program Files\Common Files
    2009-02-12 12:23:33 ----D---- C:\ProgramData\Symantec
    2009-02-12 12:16:50 ----D---- C:\Program Files\Windows Live
    2009-02-12 07:38:12 ----D---- C:\ProgramData\NVIDIA
    2009-02-12 07:37:25 ----SHD---- C:\Boot
    2009-02-12 07:31:19 ----D---- C:\Windows\Boot
    2009-02-12 06:55:08 ----D---- C:\Program Files\Symantec
    2009-02-12 03:01:59 ----D---- C:\ProgramData\Microsoft Help
    2009-02-06 15:24:49 ----D---- C:\Users\Brian\AppData\Roaming\IDM
    2009-02-06 15:24:49 ----D---- C:\Program Files\Internet Download Manager
    2009-02-06 15:23:26 ----D---- C:\Users\Brian\AppData\Roaming\DMCache
    2009-02-05 18:58:54 ----D---- C:\Program Files\Dofus
    2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2007-12-04 23152]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2007-12-04 42912]
    R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080813.001\IDSvix86.sys [2008-06-03 261680]
    R1 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-08-25 66952]
    R1 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-08-25 81288]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 46652]
    R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 45648]
    R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2007-10-17 43816]
    R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
    R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
    R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-17 1971928]
    R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-12-03 6144]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-05 8238720]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-07-07 12032]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-07-02 123952]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
    S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
    S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080817.003\NAVENG.SYS []
    S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080817.003\NAVEX15.SYS []
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
    S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
    S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
    S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2006-11-02 11264]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-06-21 269448]
    R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-04-16 28672]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-12-04 17272]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-12-04 140664]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
    R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
    R2 fsssvc;Windows Live OneCare Contrôle parental; C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe [2007-12-17 523816]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-15 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-06-15 103736]
    R2 Remote Solver for COSMOSFloWorks 2007;Remote Solver for COSMOSFloWorks 2007; C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe [2007-07-23 675840]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
    R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
    R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-12-04 247160]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-12-04 345464]
    S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
    S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
    S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll []
    S2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe []
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
    S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-09-16 79360]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------


    et le info

    info.txt logfile of random's system information tool 1.05 2009-02-18 18:41:40

    ======Uninstall list======

    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    Acer Arcade Live Main Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\SETUP.EXE" -uninstall
    Acer DV Magician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\SETUP.exe" -uninstall
    Acer DVDivine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\SETUP.exe" -uninstall
    Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
    Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
    Acer ePerformance Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x40c -removeonly
    Acer HomeMedia Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\SETUP.exe" -uninstall
    Acer HomeMedia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\SETUP.exe" -uninstall
    Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
    Acer SlideShow DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\SETUP.exe" -uninstall
    Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
    Acer VideoMagician-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\SETUP.exe" -uninstall
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
    Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\install.exe -runfromtemp -l0x040c
    Age of Empires III - The WarChiefs-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710}
    Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
    AlerteGPS G200-->C:\Program Files\GpsPrevent\G200\Uninstal.exe
    AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
    Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
    Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Ask.com Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    avast! Antivirus-->rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
    Big Kahuna Reef 2-->"C:\Program Files\Acer GameZone\Big Kahuna Reef 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Big Kahuna Reef 2\install.log"
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    Bricks of Egypt-->"C:\Program Files\Acer GameZone\Bricks of Egypt\Uninstall.exe" "C:\Program Files\Acer GameZone\Bricks of Egypt\install.log"
    COSMOSFloWorks 2008 SP0-->MsiExec.exe /I{D3896DF6-96CC-44F9-BDBB-DD9D3DEDD378}
    COSMOSM 2008 (2007/240)-->MsiExec.exe /I{CBA295B6-0C10-4316-9421-F1C1C4121149}
    COSMOSMotion 2008 SP0-->MsiExec.exe /I{8876F541-F374-4375-BF2A-8FD9FA8141C4}
    COSMOSWorks 2008 SP0-->MsiExec.exe /I{3E5E0DD2-6904-43DF-8713-10D27C0382B1}
    Dofus 1.26.0-->C:\Program Files\Dofus\uninstall.exe
    dofus2-->C:\Program Files\dofus2\Uninstall.exe
    DWGeditor-->MsiExec.exe /X{C8DE0FC9-5BD0-4D26-B5AD-D38146F2083C}
    Dynasty-->"C:\Program Files\Acer GameZone\Dynasty\Uninstall.exe" "C:\Program Files\Acer GameZone\Dynasty\install.log"
    eDrawings 2008-->MsiExec.exe /I{40345A8F-3B72-44DE-814F-72E8A52B1161}
    eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x040c
    Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C52BA20C2D}
    Fable - The Lost Chapters-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
    FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
    FIFA 09-->MsiExec.exe /X{2315B23D-3E21-4920-837D-AE6460934ECB}
    free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG
    Galapago-->"C:\Program Files\Acer GameZone\Galapago\Uninstall.exe" "C:\Program Files\Acer GameZone\Galapago\install.log"
    Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068}
    HijackThis 2.0.2-->"D:\HijackThis.exe" /uninstall
    iTunes-->MsiExec.exe /I{9F70BF98-003C-491D-81FC-FF9792206AF0}
    Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
    Jewel Quest Solitaire-->"C:\Program Files\Acer GameZone\Jewel Quest Solitaire\Uninstall.exe" "C:\Program Files\Acer GameZone\Jewel Quest Solitaire\install.log"
    K-Lite Codec Pack 3.9.5 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
    LimeWire PRO 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
    LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
    Luxor 2-->"C:\Program Files\Acer GameZone\Luxor 2\Uninstall.exe" "C:\Program Files\Acer GameZone\Luxor 2\install.log"
    MCF Ravenhearst-->"C:\Program Files\Acer GameZone\MCF Ravenhearst\Uninstall.exe" "C:\Program Files\Acer GameZone\MCF Ravenhearst\install.log"
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
    Metalworking Products CoroPak 2006.1-->MsiExec.exe /I{591089E5-F77E-4E6E-B99A-C933F189FE75}
    Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
    Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
    Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Mystery Case Files - Prime Suspects-->"C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\Uninstall.exe" "C:\Program Files\Acer GameZone\Mystery Case Files - Prime Suspects\install.log"
    Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
    Neverwinter Nights 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F20C1251-1D0A-4944-B2AE-678581B33B19}\setup.exe" -l0x40c -removeonly
    Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
    Norton Protection Center-->MsiExec.exe /I{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}
    NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe" -removeonly
    NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x040c
    NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
    PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Ramdam Classique-->"C:\Windows\gotouninstall.exe" "C:\Program Files\GOTO.games\Ramdam Classique\GOTOUNINSTALL.INI"
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
    RM-X Player Pack V5.2-->"C:\Program Files\RM-X Player V5.2\unins000.exe"
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
    Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
    SolidWorks 2008 SP0-->"C:\Windows\SolidWorks\IM\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM\sldim\sldIM_installed.xml"
    SolidWorks 2008 SP0-->MsiExec.exe /X{CE3DA0AA-6784-4548-84B6-E0F89637E407}
    SolidWorks Explorer 2008 sp0-->MsiExec.exe /I{A8567E18-9E80-4EA3-A5C1-A6186C86F2CC}
    Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
    Surligneur (Windows Live Toolbar)-->MsiExec.exe /X{81B5F83F-2291-48B0-8375-36B63A9BF5B0}
    Treasures of the Deep-->"C:\Program Files\Acer GameZone\Treasures of the Deep\Uninstall.exe" "C:\Program Files\Acer GameZone\Treasures of the Deep\install.log"
    Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall
    Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
    Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
    VideoLAN VLC media player 0.8.6f-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Vuze-->C:\Program Files\Vuze\uninstall.exe
    Wakfu économiseur d'écran Tofu 6 Screensaver-->C:\Program Files\Ankama\Wakfu économiseur d'écran Tofu 6\Uninstall.exe
    Warcraft III-->C:\Program Files\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe
    WinAVI Video Converter-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
    Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
    Windows Live OneCare Contrôle parental-->MsiExec.exe /X{3677FD57-D0DE-47CD-942E-99913D04C135}
    Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3ABA95A77D0D}
    Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
    Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\common\unyt.exe
    Zuma Deluxe-->"C:\Program Files\Acer GameZone\Zuma Deluxe\Uninstall.exe" "C:\Program Files\Acer GameZone\Zuma Deluxe\install.log"

    ======Security center information======

    AV: avast! antivirus 4.7.1098 [VPS 090217-0]
    AV: Norton Internet Security (outdated)
    FW: Norton Internet Security
    AS: Spyware Doctor
    AS: Windows Defender (disabled) (outdated)
    AS: Norton Internet Security (outdated)

    System event log

    Computer Name: PC-de-Brian
    Event Code: 7036
    Message: Le service Lanceur des services Windows Media Center est entré dans l'état : en cours d'exécution.
    Record Number: 80113
    Source Name: Service Control Manager
    Time Written: 20090218173933.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 7036
    Message: Le service Service KtmRm pour Distributed Transaction Coordinator est entré dans l'état : en cours d'exécution.
    Record Number: 80114
    Source Name: Service Control Manager
    Time Written: 20090218173933.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 7036
    Message: Le service Windows Update est entré dans l'état : en cours d'exécution.
    Record Number: 80115
    Source Name: Service Control Manager
    Time Written: 20090218173934.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 7036
    Message: Le service Lanceur des services Windows Media Center est entré dans l'état : arrêté.
    Record Number: 80116
    Source Name: Service Control Manager
    Time Written: 20090218173936.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 7036
    Message: Le service Cliché instantané de volume est entré dans l'état : arrêté.
    Record Number: 80117
    Source Name: Service Control Manager
    Time Written: 20090218174033.000000-000
    Event Type: Information
    User:

    Application event log

    Computer Name: PC-de-Brian
    Event Code: 1
    Message: Le client des services de certification a démarré correctement.
    Record Number: 36039
    Source Name: Microsoft-Windows-CertificateServicesClient
    Time Written: 20090218173733.814339-000
    Event Type: Information
    User: AUTORITE NT\SYSTEM

    Computer Name: PC-de-Brian
    Event Code: 8209
    Message: Une erreur non spécifiée s’est produite durant la restauration du système : (Opération de restauration). Informations supplémentaires : .
    Record Number: 36040
    Source Name: System Restore
    Time Written: 20090218173818.000000-000
    Event Type: Erreur
    User:

    Computer Name: PC-de-Brian
    Event Code: 1001
    Message: Récipient d’erreurs 13533677, type 5
    Événement : SystemRestore
    Réponse : Aucun
    ID de CAB : 0

    Signature du problème :
    P1 : 6.0.6000
    P2 : 3
    P3 : 0x80070012
    P4 :
    P5 :
    P6 :
    P7 :
    P8 :
    P9 :
    P10 :

    Fichiers joints :
    C:\System Volume Information\SystemRestore\restore.0.etl

    Ces fichiers sont peut-être disponibles ici :
    C:\Users\Brian\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report07edadbb
    Record Number: 36041
    Source Name: Windows Error Reporting
    Time Written: 20090218173831.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 8224
    Message: Le service VSS s’arrête, car le délai d’inactivité est dépassé.
    Record Number: 36042
    Source Name: VSS
    Time Written: 20090218174033.000000-000
    Event Type: Information
    User:

    Computer Name: PC-de-Brian
    Event Code: 5
    Message: Unsupported service control request (see data below)
    Record Number: 36043
    Source Name: LightScribeService
    Time Written: 20090218174139.000000-000
    Event Type: Information
    User:

    Security event log

    Computer Name: PC-de-Brian
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 15439
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090218173721.670339-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Brian
    Event Code: 4648
    Message: Tentative d’ouverture de session en utilisant des informations d
    Contenus similaires
    18 Février 2009 18:49:29

    Event Code: 4648
    Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-BRIAN$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Compte dont les informations d’identification ont été utilisées :
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Serveur cible :
    Nom du serveur cible : localhost
    Informations supplémentaires : localhost

    Informations sur le processus :
    ID du processus : 0x2b0
    Nom du processus : C:\Windows\System32\services.exe

    Informations sur le réseau :
    Adresse du réseau : -
    Port : -

    Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
    Record Number: 15440
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090218173721.930339-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Brian
    Event Code: 4624
    Message: L’ouverture de session d’un compte s’est correctement déroulée.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : PC-DE-BRIAN$
    Domaine du compte : WORKGROUP
    ID d’ouverture de session : 0x3e7

    Type d’ouverture de session : 5

    Nouvelle ouverture de session :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7
    GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

    Informations sur le processus :
    ID du processus : 0x2b0
    Nom du processus : C:\Windows\System32\services.exe

    Informations sur le réseau :
    Nom de la station de travail :
    Adresse du réseau source : -
    Port source : -

    Informations détaillées sur l’authentification :
    Processus d’ouverture de session : Advapi
    Package d’authentification : Negotiate
    Services en transit : -
    Nom du package (NTLM uniquement) : -
    Longueur de la clé : 0

    Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

    Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

    Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

    Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

    Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

    Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
    - Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
    - Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
    - Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
    - La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
    Record Number: 15441
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090218173721.930339-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Brian
    Event Code: 4672
    Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

    Sujet :
    ID de sécurité : S-1-5-18
    Nom du compte : SYSTEM
    Domaine du compte : AUTORITE NT
    ID d’ouverture de session : 0x3e7

    Privilèges : SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 15442
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090218173721.930339-000
    Event Type: Succès de l'audit
    User:

    Computer Name: PC-de-Brian
    Event Code: 5038
    Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

    Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\mchInjDrv.sys
    Record Number: 15443
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20090218173723.570339-000
    Event Type: Échec de l'audit
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%COSMOSM%;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
    "COSMOSM"=C:\Program Files\SolidWorks\COSMOS M

    -----------------EOF-----------------

    manquait la fin :p 
    a c 296 8 Sécurité
    a b 9 Windows
    18 Février 2009 18:49:34

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher.
  • L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    18 Février 2009 19:39:39

    Re, merci pour ton aide.

    Voici le rapport

    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1775
    Windows 6.0.6000

    18/02/2009 19:01:40
    mbam-log-2009-02-18 (19-01-40).txt

    Type de recherche: Examen rapide
    Eléments examinés: 63227
    Temps écoulé: 4 minute(s), 18 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 1
    Valeur(s) du Registre infectée(s): 4
    Elément(s) de données du Registre infecté(s): 8
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 19

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\free-downloads.net toolbar (Adware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Window UDP Control Servic (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows UDP Control Center (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft internet explorer (Backdoor.Bot) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.Homepage) -> Bad: (http://www.postarticles.net) Good: (http://www.google.com/) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Windows\fxstaller.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Windows\winlogon.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Users\Brian\AppData\Local\Temp\IXP000.TMP\bbpic.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Users\Brian\AppData\Local\Temp\IXP001.TMP\bbpic.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Windows\System32\ntdll64.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\U.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Windows\System32\iexplore.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
    C:\Windows\System32\warning.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\ahtn.htm (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\frmwrk32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Brian\AppData\Local\Temp\ntdll64.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Users\Brian\AppData\Local\Temp\mousehook.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Windows\System32\senekabpthvuid.dll (Trojan.Agent) -> Delete on reboot.
    C:\Windows\System32\senekaedqoutce.dll (Trojan.Agent) -> Delete on reboot.
    C:\Windows\System32\senekagepjumch.dat (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\senekahxtsrupe.dat (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\senekavgpbsynu.dll (Trojan.Agent) -> Delete on reboot.
    C:\Windows\system32\drivers\seneka.sys (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\System32\drivers\senekanmrwjbfr.sys (Trojan.Agent) -> Quarantined and deleted successfully.


    Il me demande un redemarrage que j'effectue de suite ;) 
    Merci beaucoup
    a c 296 8 Sécurité
    a b 9 Windows
    18 Février 2009 20:28:11

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Installe le SP1 de Vista : Lien

  • Supprime les traces de Symantec avec ceci

    ---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
    (Sur le site, il faut cliquer sur Download Windows Binary (.zip file))
  • Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
  • Double-clique sur le répertoire JavaRa.
  • Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
  • Choisis Français puis clique sur Select.
  • Clique sur Recherche de mises à jour.
  • Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
  • Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
  • L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
  • Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
  • Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
  • Ferme l'application.

    Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
    19 Février 2009 17:39:29

    Salut, merci pour ta réponse mais lorsque je clic sur le lien Javara que tu me donnes sa me met ceci.

    Forbidden
    You don't have permission to access / on this server.

    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
    a c 296 8 Sécurité
    a b 9 Windows
    19 Février 2009 18:53:59

  • Désinstalle Java(TM) 6 Update 6.

  • Mets à jour Java.

  • Refais un scan RSIT et poste le rapport log.
    19 Février 2009 19:26:38

    VOila après le scan, voici le rapport.

    Logfile of random's system information tool 1.05 (written by random/random)
    Run by Brian at 2009-02-19 19:25:37
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
    System drive C: has 43 GB (29%) free of 148 GB
    Total RAM: 3071 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:25:44, on 19/02/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Windows\RtHDVCpl.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PnkBstrB.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\OrangeHSS\systray\systrayapp.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trillian\trillian.exe
    C:\Windows\System32\wsqmcons.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Windows\system32\msiexec.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Dofus\Dofus.exe
    C:\Program Files\Dofus\dofus.dll
    C:\Users\Brian\Downloads\RSIT.exe
    D:\Brian.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
    O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll
    O4 - HKLM\..\Run: [SolidWorks_CheckForUpdates] "C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O15 - Trusted Zone: http://*.mappy.com
    O15 - Trusted Zone: http://*.orange.fr
    O15 - Trusted Zone: http://rw.search.ke.voila.fr
    O15 - Trusted Zone: http://orange.weborama.fr
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: Remote Solver for COSMOSFloWorks 2007 - Unknown owner - C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

    --
    End of file - 11454 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Norton Internet Security - Analyse système complète - Brian.job
    C:\Windows\tasks\User_Feed_Synchronization-{33502C18-A3D8-4069-9918-43AA2C501E70}.job
    C:\Windows\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    Windows Live OneCare Family Safety Browser Helper Class - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll [2007-12-17 56360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
    ShowBarObj Class - C:\Windows\system32\ActiveToolBand.dll [2007-04-25 299008]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
    Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-19 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
    free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-04-25 151552]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
    {ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2008-02-14 1555480]
    {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
    {D4027C7F-154A-4066-A1AD-4243D8127440} - Ask.com Toolbar - C:\Program Files\Ask.com\Supertoolbar\GenericAskToolbar.dll [2008-10-21 741768]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Acer Tour"= []
    "eRecoveryService"= []
    "SolidWorks_CheckForUpdates"=C:\Program Files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe [2007-09-10 6460696]
    "ORAHSSSessionManager"=C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe [2007-12-12 107248]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2007-12-04 79224]
    "ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-08-25 1168264]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-10-11 4702208]
    "NvSvc"=C:\Windows\system32\nvsvc.dll [2007-12-05 86016]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-12-05 8530464]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-12-05 81920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-19 148888]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe /background []
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
    C:\Acer\Empowering Technology\SysMonitor.exe [2007-09-07 326176]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
    C:\Acer\AcerTour\Reminder.exe [2007-08-01 151552]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apanel]
    C:\ACERSW\config\NewSetApanel.cmd [2008-02-19 244]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
    c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-04-25 457216]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
    C:\Program Files\Windows Live\Contrôle parental\fssui.exe [2007-12-17 243240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
    C:\Program Files\Internet Download Manager\IDMan.exe /onboot []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    C:\Windows\system32\NvCpl.dll [2007-12-05 8530464]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    C:\Windows\system32\NvMcTray.dll [2007-12-05 81920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
    C:\Windows\system32\nvraidservice.exe [2007-12-07 196128]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    C:\Windows\system32\nvsvc.dll [2007-12-05 86016]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
    c:\Program Files\Norton Internet Security\osCheck.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-06-21 204908]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    C:\Program Files\PowerISO\PWRISOVM.EXE [2008-03-15 233472]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    C:\Windows\RtHDVCpl.exe [2007-10-11 4702208]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setresolution]
    C:\ACERSW\config\1680x1050.cmd [2007-10-18 199]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1233920]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
    C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
    C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
    C:\PROGRA~1\Xfire\Xfire.exe [2006-06-07 4154504]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "DisableTaskMgr"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "EnableLUA"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=0
    "NoActiveDesktopChanges"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoSetActiveDesktop"=
    "NoActiveDesktopChanges"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2009-02-19 19:19:45 ----A---- C:\Windows\system32\javaws.exe
    2009-02-19 19:19:45 ----A---- C:\Windows\system32\javaw.exe
    2009-02-19 19:19:45 ----A---- C:\Windows\system32\java.exe
    2009-02-19 19:19:45 ----A---- C:\Windows\system32\deploytk.dll
    2009-02-19 19:19:13 ----D---- C:\Program Files\Java
    2009-02-19 17:10:10 ----D---- C:\ProgramData\NortonInstaller
    2009-02-19 13:34:20 ----A---- C:\Windows\system32\SPWizUI.dll
    2009-02-19 13:34:20 ----A---- C:\Windows\system32\SPReview.exe
    2009-02-19 13:28:34 ----A---- C:\Windows\system32\recdisc.exe
    2009-02-19 13:28:33 ----A---- C:\Windows\system32\sdspres.dll
    2009-02-19 13:28:17 ----A---- C:\Windows\system32\vsp1cln.exe
    2009-02-19 13:28:10 ----A---- C:\Windows\system32\sxproxy.dll
    2009-02-19 13:28:05 ----A---- C:\Windows\system32\spp.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mstask.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssvp.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msstrc.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssrch.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssprxy.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssphtb.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssph.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssitlb.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msshsq.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\mssha.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msscp.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msscntrs.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msscb.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msrepl40.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msrdc.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msrd3x40.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msrating.dll
    2009-02-19 13:27:29 ----A---- C:\Windows\system32\msra.exe
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\NAPMONTR.DLL
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\napipsec.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\NapiNSP.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\NAPHLPR.DLL
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\napdsnap.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\NAPCRYPT.DLL
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mydocs.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mycomput.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\MuiUnattend.exe
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mtxoci.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mtxlegih.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mtxdm.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mtxclu.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\mtstocom.exe
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\msv1_0.dll
    2009-02-19 13:27:28 ----A---- C:\Windows\system32\msutb.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\msxbde40.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\mswsock.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\msvfw32.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\msvcrt.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\msvbvm60.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\mstscax.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\mstsc.exe
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\mstlsapi.dll
    2009-02-19 13:27:27 ----A---- C:\Windows\system32\mstext40.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\mswmdm.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\MSVidCtl.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msvidc32.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msftedit.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msfeedssync.exe
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msfeedsbs.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msexcl40.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msdtcVSp1res.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msdtcuiu.dll
    2009-02-19 13:27:26 ----A---- C:\Windows\system32\msdtctm.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msmmsp.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msltus40.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msjtes40.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\mshtmled.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\mshta.exe
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdtcprx.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdtclog.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdtckrm.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdtc.exe
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdt.exe
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdt.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdrm.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdri.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdmo.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdelta.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdart.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msdadiag.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\msctfui.dll
    2009-02-19 13:27:22 ----A---- C:\Windows\system32\MsCtfMonitor.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\mspbde40.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\mspatcha.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\mspaint.exe
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msorcl32.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msoert2.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msoeacct.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msobjs.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msnetobj.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msls31.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msihnd.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msiexec.exe
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msieftp.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msidle.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msident.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msidcrl30.dll
    2009-02-19 13:27:21 ----A---- C:\Windows\system32\msi.dll
    2009-02-19 13:27:18 ----A---- C:\Windows\system32\msjetoledb40.dll
    2009-02-19 13:27:18 ----A---- C:\Windows\system32\msjet40.dll
    2009-02-19 13:27:18 ----A---- C:\Windows\system32\msisip.dll
    2009-02-19 13:27:18 ----A---- C:\Windows\system32\msinfo32.exe
    2009-02-19 13:27:18 ----A---- C:\Windows\system32\msimtf.dll
    2009-02-19 13:27:15 ----A---- C:\Windows\system32\notepad.exe
    2009-02-19 13:27:15 ----A---- C:\Windows\system32\Nlsdl.dll
    2009-02-19 13:27:15 ----A---- C:\Windows\notepad.exe
    2009-02-19 13:27:11 ----A---- C:\Windows\system32\nlsbres.dll
    2009-02-19 13:27:11 ----A---- C:\Windows\system32\nlmgp.dll
    2009-02-19 13:27:11 ----A---- C:\Windows\system32\nlhtml.dll
    2009-02-19 13:27:08 ----A---- C:\Windows\system32\ocsetup.exe
    2009-02-19 13:27:08 ----A---- C:\Windows\system32\occache.dll
    2009-02-19 13:27:08 ----A---- C:\Windows\system32\objsel.dll
    2009-02-19 13:27:07 ----A---- C:\Windows\system32\offfilt.dll
    2009-02-19 13:27:07 ----A---- C:\Windows\system32\odbcconf.dll
    2009-02-19 13:27:07 ----A---- C:\Windows\system32\odbcbcp.dll
    2009-02-19 13:27:07 ----A---- C:\Windows\system32\odbc32.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\odbctrac.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\odbcjt32.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\odbccu32.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\odbccr32.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\odbccp32.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\ntvdm.exe
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\ntshrui.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\ntdsapi.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\ntdll.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\nslookup.exe
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\nsisvc.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\nsi.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\nshipsec.dll
    2009-02-19 13:27:06 ----A---- C:\Windows\system32\nshhttp.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\ntprint.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\ntmarta.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\ntlanman.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netiohlp.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netid.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netdiagfx.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netcorehc.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netcfgx.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netcfg.exe
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netcenter.dll
    2009-02-19 13:27:05 ----A---- C:\Windows\system32\netbtugc.exe
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\newdev.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\netiougc.exe
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\netevent.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\net1.exe
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\net.exe
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ndfetw.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ndfapi.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ncsi.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ncryptui.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ncrypt.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\ncobjapi.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\nci.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\NcdProp.dll
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\nbtstat.exe
    2009-02-19 13:27:04 ----A---- C:\Windows\system32\NAPSTAT.EXE
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\nlasvc.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\nlaapi.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\networkmap.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\networkitemfactory.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\networkexplorer.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\netprof.dll
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\Netplwiz.exe
    2009-02-19 13:27:03 ----A---- C:\Windows\system32\netman.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\netshell.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\NetProjW.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\netprofm.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\netplwiz.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\netlogon.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\lsmproxy.dll
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\lsm.exe
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\lsass.exe
    2009-02-19 13:27:02 ----A---- C:\Windows\system32\lsasrv.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\mblctr.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\makecab.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\luainstall.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\lpremove.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\lpksetup.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\lpk.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\logman.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\loghours.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\lodctr.exe
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\localui.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\localspl.dll
    2009-02-19 13:27:01 ----A---- C:\Windows\system32\localsec.dll
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\MFWMAAEC.DLL
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\mfvdsp.dll
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\mfplat.dll
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\mfcsubs.dll
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
    2009-02-19 13:27:00 ----A---- C:\Windows\system32\LogonUI.exe
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mfc42u.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mfc42.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\MdSched.exe
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mdminst.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\McxDriv.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\Mcx2Svc.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mcmde.dll
    2009-02-19 13:26:59 ----A---- C:\Windows\system32\mcbuilder.exe
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\itss.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iscsiwmi.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iscsium.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iscsilog.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iscsiexe.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iscsied.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\ipsmsnap.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\ipsecsnp.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\iprtrmgr.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\ipnathlp.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\IPBusEnum.dll
    2009-02-19 13:26:58 ----A---- C:\Windows\system32\inseng.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\loadperf.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\lnkstub.exe
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\lltdsvc.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\lltdapi.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\licmgr10.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\L2SecHC.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\l2nacp.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\l2gpstore.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\ktmw32.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\ktmutil.exe
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\korwbrkr.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\KMSVC.DLL
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\keymgr.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\jscript.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\iprtprio.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\iphlpsvc.dll
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\IPHLPAPI.DLL
    2009-02-19 13:26:57 ----A---- C:\Windows\system32\ipconfig.exe
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\mprmsg.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\mprdim.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\mprddm.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\mprapi.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\mpr.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\kernel32.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\kerberos.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\kdusb.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\kdcom.dll
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\KBDKOR.DLL
    2009-02-19 13:26:56 ----A---- C:\Windows\system32\KBDJPN.DLL
    2009-02-19 13:26:55 ----A---- C:\Windows\system32\MPSSVC.dll
    2009-02-19 13:26:55 ----A---- C:\Windows\system32\MPG4DECD.DLL
    2009-02-19 13:26:55 ----A---- C:\Windows\system32\mountvol.exe
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\mscories.dll
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\mscorier.dll
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\mscoree.dll
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\mscms.dll
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\mscandui.dll
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\MP4SDECD.DLL
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\MP43DECD.DLL
    2009-02-19 13:26:54 ----A---- C:\Windows\system32\MP3DMOD.DLL
    2009-02-19 13:26:53 ----A---- C:\Windows\system32\msctf.dll
    2009-02-19 13:26:53 ----A---- C:\Windows\system32\msconfig.exe
    2009-02-19 13:26:52 ----A---- C:\Windows\system32\msacm32.dll
    2009-02-19 13:26:52 ----A---- C:\Windows\system32\MSAC3ENC.DLL
    2009-02-19 13:26:52 ----A---- C:\Windows\system32\msaatext.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\modemui.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mobsync.exe
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\MMDevAPI.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mmcss.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mmcshext.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mmcndmgr.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mmcbase.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mmc.exe
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mlang.dll
    2009-02-19 13:26:50 ----A---- C:\Windows\system32\mimefilt.dll
    2009-02-19 13:26:49 ----A---- C:\Windows\system32\milcore.dll
    2009-02-19 13:26:49 ----A---- C:\Windows\system32\midimap.dll
    2009-02-19 13:26:48 ----A---- C:\Windows\system32\migisol.dll
    2009-02-19 13:26:48 ----A---- C:\Windows\system32\MigAutoPlay.exe
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\secur32.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\secproc_ssp.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\secproc_isv.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\secproc.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\seclogon.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\SecEdit.exe
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\SearchProtocolHost.exe
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\SearchIndexer.exe
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\SearchFilterHost.exe
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\sdshext.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\sdrsvc.dll
    2009-02-19 13:26:47 ----A---- C:\Windows\system32\sdohlp.dll
    2009-02-19 13:26:46 ----A---- C:\Windows\system32\shrink.dll
    2009-02-19 13:26:46 ----A---- C:\Windows\system32\shlwapi.dll
    2009-02-19 13:26:46 ----A---- C:\Windows\system32\shimgvw.dll
    2009-02-19 13:26:46 ----A---- C:\Windows\system32\shgina.dll
    2009-02-19 13:26:45 ----A---- C:\Windows\system32\shwebsvc.dll
    2009-02-19 13:26:45 ----A---- C:\Windows\system32\shsvcs.dll
    2009-02-19 13:26:45 ----A---- C:\Windows\system32\shsetup.dll
    2009-02-19 13:26:45 ----A---- C:\Windows\system32\shrpubw.exe
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\softkbd.dll
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\SnippingTool.exe
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\SndVol.exe
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\smss.exe
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\SmiInstaller.dll
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\shutdown.exe
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\shdocvw.dll
    2009-02-19 13:26:44 ----A---- C:\Windows\system32\shacct.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SmiEngine.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SMBHelperClass.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\slwmi.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\slwga.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLUINotify.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLUI.exe
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLsvc.exe
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\slmgr.vbs
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLLUA.exe
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLCommDlg.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\slcinst.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLCExt.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\slcc.dll
    2009-02-19 13:26:43 ----A---- C:\Windows\system32\SLC.dll
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\sfc_os.dll
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\sfc.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\setupugc.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\setupSNK.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\setupcln.dll
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\setupcl.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\sethc.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\SessEnv.dll
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\services.exe
    2009-02-19 13:26:42 ----A---- C:\Windows\system32\serialui.dll
    2009-02-19 13:26:41 ----A---- C:\Windows\system32\setupapi.dll
    2009-02-19 13:26:41 ----A---- C:\Windows\system32\Sens.dll
    2009-02-19 13:26:41 ----A---- C:\Windows\system32\sendmail.dll
    2009-02-19 13:26:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-02-19 13:26:41 ----A---- C:\Windows\system32\powrprof.dll
    2009-02-19 13:26:40 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-02-19 13:26:40 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-02-19 13:26:40 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\pnrpnsp.dll
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\PNPXAssoc.dll
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\PnPutil.exe
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\PnPUnattend.exe
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\pnpui.dll
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\pnidui.dll
    2009-02-19 13:26:39 ----A---- C:\Windows\system32\pngfilt.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\QAGENT.DLL
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\puiobj.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\puiapi.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\PSHED.DLL
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\psbase.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\provthrd.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\propsys.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\propdefs.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\powercpl.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\pots.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\pnpts.dll
    2009-02-19 13:26:38 ----A---- C:\Windows\system32\pnpsetup.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\profsvc.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\profprov.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\procinst.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\prntvpt.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\prnntfy.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\printui.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\prevhost.exe
    2009-02-19 13:26:37 ----A---- C:\Windows\system32\PresentationSettings.exe
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\pcaui.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\pcasvc.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\pcadm.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\p2psvc.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\p2pnetsh.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\p2phost.exe
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\P2PGraph.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\p2pcollab.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\P2P.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\olethk32.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\olesvr32.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\olepro32.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\oleprn.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\oledlg.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\olecli32.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\oleaut32.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\oleacc.dll
    2009-02-19 13:26:36 ----A---- C:\Windows\system32\ogldrv.dll
    2009-02-19 13:26:35 ----A---- C:\Windows\system32\osblprov.dll
    2009-02-19 13:26:35 ----A---- C:\Windows\system32\osbaseln.dll
    2009-02-19 13:26:35 ----A---- C:\Windows\system32\OptionalFeatures.exe
    2009-02-19 13:26:35 ----A---- C:\Windows\system32\oobefldr.dll
    2009-02-19 13:26:35 ----A---- C:\Windows\system32\ole32.dll
    2009-02-19 13:26:33 ----A---- C:\Windows\system32\pidgenx.dll
    2009-02-19 13:26:33 ----A---- C:\Windows\system32\photowiz.dll
    2009-02-19 13:26:33 ----A---- C:\Windows\system32\onex.dll
    2009-02-19 13:26:32 ----A---- C:\Windows\system32\PlaySndSrv.dll
    2009-02-19 13:26:32 ----A---- C:\Windows\system32\pla.dll
    2009-02-19 13:26:32 ----A---- C:\Windows\system32\PkgMgr.exe
    2009-02-19 13:26:32 ----A---- C:\Windows\system32\PING.EXE
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\rshx32.dll
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\perfts.dll
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\perfnet.dll
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\perfmon.msc
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\perfmon.exe
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\PerfCenterCPL.dll
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\pdhui.dll
    2009-02-19 13:26:31 ----A---- C:\Windows\system32\pdh.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\samsrv.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\samlib.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\runonce.exe
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\rtm.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\rtffilt.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\RstrtMgr.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\rsaenh.dll
    2009-02-19 13:26:30 ----A---- C:\Windows\system32\rpcss.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\scksp.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\schtasks.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\schedsvc.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\schannel.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\rpcrt4.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RpcPing.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\rpchttp.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\ROUTE.EXE
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\Robocopy.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RMActivate_ssp.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RMActivate_isv.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RMActivate.exe
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\riched32.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\riched20.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\rgb9rast.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\resutils.dll
    2009-02-19 13:26:29 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\sdengin2.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\sdclt.exe
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\sdchange.exe
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\scrrun.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\scrobj.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\scesrv.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\scecli.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\SCardSvr.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\scansetting.dll
    2009-02-19 13:26:28 ----A---- C:\Windows\system32\sbunattend.exe
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\sbeio.dll
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\sbe.dll
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\rasdiag.dll
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\raschap.dll
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\RacEngn.dll
    2009-02-19 13:26:26 ----A---- C:\Windows\system32\RacAgent.exe
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\rasdlg.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\rasctrs.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\rascfg.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\rasauto.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\rasapi32.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qwave.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\QUTIL.DLL
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\Query.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\QSVRMGMT.DLL
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qmgr.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qedit.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qdvd.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qdv.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\QCLIPROV.DLL
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qcap.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\qasf.dll
    2009-02-19 13:26:25 ----A---- C:\Windows\system32\QAGENTRT.DLL
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\remotepg.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\RelMon.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rekeywiz.exe
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\regsvc.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\regini.exe
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\RegCtrl.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\regapi.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\reg.exe
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rdrleakdiag.exe
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rdpwsx.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rdpencom.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\RDPENCDD.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rasppp.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rasplap.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rasphone.exe
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rasmontr.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\RASMM.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\rasgcw.dll
    2009-02-19 13:26:24 ----A---- C:\Windows\system32\QSHVHOST.DLL
    2009-02-19 13:26:24 ----A---- C:\Windows\regedit.exe
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rdpdd.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rdpcfgex.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rastls.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rastapi.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rasqec.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rasmans.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\rasman.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\raserver.exe
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\devenum.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\Defrag.exe
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3dim700.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3dim.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d9.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d8.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d10core.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d10_1core.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d10_1.dll
    2009-02-19 13:26:23 ----A---- C:\Windows\system32\d3d10.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\ddraw.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\dbnetlib.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\dbghelp.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\dbgeng.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\d3dxof.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\cscapi.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\cryptui.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\cryptsvc.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\cryptnet.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\cryptdll.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\crypt32.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\credui.dll
    2009-02-19 13:26:22 ----A---- C:\Windows\system32\credssp.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dispex.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dispdiag.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dispci.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\diskraid.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\diskpart.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dinput8.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dimsroam.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\dimsjob.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\diantz.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\csrstub.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\csrss.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\csrsrv.dll
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\cscript.exe
    2009-02-19 13:26:21 ----A---- C:\Windows\system32\cscdll.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\diagperf.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dhcpsapi.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\DHCPQEC.DLL
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dhcpcsvc6.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\DfsShlEx.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfsr.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfshim.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfrgui.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\DfrgNtfs.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfrgifc.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfrgfat.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\DFDWiz.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\dfdts.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\devmgr.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\cmdial32.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\cmd.exe
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\cmcfg32.dll
    2009-02-19 13:26:20 ----A---- C:\Windows\system32\clusapi.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\comrepl.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmmon32.exe
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmlua.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmipnpinstall.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmifw.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmicryptinstall.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cmdl32.exe
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\clfsw32.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\clbcatq.dll
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cipher.exe
    2009-02-19 13:26:19 ----A---- C:\Windows\system32\cic.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\corpol.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\convert.exe
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\consent.exe
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\conime.exe
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\comuid.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\comsvcs.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\comsnap.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\comres.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\ComputerDefaults.exe
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\compstui.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\CompatUI.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\colorui.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\colbact.dll
    2009-02-19 13:26:18 ----A---- C:\Windows\system32\cofiredm.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\els.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\comdlg32.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\comctl32.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\COLORCNV.DLL
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\cmutil.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\cmstplua.dll
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\cmstp.exe
    2009-02-19 13:26:17 ----A---- C:\Windows\system32\cmpbk32.dll
    2009-02-19 13:26:15 ----A---- C:\Windows\system32\esentutl.exe
    2009-02-19 13:26:15 ----A---- C:\Windows\system32\esentprf.dll
    2009-02-19 13:26:15 ----A---- C:\Windows\system32\esent.dll
    2009-02-19 13:26:15 ----A---- C:\Windows\system32\EncDump.dll
    2009-02-19 13:26:15 ----A---- C:\Windows\system32\emdmgmt.dll
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\feclient.dll
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\fdWSD.dll
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\efsadu.dll
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\eapsvc.dll
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\EAPQEC.DLL
    2009-02-19 13:26:14 ----A---- C:\Windows\system32\eappprxy.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fontsub.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fontext.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fmifs.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\FirewallControlPanel.exe
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\FirewallAPI.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\findstr.exe
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\findnetprinters.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\filemgmt.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fdWCN.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fdSSDP.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fdPHost.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fdeploy.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\fde.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\evr.dll
    2009-02-19 13:26:13 ----A---- C:\Windows\system32\eventcls.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\Faultrep.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\f3ahvoas.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\extrac32.exe
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\extmgr.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\expand.exe
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\drmmgrtn.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\driverquery.exe
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dpx.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3ui.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3svc.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3msm.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3gpui.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3gpclnt.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3dlg.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3cfg.dll
    2009-02-19 13:26:12 ----A---- C:\Windows\system32\dot3api.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dxdiagn.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dxdiag.exe
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\DWWIN.EXE
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\drmv2clt.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dps.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dpnet.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\DpiScaling.exe
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dpapimig.exe
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dnsrslvr.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dnshc.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dnscacheugc.exe
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dnsapi.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmvdsitf.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmutil.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmusic.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmsynth.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmscript.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmocx.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmloader.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmime.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmdskres2.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmdskmgr.dll
    2009-02-19 13:26:11 ----A---- C:\Windows\system32\dmdlgs.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\eapphost.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\eappgnui.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\eapp3hst.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\dxgi.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\dwmredir.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\dwmapi.dll
    2009-02-19 13:26:10 ----A---- C:\Windows\system32\dwm.exe
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\eappcfg.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dxva2.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dxtrans.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dxtmsft.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dxmasf.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\duser.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsuiext.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dssenh.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dssec.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsquery.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsprop.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsound.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dskquoui.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dskquota.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsdmo.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\dsauth.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\drvstore.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\drvinst.exe
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\AudioEng.dll
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\audiodg.exe
    2009-02-19 13:26:09 ----A---- C:\Windows\system32\atmfd.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\AuthFWSnapin.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\AuthFWGP.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\authfwcfg.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\audiodev.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\atl.dll
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\AtBroker.exe
    2009-02-19 13:26:08 ----A---- C:\Windows\system32\at.exe
    2009-02-19 13:26:07 ----A---- C:\Windows\system32\bcdedit.exe
    2009-02-19 13:26:07 ----A---- C:\Windows\system32\auditpol.exe
    2009-02-19 13:26:07 ----A---- C:\Windows\system32\audiosrv.dll
    2009-02-19 13:26:07 ----A---- C:\Windows\system32\AudioSes.dll
    2009-02-19 13:26:07 ----A---- C:\Windows\system32\AUDIOKSE.dll
    2009-02-19 13:26:06 ----A---- C:\Window
    19 Février 2009 19:31:26

    la suite :p 

    2009-02-19 13:26:06 ----A---- C:\Windows\system32\BFE.DLL
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\bcrypt.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\bcdsrv.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\bcdprov.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\batt.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\basesrv.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\basecsp.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\autoplay.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\autofmt.exe
    2009-02-19 13:26:06 ----A---- C:\Windows\system32\authui.dll
    2009-02-19 13:26:06 ----A---- C:\Windows\bfsvc.exe
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\AzSqlExt.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\azroleui.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\azroles.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\avrt.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\avifil32.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\autoconv.exe
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\autochk.exe
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\authz.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\ACW.exe
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\actxprxy.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\activeds.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\ActiveContentWizard.dll
    2009-02-19 13:26:05 ----A---- C:\Windows\system32\ActionQueue.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\apds.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\amstream.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\admparse.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\aclui.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\accessibilitycpl.dll
    2009-02-19 13:26:04 ----A---- C:\Windows\system32\aaclient.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\apss.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\appinfo.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\apphelp.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\apircl.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\apilogen.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\amxread.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\advpack.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\advapi32.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\adtschema.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\adsnt.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\adsmsext.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\adsldpc.dll
    2009-02-19 13:26:03 ----A---- C:\Windows\system32\adsldp.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\catsrvut.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\catsrv.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\cabview.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\cabinet.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\btpanui.dll
    2009-02-19 13:26:02 ----A---- C:\Windows\system32\alg.exe
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\capisp.dll
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\cacls.exe
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\brcplsdw.dll
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\brcpl.dll
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\BOOTVID.DLL
    2009-02-19 13:26:01 ----A---- C:\Windows\system32\bootstr.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\certutil.exe
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\certreq.exe
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\certprop.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\certmgr.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\CertEnrollUI.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\certcli.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\bthci.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\browseui.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\browser.dll
    2009-02-19 13:26:00 ----A---- C:\Windows\system32\bridgeunattend.exe
    2009-02-19 13:25:59 ----A---- C:\Windows\system32\chsbrkr.dll
    2009-02-19 13:25:59 ----A---- C:\Windows\system32\CertEnroll.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\chtbrkr.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\cfgmgr32.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\cfgbkend.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\cewmdm.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\cdosys.dll
    2009-02-19 13:25:57 ----A---- C:\Windows\system32\cdd.dll
    2009-02-19 13:25:56 ----A---- C:\Windows\system32\bootcfg.exe
    2009-02-19 13:25:56 ----A---- C:\Windows\system32\blackbox.dll
    2009-02-19 13:25:56 ----A---- C:\Windows\system32\bitsigd.dll
    2009-02-19 13:25:51 ----A---- C:\Windows\system32\IMJP10K.DLL
    2009-02-19 13:25:51 ----A---- C:\Windows\system32\imgutil.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\inetppui.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\inetpp.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\inetmib1.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\imapi2fs.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\imapi2.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\imapi.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\imagesp1.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\imagehlp.dll
    2009-02-19 13:25:50 ----A---- C:\Windows\system32\IKEEXT.DLL
    2009-02-19 13:25:49 ----A---- C:\Windows\system32\input.dll
    2009-02-19 13:25:49 ----A---- C:\Windows\system32\InkEd.dll
    2009-02-19 13:25:49 ----A---- C:\Windows\system32\InfDefaultInstall.exe
    2009-02-19 13:25:48 ----A---- C:\Windows\system32\infocardapi.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\imm32.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\icaapi.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iassvcs.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iassdo.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iassam.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iasrecst.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iasrad.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iaspolcy.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\IasMigPlugin.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iashost.exe
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iashlpr.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iasdatastore.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iasads.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\iasacct.dll
    2009-02-19 13:25:47 ----A---- C:\Windows\system32\ias.dll
    2009-02-19 13:25:46 ----A---- C:\Windows\system32\iasnap.dll
    2009-02-19 13:25:45 ----A---- C:\Windows\system32\ifsutil.dll
    2009-02-19 13:25:45 ----A---- C:\Windows\system32\iexpress.exe
    2009-02-19 13:25:45 ----A---- C:\Windows\system32\httpapi.dll
    2009-02-19 13:25:44 ----A---- C:\Windows\system32\ifmon.dll
    2009-02-19 13:25:44 ----A---- C:\Windows\system32\iesetup.dll
    2009-02-19 13:25:44 ----A---- C:\Windows\system32\iernonce.dll
    2009-02-19 13:25:44 ----A---- C:\Windows\system32\iepeers.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\ieencode.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\ieakeng.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\ie4uinit.exe
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\idndl.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icsunattend.exe
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icsfiltr.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icm32.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icfupgd.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icardres.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icardie.dll
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icardagt.exe
    2009-02-19 13:25:43 ----A---- C:\Windows\system32\icacls.exe
    2009-02-19 13:25:42 ----A---- C:\Windows\system32\iedkcs32.dll
    2009-02-19 13:25:42 ----A---- C:\Windows\system32\ieapfltr.dll
    2009-02-19 13:25:42 ----A---- C:\Windows\system32\ieaksie.dll
    2009-02-19 13:25:41 ----A---- C:\Windows\system32\HotStartUserAgent.dll
    2009-02-19 13:25:41 ----A---- C:\Windows\system32\hnetmon.dll
    2009-02-19 13:25:41 ----A---- C:\Windows\system32\hlink.dll
    2009-02-19 13:25:40 ----A---- C:\Windows\system32\hnetcfg.dll
    2009-02-19 13:25:38 ----A---- C:\Windows\system32\FWPUCLNT.DLL
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\fwcfg.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\fundisc.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\ftp.exe
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\fsutil.exe
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\fsmgmt.msc
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\framedynos.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\framedyn.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\framebuf.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\system32\fphc.dll
    2009-02-19 13:25:37 ----A---- C:\Windows\fveupdate.exe
    2009-02-19 13:25:36 ----A---- C:\Windows\system32\HelpPaneProxy.dll
    2009-02-19 13:25:36 ----A---- C:\Windows\system32\hbaapi.dll
    2009-02-19 13:25:36 ----A---- C:\Windows\system32\GuidedHelp.dll
    2009-02-19 13:25:36 ----A---- C:\Windows\HelpPane.exe
    2009-02-19 13:25:35 ----A---- C:\Windows\system32\getmac.exe
    2009-02-19 13:25:35 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
    2009-02-19 13:25:35 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
    2009-02-19 13:25:35 ----A---- C:\Windows\system32\gacinstall.dll
    2009-02-19 13:25:34 ----A---- C:\Windows\system32\graftabl.com
    2009-02-19 13:25:34 ----A---- C:\Windows\system32\gpupdate.exe
    2009-02-19 13:25:34 ----A---- C:\Windows\system32\gpsvc.dll
    2009-02-19 13:25:34 ----A---- C:\Windows\system32\gpresult.exe
    2009-02-19 13:25:34 ----A---- C:\Windows\system32\gpapi.dll
    2009-02-19 13:25:33 ----A---- C:\Windows\system32\gpedit.dll
    2009-02-19 13:25:30 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
    2009-02-19 13:25:30 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wiadss.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wiadefui.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wiaaut.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wiaacmgr.exe
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\whealogr.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wfapigp.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wextract.exe
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wevtutil.exe
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wevtsvc.dll
    2009-02-19 13:25:29 ----A---- C:\Windows\system32\wevtfwd.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\winusb.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\wintrust.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\winsta.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\winsrv.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\WINSRPC.DLL
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\WinSCard.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\WinSATAPI.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\WinSAT.exe
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\winrsmgr.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\wiashext.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\wiaservc.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\wiascanprofiles.dll
    2009-02-19 13:25:28 ----A---- C:\Windows\system32\wiarpc.dll
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\WLanConn.dll
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\wlancfg.dll
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\wlanapi.dll
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\wkssvc.dll
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\wisptis.exe
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\wininit.exe
    2009-02-19 13:25:27 ----A---- C:\Windows\system32\winethc.dll
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winrshost.exe
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winrscmd.dll
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winrs.exe
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winrm.vbs
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winnsi.dll
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winlogon.exe
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\winhttp.dll
    2009-02-19 13:25:26 ----A---- C:\Windows\system32\WinFXDocObj.exe
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\winmm.dll
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\wbemcomn.dll
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\wavemsp.dll
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\WavDest.dll
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\waitfor.exe
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\w32tm.exe
    2009-02-19 13:25:25 ----A---- C:\Windows\system32\w32time.dll
    2009-02-19 13:25:24 ----A---- C:\Windows\system32\VSSVC.exe
    2009-02-19 13:25:24 ----A---- C:\Windows\system32\vsstrace.dll
    2009-02-19 13:25:24 ----A---- C:\Windows\system32\vssapi.dll
    2009-02-19 13:25:24 ----A---- C:\Windows\system32\vssadmin.exe
    2009-02-19 13:25:24 ----A---- C:\Windows\system32\vss_ps.dll
    2009-02-19 13:25:23 ----A---- C:\Windows\system32\WebClnt.dll
    2009-02-19 13:25:23 ----A---- C:\Windows\system32\webcheck.dll
    2009-02-19 13:25:23 ----A---- C:\Windows\system32\wdscore.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wevtapi.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wersvc.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wermgr.exe
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\WerFaultSecure.exe
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\WerFault.exe
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\werdiagcontroller.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wercplsupport.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wercon.exe
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wer.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wecutil.exe
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wecsvc.dll
    2009-02-19 13:25:22 ----A---- C:\Windows\system32\wecapi.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\WSDMon.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\WSDApi.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wscsvc.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wscript.exe
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wscproxystub.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wscntfy.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wscapi.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wdigest.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wdi.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wdc.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wcnwiz.dll
    2009-02-19 13:25:20 ----A---- C:\Windows\system32\wcncsvc.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wship6.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wshext.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wshcon.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wsepno.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wsecedit.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wscmisetup.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wscisvif.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\WpdConns.dll
    2009-02-19 13:25:19 ----A---- C:\Windows\system32\wpdbusenum.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\xcopy.exe
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\ws2_32.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpnpinst.exe
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpdwcn.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\WPDSp.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\WPDShServiceObj.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpdshext.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\WpdMtpUS.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpd_ci.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpcsvc.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpclsp.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpccpl.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\wpcao.dll
    2009-02-19 13:25:18 ----A---- C:\Windows\system32\Wpc.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\XPSSHHDR.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\xolehlp.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\xmlprovi.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\xmllite.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\xmlfilter.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\xactsrv.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\wzcdlg.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\wvc.dll
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\wusa.exe
    2009-02-19 13:25:17 ----A---- C:\Windows\system32\WUDFPlatform.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WUDFx.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WUDFSvc.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\wsqmcons.exe
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\wsock32.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\wsnmp32.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmWmiPl.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmSvc.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmRes.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmProv.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmCl.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WsmAuto.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
    2009-02-19 13:25:16 ----A---- C:\Windows\system32\WSHTCPIP.DLL
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\xwizards.dll
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\xpssvcs.dll
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\WUDFHost.exe
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\wtsapi32.dll
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\wmidx.dll
    2009-02-19 13:25:15 ----A---- C:\Windows\system32\wmicmiplugin.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wmdrmsdk.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wmdrmnet.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wmdrmdev.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\Wldap32.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlanui.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlansvc.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlansec.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlanpref.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlanmsm.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\WlanMmHC.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\WlanMM.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlanhlp.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\WLanHC.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlangpui.dll
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlanext.exe
    2009-02-19 13:25:14 ----A---- C:\Windows\system32\wlandlg.dll
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\WMSPDMOE.DLL
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\WMSPDMOD.DLL
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\wmpsrcwp.dll
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\wmpshell.dll
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\wmpmde.dll
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\WMASF.DLL
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\WMADMOE.DLL
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\WMADMOD.DLL
    2009-02-19 13:25:13 ----A---- C:\Windows\system32\wlgpclnt.dll
    2009-02-19 13:25:12 ----A---- C:\Windows\system32\wow32.dll
    2009-02-19 13:25:12 ----A---- C:\Windows\system32\WMVXENCD.DLL
    2009-02-19 13:25:12 ----A---- C:\Windows\system32\WMVSENCD.DLL
    2009-02-19 13:25:12 ----A---- C:\Windows\system32\WMVSDECD.DLL
    2009-02-19 13:25:12 ----A---- C:\Windows\system32\wmploc.DLL
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\WMVENCOD.DLL
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\wmvdspa.dll
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\WMPhoto.dll
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-02-19 13:25:11 ----A---- C:\Windows\system32\wmiprop.dll
    2009-02-19 13:25:10 ----A---- C:\Windows\system32\WMPEncEn.dll
    2009-02-19 13:25:09 ----A---- C:\Windows\system32\wmpcm.dll
    2009-02-19 13:25:09 ----A---- C:\Windows\system32\wmp.dll
    2009-02-19 13:25:07 ----A---- C:\Windows\system32\Tabbtn.dll
    2009-02-19 13:25:07 ----A---- C:\Windows\system32\t2embed.dll
    2009-02-19 13:25:07 ----A---- C:\Windows\system32\systeminfo.exe
    2009-02-19 13:25:07 ----A---- C:\Windows\system32\systemcpl.dll
    2009-02-19 13:25:03 ----A---- C:\Windows\system32\tcpmon.dll
    2009-02-19 13:25:03 ----A---- C:\Windows\system32\tbssvc.dll
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\tdh.dll
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\tcpmon.ini
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\tcpipcfg.dll
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\tbs.dll
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\taskschd.dll
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\taskmgr.exe
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\tasklist.exe
    2009-02-19 13:25:02 ----A---- C:\Windows\system32\taskkill.exe
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\taskeng.exe
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\taskcomp.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\tapisrv.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\TapiMigPlugin.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\takeown.exe
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\tabcal.exe
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\TabbtnEx.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\srrstr.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\srchadmin.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\sqmapi.dll
    2009-02-19 13:25:01 ----A---- C:\Windows\system32\sqlcese30.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\sstpsvc.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\SSShim.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\ssdpsrv.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\srwmi.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\sqlsrv32.dll
    2009-02-19 13:25:00 ----A---- C:\Windows\system32\sqlceqp30.dll
    2009-02-19 13:24:58 ----A---- C:\Windows\system32\srvsvc.dll
    2009-02-19 13:24:57 ----A---- C:\Windows\system32\spoolsv.exe
    2009-02-19 13:24:57 ----A---- C:\Windows\system32\spoolss.dll
    2009-02-19 13:24:57 ----A---- C:\Windows\system32\spbcd.dll
    2009-02-19 13:24:57 ----A---- C:\Windows\system32\SoundRecorder.exe
    2009-02-19 13:24:56 ----A---- C:\Windows\system32\spwmp.dll
    2009-02-19 13:24:56 ----A---- C:\Windows\system32\spwizres.dll
    2009-02-19 13:24:56 ----A---- C:\Windows\system32\spwizimg.dll
    2009-02-19 13:24:56 ----A---- C:\Windows\system32\spwizeng.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\SysFxUI.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\syncui.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\synceng.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\SyncCenter.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\sxstrace.exe
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\sppnp.dll
    2009-02-19 13:24:55 ----A---- C:\Windows\system32\spopk.dll
    2009-02-19 13:24:54 ----A---- C:\Windows\system32\sxsstore.dll
    2009-02-19 13:24:54 ----A---- C:\Windows\system32\sxs.dll
    2009-02-19 13:24:54 ----A---- C:\Windows\system32\swprv.dll
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\syssetup.dll
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\sysmain.dll
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\syskey.exe
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\Storprop.dll
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\stobject.dll
    2009-02-19 13:24:52 ----A---- C:\Windows\system32\sti_ci.dll
    2009-02-19 13:24:51 ----A---- C:\Windows\system32\svchost.exe
    2009-02-19 13:24:51 ----A---- C:\Windows\system32\sud.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\usp10.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\userinit.exe
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\userenv.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\usercpl.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\user32.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\usbperf.dll
    2009-02-19 13:24:50 ----A---- C:\Windows\system32\usbmon.dll
    2009-02-19 13:24:49 ----A---- C:\Windows\system32\usbui.dll
    2009-02-19 13:24:49 ----A---- C:\Windows\system32\upnphost.dll
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\zipfldr.dll
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\xwtpw32.dll
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\url.dll
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\upnpcont.exe
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\upnp.dll
    2009-02-19 13:24:48 ----A---- C:\Windows\system32\untfs.dll
    2009-02-19 13:24:46 ----A---- C:\Windows\system32\vga256.dll
    2009-02-19 13:24:46 ----A---- C:\Windows\system32\vga.dll
    2009-02-19 13:24:45 ----A---- C:\Windows\system32\VIDRESZR.DLL
    2009-02-19 13:24:45 ----A---- C:\Windows\system32\vga64k.dll
    2009-02-19 13:24:45 ----A---- C:\Windows\system32\vbscript.dll
    2009-02-19 13:24:45 ----A---- C:\Windows\system32\VAN.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\vfwwdm32.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\version.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\verifier.exe
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\verifier.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\vdsutil.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\vdmdbg.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\uxtheme.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\uxsms.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\uudf.dll
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\Utilman.exe
    2009-02-19 13:24:44 ----A---- C:\Windows\system32\utildll.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vdsldr.exe
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vdsdyn.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vdsbas.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vds_ps.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vds.exe
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\vdmredir.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\trkwks.dll
    2009-02-19 13:24:43 ----A---- C:\Windows\system32\tracerpt.exe
    2009-02-19 13:24:42 ----A---- C:\Windows\system32\TSTheme.exe
    2009-02-19 13:24:42 ----A---- C:\Windows\system32\TSpkg.dll
    2009-02-19 13:24:42 ----A---- C:\Windows\system32\tquery.dll
    2009-02-19 13:24:42 ----A---- C:\Windows\system32\TpmInit.exe
    2009-02-19 13:24:42 ----A---- C:\Windows\system32\TMM.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\tsgqec.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\tsddd.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\tscupgrd.exe
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\themecpl.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\termsrv.dll
    2009-02-19 13:24:41 ----A---- C:\Windows\system32\termmgr.dll
    2009-02-19 13:24:40 ----A---- C:\Windows\system32\umb.dll
    2009-02-19 13:24:40 ----A---- C:\Windows\system32\ulib.dll
    2009-02-19 13:24:40 ----A---- C:\Windows\system32\thumbcache.dll
    2009-02-19 13:24:40 ----A---- C:\Windows\system32\themeui.dll
    2009-02-19 13:24:39 ----A---- C:\Windows\system32\UIHub.dll
    2009-02-19 13:24:38 ----A---- C:\Windows\system32\unregmp2.exe
    2009-02-19 13:24:38 ----A---- C:\Windows\system32\unlodctr.exe
    2009-02-19 13:24:38 ----A---- C:\Windows\system32\umpnpmgr.dll
    2009-02-19 13:24:37 ----A---- C:\Windows\system32\unbcl.dll
    2009-02-19 13:24:37 ----A---- C:\Windows\system32\unattendedjoin.exe
    2009-02-19 13:24:37 ----A---- C:\Windows\system32\unattend.dll
    2009-02-19 13:24:37 ----A---- C:\Windows\system32\ucsvc.exe
    2009-02-19 13:24:37 ----A---- C:\Windows\system32\txfw32.dll
    2009-02-19 13:24:36 ----A---- C:\Windows\system32\UIAutomationCore.dll
    2009-02-19 13:24:36 ----A---- C:\Windows\system32\ufat.dll
    2009-02-19 13:24:36 ----A---- C:\Windows\system32\uexfat.dll
    2009-02-19 13:24:36 ----A---- C:\Windows\system32\txflog.dll
    2009-02-19 13:24:36 ----A---- C:\Windows\system32\TsWpfWrp.exe
    2009-02-19 13:24:35 ----A---- C:\Windows\system32\UI0Detect.exe
    2009-02-19 13:24:35 ----A---- C:\Windows\system32\uDWM.dll
    2009-02-19 13:22:12 ----A---- C:\Windows\system32\cbsra.exe
    2009-02-18 18:53:49 ----D---- C:\Users\Brian\AppData\Roaming\Malwarebytes
    2009-02-18 18:53:44 ----D---- C:\ProgramData\Malwarebytes
    2009-02-18 18:53:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2009-02-18 18:41:31 ----D---- C:\rsit
    2009-02-18 12:03:21 ----D---- C:\Program Files\Ask.com
    2009-02-18 12:01:46 ----D---- C:\Program Files\Trillian
    2009-02-15 06:31:27 ----A---- C:\Windows\system32\winlogon2.exe
    2009-02-15 04:20:32 ----A---- C:\Windows\system32\EncDec.dll
    2009-02-15 04:20:29 ----A---- C:\Windows\system32\psisdecd.dll
    2009-02-12 17:44:51 ----A---- C:\Windows\system32\iumxcj.exe
    2009-02-12 17:34:15 ----AD---- C:\ProgramData\TEMP
    2009-02-12 17:33:03 ----D---- C:\Users\Brian\AppData\Roaming\PC Tools
    2009-02-12 17:33:03 ----D---- C:\Program Files\Spyware Doctor
    2009-02-12 15:03:52 ----A---- C:\Windows\system32\uhnsd.exe
    2009-02-12 12:23:18 ----A---- C:\Windows\system32\aswBoot.exe
    2009-02-12 12:23:13 ----D---- C:\Program Files\Alwil Software
    2009-02-12 12:17:44 ----A---- C:\resultat_clean.txt
    2009-02-12 12:17:24 ----A---- C:\rapport_clean.txt
    2009-02-12 07:31:18 ----D---- C:\PerfLogs
    2009-02-12 06:59:02 ----D---- C:\7ae63ebdb0b9608f4168cd
    2009-02-12 05:16:33 ----D---- C:\Windows\Minidump
    2009-02-12 03:30:47 ----A---- C:\Windows\system32\303369.exe
    2009-02-11 22:53:26 ----A---- C:\Windows\system32\jsproxy.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\wininet.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\msfeeds.dll
    2009-02-11 22:53:25 ----A---- C:\Windows\system32\iertutil.dll
    2009-02-11 22:53:24 ----A---- C:\Windows\system32\mshtml.dll
    2009-02-11 22:53:23 ----A---- C:\Windows\system32\mstime.dll
    2009-02-11 22:53:23 ----A---- C:\Windows\system32\ieframe.dll
    2009-02-11 22:53:22 ----A---- C:\Windows\system32\urlmon.dll
    2009-02-11 07:18:23 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
    2009-02-01 18:13:19 ----D---- C:\Users\Brian\AppData\Roaming\Acreon

    ======List of files/folders modified in the last 1 months======

    2009-02-19 19:25:44 ----D---- C:\Windows\Prefetch
    2009-02-19 19:19:53 ----SHD---- C:\Windows\Installer
    2009-02-19 19:19:45 ----D---- C:\Windows\System32
    2009-02-19 19:19:13 ----RD---- C:\Program Files
    2009-02-19 19:18:47 ----SHD---- C:\System Volume Information
    2009-02-19 19:05:59 ----D---- C:\Program Files\Common Files
    2009-02-19 18:50:20 ----D---- C:\Windows\system32\catroot2
    2009-02-19 18:50:20 ----D---- C:\Windows\system32\catroot
    2009-02-19 18:50:19 ----D---- C:\Windows\winsxs
    2009-02-19 18:02:35 ----D---- C:\Windows\Temp
    2009-02-19 17:29:08 ----D---- C:\Program Files\Mozilla Firefox
    2009-02-19 17:24:16 ----D---- C:\Windows\inf
    2009-02-19 17:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-02-19 17:17:56 ----D---- C:\Users\Brian\AppData\Roaming\IM
    2009-02-19 17:17:55 ----D---- C:\Windows\system32\drivers
    2009-02-19 17:13:58 ----D---- C:\ProgramData\Symantec
    2009-02-19 17:10:10 ----HD---- C:\ProgramData
    2009-02-19 17:06:42 ----D---- C:\Windows\system32\WDI
    2009-02-19 14:46:34 ----D---- C:\Windows\Logs
    2009-02-19 14:14:04 ----D---- C:\Windows\rescache
    2009-02-19 14:09:43 ----D---- C:\Windows\Microsoft.NET
    2009-02-19 14:09:37 ----RSD---- C:\Windows\assembly
    2009-02-19 14:03:55 ----D---- C:\ProgramData\NVIDIA
    2009-02-19 14:02:03 ----D---- C:\Windows
    2009-02-19 14:01:48 ----SHD---- C:\Boot
    2009-02-19 14:01:45 ----ASH---- C:\Program Files\desktop.ini
    2009-02-19 13:54:55 ----D---- C:\Program Files\Windows Sidebar
    2009-02-19 13:54:55 ----D---- C:\Program Files\Windows Media Player
    2009-02-19 13:54:55 ----D---- C:\Program Files\Windows Mail
    2009-02-19 13:54:55 ----D---- C:\Program Files\Windows Calendar
    2009-02-19 13:54:55 ----D---- C:\Program Files\Movie Maker
    2009-02-19 13:54:55 ----D---- C:\Program Files\Internet Explorer
    2009-02-19 13:54:54 ----D---- C:\Program Files\Windows Photo Gallery
    2009-02-19 13:54:54 ----D---- C:\Program Files\Windows Journal
    2009-02-19 13:54:54 ----D---- C:\Program Files\Windows Collaboration
    2009-02-19 13:54:52 ----D---- C:\Windows\servicing
    2009-02-19 13:54:52 ----D---- C:\Windows\ehome
    2009-02-19 13:54:52 ----D---- C:\Program Files\Windows Defender
    2009-02-19 13:54:52 ----D---- C:\Program Files\Common Files\System
    2009-02-19 13:54:49 ----D---- C:\Windows\MSAgent
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\XPSViewer
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\ko-KR
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\it-IT
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\en-US
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\el-GR
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\de-DE
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\da-DK
    2009-02-19 13:54:48 ----D---- C:\Windows\system32\com
    2009-02-19 13:54:48 ----D---- C:\Windows\PolicyDefinitions
    2009-02-19 13:54:48 ----D---- C:\Windows\L2Schemas
    2009-02-19 13:54:48 ----D---- C:\Windows\IME
    2009-02-19 13:54:48 ----D---- C:\Windows\DigitalLocker
    2009-02-19 13:54:47 ----D---- C:\Windows\system32\sysprep
    2009-02-19 13:54:47 ----D---- C:\Windows\system32\oobe
    2009-02-19 13:54:47 ----D---- C:\Windows\system32\migration
    2009-02-19 13:54:47 ----D---- C:\Windows\system32\fr
    2009-02-19 13:54:46 ----D---- C:\Windows\system32\ru-RU
    2009-02-19 13:54:46 ----D---- C:\Windows\system32\ias
    2009-02-19 13:54:46 ----D---- C:\Windows\system32\fr-FR
    2009-02-19 13:54:46 ----D---- C:\Windows\system32\AdvancedInstallers
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\sv-SE
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\SLUI
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\setup
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\pt-PT
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\hu-HU
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\he-IL
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\fi-FI
    2009-02-19 13:54:44 ----D---- C:\Windows\system32\cs-CZ
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\zh-TW
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\zh-CN
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\tr-TR
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\ro-RO
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\pl-PL
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\manifeststore
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\ja-JP
    2009-02-19 13:54:41 ----D---- C:\Windows\system32\es-ES
    2009-02-19 13:54:40 ----D---- C:\Windows\system32\wbem
    2009-02-19 13:54:40 ----D---- C:\Windows\system32\nl-NL
    2009-02-19 13:54:40 ----D---- C:\Windows\system32\nb-NO
    2009-02-19 13:54:40 ----D---- C:\Windows\system32\ar-SA
    2009-02-19 13:54:39 ----D---- C:\Windows\system32\pt-BR
    2009-02-19 13:54:39 ----D---- C:\Windows\system32\migwiz
    2009-02-19 13:54:23 ----D---- C:\Windows\AppPatch
    2009-02-19 13:54:18 ----D---- C:\Windows\Boot
    2009-02-19 13:54:17 ----D---- C:\Windows\system32\Boot
    2009-02-19 13:45:45 ----D---- C:\Windows\system32\RTCOM
    2009-02-19 13:41:16 ----A---- C:\Windows\system32\ifxcardm.dll
    2009-02-19 13:41:08 ----A---- C:\Windows\system32\axaltocm.dll
    2009-02-19 02:09:42 ----D---- C:\Windows\system32\config
    2009-02-19 02:09:38 ----D---- C:\Windows\Tasks
    2009-02-19 02:09:38 ----D---- C:\Windows\system32\spool
    2009-02-19 02:09:35 ----D---- C:\Windows\registration
    2009-02-18 22:50:56 ----D---- C:\Users\Brian\AppData\Roaming\LimeWire
    2009-02-18 17:14:39 ----D---- C:\Windows\system32\Tasks
    2009-02-14 15:17:10 ----D---- C:\Windows\system32\CodeIntegrity
    2009-02-14 15:16:51 ----RD---- C:\Users
    2009-02-14 15:16:49 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
    2009-02-12 20:59:28 ----D---- C:\Windows\tapi
    2009-02-12 20:59:26 ----D---- C:\Windows\system32\Msdtc
    2009-02-12 20:52:49 ----D---- C:\Windows\system32\LogFiles
    2009-02-12 13:18:41 ----D---- C:\Windows\system32\NDF
    2009-02-12 12:34:35 ----SD---- C:\ProgramData\Microsoft
    2009-02-12 12:16:50 ----D---- C:\Program Files\Windows Live
    2009-02-12 03:01:59 ----D---- C:\ProgramData\Microsoft Help
    2009-02-06 15:24:49 ----D---- C:\Users\Brian\AppData\Roaming\IDM
    2009-02-06 15:24:49 ----D---- C:\Program Files\Internet Download Manager
    2009-02-06 15:23:26 ----D---- C:\Users\Brian\AppData\Roaming\DMCache
    2009-02-05 18:58:54 ----D---- C:\Program Files\Dofus
    2009-02-04 00:21:12 ----A---- C:\Windows\system32\mrt.exe

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2007-12-04 23152]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2007-12-04 42912]
    R1 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-08-25 66952]
    R1 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-08-25 81288]
    R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-03-14 46652]
    R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 45648]
    R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2007-10-17 43816]
    R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]
    R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
    R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-10-17 1971928]
    R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-12-03 6144]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-09-10 1035168]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-05 8238720]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-07-07 12032]
    R3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
    S1 seneka;seneka; C:\Windows\system32\drivers\senekanmrwjbfr.sys []
    S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
    S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
    S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
    S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2006-11-02 11264]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-06-21 269448]
    R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2007-04-16 28672]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2007-12-04 17272]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2007-12-04 140664]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
    R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
    R2 fsssvc;Windows Live OneCare Contrôle parental; C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe [2007-12-17 523816]
    R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2007-12-11 65536]
    R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-06-15 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-06-15 103736]
    R2 Remote Solver for COSMOSFloWorks 2007;Remote Solver for COSMOSFloWorks 2007; C:\Program Files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe [2007-07-23 675840]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
    R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
    R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176]
    R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2007-12-04 247160]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2007-12-04 345464]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
    S3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-09-16 79360]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
    a c 296 8 Sécurité
    a b 9 Windows
    19 Février 2009 19:42:41

  • Télécharge OTMoveIt3 (OldTimer) sur ton Bureau.
  • Clique droit sur OTMoveIt3.exe et choisis Exécuter en tant qu'administrateur.
  • Copie (Ctrl+C) le texte suivant ci-dessous :

    :processes
    explorer.exe

    :services
    seneka

    :commands
    [purity]
    [emptytemp]
    [reboot]


  • Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
  • Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

    ---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.

  • Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    ---> Le nom du rapport correspond au moment de sa création : date_heure.log
    19 Février 2009 20:04:38

    Voila j'ai fait tout ce que tu m'as dit. Voici le rapport :

    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== SERVICES/DRIVERS ==========
    Unable to stop service seneka .
    ========== COMMANDS ==========
    File delete failed. C:\Users\Brian\AppData\Local\Temp\etilqs_9ORvtZ5UuSgbdodv9wpv scheduled to be deleted on reboot.
    File delete failed. C:\Users\Brian\AppData\Local\Temp\~DFA01.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be deleted on reboot.
    File delete failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    File delete failed. C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.

    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02192009_195615

    Files moved on Reboot...
    File C:\Users\Brian\AppData\Local\Temp\etilqs_9ORvtZ5UuSgbdodv9wpv not found!
    C:\Users\Brian\AppData\Local\Temp\~DFA01.tmp moved successfully.
    File C:\Windows\temp\_avast4_\Webshlock.txt not found!
    File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\CLDigitalHome\PCMMediaServer.log scheduled to be moved on reboot.
    C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_001_ moved successfully.
    C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_002_ moved successfully.
    C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_003_ moved successfully.
    C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Users\Brian\AppData\Local\Mozilla\Firefox\Profiles\zfqwcvqc.default\urlclassifier3.sqlite moved successfully.
    a c 296 8 Sécurité
    a b 9 Windows
    19 Février 2009 20:08:48

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Clique droit sur ComboFix.exe (le .exe n'est pas forcément visible) et choisis Exécuter en tant qu'administrateur.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    19 Février 2009 20:31:52

    Voila j'ai fais ce que tu m'as dit. Voici le rapport

    ComboFix 09-02-18.01 - Brian 2009-02-19 20:19:38.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.3071.1897 [GMT 1:00]
    Lancé depuis: c:\users\Brian\Downloads\ComboFix.exe
    AV: avast! antivirus 4.7.1098 [VPS 090218-0] *On-access scanning disabled* (Updated)
    * Un nouveau point de restauration a été créé
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\System32\303369.exe
    c:\windows\system32\uniq.tll
    c:\windows\system32\winlogon2.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Service_seneka


    ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-19 au 2009-02-19 ))))))))))))))))))))))))))))))))))))
    .

    2009-02-19 19:56 . 2009-02-19 19:56 <REP> d-------- C:\_OTMoveIt
    2009-02-19 19:19 . 2009-02-19 19:19 <REP> d-------- c:\program files\Java
    2009-02-19 19:19 . 2009-02-19 19:19 410,984 --a------ c:\windows\System32\deploytk.dll
    2009-02-19 17:10 . 2009-02-19 17:10 <REP> d-------- c:\users\All Users\NortonInstaller
    2009-02-19 17:10 . 2009-02-19 17:10 <REP> d-------- c:\programdata\NortonInstaller
    2009-02-19 13:34 . 2009-02-19 13:21 152,576 --a------ c:\windows\System32\SPWizUI.dll
    2009-02-19 13:34 . 2009-02-19 13:21 47,560 --a------ c:\windows\System32\SPReview.exe
    2009-02-19 13:28 . 2008-01-18 23:33 599,552 --a------ c:\windows\System32\vsp1cln.exe
    2009-02-19 13:28 . 2008-01-18 23:33 193,024 --a------ c:\windows\System32\recdisc.exe
    2009-02-19 13:28 . 2008-01-18 23:36 142,336 --a------ c:\windows\System32\spp.dll
    2009-02-19 13:28 . 2008-01-18 23:36 28,160 --a------ c:\windows\System32\sxproxy.dll
    2009-02-19 13:28 . 2008-01-18 23:36 6,656 --a------ c:\windows\System32\sdspres.dll
    2009-02-19 13:26 . 2008-01-18 23:38 4,595,712 --a------ c:\windows\System32\AuthFWSnapin.dll
    2009-02-19 13:24 . 2008-01-18 21:31 8,322,048 --a------ c:\windows\System32\spwizimg.dll
    2009-02-19 13:22 . 2008-01-18 23:33 44,032 --a------ c:\windows\System32\cbsra.exe
    2009-02-18 20:41 . 2009-02-19 13:34 327,680 --a------ c:\windows\SPInstall.etl
    2009-02-18 18:53 . 2009-02-18 18:53 <REP> d-------- c:\users\Brian\AppData\Roaming\Malwarebytes
    2009-02-18 18:53 . 2009-02-18 18:53 <REP> d-------- c:\users\All Users\Malwarebytes
    2009-02-18 18:53 . 2009-02-18 18:53 <REP> d-------- c:\programdata\Malwarebytes
    2009-02-18 18:53 . 2009-02-18 18:53 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
    2009-02-18 18:53 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
    2009-02-18 18:53 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
    2009-02-18 18:41 . 2009-02-18 18:41 <REP> d-------- C:\rsit
    2009-02-18 12:03 . 2009-02-18 12:03 <REP> d-------- c:\program files\Ask.com
    2009-02-18 12:01 . 2009-02-19 17:16 <REP> d-------- c:\program files\Trillian
    2009-02-15 04:20 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
    2009-02-15 04:20 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
    2009-02-15 04:20 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
    2009-02-15 04:20 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
    2009-02-15 04:20 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
    2009-02-12 17:44 . 2009-02-12 17:44 399,872 --a------ c:\windows\System32\iumxcj.exe
    2009-02-12 17:34 . 2009-02-19 20:24 <REP> d-a------ c:\users\All Users\TEMP
    2009-02-12 17:34 . 2009-02-19 20:24 <REP> d-a------ c:\programdata\TEMP
    2009-02-12 17:33 . 2009-02-12 17:33 <REP> d-------- c:\users\Brian\AppData\Roaming\PC Tools
    2009-02-12 17:33 . 2009-02-18 18:35 <REP> d-------- c:\program files\Spyware Doctor
    2009-02-12 17:33 . 2008-08-25 12:36 81,288 --a------ c:\windows\System32\drivers\iksyssec.sys
    2009-02-12 17:33 . 2008-08-25 12:36 66,952 --a------ c:\windows\System32\drivers\iksysflt.sys
    2009-02-12 17:33 . 2008-08-25 12:36 40,840 --a------ c:\windows\System32\drivers\ikfilesec.sys
    2009-02-12 17:33 . 2008-06-02 16:19 29,576 --a------ c:\windows\System32\drivers\kcom.sys
    2009-02-12 15:03 . 2009-02-12 15:04 399,872 --a------ c:\windows\System32\uhnsd.exe
    2009-02-12 12:23 . 2009-02-12 12:23 <REP> d-------- c:\program files\Alwil Software
    2009-02-12 12:23 . 2007-12-04 15:52 45,648 --a------ c:\windows\System32\drivers\aswMonFlt.sys
    2009-02-12 12:17 . 2009-02-12 12:17 16,013,454 --a------ C:\upload_moi_PC-de-Brian.tar.gz
    2009-02-12 07:31 . 2009-02-12 07:31 <REP> d-------- C:\PerfLogs
    2009-02-12 06:59 . 2009-02-12 20:59 <REP> d-------- C:\7ae63ebdb0b9608f4168cd
    2009-02-12 05:15 . 2009-02-18 17:10 136,817,164 --a------ c:\windows\MEMORY.DMP
    2009-02-12 03:50 . 2009-02-12 03:50 0 --a------ c:\windows\nsreg.dat
    2009-02-11 22:53 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
    2009-02-11 22:53 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
    2009-02-11 07:18 . 2009-02-11 07:18 <REP> d-------- c:\users\All Users\Kaspersky Lab Setup Files
    2009-02-11 07:18 . 2009-02-11 07:18 <REP> d-------- c:\programdata\Kaspersky Lab Setup Files
    2009-02-01 18:13 . 2009-02-01 18:13 <REP> d-------- c:\users\Brian\AppData\Roaming\Acreon

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-02-19 19:24 --------- d-----w c:\users\Brian\AppData\Roaming\IM
    2009-02-19 16:13 --------- d-----w c:\programdata\Symantec
    2009-02-19 13:03 --------- d-----w c:\programdata\NVIDIA
    2009-02-19 13:01 174 --sha-w c:\program files\desktop.ini
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Sidebar
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Photo Gallery
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Mail
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Journal
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Defender
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Collaboration
    2009-02-19 12:54 --------- d-----w c:\program files\Windows Calendar
    2009-02-18 21:50 --------- d-----w c:\users\Brian\AppData\Roaming\LimeWire
    2009-02-14 14:16 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller
    2009-02-12 11:16 --------- d-----w c:\program files\Windows Live
    2009-02-12 02:01 --------- d-----w c:\programdata\Microsoft Help
    2009-02-06 14:24 --------- d-----w c:\users\Brian\AppData\Roaming\IDM
    2009-02-06 14:24 --------- d-----w c:\program files\Internet Download Manager
    2009-02-06 14:23 --------- d-----w c:\users\Brian\AppData\Roaming\DMCache
    2009-02-05 17:58 --------- d-----w c:\program files\Dofus
    2009-01-17 18:56 --------- d-----w c:\programdata\Blizzard
    2009-01-13 02:02 --------- d-----w c:\program files\Microsoft Works
    2009-01-12 19:22 --------- d-----w c:\program files\LimeWire
    2009-01-12 13:38 --------- d-----w c:\program files\OrangeHSS
    2009-01-11 14:40 --------- d-----w c:\program files\Securitoo
    2009-01-11 14:38 --------- d-----w c:\program files\Common Files\France Telecom
    2009-01-06 20:09 --------- d--h--w c:\program files\InstallShield Installation Information
    2009-01-06 20:09 --------- d-----w c:\program files\Common Files\SWF Studio
    2008-12-23 19:07 36,864 ----a-w c:\windows\gotouninstall.exe
    2008-06-15 16:27 22,328 ----a-w c:\users\Brian\AppData\Roaming\PnkBstrK.sys
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    2008-10-21 12:13 741768 --a------ c:\program files\Ask.com\Supertoolbar\GenericAskToolbar.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
    2008-02-14 13:54 1555480 --a------ c:\program files\free-downloads.net\tbfree.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\Supertoolbar\GenericAskToolbar.dll" [2008-10-21 741768]

    [HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

    [HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SolidWorks_CheckForUpdates"="c:\program files\Common Files\Gestionnaire d'installation SolidWorks\Scheduler\sldIMScheduler.exe" [2007-09-10 6460696]
    "ORAHSSSessionManager"="c:\program files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
    "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
    "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-08-25 1168264]
    "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-05 86016]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8530464]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-19 148888]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 c:\windows\RtHDVCpl.exe]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoSetActiveDesktop"= 1 (0x1)
    "NoActiveDesktopChanges"= 1 (0x1)

    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
    backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
    backupExtension=.CommonStartup

    [HKLM\~\startupfolder\C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
    path=c:\users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
    backup=c:\windows\pss\Xfire.lnk.Startup
    backupExtension=.Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
    --a------ 2007-09-07 17:23 326176 c:\acer\Empowering Technology\SysMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
    --a------ 2007-08-01 17:30 151552 c:\acer\AcerTour\Reminder.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apanel]
    --a------ 2008-02-19 19:47 244 c:\acersw\Config\NEWSETAPANEL.CMD

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
    --a------ 2007-04-25 16:33 457216 c:\acer\Empowering Technology\eDataSecurity\eDSLoader.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
    --a------ 2007-12-17 10:12 243240 c:\program files\Windows Live\Contrôle parental\fssui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    --a------ 2008-06-02 10:13 267048 c:\program files\iTunes\iTunesHelper.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-12-05 02:41 8530464 c:\windows\System32\nvcpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-12-05 02:41 81920 c:\windows\System32\nvmctray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVRaidService]
    --a------ 2007-12-07 15:28 196128 c:\windows\System32\nvraidservice.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
    --a------ 2007-12-05 02:41 86016 c:\windows\System32\nvsvc.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMMediaSharing]
    --a------ 2007-06-21 18:33 204908 c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
    --a------ 2008-03-15 00:50 233472 c:\program files\PowerISO\PWRISOVM.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2008-05-27 09:50 413696 c:\program files\QuickTime\QTTask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setresolution]
    --a------ 2007-10-18 02:46 199 c:\acersw\Config\1680X1050.CMD

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    --a------ 2008-01-18 23:33 1233920 c:\program files\Windows Sidebar\sidebar.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
    --a------ 2006-11-05 21:48 57344 c:\acer\WR_PopUp\WarReg_PopUp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
    --a------ 2008-01-18 23:38 1008184 c:\program files\Windows Defender\MSASCui.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
    --a------ 2008-01-18 23:33 202240 c:\program files\Windows Media Player\wmpnscfg.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
    --a------ 2007-10-11 19:53 4702208 c:\windows\RtHDVCpl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{C1A94978-9C4A-44D9-85CC-976E4B256685}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{17250F27-816F-4293-8E80-6C4A899E07AE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
    "{DB9E81CD-E999-4D30-9431-905A8CDF3057}"= c:\program files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe:Acer DVDivine
    "{FDE3C5A9-20A2-4666-80CD-094CBF37C993}"= c:\program files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe:Acer HomeMedia
    "{2ED47240-F206-4606-8CDA-2F141807082E}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe:Acer HomeMedia Connect
    "{2C6EED45-7B25-44B1-8A9A-972EFE108A9F}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:Acer HomeMedia Connect Service
    "{BA7F183C-0260-4659-8C57-3CF842FF30AA}"= c:\program files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe:Acer SlideShow DVD
    "{C2191F0A-02E1-4345-985F-D7EB0C11AAF1}"= c:\program files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe:Acer VideoMagician
    "{F61E8216-CE21-44D7-A083-8FD9EF88C629}"= c:\program files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe:Acer DV Magician
    "{7530DB5E-C165-43E1-B030-492E22281086}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
    "{7D000BA8-009F-4408-B2E6-337141E2E8FD}"= UDP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{F4C25AAC-716E-45B6-A34C-D12982268379}"= TCP:c:\windows\System32\PnkBstrA.exe:p nkBstrA
    "{2CA342FD-57A8-40BE-BF28-BF15EAB64C25}"= UDP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "{B574730A-D57F-47F2-9B30-4122745BFCB6}"= TCP:c:\windows\System32\PnkBstrB.exe:p nkBstrB
    "{DB19F69D-5055-4CD5-897D-67BBDB26F187}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{1C4C0BA1-BB78-4AFB-82D9-1FDA941C7D57}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{8C88662E-1A57-4F7E-8DC5-29588148C09C}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
    "{A847CA1A-59BB-4CA6-B003-103ADA19B585}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3y.exe:Age of Empires III - The Asian Dynasties
    "{63084AAC-8E31-4922-897E-5FFE010CF4D0}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "{BFEAA5BD-6674-4B03-8675-1DE7A3789AEC}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{CFE0C1AE-FB5E-492E-B3D9-999B3881BA0C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{55831AAB-94A2-40A4-A4FE-5C5D208432F7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{AED7889A-8F53-48B2-BAF3-AA637E8AD062}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "{C8F94DC1-852E-4A82-BD6B-B7836B9A1F08}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{7D35CB1B-4C33-492E-9C90-00F363C02A56}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2main.exe:Neverwinter Nights 2 Main
    "{540D449B-2195-4E0C-98DC-8D72F768E94A}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{275BCD26-1183-4A35-A6F3-7A80A3D31FCF}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:Neverwinter Nights 2 AMD
    "{41DFCF0B-4888-40B3-9FC7-F961AD6F2629}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{1CA506EE-9659-4F9F-8771-67AB76A6394B}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwupdate.exe:Neverwinter Nights 2 Updater
    "{BD7959CC-A7A7-4752-BCC4-3DF706ADCF86}"= UDP:c:\program files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{DD13B8F5-F15F-41F8-86BF-182EB8B78370}"= TCP:c:\program files\Atari\Neverwinter Nights 2\nwn2server.exe:Neverwinter Nights 2 Server
    "{1C83E749-A4FF-4F10-8FC1-E920AD42F35A}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
    "{F60DB30B-87DD-4CAE-B157-3BB637153149}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{4387E20F-496B-4A19-ADAD-B632BA25016B}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{5992CF4C-C2C4-494A-83E8-69BD9401647B}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
    "{0AE73AE8-FB7B-4151-9BA6-A3E6B615435B}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)
    "DisabledInterfaces"= {F143D08A-C37F-4825-B0BF-AC287DECBD2A}

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

    R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-12-03 269448]
    R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-02-12 45648]
    R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [2008-07-02 43816]
    R2 fsssvc;Windows Live OneCare Contrôle parental;c:\program files\Windows Live\Contrôle parental\fsssvc.exe [2007-12-17 523816]
    R2 Remote Solver for COSMOSFloWorks 2007;Remote Solver for COSMOSFloWorks 2007;c:\program files\SolidWorks\COSMOSFloWorks\FloWorks\binCFW\StandAloneSlv.exe [2007-07-23 675840]
    R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-12 356920]
    S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [2009-01-11 28224]

    --- Autres Services/Pilotes en mémoire ---

    *Deregistered* - mchInjDrv
    *Deregistered* - sptd
    .
    Contenu du dossier 'Tâches planifiées'

    2009-02-06 c:\windows\Tasks\Norton Internet Security - Analyse système complète - Brian.job
    - c:\progra~1\NORTON~1\NORTON~1\Navw32.exe []

    2009-02-19 c:\windows\Tasks\User_Feed_Synchronization-{33502C18-A3D8-4069-9918-43AA2C501E70}.job
    - c:\windows\system32\msfeedssync.exe [2008-01-18 23:33]

    2008-07-02 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
    - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKCU-Run-msnmsgr - c:\program files\MSN Messenger\MsnMsgr.Exe
    HKLM-Run-Acer Tour - (no file)
    HKLM-Run-eRecoveryService - (no file)
    MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
    MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe
    MSConfigStartUp-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
    MSConfigStartUp-osCheck - c:\program files\Norton Internet Security\osCheck.exe
    MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.6.0_06\bin\jusched.exe


    .
    ------- Examen supplémentaire -------
    .
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    uStart Page = hxxp://www.google.com/
    mStart Page = hxxp://fr.fr.acer.yahoo.com
    IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\zfqwcvqc.default\
    FF - prefs.js: browser.search.selectedEngine - Ask.com
    FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=TRL&o=101823&q=
    1 fichier(s) déplacé(s).
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

    ---- PARAMETRES FIREFOX ----
    FF - user.js: network.proxy.type - 0
    FF - user.js: browser.shell.checkDefaultBrowser - false
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-02-19 20:24:58
    Windows 6.0.6001 Service Pack 1 NTFS

    detected NTDLL code modification:
    ZwClose

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\S-1-5-21-3986600464-2071620591-443854833-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):8c,ac,01,04,89,65,3c,71,03,0f,0b,19,12,4c,76,b1,8a,0b,31,c9,de,
    55,5c,a7,28,40,c3,be,50,09,11,9e,52,b6,54,c5,6d,a1,f6,37,00,00,00,00,00,00,\

    [HKEY_USERS\S-1-5-21-3986600464-2071620591-443854833-1000_Classes\CLSID\{cd738e3a-beef-4557-b017-dc8450b3b74b}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:00000101
    "Therad"=dword:0000000f
    "MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
    4b,7b,ad,3a,8f,94,9e,bf,62,1c,eb,b3,10,b4,7f,e7,fe,de,89,46,92,ad,77,b4,62,\
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\System32\audiodg.exe
    c:\program files\Alwil Software\Avast4\aswUpdSv.exe
    c:\program files\Alwil Software\Avast4\ashServ.exe
    c:\windows\System32\conime.exe
    c:\program files\Alwil Software\Avast4\ashDisp.exe
    c:\windows\System32\rundll32.exe
    c:\acer\Empowering Technology\ePerformance\MemCheck.exe
    c:\windows\System32\rundll32.exe
    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
    c:\program files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    c:\program files\Common Files\LightScribe\LSSrvc.exe
    c:\windows\System32\PnkBstrA.exe
    c:\windows\System32\PnkBstrB.exe
    c:\program files\CyberLink\Shared Files\RichVideo.exe
    c:\program files\Spyware Doctor\pctsSvc.exe
    c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
    c:\program files\Alwil Software\Avast4\ashMaiSv.exe
    c:\program files\Alwil Software\Avast4\ashWebSv.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\OrangeHSS\Systray\SystrayApp.exe
    c:\progra~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    c:\windows\System32\wbem\WMIADAP.exe
    c:\windows\System32\dllhost.exe
    .
    **************************************************************************
    .
    Heure de fin: 2009-02-19 20:29:52 - La machine a redémarré
    ComboFix-quarantined-files.txt 2009-02-19 19:29:45

    Avant-CF: 46 726 451 200 octets libres
    Après-CF: 46,170,296,320 octets libres

    349 --- E O F --- 2009-02-16 05:43:45

    Merci beaucoup pour le temps que tu passes à m'aider en tout cas ;) 
    a c 296 8 Sécurité
    a b 9 Windows
    19 Février 2009 20:40:02

    ComboFix a encore supprimé des infections.

  • Clique sur le logo Vista (Menu Démarrer), tape Exécuter dans la barre Rechercher et valide.
  • Dans la fenêtre Exécuter, tape combofix /u et valide.

  • Fais analyser les fichiers suivants :
    - c:\windows\System32\iumxcj.exe
    - c:\windows\System32\uhnsd.exe

  • Sur VirusTotal et poste les liens des l'analyses.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS